Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/1aa2aa-bfbf-4428-a3df-3857232f456c/1/po0L2tSjVUDpu6uxQNVG0_3JsKI.roa
File: po0L2tSjVUDpu6uxQNVG0_3JsKI.roa (raw, json)
Hash identifier: JwGVqIZqTHrLB6upnLftotpvKaeoJ3LLm0tp9p02WNY=
Subject key identifier: A6:8D:0B:DA:D4:A3:55:40:E9:BB:AB:B1:40:D5:46:D3:FD:C9:B0:A2
Certificate issuer: /CN=ac9b939a3ac97dada0825161f3a0e85033a82d25
Certificate serial: 01856C136ABD422E1E9159EE564AC03EDDA9
Authority key identifier: AC:9B:93:9A:3A:C9:7D:AD:A0:82:51:61:F3:A0:E8:50:33:A8:2D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJuTmjrJfa2gglFh86DoUDOoLSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/1aa2aa-bfbf-4428-a3df-3857232f456c/1/po0L2tSjVUDpu6uxQNVG0_3JsKI.roa
Signing time: Sun 01 Jan 2023 06:44:49 +0000
ROA not before: Sun 01 Jan 2023 06:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210627
IP address blocks: 185.188.40.0/24 maxlen: 24
2a11:2c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:6a:bd:42:2e:1e:91:59:ee:56:4a:c0:3e:dd:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9b939a3ac97dada0825161f3a0e85033a82d25
Validity
Not Before: Jan 1 06:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a68d0bdad4a35540e9bbabb140d546d3fdc9b0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b8:c0:bf:fa:de:22:28:51:81:5f:13:e9:ff:
25:a2:30:03:b9:36:a4:1f:28:07:0b:22:d1:98:d7:
c3:57:9f:27:38:a0:57:c3:5e:2f:6c:5d:b6:67:66:
f7:a0:a2:f9:3a:fb:81:92:89:bc:d9:9d:71:b7:d0:
39:0b:b1:28:ec:a3:76:e0:d8:32:90:ca:26:50:aa:
4f:7a:ee:68:85:4f:95:ea:11:fa:98:48:e2:bf:5b:
c4:f7:45:a5:c7:8e:bd:a5:87:ab:7f:13:e5:5a:f4:
b4:56:6c:93:a2:bf:0d:5a:dc:11:8e:6f:85:4d:26:
24:d0:d7:04:ed:b9:56:13:9e:ce:e7:6d:2d:e7:6e:
1e:f0:82:48:7c:16:3b:ed:a3:99:a7:7e:69:56:83:
6d:2c:a9:44:17:f3:e8:fa:c3:07:28:fc:20:3e:ef:
99:08:91:5b:35:de:03:6e:ca:e2:f6:d2:67:2d:82:
96:24:90:8b:b2:54:41:70:ce:d6:4a:a8:fc:be:72:
d0:80:c4:fa:8f:50:1a:d9:6b:a6:ff:38:70:3b:0e:
7d:de:d2:05:9e:60:cc:33:95:d1:29:ad:db:5d:17:
bb:56:1a:45:b2:c0:8a:3b:b5:d1:d5:f1:7f:43:ce:
c8:a9:6a:68:0b:c6:38:9f:67:47:a2:e3:2c:c1:c4:
09:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8D:0B:DA:D4:A3:55:40:E9:BB:AB:B1:40:D5:46:D3:FD:C9:B0:A2
X509v3 Authority Key Identifier:
keyid:AC:9B:93:9A:3A:C9:7D:AD:A0:82:51:61:F3:A0:E8:50:33:A8:2D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJuTmjrJfa2gglFh86DoUDOoLSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/1aa2aa-bfbf-4428-a3df-3857232f456c/1/po0L2tSjVUDpu6uxQNVG0_3JsKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/1aa2aa-bfbf-4428-a3df-3857232f456c/1/rJuTmjrJfa2gglFh86DoUDOoLSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.40.0/24
IPv6:
2a11:2c0::/29
Signature Algorithm: sha256WithRSAEncryption
73:fd:f8:92:7a:dd:68:28:07:d6:75:ca:67:fd:69:1b:56:bb:
27:7f:85:fd:42:21:17:c2:de:fc:3e:06:2f:b5:5f:f4:5e:60:
88:e2:f6:b7:3f:45:79:50:77:bd:00:c1:0e:94:f2:5e:e5:3d:
c6:0d:b5:0b:56:d4:fc:4a:63:cb:ef:20:ad:3f:6a:15:a5:ec:
65:ce:60:2c:cc:52:b3:aa:03:ae:2b:24:08:6c:b8:c0:86:e7:
47:48:8c:dc:8d:05:80:a0:6d:ea:ef:d5:46:a2:84:b6:61:f6:
c1:56:b3:7d:76:da:dd:3a:17:c6:df:12:33:ef:e0:0c:77:4f:
04:f4:24:c6:99:47:0e:93:e7:9d:73:02:6d:59:c4:2d:5b:13:
98:8f:dc:57:db:5d:0d:75:97:69:57:9b:9a:bd:32:12:ce:3c:
cc:40:23:e6:62:9d:15:f1:86:85:5c:66:24:b0:53:0f:85:30:
61:e6:19:11:14:ac:70:dd:91:eb:0d:1a:2c:b9:e1:90:d7:a2:
2b:8b:64:69:dd:d7:e4:e9:ff:d5:12:9b:66:f8:26:8a:51:44:
44:d2:b7:24:21:99:10:79:d7:3f:3c:63:58:04:7a:a6:c6:e0:
b9:08:c3:6a:b7:bd:c1:3c:17:5c:62:9d:be:59:a6:c1:a3:b3:
1f:98:4a:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsE2q9Qi4ekVnuVkrAPt2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWI5MzlhM2FjOTdkYWRhMDgyNTE2MWYzYTBlODUwMzNh
ODJkMjUwHhcNMjMwMTAxMDY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhkMGJkYWQ0YTM1NTQwZTliYmFiYjE0MGQ1NDZkM2ZkYzliMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbjAv/reIihRgV8T6f8lojADuTak
HygHCyLRmNfDV58nOKBXw14vbF22Z2b3oKL5OvuBkom82Z1xt9A5C7Eo7KN24Ngy
kMomUKpPeu5ohU+V6hH6mEjiv1vE90Wlx469pYerfxPlWvS0VmyTor8NWtwRjm+F
TSYk0NcE7blWE57O520t524e8IJIfBY77aOZp35pVoNtLKlEF/Po+sMHKPwgPu+Z
CJFbNd4Dbsri9tJnLYKWJJCLslRBcM7WSqj8vnLQgMT6j1Aa2Wum/zhwOw593tIF
nmDMM5XRKa3bXRe7VhpFssCKO7XR1fF/Q87IqWpoC8Y4n2dHouMswcQJ4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKaNC9rUo1VA6bursUDVRtP9ybCiMB8GA1UdIwQY
MBaAFKybk5o6yX2toIJRYfOg6FAzqC0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckp1VG1qckpmYTJnZ2xGaDg2RG9VRE9vTFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8xYWEyYWEtYmZiZi00NDI4LWEzZGYt
Mzg1NzIzMmY0NTZjLzEvcG8wTDJ0U2pWVURwdTZ1eFFOVkcwXzNKc0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8xYWEyYWEtYmZiZi00NDI4LWEzZGYtMzg1NzIzMmY0NTZj
LzEvckp1VG1qckpmYTJnZ2xGaDg2RG9VRE9vTFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubwoMA0E
AgACMAcDBQMqEQLAMA0GCSqGSIb3DQEBCwUAA4IBAQBz/fiSet1oKAfWdcpn/Wkb
Vrsnf4X9QiEXwt78PgYvtV/0XmCI4va3P0V5UHe9AMEOlPJe5T3GDbULVtT8SmPL
7yCtP2oVpexlzmAszFKzqgOuKyQIbLjAhudHSIzcjQWAoG3q79VGooS2YfbBVrN9
dtrdOhfG3xIz7+AMd08E9CTGmUcOk+edcwJtWcQtWxOYj9xX210NdZdpV5uavTIS
zjzMQCPmYp0V8YaFXGYksFMPhTBh5hkRFKxw3ZHrDRosueGQ16Iri2Rp3dfk6f/V
Eptm+CaKUURE0rckIZkQedc/PGNYBHqmxuC5CMNqt73BPBdcYp2+WabBo7MfmEoH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:18 2024 by rpki-client on console-fra.rpki-client.org