Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/_oYcdmVO3GDmKMiMWoQ1zvsr30s.roa
File: _oYcdmVO3GDmKMiMWoQ1zvsr30s.roa (raw, json)
Hash identifier: owXiGIkhup3BKEExB5gkhHrEmaLA4sjSh3ueWUjJCHw=
Subject key identifier: FE:86:1C:76:65:4E:DC:60:E6:28:C8:8C:5A:84:35:CE:FB:2B:DF:4B
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01856CC17F30444567AC4104C51F5BE70E3A
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/_oYcdmVO3GDmKMiMWoQ1zvsr30s.roa
Signing time: Sun 01 Jan 2023 09:54:58 +0000
ROA not before: Sun 01 Jan 2023 09:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200005
IP address blocks: 185.123.168.0/22 maxlen: 24
194.35.38.0/24 maxlen: 24
194.35.36.0/23 maxlen: 24
2a0b:35c2::/32 maxlen: 32
2a0b:35c1::/32 maxlen: 32
2a0b:35c3::/32 maxlen: 32
2a0b:35c4::/48 maxlen: 48
2a0b:35c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:7f:30:44:45:67:ac:41:04:c5:1f:5b:e7:0e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 09:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe861c76654edc60e628c88c5a8435cefb2bdf4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:01:84:8f:98:c5:73:08:2b:44:a2:3a:9b:1a:
07:c2:8e:85:35:98:37:a5:74:1d:68:a7:df:dd:17:
7a:63:64:3d:07:b0:b1:c2:cc:20:db:b5:62:b8:e9:
05:2b:f8:b9:9a:4a:26:66:a7:f6:06:f7:12:ad:98:
0d:6d:f3:25:ed:af:eb:33:ed:2d:0d:8f:4d:0e:c5:
1a:9c:2a:83:24:b4:5c:1d:86:59:14:d7:21:e5:c5:
7f:04:1d:cc:d6:18:77:94:e5:07:da:32:79:5a:76:
59:3a:c8:8e:30:48:de:35:1d:c7:9e:b7:43:6b:13:
30:f4:44:ce:6b:f7:76:7a:c7:66:c5:10:b6:60:a8:
bf:b7:b9:bd:30:df:30:c7:f2:52:f1:44:db:7d:8e:
3e:c4:2b:35:db:9f:ae:95:95:fd:88:77:df:80:d6:
d4:e2:dc:aa:a9:28:3f:5b:15:32:28:76:0d:0a:5e:
86:34:7e:d3:11:a3:96:9f:bb:0e:b1:8c:a6:47:c1:
2b:ab:2b:09:22:d4:05:76:50:ca:04:b0:4a:b1:3f:
27:5e:d5:23:53:bc:ac:89:a5:bb:11:f1:ec:c4:46:
e7:f7:d4:ad:ba:2e:38:7f:51:06:98:f6:66:65:49:
fc:a2:ee:24:92:e1:0d:4d:8c:55:41:0e:c5:24:8d:
62:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:86:1C:76:65:4E:DC:60:E6:28:C8:8C:5A:84:35:CE:FB:2B:DF:4B
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/_oYcdmVO3GDmKMiMWoQ1zvsr30s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.168.0/22
194.35.36.0-194.35.38.255
IPv6:
2a0b:35c0::-2a0b:35c4:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:5e:f1:86:28:d9:73:df:2a:c1:ed:13:13:c0:e0:0e:4b:f5:
03:5e:79:bf:5d:30:f3:c6:86:e0:3b:f3:48:98:1a:ad:a5:aa:
d1:b5:60:c7:d6:78:26:1b:e3:b5:e4:8e:19:3a:5a:8a:ce:91:
74:39:27:fd:28:9e:b5:21:de:38:4c:b1:c3:5e:03:5e:67:a3:
62:4a:1e:c1:b8:39:40:33:de:66:63:19:47:18:03:72:99:c6:
b2:c3:e6:44:c7:98:29:d9:29:cf:60:de:3f:d9:88:e5:05:1b:
bd:89:d5:60:bd:26:7d:22:d0:ed:99:99:13:e9:5c:ad:52:0c:
11:b4:2a:47:4d:16:9f:01:e4:e0:51:f7:0c:61:76:bd:82:86:
b5:e7:06:20:8b:3c:b6:35:15:a4:4f:41:f5:bc:50:8e:5a:88:
d3:d8:4b:46:39:53:be:3f:07:bf:b3:e7:57:b1:7a:f1:50:ae:
4f:4e:8a:35:95:b0:cb:c5:17:2c:eb:f8:58:83:74:2b:fb:20:
aa:05:de:3d:c2:2f:c4:af:64:e1:37:a8:bb:48:fc:5a:84:08:
ca:3b:9d:c7:c2:e0:a5:f7:1e:09:4c:9f:1f:85:84:f7:ea:0a:
0c:5e:e6:b0:05:5d:bd:43:5a:1c:f2:ea:43:5d:a0:df:48:19:
8a:14:b2:a5
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVswX8wREVnrEEExR9b5w46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMTAxMDk1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg2MWM3NjY1NGVkYzYwZTYyOGM4OGM1YTg0MzVjZWZiMmJkZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwGEj5jFcwgrRKI6mxoHwo6FNZg3
pXQdaKff3Rd6Y2Q9B7Cxwswg27ViuOkFK/i5mkomZqf2BvcSrZgNbfMl7a/rM+0t
DY9NDsUanCqDJLRcHYZZFNch5cV/BB3M1hh3lOUH2jJ5WnZZOsiOMEjeNR3HnrdD
axMw9ETOa/d2esdmxRC2YKi/t7m9MN8wx/JS8UTbfY4+xCs125+ulZX9iHffgNbU
4tyqqSg/WxUyKHYNCl6GNH7TEaOWn7sOsYymR8ErqysJItQFdlDKBLBKsT8nXtUj
U7ysiaW7EfHsxEbn99Stui44f1EGmPZmZUn8ou4kkuENTYxVQQ7FJI1i4QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFP6GHHZlTtxg5ijIjFqENc77K99LMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvX29ZY2RtVk8zR0RtS01pTVdvUTF6dnNyMzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUAwQCuXuoMAwD
BALCIyQDBADCIyYwGAQCAAIwEjAQAwUGKgs1wAMHACoLNcQAADANBgkqhkiG9w0B
AQsFAAOCAQEACl7xhijZc98qwe0TE8DgDkv1A155v10w88aG4DvzSJgaraWq0bVg
x9Z4JhvjteSOGTpais6RdDkn/SietSHeOEyxw14DXmejYkoewbg5QDPeZmMZRxgD
cpnGssPmRMeYKdkpz2DeP9mI5QUbvYnVYL0mfSLQ7ZmZE+lcrVIMEbQqR00WnwHk
4FH3DGF2vYKGtecGIIs8tjUVpE9B9bxQjlqI09hLRjlTvj8Hv7PnV7F68VCuT06K
NZWwy8UXLOv4WIN0K/sgqgXePcIvxK9k4Teou0j8WoQIyjudx8LgpfceCUyfH4WE
9+oKDF7msAVdvUNaHPLqQ12g30gZihSypQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:39 2024 by rpki-client on console-fra.rpki-client.org