Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/a4Lw1CnXR-xPt2SR1mxxfUDCmtE.roa
File: a4Lw1CnXR-xPt2SR1mxxfUDCmtE.roa (raw, json)
Hash identifier: LkX5BIC65unR4EDyij5QgQ5BTMJSH4l7LPh6ZiDzJMM=
Subject key identifier: 6B:82:F0:D4:29:D7:47:EC:4F:B7:64:91:D6:6C:71:7D:40:C2:9A:D1
Certificate issuer: /CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Certificate serial: 01856EA68707AC0C9539F8801EC504BBB261
Authority key identifier: 97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/a4Lw1CnXR-xPt2SR1mxxfUDCmtE.roa
Signing time: Sun 01 Jan 2023 18:44:45 +0000
ROA not before: Sun 01 Jan 2023 18:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25773
IP address blocks: 141.226.252.0/22 maxlen: 24
185.139.240.0/22 maxlen: 24
2a07:1980::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:87:07:ac:0c:95:39:f8:80:1e:c5:04:bb:b2:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Validity
Not Before: Jan 1 18:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b82f0d429d747ec4fb76491d66c717d40c29ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:dc:86:80:00:12:8a:aa:91:c5:7d:20:ae:
21:8b:5e:59:1c:93:f8:c5:52:55:9c:f5:93:f1:7a:
e6:40:1d:f2:e8:65:47:cc:2d:f4:ce:fd:53:67:49:
b2:e2:b7:71:8c:be:d0:61:5d:73:e0:a6:ac:2c:a8:
ae:81:9c:cb:6a:36:23:61:49:55:b7:97:ba:3f:02:
97:d7:92:40:9e:c2:7c:4b:7d:73:0a:26:33:d5:4b:
3f:f8:3c:79:91:b6:0f:00:d8:6a:ac:06:4d:d0:09:
fc:33:19:4e:4a:a6:a7:f6:ec:2b:5b:62:6e:06:91:
ce:2d:49:02:af:6c:51:4f:b2:4d:bb:08:bc:89:bc:
1b:6d:45:94:7f:1c:cf:e4:95:d8:05:ae:f6:67:77:
74:16:65:2d:c8:14:ef:a9:0e:56:5d:b5:fe:3d:fe:
a8:f7:98:df:96:c2:3f:88:dd:e1:c7:87:99:7b:0f:
08:ae:4b:12:06:e4:f1:79:21:6a:50:44:bd:87:e2:
91:6f:fe:30:2b:ec:8b:dc:91:84:a0:c0:14:72:f6:
08:ea:bd:4f:ed:77:33:8c:90:18:24:9f:60:ee:f4:
23:b3:54:e1:1b:f5:d7:02:b6:53:f6:d0:e6:73:4a:
ce:96:9c:b1:7c:34:ab:59:16:4d:d7:72:8a:01:99:
b2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:82:F0:D4:29:D7:47:EC:4F:B7:64:91:D6:6C:71:7D:40:C2:9A:D1
X509v3 Authority Key Identifier:
keyid:97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/a4Lw1CnXR-xPt2SR1mxxfUDCmtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.252.0/22
185.139.240.0/22
IPv6:
2a07:1980::/29
Signature Algorithm: sha256WithRSAEncryption
6f:e9:e7:2a:a6:ad:3a:67:eb:99:90:d1:bf:71:05:92:2a:78:
fd:b2:dd:c2:b5:ea:27:5e:c4:dd:89:88:0a:76:c0:e2:c3:38:
55:5f:f9:ce:97:d2:84:50:4d:ba:ed:bc:28:96:70:c9:a3:e0:
f7:9e:39:21:ee:d4:f0:7c:f8:4c:1a:44:1d:06:2f:32:ea:5f:
20:77:c5:88:0e:f4:51:3a:21:67:43:18:a6:6e:de:cb:0d:9a:
86:45:de:45:9d:b0:53:e2:9f:41:81:63:89:bc:3b:60:43:ab:
eb:d7:66:b3:bd:03:e0:3a:01:f8:cc:e8:48:6d:91:4b:42:0c:
02:4f:cc:d9:a9:f5:2b:84:a4:b8:1a:07:03:9d:6b:5b:2e:46:
e4:35:a8:58:2f:02:d6:cf:8c:9f:b8:ba:c4:0f:d4:00:9c:c9:
ac:b4:50:98:05:8e:75:59:ca:66:b9:eb:e9:34:81:1c:91:e7:
a5:6f:51:8f:7d:95:6b:af:fb:19:92:1e:7b:25:cc:17:fd:ec:
ab:25:b0:39:17:fe:88:d6:26:7b:22:60:ec:75:69:83:63:7a:
07:45:13:5e:6e:7d:56:e3:5a:4a:e4:1b:0e:57:f9:e7:e5:f1:
3e:84:c6:e1:a4:63:23:10:c3:bc:84:57:13:96:f2:41:b9:8c:
13:1e:64:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVupocHrAyVOfiAHsUEu7JhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmQ5Yjg2NTMxZTU0NGFmYTAzMDlkOGJlMmE3YmE2OTE2
M2Y5YWQwHhcNMjMwMTAxMTg0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjgyZjBkNDI5ZDc0N2VjNGZiNzY0OTFkNjZjNzE3ZDQwYzI5YWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4vchoAAEoqqkcV9IK4hi15ZHJP4
xVJVnPWT8XrmQB3y6GVHzC30zv1TZ0my4rdxjL7QYV1z4KasLKiugZzLajYjYUlV
t5e6PwKX15JAnsJ8S31zCiYz1Us/+Dx5kbYPANhqrAZN0An8MxlOSqan9uwrW2Ju
BpHOLUkCr2xRT7JNuwi8ibwbbUWUfxzP5JXYBa72Z3d0FmUtyBTvqQ5WXbX+Pf6o
95jflsI/iN3hx4eZew8IrksSBuTxeSFqUES9h+KRb/4wK+yL3JGEoMAUcvYI6r1P
7XczjJAYJJ9g7vQjs1ThG/XXArZT9tDmc0rOlpyxfDSrWRZN13KKAZmyHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGuC8NQp10fsT7dkkdZscX1AwprRMB8GA1UdIwQY
MBaAFJe9m4ZTHlRK+gMJ2L4qe6aRY/mtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjIt
MzQ2MGNjMjY0ODBiLzEvYTRMdzFDblhSLXhQdDJTUjFteHhmVURDbXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjItMzQ2MGNjMjY0ODBi
LzEvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCjeL8AwQC
uYvwMA0EAgACMAcDBQMqBxmAMA0GCSqGSIb3DQEBCwUAA4IBAQBv6ecqpq06Z+uZ
kNG/cQWSKnj9st3CteonXsTdiYgKdsDiwzhVX/nOl9KEUE267bwolnDJo+D3njkh
7tTwfPhMGkQdBi8y6l8gd8WIDvRROiFnQximbt7LDZqGRd5FnbBT4p9BgWOJvDtg
Q6vr12azvQPgOgH4zOhIbZFLQgwCT8zZqfUrhKS4GgcDnWtbLkbkNahYLwLWz4yf
uLrED9QAnMmstFCYBY51WcpmuevpNIEckeelb1GPfZVrr/sZkh57JcwX/eyrJbA5
F/6I1iZ7ImDsdWmDY3oHRRNebn1W41pK5BsOV/nn5fE+hMbhpGMjEMO8hFcTlvJB
uYwTHmRF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:10 2024 by rpki-client on console-fra.rpki-client.org