Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/1OgCbuoyIvnrSy1Mtd8dlZPgzDY.roa
File: 1OgCbuoyIvnrSy1Mtd8dlZPgzDY.roa (raw, json)
Hash identifier: gMIwTXxbXczcNpihRpvv+Q6ug3/s12RHcMcZi9Dbqc4=
Subject key identifier: D4:E8:02:6E:EA:32:22:F9:EB:4B:2D:4C:B5:DF:1D:95:93:E0:CC:36
Certificate issuer: /CN=1474b6fc67b6b90db311c61fc0e3a9c752833c56
Certificate serial: 01856CC16B37DCE5034FA5414DFF5308CEDC
Authority key identifier: 14:74:B6:FC:67:B6:B9:0D:B3:11:C6:1F:C0:E3:A9:C7:52:83:3C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/1OgCbuoyIvnrSy1Mtd8dlZPgzDY.roa
Signing time: Sun 01 Jan 2023 09:54:53 +0000
ROA not before: Sun 01 Jan 2023 09:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203615
IP address blocks: 185.127.181.0/24 maxlen: 24
185.127.180.0/24 maxlen: 24
185.127.180.0/22 maxlen: 24
2a06:cb00::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:6b:37:dc:e5:03:4f:a5:41:4d:ff:53:08:ce:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1474b6fc67b6b90db311c61fc0e3a9c752833c56
Validity
Not Before: Jan 1 09:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4e8026eea3222f9eb4b2d4cb5df1d9593e0cc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:df:8e:72:c3:a2:ac:8b:6f:8a:84:32:55:69:
99:43:06:50:86:e3:05:61:d9:6e:b9:ad:ef:a2:98:
19:be:d4:e6:3a:a4:c1:78:3e:ec:34:ce:4f:40:e7:
00:5c:2c:8b:c7:7e:36:22:9e:6f:d4:2d:42:44:a7:
26:b3:cd:50:cf:5f:ba:02:61:aa:ca:c9:ef:b4:4c:
51:15:a5:fb:35:fb:38:bb:e3:b8:6a:65:e4:ef:9a:
4b:88:1c:ca:af:54:49:37:bd:f2:d9:13:e0:22:09:
ad:29:69:13:3b:47:70:b1:6a:9d:32:92:fe:5a:f9:
37:87:06:79:58:d1:d4:12:5a:15:50:a8:0a:36:78:
19:8b:86:64:38:a2:26:31:b6:28:95:98:5a:2c:fc:
d4:ae:1f:76:e1:38:73:be:ab:65:92:9e:a4:a8:a8:
0b:00:b4:ba:79:ea:41:c3:a3:b8:2b:d7:d5:72:7b:
db:9b:b5:51:9a:9b:ea:5b:a2:bb:b8:75:d6:bc:79:
a1:24:32:ca:b3:85:7a:83:80:98:cf:a6:c5:47:bb:
0d:01:63:40:4c:01:8e:4b:fc:2f:5a:a4:77:f3:ac:
d4:39:45:f5:1e:c2:04:f9:7d:63:01:57:c9:cc:cc:
b9:d1:5a:15:9a:da:d9:8b:66:45:40:f5:ce:ad:79:
a3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E8:02:6E:EA:32:22:F9:EB:4B:2D:4C:B5:DF:1D:95:93:E0:CC:36
X509v3 Authority Key Identifier:
keyid:14:74:B6:FC:67:B6:B9:0D:B3:11:C6:1F:C0:E3:A9:C7:52:83:3C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/1OgCbuoyIvnrSy1Mtd8dlZPgzDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.180.0/22
IPv6:
2a06:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
1f:69:8e:24:eb:53:4f:df:83:10:94:02:20:2d:b4:d8:41:1e:
14:65:58:e2:a7:19:4e:77:be:a8:15:99:2e:6b:79:fa:35:61:
e5:e4:da:ff:55:81:d1:8f:1c:24:41:ed:d7:81:f9:2d:fd:3b:
82:69:64:b2:f3:8b:ac:7d:c7:45:bc:3e:68:0a:77:8f:b2:25:
b8:8f:d2:83:b6:fe:cb:a2:d5:1e:b3:e3:ad:43:05:fc:c6:5e:
12:d0:5e:9b:02:0f:db:54:72:59:99:59:5e:b0:5e:e3:7d:67:
76:58:6c:aa:ec:4c:c7:a1:d1:9a:82:68:82:71:b2:41:23:76:
b2:0e:77:d6:fd:61:1a:96:f5:18:41:1c:ed:5f:f7:39:ba:6c:
44:3d:7f:dc:e5:28:72:07:68:f9:2d:fd:e4:01:6d:4c:4d:de:
05:7e:61:b5:c9:81:fa:eb:1e:1c:55:93:47:06:d0:de:53:cc:
d0:b1:09:66:0b:2d:19:e7:38:4c:a0:45:9e:41:62:f2:d2:fb:
0b:22:18:6e:7a:e9:39:a6:c3:43:72:2f:7a:6c:e3:1b:c2:1e:
68:19:66:63:9a:4c:f2:55:7b:41:26:3c:a7:dd:a2:b2:48:9d:
9f:41:f0:5a:a1:13:04:7f:9c:58:2c:79:4b:07:e5:23:40:7e:
8e:42:4a:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswWs33OUDT6VBTf9TCM7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NzRiNmZjNjdiNmI5MGRiMzExYzYxZmMwZTNhOWM3NTI4
MzNjNTYwHhcNMjMwMTAxMDk1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU4MDI2ZWVhMzIyMmY5ZWI0YjJkNGNiNWRmMWQ5NTkzZTBjYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN+OcsOirItvioQyVWmZQwZQhuMF
Ydluua3vopgZvtTmOqTBeD7sNM5PQOcAXCyLx342Ip5v1C1CRKcms81Qz1+6AmGq
ysnvtExRFaX7Nfs4u+O4amXk75pLiBzKr1RJN73y2RPgIgmtKWkTO0dwsWqdMpL+
Wvk3hwZ5WNHUEloVUKgKNngZi4ZkOKImMbYolZhaLPzUrh924Thzvqtlkp6kqKgL
ALS6eepBw6O4K9fVcnvbm7VRmpvqW6K7uHXWvHmhJDLKs4V6g4CYz6bFR7sNAWNA
TAGOS/wvWqR386zUOUX1HsIE+X1jAVfJzMy50VoVmtrZi2ZFQPXOrXmjDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNToAm7qMiL560stTLXfHZWT4Mw2MB8GA1UdIwQY
MBaAFBR0tvxntrkNsxHGH8DjqcdSgzxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkhTMl9HZTJ1UTJ6RWNZZndPT3B4MUtEUEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iMWI0MWQtZDg4Ni00NDJhLTk1MjQt
OGM1NmQ4ZmUxN2I1LzEvMU9nQ2J1b3lJdm5yU3kxTXRkOGRsWlBnekRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iMWI0MWQtZDg4Ni00NDJhLTk1MjQtOGM1NmQ4ZmUxN2I1
LzEvRkhTMl9HZTJ1UTJ6RWNZZndPT3B4MUtEUEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX+0MA0E
AgACMAcDBQMqBssAMA0GCSqGSIb3DQEBCwUAA4IBAQAfaY4k61NP34MQlAIgLbTY
QR4UZVjipxlOd76oFZkua3n6NWHl5Nr/VYHRjxwkQe3Xgfkt/TuCaWSy84usfcdF
vD5oCnePsiW4j9KDtv7LotUes+OtQwX8xl4S0F6bAg/bVHJZmVlesF7jfWd2WGyq
7EzHodGagmiCcbJBI3ayDnfW/WEalvUYQRztX/c5umxEPX/c5ShyB2j5Lf3kAW1M
Td4FfmG1yYH66x4cVZNHBtDeU8zQsQlmCy0Z5zhMoEWeQWLy0vsLIhhueuk5psND
ci96bOMbwh5oGWZjmkzyVXtBJjyn3aKySJ2fQfBaoRMEf5xYLHlLB+UjQH6OQkpe
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:49 2024 by rpki-client on console-fra.rpki-client.org