Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/grjbCT2AwgwTFvjYijAZUZ0RMXw.roa
File: grjbCT2AwgwTFvjYijAZUZ0RMXw.roa (raw, json)
Hash identifier: ojyq51ir5RZpZP7JeVIuJqkMn3bo1BS7NK0QQ1v5nHo=
Subject key identifier: 82:B8:DB:09:3D:80:C2:0C:13:16:F8:D8:8A:30:19:51:9D:11:31:7C
Certificate issuer: /CN=2ab2530cbea4d43cb3761b42dadfead7e5172228
Certificate serial: 0185714C0DC678657106B1DB99FA897DE76A
Authority key identifier: 2A:B2:53:0C:BE:A4:D4:3C:B3:76:1B:42:DA:DF:EA:D7:E5:17:22:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KrJTDL6k1DyzdhtC2t_q1-UXIig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/grjbCT2AwgwTFvjYijAZUZ0RMXw.roa
Signing time: Mon 02 Jan 2023 07:04:47 +0000
ROA not before: Mon 02 Jan 2023 07:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12552
IP address blocks: 185.18.84.0/22 maxlen: 22
2a03:f440::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:0d:c6:78:65:71:06:b1:db:99:fa:89:7d:e7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ab2530cbea4d43cb3761b42dadfead7e5172228
Validity
Not Before: Jan 2 07:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82b8db093d80c20c1316f8d88a3019519d11317c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9b:7e:82:2a:bc:47:c2:3f:36:f0:08:67:82:
74:83:95:9e:f7:ef:39:ee:56:73:3c:42:96:7b:1c:
c3:84:80:7e:80:74:a0:6f:84:9f:1d:ff:ad:03:65:
19:a9:95:8b:e4:7f:53:9f:5b:43:16:cf:27:e2:60:
c0:9a:91:6b:7a:a9:01:e4:d3:35:8c:73:08:3a:50:
f9:85:84:69:ec:6e:81:7e:f0:69:91:cc:0e:07:79:
6c:64:a4:9f:4b:c8:c3:be:bb:ab:21:65:6f:bc:a9:
92:c0:2c:dc:15:d7:12:d4:23:70:85:b4:5c:5f:65:
2a:23:18:1f:ca:27:6d:60:5b:bd:3e:46:1b:6d:ca:
2e:25:d4:df:37:8e:28:7a:91:99:8a:36:d6:c7:51:
11:88:82:da:b2:f7:30:7e:b9:7c:36:4d:4b:9f:1b:
f2:08:f6:59:5f:76:f8:d0:5e:58:e7:82:a2:eb:ca:
db:fc:d9:53:e7:15:a7:42:d0:2a:f5:89:0b:7b:9a:
32:7a:6f:a7:db:1c:b1:e4:89:90:e4:59:98:20:8d:
5d:87:b2:d2:64:0c:81:41:ce:76:2f:3e:7d:42:a4:
94:b7:ff:2d:f9:4d:d2:84:1f:19:2a:48:c6:a0:6d:
22:e2:c9:e3:79:93:5e:98:fb:1a:49:17:d2:19:68:
46:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B8:DB:09:3D:80:C2:0C:13:16:F8:D8:8A:30:19:51:9D:11:31:7C
X509v3 Authority Key Identifier:
keyid:2A:B2:53:0C:BE:A4:D4:3C:B3:76:1B:42:DA:DF:EA:D7:E5:17:22:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrJTDL6k1DyzdhtC2t_q1-UXIig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/grjbCT2AwgwTFvjYijAZUZ0RMXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/KrJTDL6k1DyzdhtC2t_q1-UXIig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.84.0/22
IPv6:
2a03:f440::/32
Signature Algorithm: sha256WithRSAEncryption
50:b9:c1:5e:c7:10:2f:63:95:a6:75:ef:ed:ad:47:36:b7:16:
0d:d1:3b:89:7d:5b:83:6a:cd:a5:2b:3f:8a:d9:82:2a:da:05:
c3:65:f9:5e:fe:3d:30:c1:30:2d:57:14:d7:b6:bc:a7:b9:02:
1f:db:5a:cf:0a:ff:87:8b:2f:cd:d0:ae:05:ef:eb:87:76:29:
bd:2e:29:f7:89:69:ac:3b:ae:90:4d:04:59:e9:e0:ba:3b:f4:
9a:f0:ce:a1:e4:e4:19:18:c7:b5:9b:b9:ed:a0:f3:fa:28:23:
52:2e:fa:51:6e:28:42:dc:b0:00:42:20:58:e7:47:a4:a8:a1:
4d:e8:20:78:e3:38:6f:b2:8e:35:17:36:b5:c0:60:5a:67:63:
ae:16:5d:05:98:af:9e:94:ad:ef:cf:70:ba:42:ef:42:3e:ff:
7e:d1:19:dc:5d:3e:76:f7:1a:2b:f8:6e:35:ef:93:42:0d:16:
9b:ac:39:6e:52:96:9c:04:39:23:6e:8d:d5:99:ee:90:6e:0d:
74:f6:53:d4:06:33:70:2b:d0:86:3b:97:72:8c:59:d0:8b:07:
4a:a7:ab:70:69:ec:14:f5:87:b8:f7:06:04:8b:7e:55:bc:00:
90:7d:eb:4e:bf:98:37:8b:a1:2b:61:35:49:fe:ef:ac:3a:24:
66:e4:17:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxTA3GeGVxBrHbmfqJfedqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjI1MzBjYmVhNGQ0M2NiMzc2MWI0MmRhZGZlYWQ3ZTUx
NzIyMjgwHhcNMjMwMTAyMDcwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI4ZGIwOTNkODBjMjBjMTMxNmY4ZDg4YTMwMTk1MTlkMTEzMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJt+giq8R8I/NvAIZ4J0g5We9+85
7lZzPEKWexzDhIB+gHSgb4SfHf+tA2UZqZWL5H9Tn1tDFs8n4mDAmpFreqkB5NM1
jHMIOlD5hYRp7G6BfvBpkcwOB3lsZKSfS8jDvrurIWVvvKmSwCzcFdcS1CNwhbRc
X2UqIxgfyidtYFu9PkYbbcouJdTfN44oepGZijbWx1ERiILasvcwfrl8Nk1Lnxvy
CPZZX3b40F5Y54Ki68rb/NlT5xWnQtAq9YkLe5oyem+n2xyx5ImQ5FmYII1dh7LS
ZAyBQc52Lz59QqSUt/8t+U3ShB8ZKkjGoG0i4snjeZNemPsaSRfSGWhGlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIK42wk9gMIMExb42IowGVGdETF8MB8GA1UdIwQY
MBaAFCqyUwy+pNQ8s3YbQtrf6tflFyIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JKVERMNmsxRHl6ZGh0QzJ0X3ExLVVYSWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82OWRhOTgtODRkNi00MDgxLTgzZGEt
ZDJiNzIzMGEzZGY4LzEvZ3JqYkNUMkF3Z3dURnZqWWlqQVpVWjBSTVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82OWRhOTgtODRkNi00MDgxLTgzZGEtZDJiNzIzMGEzZGY4
LzEvS3JKVERMNmsxRHl6ZGh0QzJ0X3ExLVVYSWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRJUMA0E
AgACMAcDBQAqA/RAMA0GCSqGSIb3DQEBCwUAA4IBAQBQucFexxAvY5Wmde/trUc2
txYN0TuJfVuDas2lKz+K2YIq2gXDZfle/j0wwTAtVxTXtrynuQIf21rPCv+Hiy/N
0K4F7+uHdim9Lin3iWmsO66QTQRZ6eC6O/Sa8M6h5OQZGMe1m7ntoPP6KCNSLvpR
bihC3LAAQiBY50ekqKFN6CB44zhvso41Fza1wGBaZ2OuFl0FmK+elK3vz3C6Qu9C
Pv9+0RncXT529xor+G4175NCDRabrDluUpacBDkjbo3Vme6Qbg109lPUBjNwK9CG
O5dyjFnQiwdKp6twaewU9Ye49wYEi35VvACQfetOv5g3i6ErYTVJ/u+sOiRm5BfK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:44 2024 by rpki-client on console-fra.rpki-client.org