Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1ac795-2e93-4056-93d9-684e855d7ddc/1/_vaKqvQ4SC04Z8EyuFvo7w0-IuU.roa
File: _vaKqvQ4SC04Z8EyuFvo7w0-IuU.roa (raw, json)
Hash identifier: yN+LznOuFL0w2aUpfUaqGgtuWRpXVby+zohEdNEUPGM=
Subject key identifier: FE:F6:8A:AA:F4:38:48:2D:38:67:C1:32:B8:5B:E8:EF:0D:3E:22:E5
Certificate issuer: /CN=2e03bff3e7352373238964647dfd893b26a3b349
Certificate serial: 01856F94A9870EE4EE5CD3B8B1758E5146F3
Authority key identifier: 2E:03:BF:F3:E7:35:23:73:23:89:64:64:7D:FD:89:3B:26:A3:B3:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgO_8-c1I3MjiWRkff2JOyajs0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1ac795-2e93-4056-93d9-684e855d7ddc/1/_vaKqvQ4SC04Z8EyuFvo7w0-IuU.roa
Signing time: Sun 01 Jan 2023 23:04:51 +0000
ROA not before: Sun 01 Jan 2023 23:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202970
IP address blocks: 185.148.232.0/23 maxlen: 23
185.148.232.0/22 maxlen: 22
185.148.234.0/23 maxlen: 23
185.148.234.0/24 maxlen: 24
185.148.235.0/24 maxlen: 24
2a07:62c0::/29 maxlen: 29
2a07:62c0::/30 maxlen: 30
2a07:62c4::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:a9:87:0e:e4:ee:5c:d3:b8:b1:75:8e:51:46:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e03bff3e7352373238964647dfd893b26a3b349
Validity
Not Before: Jan 1 23:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fef68aaaf438482d3867c132b85be8ef0d3e22e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2a:c5:70:63:b4:24:bd:6e:fb:8b:f4:70:ae:
99:17:5c:ca:0b:24:ad:b5:cb:18:93:bc:6c:b9:70:
71:96:01:a9:52:de:6b:eb:f9:76:26:69:17:b6:7e:
ba:18:5d:ce:01:3a:4f:28:70:13:b9:e4:ab:a8:af:
42:20:8a:e6:23:1c:7f:28:01:78:78:f6:99:dc:90:
cc:bf:b9:6c:a9:9e:d9:36:47:f8:aa:30:f0:53:9c:
e7:14:fd:d3:30:68:47:c4:77:4e:66:ca:f7:64:a5:
c1:89:88:99:d3:7e:e4:aa:f2:c0:ce:a5:53:9d:03:
8b:63:86:e7:95:a3:a3:e9:a1:0a:07:88:11:ce:22:
85:a2:4e:60:61:43:e6:db:cb:7e:24:f7:07:92:bb:
0f:0b:eb:51:bb:c2:a9:cc:2d:60:93:f4:8d:a7:c8:
26:7e:30:4e:42:17:1c:46:34:d8:8b:bd:b1:1b:da:
0f:82:06:62:15:25:dd:c2:c5:77:e8:ad:81:51:76:
04:df:7d:e0:30:b1:00:44:40:b9:ac:ba:74:9e:1a:
28:b3:0f:b1:e8:c0:6e:29:45:5e:54:52:b9:6c:6e:
03:47:3a:f1:15:7b:82:62:f5:91:9c:85:a4:3e:21:
6f:b6:5e:85:ed:7e:8a:75:1b:76:36:9d:4b:45:0c:
c7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F6:8A:AA:F4:38:48:2D:38:67:C1:32:B8:5B:E8:EF:0D:3E:22:E5
X509v3 Authority Key Identifier:
keyid:2E:03:BF:F3:E7:35:23:73:23:89:64:64:7D:FD:89:3B:26:A3:B3:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgO_8-c1I3MjiWRkff2JOyajs0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1ac795-2e93-4056-93d9-684e855d7ddc/1/_vaKqvQ4SC04Z8EyuFvo7w0-IuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1ac795-2e93-4056-93d9-684e855d7ddc/1/LgO_8-c1I3MjiWRkff2JOyajs0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.232.0/22
IPv6:
2a07:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:3c:e9:0d:ec:b7:f1:ce:60:2a:49:b7:ae:c3:fa:e6:40:fa:
b6:8a:4e:c8:5d:04:a8:eb:27:ad:bf:6e:43:40:37:ff:9c:b9:
8c:0d:2f:9c:a8:a8:62:c2:0e:b0:5a:ff:1a:a7:ec:27:27:5b:
20:56:38:34:9e:4a:18:83:a5:52:97:84:da:90:4a:5d:86:f3:
88:e9:bc:b8:3e:e2:79:20:d3:4b:f9:f9:3f:a2:dd:d6:93:9d:
4a:c2:1d:2b:c6:64:59:f0:f4:a1:c6:1c:32:de:3f:f5:ce:08:
a4:4b:5a:d1:43:c3:8f:ec:1d:97:1f:e2:61:c3:3b:9a:86:7a:
ec:af:40:96:30:a9:03:81:f2:ab:0e:9d:3d:a1:7d:3f:25:4c:
ea:9e:e5:55:ba:5d:8a:9e:7f:09:70:b4:72:ce:4f:ef:b7:a3:
d0:e3:49:f1:1d:eb:76:15:1b:35:b3:c5:27:f5:23:7c:5f:08:
c8:49:e8:a9:51:6c:75:75:2c:fa:2f:d0:7c:2e:f3:d6:67:33:
08:f5:f9:66:7c:b9:b3:66:63:e1:2c:43:31:04:e1:d3:bf:e8:
30:d8:70:8f:97:1a:7a:69:6b:fb:e7:73:1d:7f:cb:b7:5b:d7:
8f:f2:b3:3e:1b:7b:d4:40:a3:26:f8:05:4a:23:97:98:52:a9:
e5:95:5e:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvlKmHDuTuXNO4sXWOUUbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMDNiZmYzZTczNTIzNzMyMzg5NjQ2NDdkZmQ4OTNiMjZh
M2IzNDkwHhcNMjMwMTAxMjMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWY2OGFhYWY0Mzg0ODJkMzg2N2MxMzJiODViZThlZjBkM2UyMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSrFcGO0JL1u+4v0cK6ZF1zKCySt
tcsYk7xsuXBxlgGpUt5r6/l2JmkXtn66GF3OATpPKHATueSrqK9CIIrmIxx/KAF4
ePaZ3JDMv7lsqZ7ZNkf4qjDwU5znFP3TMGhHxHdOZsr3ZKXBiYiZ037kqvLAzqVT
nQOLY4bnlaOj6aEKB4gRziKFok5gYUPm28t+JPcHkrsPC+tRu8KpzC1gk/SNp8gm
fjBOQhccRjTYi72xG9oPggZiFSXdwsV36K2BUXYE333gMLEAREC5rLp0nhoosw+x
6MBuKUVeVFK5bG4DRzrxFXuCYvWRnIWkPiFvtl6F7X6KdRt2Np1LRQzHhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP72iqr0OEgtOGfBMrhb6O8NPiLlMB8GA1UdIwQY
MBaAFC4Dv/PnNSNzI4lkZH39iTsmo7NJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdPXzgtYzFJM01qaVdSa2ZmMkpPeWFqczBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYWM3OTUtMmU5My00MDU2LTkzZDkt
Njg0ZTg1NWQ3ZGRjLzEvX3ZhS3F2UTRTQzA0WjhFeXVGdm83dzAtSXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYWM3OTUtMmU5My00MDU2LTkzZDktNjg0ZTg1NWQ3ZGRj
LzEvTGdPXzgtYzFJM01qaVdSa2ZmMkpPeWFqczBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZToMA0E
AgACMAcDBQMqB2LAMA0GCSqGSIb3DQEBCwUAA4IBAQC3POkN7LfxzmAqSbeuw/rm
QPq2ik7IXQSo6yetv25DQDf/nLmMDS+cqKhiwg6wWv8ap+wnJ1sgVjg0nkoYg6VS
l4TakEpdhvOI6by4PuJ5INNL+fk/ot3Wk51Kwh0rxmRZ8PShxhwy3j/1zgikS1rR
Q8OP7B2XH+Jhwzuahnrsr0CWMKkDgfKrDp09oX0/JUzqnuVVul2Knn8JcLRyzk/v
t6PQ40nxHet2FRs1s8Un9SN8XwjISeipUWx1dSz6L9B8LvPWZzMI9flmfLmzZmPh
LEMxBOHTv+gw2HCPlxp6aWv753Mdf8u3W9eP8rM+G3vUQKMm+AVKI5eYUqnllV5c
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:42 2024 by rpki-client on console-fra.rpki-client.org