Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/93f8fb-d424-4dab-9a0e-0f5be224f820/1/do6xv1ikUYfCBPHAVKFV806RSsA.roa
File: do6xv1ikUYfCBPHAVKFV806RSsA.roa (raw, json)
Hash identifier: u0StqRVtzsElB/HH54MKx2hJz+88qv4kphJmWDiXys8=
Subject key identifier: 76:8E:B1:BF:58:A4:51:87:C2:04:F1:C0:54:A1:55:F3:4E:91:4A:C0
Certificate issuer: /CN=bab73676fabaf12056edbb9c79d7154fede01f2c
Certificate serial: 01856FCBC1F10966991841BCF619E6D54D56
Authority key identifier: BA:B7:36:76:FA:BA:F1:20:56:ED:BB:9C:79:D7:15:4F:ED:E0:1F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urc2dvq68SBW7bucedcVT-3gHyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/93f8fb-d424-4dab-9a0e-0f5be224f820/1/do6xv1ikUYfCBPHAVKFV806RSsA.roa
Signing time: Mon 02 Jan 2023 00:05:02 +0000
ROA not before: Mon 02 Jan 2023 00:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47935
IP address blocks: 185.106.134.0/24 maxlen: 24
2a10:1680::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:c1:f1:09:66:99:18:41:bc:f6:19:e6:d5:4d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bab73676fabaf12056edbb9c79d7154fede01f2c
Validity
Not Before: Jan 2 00:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=768eb1bf58a45187c204f1c054a155f34e914ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8b:21:f1:8e:a2:ad:d8:08:6c:d6:cb:ae:f7:
47:ed:88:3e:a3:44:94:80:88:bc:58:ae:6f:58:18:
b8:3d:40:bd:5b:05:7d:d8:b4:8c:c4:63:0f:08:e2:
73:ce:4c:22:37:40:33:09:f2:b4:f5:ac:9d:2c:f4:
82:23:30:de:3a:2e:90:3b:2f:cc:70:10:20:5a:7f:
12:55:8f:fc:ad:a9:9c:8f:28:cd:c8:09:03:3f:e6:
63:5c:d8:fd:d0:c2:79:03:dc:81:12:73:66:17:62:
20:32:20:94:4e:af:0b:e6:0b:cc:a8:d0:ce:45:3b:
0a:87:b3:87:26:98:5a:d8:b7:77:03:31:ba:46:8d:
2d:e2:2c:92:4f:06:30:0d:7d:9a:5b:a8:69:3c:b3:
fe:bd:ad:e1:d7:ec:4a:75:ae:5d:7b:b2:89:86:4b:
1a:60:4c:42:0b:d0:5a:df:ab:4b:fb:2e:ee:15:44:
98:f6:58:6d:35:a8:f9:03:4a:60:6c:a6:a4:9a:a0:
c5:8c:77:9b:a6:3c:8a:aa:b3:d3:bc:2c:e9:dd:60:
a7:b4:21:4b:28:d1:4e:bd:d5:cf:4d:1b:b9:72:b0:
f9:30:81:4e:e7:ea:14:56:0e:c8:36:32:c3:dd:6b:
51:8b:00:95:94:ae:dd:22:8c:0b:ab:1b:3d:ce:15:
6a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8E:B1:BF:58:A4:51:87:C2:04:F1:C0:54:A1:55:F3:4E:91:4A:C0
X509v3 Authority Key Identifier:
keyid:BA:B7:36:76:FA:BA:F1:20:56:ED:BB:9C:79:D7:15:4F:ED:E0:1F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urc2dvq68SBW7bucedcVT-3gHyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/93f8fb-d424-4dab-9a0e-0f5be224f820/1/do6xv1ikUYfCBPHAVKFV806RSsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/93f8fb-d424-4dab-9a0e-0f5be224f820/1/urc2dvq68SBW7bucedcVT-3gHyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.134.0/24
IPv6:
2a10:1680::/32
Signature Algorithm: sha256WithRSAEncryption
13:70:ce:ae:a6:5e:2c:b1:70:aa:11:37:5b:01:8c:f9:c9:ab:
10:b3:43:ec:94:b3:a9:3e:02:84:2c:b2:de:c8:e8:87:f6:9c:
88:58:f7:af:92:69:50:de:09:60:41:fa:e9:ee:41:ee:22:25:
42:e6:ac:f5:d4:c2:69:c6:0a:76:f2:a0:b0:96:a4:94:8d:ff:
eb:86:53:51:15:52:c5:e2:8b:90:b3:48:b0:be:c5:6d:8d:ca:
f1:17:c1:88:ec:64:dc:20:17:24:1d:3c:70:f5:17:ac:26:2f:
59:8d:aa:38:12:b7:ef:4f:b5:3c:c0:d1:71:84:f7:33:7e:1d:
e5:9b:01:4c:08:a5:26:2f:78:2d:03:29:eb:f9:d4:c4:71:1f:
23:19:43:e5:b7:f0:12:a3:5b:a7:d6:e5:12:e2:b7:0a:48:d8:
ec:4c:b3:68:3c:ca:57:0f:85:a6:67:aa:fa:4f:63:ee:03:de:
a8:14:d9:88:b5:37:bb:0d:aa:f1:46:27:8c:fa:64:4e:90:6a:
e4:61:52:58:05:d9:f4:8c:45:9e:e8:eb:d4:2f:34:5a:f0:31:
d7:a4:cd:50:db:91:2c:2e:d0:ab:d1:45:97:97:43:17:55:59:
d9:f9:aa:31:85:2b:39:e0:0e:82:30:28:a1:44:50:d4:04:7a:
b9:c4:c1:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy8HxCWaZGEG89hnm1U1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjczNjc2ZmFiYWYxMjA1NmVkYmI5Yzc5ZDcxNTRmZWRl
MDFmMmMwHhcNMjMwMTAyMDAwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhlYjFiZjU4YTQ1MTg3YzIwNGYxYzA1NGExNTVmMzRlOTE0YWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3osh8Y6irdgIbNbLrvdH7Yg+o0SU
gIi8WK5vWBi4PUC9WwV92LSMxGMPCOJzzkwiN0AzCfK09aydLPSCIzDeOi6QOy/M
cBAgWn8SVY/8ramcjyjNyAkDP+ZjXNj90MJ5A9yBEnNmF2IgMiCUTq8L5gvMqNDO
RTsKh7OHJpha2Ld3AzG6Ro0t4iySTwYwDX2aW6hpPLP+va3h1+xKda5de7KJhksa
YExCC9Ba36tL+y7uFUSY9lhtNaj5A0pgbKakmqDFjHebpjyKqrPTvCzp3WCntCFL
KNFOvdXPTRu5crD5MIFO5+oUVg7INjLD3WtRiwCVlK7dIowLqxs9zhVqaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHaOsb9YpFGHwgTxwFShVfNOkUrAMB8GA1UdIwQY
MBaAFLq3Nnb6uvEgVu27nHnXFU/t4B8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJjMmR2cTY4U0JXN2J1Y2VkY1ZULTNnSHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85M2Y4ZmItZDQyNC00ZGFiLTlhMGUt
MGY1YmUyMjRmODIwLzEvZG82eHYxaWtVWWZDQlBIQVZLRlY4MDZSU3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85M2Y4ZmItZDQyNC00ZGFiLTlhMGUtMGY1YmUyMjRmODIw
LzEvdXJjMmR2cTY4U0JXN2J1Y2VkY1ZULTNnSHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWqGMA0E
AgACMAcDBQAqEBaAMA0GCSqGSIb3DQEBCwUAA4IBAQATcM6upl4ssXCqETdbAYz5
yasQs0PslLOpPgKELLLeyOiH9pyIWPevkmlQ3glgQfrp7kHuIiVC5qz11MJpxgp2
8qCwlqSUjf/rhlNRFVLF4ouQs0iwvsVtjcrxF8GI7GTcIBckHTxw9ResJi9Zjao4
ErfvT7U8wNFxhPczfh3lmwFMCKUmL3gtAynr+dTEcR8jGUPlt/ASo1un1uUS4rcK
SNjsTLNoPMpXD4WmZ6r6T2PuA96oFNmItTe7DarxRieM+mROkGrkYVJYBdn0jEWe
6OvULzRa8DHXpM1Q25EsLtCr0UWXl0MXVVnZ+aoxhSs54A6CMCihRFDUBHq5xMHi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:21 2024 by rpki-client on console-ams.rpki-client.org