Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/c0LNNVUvrSi7tmANK6XSc2A-qyA.roa
File: c0LNNVUvrSi7tmANK6XSc2A-qyA.roa (raw, json)
Hash identifier: tF8/7KNVeaZwt8zf4OEns8BOCyzLeccMH9C6P8qFke8=
Subject key identifier: 73:42:CD:35:55:2F:AD:28:BB:B6:60:0D:2B:A5:D2:73:60:3E:AB:20
Certificate issuer: /CN=8f281090c400a56166fc88b4f37a5cbaed2185f0
Certificate serial: 01856CB864E7F86EE530D78015F2577290D3
Authority key identifier: 8F:28:10:90:C4:00:A5:61:66:FC:88:B4:F3:7A:5C:BA:ED:21:85:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygQkMQApWFm_Ii083pcuu0hhfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/c0LNNVUvrSi7tmANK6XSc2A-qyA.roa
Signing time: Sun 01 Jan 2023 09:45:01 +0000
ROA not before: Sun 01 Jan 2023 09:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55081
IP address blocks: 185.239.172.0/22 maxlen: 22
2a0c:5c86::/32 maxlen: 32
2a0c:5c84::/32 maxlen: 32
2a0c:5c82::/32 maxlen: 32
2a0c:5c80::/32 maxlen: 32
2a0c:5c83::/32 maxlen: 32
2a0c:5c85::/32 maxlen: 32
2a0c:5c87::/32 maxlen: 32
2a0c:5c81::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:64:e7:f8:6e:e5:30:d7:80:15:f2:57:72:90:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f281090c400a56166fc88b4f37a5cbaed2185f0
Validity
Not Before: Jan 1 09:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7342cd35552fad28bbb6600d2ba5d273603eab20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7e:ac:93:8d:f7:39:b0:c1:a2:52:d0:b6:9f:
d1:dc:2a:3f:9c:ff:b7:a5:7e:fd:b0:59:1e:b0:1b:
5d:56:a5:04:79:d4:af:02:a1:60:6e:fb:0a:a6:ba:
41:d4:42:26:8d:74:2c:36:78:3c:70:36:91:25:b5:
7f:23:fb:d8:32:7e:11:e6:45:13:c2:30:2c:fb:26:
5c:9a:e5:fe:ca:ba:42:ec:0f:34:f3:4e:41:50:b9:
da:c7:e5:cf:45:17:34:74:78:2d:9a:21:86:ad:fb:
ba:4a:90:f1:49:6a:ff:13:69:5f:5b:47:64:3a:69:
d2:10:6f:91:61:a8:e6:f4:a6:b1:6f:c0:24:ce:4f:
e4:ec:a4:7d:f0:9e:6c:22:a1:32:54:01:79:b6:a7:
87:45:45:15:b3:b5:d5:c9:d7:6b:b5:20:05:c2:f2:
a2:b3:85:2e:12:5d:ad:c9:e5:75:e6:c5:6a:8a:02:
0e:79:35:08:e9:75:37:af:67:bc:ce:90:79:b7:c2:
a7:8b:f5:66:15:2f:ea:70:16:ba:89:e1:38:fb:05:
0d:26:b5:ca:98:d5:78:a8:4e:5e:ca:3e:5f:8a:d2:
3e:cf:28:f2:be:ae:19:16:c1:50:64:0a:ac:e3:01:
e7:bc:a8:82:b8:cf:65:a5:14:e1:1b:d2:67:d2:07:
54:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:42:CD:35:55:2F:AD:28:BB:B6:60:0D:2B:A5:D2:73:60:3E:AB:20
X509v3 Authority Key Identifier:
keyid:8F:28:10:90:C4:00:A5:61:66:FC:88:B4:F3:7A:5C:BA:ED:21:85:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygQkMQApWFm_Ii083pcuu0hhfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/c0LNNVUvrSi7tmANK6XSc2A-qyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/jygQkMQApWFm_Ii083pcuu0hhfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.172.0/22
IPv6:
2a0c:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
73:ac:5b:e9:e2:a3:be:bf:a0:c3:9b:9a:85:44:11:f4:f6:e7:
8f:15:de:0a:9a:f8:f9:94:3d:6f:11:bb:6a:d0:23:4f:a9:ce:
e2:8b:5c:47:a9:ff:0c:e5:ae:1e:5d:50:57:f6:03:a7:24:d7:
98:49:56:62:97:36:88:f6:7f:64:8b:07:ba:e2:e9:e4:94:8c:
8a:79:55:13:e8:d8:ba:9f:93:72:06:7e:81:41:9f:f9:2e:00:
20:00:f9:cd:6a:ac:82:1f:42:22:f5:3c:37:e5:bd:83:0b:2f:
42:0a:e8:34:27:75:41:a6:7f:17:b7:58:d6:54:1c:61:47:f0:
cc:9a:58:14:61:2d:f3:46:d7:6c:1b:53:00:4b:36:da:fe:c0:
68:79:7e:9b:ba:ed:c9:fa:92:e0:c1:ed:c2:7a:74:2d:11:8c:
bc:8b:1b:97:1f:9e:61:08:f9:0c:7c:d0:94:2b:eb:c7:b9:43:
9c:95:19:b9:90:50:44:4d:ad:55:86:4f:e5:af:bb:e3:3e:9e:
71:00:62:67:2b:f1:5c:9a:f5:06:6c:d7:f9:04:b5:15:41:d1:
2a:5b:26:2f:71:f6:5c:2f:bc:ab:f0:01:69:34:74:2d:98:70:
c9:f6:73:41:d2:b6:d5:5c:04:a4:4e:35:a6:37:3a:6e:14:7a:
13:57:9c:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsuGTn+G7lMNeAFfJXcpDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgxMDkwYzQwMGE1NjE2NmZjODhiNGYzN2E1Y2JhZWQy
MTg1ZjAwHhcNMjMwMTAxMDk0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQyY2QzNTU1MmZhZDI4YmJiNjYwMGQyYmE1ZDI3MzYwM2VhYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs36sk433ObDBolLQtp/R3Co/nP+3
pX79sFkesBtdVqUEedSvAqFgbvsKprpB1EImjXQsNng8cDaRJbV/I/vYMn4R5kUT
wjAs+yZcmuX+yrpC7A80805BULnax+XPRRc0dHgtmiGGrfu6SpDxSWr/E2lfW0dk
OmnSEG+RYajm9Kaxb8Akzk/k7KR98J5sIqEyVAF5tqeHRUUVs7XVyddrtSAFwvKi
s4UuEl2tyeV15sVqigIOeTUI6XU3r2e8zpB5t8Kni/VmFS/qcBa6ieE4+wUNJrXK
mNV4qE5eyj5fitI+zyjyvq4ZFsFQZAqs4wHnvKiCuM9lpRThG9Jn0gdUawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHNCzTVVL60ou7ZgDSul0nNgPqsgMB8GA1UdIwQY
MBaAFI8oEJDEAKVhZvyItPN6XLrtIYXwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlnUWtNUUFwV0ZtX0lpMDgzcGN1dTBoaGZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8zMjIyZTItNjQ1Ni00YzZhLWIxOTct
MjA1ODk1OTYxNDkzLzEvYzBMTk5WVXZyU2k3dG1BTks2WFNjMkEtcXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8zMjIyZTItNjQ1Ni00YzZhLWIxOTctMjA1ODk1OTYxNDkz
LzEvanlnUWtNUUFwV0ZtX0lpMDgzcGN1dTBoaGZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue+sMA0E
AgACMAcDBQMqDFyAMA0GCSqGSIb3DQEBCwUAA4IBAQBzrFvp4qO+v6DDm5qFRBH0
9uePFd4Kmvj5lD1vEbtq0CNPqc7ii1xHqf8M5a4eXVBX9gOnJNeYSVZilzaI9n9k
iwe64unklIyKeVUT6Ni6n5NyBn6BQZ/5LgAgAPnNaqyCH0Ii9Tw35b2DCy9CCug0
J3VBpn8Xt1jWVBxhR/DMmlgUYS3zRtdsG1MASzba/sBoeX6buu3J+pLgwe3CenQt
EYy8ixuXH55hCPkMfNCUK+vHuUOclRm5kFBETa1Vhk/lr7vjPp5xAGJnK/FcmvUG
bNf5BLUVQdEqWyYvcfZcL7yr8AFpNHQtmHDJ9nNB0rbVXASkTjWmNzpuFHoTV5yL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:26 2024 by rpki-client on console-fra.rpki-client.org