Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/lJz6aT8igCAcvVwU-uw_HWmyuro.roa
File: lJz6aT8igCAcvVwU-uw_HWmyuro.roa (raw, json)
Hash identifier: 0lXr/vTyTgLxCcUyKZgqiGZP8Ek3GrDik4RMtV5Zo34=
Subject key identifier: 94:9C:FA:69:3F:22:80:20:1C:BD:5C:14:FA:EC:3F:1D:69:B2:BA:BA
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 018572310FA4088BF7CB9BB55FFB1D91470D
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/lJz6aT8igCAcvVwU-uw_HWmyuro.roa
Signing time: Mon 02 Jan 2023 11:14:55 +0000
ROA not before: Mon 02 Jan 2023 11:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59811
IP address blocks: 185.66.206.0/24 maxlen: 24
2a04:1840::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 23 Jun 2023 12:11:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:0f:a4:08:8b:f7:cb:9b:b5:5f:fb:1d:91:47:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Jan 2 11:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=949cfa693f2280201cbd5c14faec3f1d69b2baba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:90:57:e3:bb:7f:21:27:4f:83:17:b6:bb:15:
45:79:38:66:48:51:7c:17:46:d4:9f:6a:99:d9:02:
f4:35:7c:50:96:e9:2c:61:56:0a:3e:10:8f:bf:7c:
d7:ae:d3:d3:e5:be:59:0f:91:5b:e0:08:7d:57:92:
f9:f4:81:5e:1b:63:f5:f7:bb:60:d1:45:af:12:10:
2a:c2:43:8d:92:7e:14:09:d7:f6:52:f1:fe:3b:58:
85:de:3f:c9:8a:25:e4:03:b4:81:40:45:aa:94:28:
3f:a5:0f:9d:8f:fb:3a:d5:71:68:db:dd:f6:f7:cd:
80:63:05:5f:ce:65:09:aa:31:6e:f6:03:1e:da:29:
05:c3:0d:1d:a6:39:92:b1:7e:49:af:30:a2:39:7a:
a0:df:dc:2f:36:ab:e1:42:8a:ee:8b:ea:12:13:85:
77:dd:45:1f:d0:70:60:75:ba:8f:53:25:b5:7f:93:
98:86:52:15:a0:7f:4a:15:98:0e:9d:0c:e0:da:84:
2e:39:e9:e7:27:14:c4:c9:78:44:b6:66:3e:2d:fc:
91:66:3a:0a:d6:89:51:1c:a8:78:3c:1d:e7:6a:1a:
49:9e:68:81:de:ba:ab:c5:d2:70:06:72:22:9c:07:
ea:4c:82:2b:92:ba:ad:a7:19:2e:64:8d:2a:1f:45:
31:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9C:FA:69:3F:22:80:20:1C:BD:5C:14:FA:EC:3F:1D:69:B2:BA:BA
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/lJz6aT8igCAcvVwU-uw_HWmyuro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.206.0/24
IPv6:
2a04:1840::/29
Signature Algorithm: sha256WithRSAEncryption
69:bf:de:f2:f2:3b:81:de:19:0f:50:0c:46:15:47:7b:b5:d2:
fc:49:5a:07:93:61:96:23:79:cc:f6:0e:29:18:6c:f4:95:e0:
1e:2b:1a:62:ad:1d:b1:ea:15:39:5a:dd:45:ac:ff:9c:5d:8b:
a5:01:23:80:77:6c:3c:93:60:06:2e:65:42:01:bf:fd:e3:d9:
7a:b4:88:a5:3e:8a:73:64:6f:92:4c:da:62:c4:37:71:5e:94:
84:86:22:66:ea:a0:56:54:db:d2:df:2a:ed:75:07:73:00:5f:
d7:53:7e:2b:54:ec:bb:43:5f:e9:9b:c0:b3:c4:14:e7:e1:9f:
71:e9:0b:17:87:76:6e:29:bb:11:63:fa:b8:68:23:a6:58:7b:
95:b8:f9:a4:c4:6b:62:97:c6:53:60:53:c4:cb:0f:71:83:44:
0f:e8:5c:3a:68:51:a5:d4:ba:08:78:69:0f:db:65:fc:f8:21:
3d:4b:2d:83:84:30:d8:a1:6c:c6:85:ec:9c:70:68:eb:b9:1f:
cf:df:88:59:9c:2e:ae:8e:b3:91:b2:3f:2c:0c:c7:df:8a:1b:
f2:53:24:01:2f:11:20:8d:88:21:9f:96:c6:9a:d2:f3:b9:75:
7b:29:5d:96:85:63:d9:37:b4:0c:54:d6:c2:79:2d:b1:c9:6b:
bb:42:47:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyMQ+kCIv3y5u1X/sdkUcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjMwMTAyMTExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDljZmE2OTNmMjI4MDIwMWNiZDVjMTRmYWVjM2YxZDY5YjJiYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJBX47t/ISdPgxe2uxVFeThmSFF8
F0bUn2qZ2QL0NXxQluksYVYKPhCPv3zXrtPT5b5ZD5Fb4Ah9V5L59IFeG2P197tg
0UWvEhAqwkONkn4UCdf2UvH+O1iF3j/JiiXkA7SBQEWqlCg/pQ+dj/s61XFo2932
982AYwVfzmUJqjFu9gMe2ikFww0dpjmSsX5JrzCiOXqg39wvNqvhQorui+oSE4V3
3UUf0HBgdbqPUyW1f5OYhlIVoH9KFZgOnQzg2oQuOennJxTEyXhEtmY+LfyRZjoK
1olRHKh4PB3nahpJnmiB3rqrxdJwBnIinAfqTIIrkrqtpxkuZI0qH0UxgQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJSc+mk/IoAgHL1cFPrsPx1psrq6MB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvbEp6NmFUOGlnQ0FjdlZ3VS11d19IV215dXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuULOMA0E
AgACMAcDBQMqBBhAMA0GCSqGSIb3DQEBCwUAA4IBAQBpv97y8juB3hkPUAxGFUd7
tdL8SVoHk2GWI3nM9g4pGGz0leAeKxpirR2x6hU5Wt1FrP+cXYulASOAd2w8k2AG
LmVCAb/949l6tIilPopzZG+STNpixDdxXpSEhiJm6qBWVNvS3yrtdQdzAF/XU34r
VOy7Q1/pm8CzxBTn4Z9x6QsXh3ZuKbsRY/q4aCOmWHuVuPmkxGtil8ZTYFPEyw9x
g0QP6Fw6aFGl1LoIeGkP22X8+CE9Sy2DhDDYoWzGheyccGjruR/P34hZnC6ujrOR
sj8sDMffihvyUyQBLxEgjYghn5bGmtLzuXV7KV2WhWPZN7QMVNbCeS2xyWu7Qkda
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:18 2024 by rpki-client on console-ams.rpki-client.org