Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/cdL4i06C9v4Y6wxMKmvVEpSJtCQ.roa
File: cdL4i06C9v4Y6wxMKmvVEpSJtCQ.roa (raw, json)
Hash identifier: LTULcqPTRmUuUZwwZUwmhgdPhFq/APe7pvlvh+yMr1s=
Subject key identifier: 71:D2:F8:8B:4E:82:F6:FE:18:EB:0C:4C:2A:6B:D5:12:94:89:B4:24
Certificate issuer: /CN=69720a9103e1ae00cc788c5decfe0948c84bcd1b
Certificate serial: 01856D81B21EAF0649D170785715A98D48EE
Authority key identifier: 69:72:0A:91:03:E1:AE:00:CC:78:8C:5D:EC:FE:09:48:C8:4B:CD:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/cdL4i06C9v4Y6wxMKmvVEpSJtCQ.roa
Signing time: Sun 01 Jan 2023 13:24:54 +0000
ROA not before: Sun 01 Jan 2023 13:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203908
IP address blocks: 185.150.240.0/22 maxlen: 24
2a03:ad60::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:b2:1e:af:06:49:d1:70:78:57:15:a9:8d:48:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69720a9103e1ae00cc788c5decfe0948c84bcd1b
Validity
Not Before: Jan 1 13:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71d2f88b4e82f6fe18eb0c4c2a6bd5129489b424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:71:b9:4a:3c:03:6f:5c:c9:76:60:4e:b3:5e:
be:04:ef:a1:71:f3:3f:81:a9:59:87:27:61:c0:86:
2f:02:2c:b4:6c:99:f8:ca:07:45:70:b0:ef:3c:02:
3e:d3:e9:6b:6c:b0:a9:38:91:1a:1d:1a:d8:fb:06:
49:d4:35:b0:de:34:75:f8:cd:22:a2:5f:20:e3:07:
17:a5:07:cb:77:c6:88:ab:e1:bb:5f:c9:5b:42:50:
99:c4:67:60:d7:1d:a1:82:32:5a:5e:94:6c:30:3e:
5a:36:1d:36:97:21:a5:61:e5:70:a1:a2:e6:dd:0d:
09:8f:ae:41:bd:17:f3:50:67:87:65:46:6c:8a:6b:
43:ee:d1:fa:17:40:0a:35:59:c4:f8:d5:23:a7:f8:
82:9e:82:a2:1a:78:58:2d:fd:e3:81:f8:c4:49:f0:
61:e2:95:8a:95:e3:79:de:c3:88:ca:71:cc:a8:30:
b3:02:b5:31:08:37:07:f8:8a:73:4e:dc:75:04:8e:
08:8a:74:85:46:fd:5d:f3:a5:a4:1c:2b:cd:b7:3b:
40:1d:9f:c0:cf:42:9c:56:ae:4d:f5:29:a6:67:3b:
7e:fe:1f:1b:72:ea:4f:9d:e0:de:7e:bb:66:9f:83:
b8:b3:18:aa:1e:a0:cb:49:87:47:e9:18:6d:31:8c:
80:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D2:F8:8B:4E:82:F6:FE:18:EB:0C:4C:2A:6B:D5:12:94:89:B4:24
X509v3 Authority Key Identifier:
keyid:69:72:0A:91:03:E1:AE:00:CC:78:8C:5D:EC:FE:09:48:C8:4B:CD:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/cdL4i06C9v4Y6wxMKmvVEpSJtCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.240.0/22
IPv6:
2a03:ad60::/32
Signature Algorithm: sha256WithRSAEncryption
7d:0b:80:c0:fe:62:b5:65:26:66:0e:d0:6b:39:d9:61:5f:10:
59:a5:65:fb:e3:36:2f:04:a0:61:04:8b:74:09:90:6f:1a:f8:
2f:d6:0c:09:ec:71:db:0b:64:b8:95:5a:20:a7:d9:e8:50:15:
33:c3:0f:0b:63:51:81:c4:f1:b3:a4:f4:a8:7f:92:87:8e:0f:
71:df:e8:ab:f3:20:74:88:91:5b:c0:36:da:46:7e:ff:b9:66:
ae:f8:93:ab:e6:34:a5:58:92:d1:d4:02:4d:e2:4a:da:a8:d0:
6d:c2:09:05:59:ca:6a:32:01:d7:4f:3c:2f:25:cb:36:d2:7b:
cd:d2:2e:77:22:7b:fa:79:60:03:62:fc:91:a7:5c:10:36:1f:
8a:d8:61:86:b6:6a:00:08:6a:2a:f5:93:51:ea:b4:c5:53:97:
51:f8:12:b7:a0:df:13:0c:48:d9:6e:98:48:dd:01:1e:0b:f7:
dc:d1:b7:5d:4c:4d:df:4e:f6:75:52:68:90:ac:b0:18:82:6c:
f2:15:f6:6e:f4:ca:f0:4c:f3:ac:3b:83:8d:a9:32:bf:2d:ae:
74:1e:a8:cc:d7:10:2e:31:a4:ae:03:a1:a6:4a:47:70:95:10:
11:9f:2f:59:dc:7b:4f:97:2b:ba:76:59:61:6f:55:45:48:ef:
ac:43:90:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtgbIerwZJ0XB4VxWpjUjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzIwYTkxMDNlMWFlMDBjYzc4OGM1ZGVjZmUwOTQ4Yzg0
YmNkMWIwHhcNMjMwMTAxMTMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQyZjg4YjRlODJmNmZlMThlYjBjNGMyYTZiZDUxMjk0ODliNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunG5SjwDb1zJdmBOs16+BO+hcfM/
galZhydhwIYvAiy0bJn4ygdFcLDvPAI+0+lrbLCpOJEaHRrY+wZJ1DWw3jR1+M0i
ol8g4wcXpQfLd8aIq+G7X8lbQlCZxGdg1x2hgjJaXpRsMD5aNh02lyGlYeVwoaLm
3Q0Jj65BvRfzUGeHZUZsimtD7tH6F0AKNVnE+NUjp/iCnoKiGnhYLf3jgfjESfBh
4pWKleN53sOIynHMqDCzArUxCDcH+IpzTtx1BI4IinSFRv1d86WkHCvNtztAHZ/A
z0KcVq5N9SmmZzt+/h8bcupPneDefrtmn4O4sxiqHqDLSYdH6RhtMYyASwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHHS+ItOgvb+GOsMTCpr1RKUibQkMB8GA1UdIwQY
MBaAFGlyCpED4a4AzHiMXez+CUjIS80bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhJS2tRUGhyZ0RNZUl4ZDdQNEpTTWhMelJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9kNTE2YTMtODk3NC00NWRiLTgyMjYt
ODE3NGRkYWUzMWQzLzEvY2RMNGkwNkM5djRZNnd4TUttdlZFcFNKdENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9kNTE2YTMtODk3NC00NWRiLTgyMjYtODE3NGRkYWUzMWQz
LzEvYVhJS2tRUGhyZ0RNZUl4ZDdQNEpTTWhMelJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZbwMA0E
AgACMAcDBQAqA61gMA0GCSqGSIb3DQEBCwUAA4IBAQB9C4DA/mK1ZSZmDtBrOdlh
XxBZpWX74zYvBKBhBIt0CZBvGvgv1gwJ7HHbC2S4lVogp9noUBUzww8LY1GBxPGz
pPSof5KHjg9x3+ir8yB0iJFbwDbaRn7/uWau+JOr5jSlWJLR1AJN4kraqNBtwgkF
WcpqMgHXTzwvJcs20nvN0i53Inv6eWADYvyRp1wQNh+K2GGGtmoACGoq9ZNR6rTF
U5dR+BK3oN8TDEjZbphI3QEeC/fc0bddTE3fTvZ1UmiQrLAYgmzyFfZu9MrwTPOs
O4ONqTK/La50HqjM1xAuMaSuA6GmSkdwlRARny9Z3HtPlyu6dllhb1VFSO+sQ5AW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:43 2024 by rpki-client on console-ams.rpki-client.org