Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/DAA239jcQO2JUzIpjwOgc4rOWLA.roa
File: DAA239jcQO2JUzIpjwOgc4rOWLA.roa (raw, json)
Hash identifier: pqlwD2VlFSEwYLxjqD0cf1jq9JWiIlJjDrrMBKSMjXE=
Subject key identifier: 0C:00:36:DF:D8:DC:40:ED:89:53:32:29:8F:03:A0:73:8A:CE:58:B0
Certificate issuer: /CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Certificate serial: 01860D51CE2DFC0B3352E0BF59A065E01489
Authority key identifier: EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/DAA239jcQO2JUzIpjwOgc4rOWLA.roa
Signing time: Wed 01 Feb 2023 14:11:50 +0000
ROA not before: Wed 01 Feb 2023 14:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16134
IP address blocks: 185.66.72.0/24 maxlen: 24
2a0a:ee40:1::/48 maxlen: 48
2a0a:ee40:4::/48 maxlen: 48
2a0a:ee40:2::/48 maxlen: 48
2a0a:ee40::/32 maxlen: 32
2a0a:ee40:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:51:ce:2d:fc:0b:33:52:e0:bf:59:a0:65:e0:14:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Validity
Not Before: Feb 1 14:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c0036dfd8dc40ed895332298f03a0738ace58b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bf:10:08:10:3b:3f:8d:e3:a0:9a:e5:88:83:
45:1c:fc:c8:7e:71:b7:b6:19:1b:59:0c:61:4f:b0:
7d:ac:64:b5:72:ec:99:bf:60:25:ca:2d:ca:34:6e:
57:b6:76:d9:f9:74:44:df:18:40:35:d8:d1:39:e8:
7a:85:dd:d7:fc:d9:c4:1a:27:d6:d3:41:2b:18:21:
58:06:15:a2:71:8b:35:03:37:10:2b:8a:80:86:79:
eb:07:06:32:87:42:73:55:73:45:40:a7:45:97:ac:
f3:49:b8:c6:35:70:8f:76:b4:b3:88:e8:d1:01:c7:
75:0c:aa:90:07:f1:d9:9e:c1:0d:1b:ef:0a:a7:9d:
36:89:38:08:ce:17:a5:0c:51:00:0e:a3:06:b1:50:
32:ac:7e:7a:98:d7:8b:d3:ec:32:07:00:ac:8e:3a:
e4:ec:86:6f:98:36:fd:81:b4:ef:e1:c7:e5:67:c2:
c5:34:4f:f3:cd:65:a0:a3:8c:37:70:0f:e5:73:75:
f8:ae:c7:90:79:6b:f4:0d:8b:81:1d:b5:f0:6e:29:
92:39:e8:a9:f1:49:91:db:17:5e:8f:6d:cc:e4:64:
24:34:e6:d1:59:f7:c1:19:32:cd:d5:ca:ef:9b:3d:
74:d8:31:38:fa:d5:50:7b:86:c6:fc:a8:35:b6:b5:
77:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:00:36:DF:D8:DC:40:ED:89:53:32:29:8F:03:A0:73:8A:CE:58:B0
X509v3 Authority Key Identifier:
keyid:EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/DAA239jcQO2JUzIpjwOgc4rOWLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.72.0/24
IPv6:
2a0a:ee40::/32
Signature Algorithm: sha256WithRSAEncryption
57:16:db:ee:b5:22:86:0b:b2:e4:5b:b1:49:fd:11:ed:5c:eb:
7b:66:87:5b:a5:8a:ff:fa:13:cd:e5:fe:fb:f8:5f:54:53:ba:
d9:21:6e:ca:3a:52:ca:39:c5:54:fb:52:4d:8f:5f:e7:db:68:
02:1b:5f:50:b3:40:bb:16:cc:36:43:0d:f6:b3:2c:a0:5e:29:
a8:9f:e5:0d:4d:cc:e7:fe:5e:da:14:23:09:0a:ca:e1:18:22:
64:9a:24:91:0b:04:43:97:08:04:25:66:d3:6c:bb:ee:e3:88:
86:46:d4:ef:c4:a4:f4:cb:d3:25:72:7e:28:b4:2c:0a:5d:86:
be:50:ef:ca:71:e7:de:cb:8f:eb:1e:dc:55:1a:87:5c:cc:9d:
59:96:a3:20:c9:6d:2b:92:bd:cb:65:89:bd:ca:66:40:4d:7e:
16:2c:5b:fb:57:96:ce:df:d1:80:fc:ee:c7:d2:c6:4e:79:92:
71:49:48:58:c8:56:b0:c7:b7:23:b5:83:75:92:e5:39:53:c9:
be:28:eb:ae:27:c7:9e:80:b6:4a:2d:bc:10:ca:eb:c9:9b:3d:
5d:48:89:e3:3f:c2:0c:fc:fa:6c:27:8b:72:37:00:65:a8:b2:
b4:90:bf:a8:51:ca:8a:d2:f3:14:9b:96:3e:ac:7a:3d:ff:bd:
87:4f:f1:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYNUc4t/AszUuC/WaBl4BSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNGY3ODk0NzM0MWNlNTU4ODhiN2ViZjM2OTAxNDNiMGNi
ZmYzZDYwHhcNMjMwMjAxMTQxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzAwMzZkZmQ4ZGM0MGVkODk1MzMyMjk4ZjAzYTA3MzhhY2U1OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL8QCBA7P43joJrliINFHPzIfnG3
thkbWQxhT7B9rGS1cuyZv2Alyi3KNG5XtnbZ+XRE3xhANdjROeh6hd3X/NnEGifW
00ErGCFYBhWicYs1AzcQK4qAhnnrBwYyh0JzVXNFQKdFl6zzSbjGNXCPdrSziOjR
Acd1DKqQB/HZnsENG+8Kp502iTgIzhelDFEADqMGsVAyrH56mNeL0+wyBwCsjjrk
7IZvmDb9gbTv4cflZ8LFNE/zzWWgo4w3cA/lc3X4rseQeWv0DYuBHbXwbimSOeip
8UmR2xdej23M5GQkNObRWffBGTLN1crvmz102DE4+tVQe4bG/Kg1trV3LwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAwANt/Y3EDtiVMyKY8DoHOKzliwMB8GA1UdIwQY
MBaAFO9PeJRzQc5ViIt+vzaQFDsMv/PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAt
OWJhYTY2Y2ExNDA0LzEvREFBMjM5amNRTzJKVXpJcGp3T2djNHJPV0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAtOWJhYTY2Y2ExNDA0
LzEvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUJIMA0E
AgACMAcDBQAqCu5AMA0GCSqGSIb3DQEBCwUAA4IBAQBXFtvutSKGC7LkW7FJ/RHt
XOt7ZodbpYr/+hPN5f77+F9UU7rZIW7KOlLKOcVU+1JNj1/n22gCG19Qs0C7Fsw2
Qw32syygXimon+UNTczn/l7aFCMJCsrhGCJkmiSRCwRDlwgEJWbTbLvu44iGRtTv
xKT0y9Mlcn4otCwKXYa+UO/Kcefey4/rHtxVGodczJ1ZlqMgyW0rkr3LZYm9ymZA
TX4WLFv7V5bO39GA/O7H0sZOeZJxSUhYyFawx7cjtYN1kuU5U8m+KOuuJ8eegLZK
LbwQyuvJmz1dSInjP8IM/PpsJ4tyNwBlqLK0kL+oUcqK0vMUm5Y+rHo9/72HT/Go
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:26 2024 by rpki-client on console-fra.rpki-client.org