Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/1-Ya5Mb2OCjg1XwG54MbSVYCqApQ.roa
File: 1-Ya5Mb2OCjg1XwG54MbSVYCqApQ.roa (raw, json)
Hash identifier: Qa9icc1ReMrFIP4X7RJkUBLJ/cMawDoweaiZes/BcGY=
Subject key identifier: F9:86:B9:31:BD:8E:0A:38:35:5F:01:B9:E0:C6:D2:55:80:AA:02:94
Certificate issuer: /CN=a64cdfa0160239170337ba60934ba06e45b8cd11
Certificate serial: 018570706602D3640B31E95003C16A891BB9
Authority key identifier: A6:4C:DF:A0:16:02:39:17:03:37:BA:60:93:4B:A0:6E:45:B8:CD:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkzfoBYCORcDN7pgk0ugbkW4zRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/1-Ya5Mb2OCjg1XwG54MbSVYCqApQ.roa
Signing time: Mon 02 Jan 2023 03:04:52 +0000
ROA not before: Mon 02 Jan 2023 03:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205760
IP address blocks: 185.196.76.0/22 maxlen: 22
185.196.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:66:02:d3:64:0b:31:e9:50:03:c1:6a:89:1b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a64cdfa0160239170337ba60934ba06e45b8cd11
Validity
Not Before: Jan 2 03:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f986b931bd8e0a38355f01b9e0c6d25580aa0294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8a:14:0b:31:01:aa:e5:3a:30:48:69:aa:01:
04:a8:2a:1b:11:c8:a3:c8:19:9d:45:47:57:5b:1f:
e8:a0:4b:d3:05:f9:a9:64:9e:25:60:95:0e:a6:8f:
24:cc:4d:17:e8:aa:f6:4d:df:0c:b2:26:af:86:89:
63:e6:17:e8:38:8e:97:e6:10:0c:4b:92:84:aa:07:
15:84:e3:8f:bb:57:5f:20:2f:ca:b6:4f:4d:a7:3a:
31:5f:51:c2:b7:08:2b:3e:bb:cc:cb:5b:13:1f:2b:
9e:01:92:80:71:1f:3a:81:f1:09:1e:64:20:c0:91:
dc:96:d3:30:6c:3c:f1:d3:70:21:ee:9a:99:3d:02:
57:e8:09:45:0c:11:6a:08:f5:79:9d:42:a4:75:a4:
3f:21:f8:64:53:80:f7:4f:e0:b8:1a:a8:b3:29:20:
92:7d:68:73:97:be:f9:1c:74:5e:12:3b:7e:74:71:
56:c5:cc:0a:db:45:11:01:5d:a3:a7:8a:d6:6f:0c:
7d:68:ac:1e:0a:a2:6e:c0:e6:36:03:da:11:43:71:
43:c5:ea:0a:0f:89:9f:bd:c9:69:56:ff:64:8e:40:
5d:a0:92:6e:44:89:3e:00:39:7c:77:b3:24:e2:1a:
95:4d:0a:bd:0d:86:69:45:1a:3d:d0:73:29:e2:c3:
74:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:86:B9:31:BD:8E:0A:38:35:5F:01:B9:E0:C6:D2:55:80:AA:02:94
X509v3 Authority Key Identifier:
keyid:A6:4C:DF:A0:16:02:39:17:03:37:BA:60:93:4B:A0:6E:45:B8:CD:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkzfoBYCORcDN7pgk0ugbkW4zRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/1-Ya5Mb2OCjg1XwG54MbSVYCqApQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/pkzfoBYCORcDN7pgk0ugbkW4zRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.76.0/22
Signature Algorithm: sha256WithRSAEncryption
35:8e:31:1e:49:21:cb:de:b9:89:fb:95:8c:7e:2a:49:3b:4b:
7c:7d:7e:03:d7:92:c9:b2:be:a1:47:79:20:b3:ca:72:8c:53:
17:2b:4a:b4:25:1c:6e:66:8d:eb:f8:bc:73:75:76:8a:7a:ce:
2f:70:81:48:77:fd:df:2b:e5:2e:78:39:fa:d4:2b:54:aa:a1:
40:1b:c0:3e:43:2d:50:3a:a1:8a:f7:61:c4:44:40:c9:42:55:
2f:5f:d7:4a:4a:5c:96:0a:93:c1:c7:21:0a:a0:9e:7d:b9:c4:
ab:5f:f1:92:04:41:be:56:df:3e:73:66:56:82:04:98:d4:dd:
d9:cb:af:03:04:33:31:0a:91:ed:16:db:fe:db:c6:09:73:b4:
d2:42:25:df:25:aa:ff:fa:5f:0e:f8:fb:59:5e:08:08:9d:08:
89:8a:ca:9a:5c:bc:96:86:e1:80:47:ab:e1:0a:2c:a3:ec:ba:
2e:b4:68:bf:bf:8f:7e:e9:61:1a:81:f0:bf:00:56:8f:7d:50:
4c:1f:f4:30:2d:b1:33:0a:5f:aa:f6:c9:dd:b6:91:22:0e:cb:
98:da:bb:15:00:27:75:40:4a:b4:f7:86:de:ad:24:c3:4a:2b:
c4:b5:0a:fc:c8:d0:c6:ff:2d:1e:77:6f:59:c8:da:e4:79:97:
ed:c4:43:14
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwcGYC02QLMelQA8FqiRu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NGNkZmEwMTYwMjM5MTcwMzM3YmE2MDkzNGJhMDZlNDVi
OGNkMTEwHhcNMjMwMTAyMDMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg2YjkzMWJkOGUwYTM4MzU1ZjAxYjllMGM2ZDI1NTgwYWEwMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4oUCzEBquU6MEhpqgEEqCobEcij
yBmdRUdXWx/ooEvTBfmpZJ4lYJUOpo8kzE0X6Kr2Td8Msiavholj5hfoOI6X5hAM
S5KEqgcVhOOPu1dfIC/Ktk9NpzoxX1HCtwgrPrvMy1sTHyueAZKAcR86gfEJHmQg
wJHcltMwbDzx03Ah7pqZPQJX6AlFDBFqCPV5nUKkdaQ/IfhkU4D3T+C4GqizKSCS
fWhzl775HHReEjt+dHFWxcwK20URAV2jp4rWbwx9aKweCqJuwOY2A9oRQ3FDxeoK
D4mfvclpVv9kjkBdoJJuRIk+ADl8d7Mk4hqVTQq9DYZpRRo90HMp4sN0HQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmGuTG9jgo4NV8BueDG0lWAqgKUMB8GA1UdIwQY
MBaAFKZM36AWAjkXAze6YJNLoG5FuM0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGt6Zm9CWUNPUmNETjdwZ2swdWdia1c0elJFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC83NTQzOWQtZmIwNi00YjYzLTg0YTMt
OGJkM2M2YzcwNGRjLzEvMS1ZYTVNYjJPQ2pnMVh3RzU0TWJTVllDcUFwUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODQvNzU0MzlkLWZiMDYtNGI2My04NGEzLThiZDNjNmM3MDRk
Yy8xL3BremZvQllDT1JjRE43cGdrMHVnYmtXNHpSRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnETDAN
BgkqhkiG9w0BAQsFAAOCAQEANY4xHkkhy965ifuVjH4qSTtLfH1+A9eSybK+oUd5
ILPKcoxTFytKtCUcbmaN6/i8c3V2inrOL3CBSHf93yvlLng5+tQrVKqhQBvAPkMt
UDqhivdhxERAyUJVL1/XSkpclgqTwcchCqCefbnEq1/xkgRBvlbfPnNmVoIEmNTd
2cuvAwQzMQqR7Rbb/tvGCXO00kIl3yWq//pfDvj7WV4ICJ0IiYrKmly8lobhgEer
4Qoso+y6LrRov7+PfulhGoHwvwBWj31QTB/0MC2xMwpfqvbJ3baRIg7LmNq7FQAn
dUBKtPeG3q0kw0orxLUK/MjQxv8tHndvWcja5HmX7cRDFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:12 2024 by rpki-client on console-ams.rpki-client.org