Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/Em19dVzOpZ6owIMjOOc221djKjg.roa
File: Em19dVzOpZ6owIMjOOc221djKjg.roa (raw, json)
Hash identifier: NzA7pCTFdnleaCJ2q4tgfzM9WDGMhrD+xitGg6gQhQk=
Subject key identifier: 12:6D:7D:75:5C:CE:A5:9E:A8:C0:83:23:38:E7:36:DB:57:63:2A:38
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 0187A36C6195B498B44FFAD924A5D9C56963
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/Em19dVzOpZ6owIMjOOc221djKjg.roa
Signing time: Fri 21 Apr 2023 10:46:41 +0000
ROA not before: Fri 21 Apr 2023 10:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.28.0/22 maxlen: 24
185.81.28.0/23 maxlen: 24
185.81.30.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 08:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:6c:61:95:b4:98:b4:4f:fa:d9:24:a5:d9:c5:69:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Apr 21 10:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=126d7d755ccea59ea8c0832338e736db57632a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8e:a3:76:7e:72:00:f7:ff:03:13:75:fb:c0:
cf:e3:7a:9d:ea:d3:c0:15:be:97:c4:ad:27:6c:22:
8a:6f:17:ef:41:95:5f:77:36:cd:34:9a:fd:de:60:
3c:e6:5a:00:c8:f1:0e:90:55:6d:5e:8e:8e:87:bb:
2a:36:6c:e1:65:ee:ed:af:28:e9:fe:df:7f:e5:e1:
fa:27:f6:f1:06:bd:66:b5:52:6f:81:0e:33:a3:ff:
15:56:a9:ba:1b:f4:5f:bb:8e:9e:13:e6:87:a9:64:
8d:7f:44:5f:ad:9c:ec:09:f5:b0:89:f3:08:8b:c7:
34:2e:11:59:e0:5e:a8:2f:54:3d:b3:fa:44:8a:6b:
dc:c3:7f:f5:bb:0d:0f:f4:9f:22:cd:d8:3d:90:15:
9f:ec:06:cd:ee:f2:fe:d6:47:cf:68:41:ef:d6:df:
f9:e1:3d:1a:30:83:bf:25:9f:6a:f1:db:1a:9d:9a:
43:6e:d6:15:19:e2:c9:0d:1e:3c:2b:0c:da:01:bd:
20:aa:af:bd:98:7f:8b:13:6a:b7:8a:bb:dd:7f:44:
d8:c8:84:35:e9:9f:84:a6:0a:79:ae:8a:a6:28:3e:
2c:0c:f3:b9:d5:37:b0:e2:82:aa:8f:6e:d3:fe:72:
b5:d3:29:67:6a:1c:80:0a:0a:d1:e3:4c:66:2a:ab:
75:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:6D:7D:75:5C:CE:A5:9E:A8:C0:83:23:38:E7:36:DB:57:63:2A:38
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/Em19dVzOpZ6owIMjOOc221djKjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:90:55:5c:01:ba:d2:32:71:16:de:d4:f3:77:10:42:ee:df:
a8:30:91:f2:9d:e3:d8:57:68:6b:f7:a8:76:60:e0:ba:9e:68:
2c:c3:55:b3:bf:73:62:ce:18:59:b2:80:f2:20:5f:4d:01:c1:
85:0a:7b:80:06:e0:4d:e6:80:66:74:49:17:6e:3e:12:3c:e5:
f8:cc:3c:a7:2b:96:be:0f:20:a6:9e:85:5a:a9:de:db:4f:1f:
57:b6:cb:ea:1d:90:a8:d7:68:77:f5:eb:10:89:0b:d1:d4:9a:
bf:d8:ad:55:10:8f:0e:ef:05:d4:70:f7:d4:e7:01:e7:0b:37:
e9:89:0c:f2:eb:5e:01:0b:53:de:1d:75:68:95:9a:aa:9f:19:
ab:0a:12:02:1c:3f:0d:3f:1a:87:ff:ac:95:f2:29:ad:e5:1f:
90:f1:c6:40:00:2e:ee:36:e8:eb:93:16:46:d8:82:56:ca:e3:
93:5d:0b:de:52:42:5d:ad:7a:dc:01:2d:9e:5b:a2:82:d9:1b:
a4:cc:e9:25:ef:91:45:5e:9a:17:80:e5:d2:68:29:b3:fe:9f:
ae:ec:0f:ce:62:c5:af:34:d7:19:f1:63:8b:94:0c:ba:a4:fe:
50:33:98:2b:fe:24:fa:22:4d:cb:60:0d:ae:2a:47:48:71:d3:
65:63:12:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYejbGGVtJi0T/rZJKXZxWljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwNDIxMTA0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjZkN2Q3NTVjY2VhNTllYThjMDgzMjMzOGU3MzZkYjU3NjMyYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv46jdn5yAPf/AxN1+8DP43qd6tPA
Fb6XxK0nbCKKbxfvQZVfdzbNNJr93mA85loAyPEOkFVtXo6Oh7sqNmzhZe7tryjp
/t9/5eH6J/bxBr1mtVJvgQ4zo/8VVqm6G/Rfu46eE+aHqWSNf0RfrZzsCfWwifMI
i8c0LhFZ4F6oL1Q9s/pEimvcw3/1uw0P9J8izdg9kBWf7AbN7vL+1kfPaEHv1t/5
4T0aMIO/JZ9q8dsanZpDbtYVGeLJDR48KwzaAb0gqq+9mH+LE2q3irvdf0TYyIQ1
6Z+Epgp5roqmKD4sDPO51Tew4oKqj27T/nK10ylnahyACgrR40xmKqt1lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBJtfXVczqWeqMCDIzjnNttXYyo4MB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvRW0xOWRWek9wWjZvd0lNak9PYzIyMWRqS2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVEcMA0G
CSqGSIb3DQEBCwUAA4IBAQChkFVcAbrSMnEW3tTzdxBC7t+oMJHynePYV2hr96h2
YOC6nmgsw1Wzv3NizhhZsoDyIF9NAcGFCnuABuBN5oBmdEkXbj4SPOX4zDynK5a+
DyCmnoVaqd7bTx9XtsvqHZCo12h39esQiQvR1Jq/2K1VEI8O7wXUcPfU5wHnCzfp
iQzy614BC1PeHXVolZqqnxmrChICHD8NPxqH/6yV8imt5R+Q8cZAAC7uNujrkxZG
2IJWyuOTXQveUkJdrXrcAS2eW6KC2RukzOkl75FFXpoXgOXSaCmz/p+u7A/OYsWv
NNcZ8WOLlAy6pP5QM5gr/iT6Ik3LYA2uKkdIcdNlYxIQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org