Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/eg14_pIT1LSaUAZLgtNmTMFiiyI.roa
File: eg14_pIT1LSaUAZLgtNmTMFiiyI.roa (raw, json)
Hash identifier: 4E+9vcYgjU/Dj+/yHDifct3aFDI5CjZ05tCxgDQ1Hqg=
Subject key identifier: 7A:0D:78:FE:92:13:D4:B4:9A:50:06:4B:82:D3:66:4C:C1:62:8B:22
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 018C675B9C9E84CC6A6D5DE3ADDBE9DA681B
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/eg14_pIT1LSaUAZLgtNmTMFiiyI.roa
Signing time: Thu 14 Dec 2023 08:05:06 +0000
ROA not before: Thu 14 Dec 2023 08:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42615
IP address blocks: 185.186.8.0/24 maxlen: 24
185.186.11.0/24 maxlen: 24
2a0b:6b81:3::/48 maxlen: 48
2a0b:6b87::/32 maxlen: 32
2a0b:6b81:4::/48 maxlen: 48
2a0b:6b82::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:5b:9c:9e:84:cc:6a:6d:5d:e3:ad:db:e9:da:68:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Dec 14 08:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a0d78fe9213d4b49a50064b82d3664cc1628b22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:59:56:1b:95:2b:6b:a3:f0:bf:51:46:c8:a0:
b2:eb:ec:d3:53:a8:be:32:59:5c:77:1c:9e:87:7c:
cc:d0:56:17:64:44:1b:81:d5:f5:a4:ac:af:a4:47:
45:5a:ce:19:b9:62:b0:e5:71:04:dc:03:a4:67:71:
b7:3f:36:23:c9:9b:2e:b8:a0:8f:93:b9:7a:6d:c3:
19:d7:15:f1:21:28:2e:b2:b6:41:1a:4e:a7:2f:61:
5d:85:15:aa:f2:00:c3:62:65:bd:dd:6e:c0:f8:78:
a6:ee:b7:c2:cf:1d:57:98:65:8a:c6:d1:8a:af:54:
e3:f4:59:ff:3b:a1:86:39:33:75:1e:d9:c9:74:10:
62:a5:85:1e:57:f7:a4:22:ad:e7:10:10:11:15:3e:
f4:25:d7:1d:43:b2:e5:70:05:96:0f:9c:63:c3:4f:
e9:68:46:23:4a:3a:2a:c7:0f:33:fd:d5:48:44:8e:
bb:b7:25:ee:07:e4:33:55:52:6b:e7:a0:4b:e1:5a:
97:77:f9:4c:45:41:2a:4c:cf:e3:6d:3c:94:f3:de:
a3:bb:a5:9a:84:b2:5a:36:db:ee:81:11:9d:44:61:
19:4d:56:b4:3b:5f:6d:73:ea:13:fd:49:89:c3:e5:
5f:52:9d:7a:68:39:59:ec:58:1b:32:43:2e:ed:ee:
08:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0D:78:FE:92:13:D4:B4:9A:50:06:4B:82:D3:66:4C:C1:62:8B:22
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/eg14_pIT1LSaUAZLgtNmTMFiiyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/24
185.186.11.0/24
IPv6:
2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
2a0b:6b82::/32
2a0b:6b87::/32
Signature Algorithm: sha256WithRSAEncryption
66:a0:64:73:40:11:16:b9:77:29:2e:5c:ad:ea:e7:5b:fb:d6:
d5:72:a1:93:3b:b0:8e:c8:99:97:59:e4:e8:ce:7f:5e:f8:41:
00:33:d5:4b:69:ea:7b:09:87:be:53:88:b9:13:23:09:a9:5f:
f4:2a:97:50:5a:77:a0:b5:7f:9d:42:05:29:0e:92:0c:ad:44:
04:de:12:2e:eb:98:ff:c5:c2:cf:40:61:3d:0b:02:9d:66:40:
c1:c1:fd:b1:1c:04:09:79:24:bb:19:ec:48:60:72:de:43:13:
6a:51:19:8a:11:47:13:4e:87:0d:bd:c8:56:f9:da:09:03:73:
c1:e3:19:1e:82:eb:6d:88:a0:70:ca:54:e7:bf:e9:5b:ed:8e:
26:0f:c4:69:83:fb:19:19:3a:a3:5e:4c:2a:e0:26:10:ac:df:
37:d3:5c:dd:3a:2d:e0:62:8a:02:5e:b5:87:60:2b:40:69:70:
1c:1d:64:cd:49:92:b8:09:be:98:3e:7d:3d:b3:db:ce:98:6e:
1f:53:06:1a:e3:11:cb:76:47:bb:f8:27:2f:ae:d3:b7:23:86:
36:ee:76:99:d6:29:73:3c:9f:b7:44:f3:56:e3:cb:92:5f:91:
5a:ee:14:87:72:83:77:6d:e8:5e:a9:d9:84:07:ad:ef:f2:b9:
67:b2:6e:cd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYxnW5yehMxqbV3jrdvp2mgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMxMjE0MDgwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBkNzhmZTkyMTNkNGI0OWE1MDA2NGI4MmQzNjY0Y2MxNjI4YjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11lWG5Ura6Pwv1FGyKCy6+zTU6i+
Mllcdxyeh3zM0FYXZEQbgdX1pKyvpEdFWs4ZuWKw5XEE3AOkZ3G3PzYjyZsuuKCP
k7l6bcMZ1xXxISgusrZBGk6nL2FdhRWq8gDDYmW93W7A+Him7rfCzx1XmGWKxtGK
r1Tj9Fn/O6GGOTN1HtnJdBBipYUeV/ekIq3nEBARFT70JdcdQ7LlcAWWD5xjw0/p
aEYjSjoqxw8z/dVIRI67tyXuB+QzVVJr56BL4VqXd/lMRUEqTM/jbTyU896ju6Wa
hLJaNtvugRGdRGEZTVa0O19tc+oT/UmJw+VfUp16aDlZ7FgbMkMu7e4IEwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHoNeP6SE9S0mlAGS4LTZkzBYosiMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvZWcxNF9wSVQxTFNhVUFaTGd0Tm1UTUZpaXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjASBAIAATAMAwQAuboIAwQA
uboLMCgEAgACMCIwEgMHACoLa4EAAwMHACoLa4EABAMFACoLa4IDBQAqC2uHMA0G
CSqGSIb3DQEBCwUAA4IBAQBmoGRzQBEWuXcpLlyt6udb+9bVcqGTO7COyJmXWeTo
zn9e+EEAM9VLaep7CYe+U4i5EyMJqV/0KpdQWnegtX+dQgUpDpIMrUQE3hIu65j/
xcLPQGE9CwKdZkDBwf2xHAQJeSS7GexIYHLeQxNqURmKEUcTTocNvchW+doJA3PB
4xkeguttiKBwylTnv+lb7Y4mD8Rpg/sZGTqjXkwq4CYQrN8301zdOi3gYooCXrWH
YCtAaXAcHWTNSZK4Cb6YPn09s9vOmG4fUwYa4xHLdke7+CcvrtO3I4Y27naZ1ilz
PJ+3RPNW48uSX5Fa7hSHcoN3beheqdmEB63v8rlnsm7N
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:02 2024 by rpki-client on console-ams.rpki-client.org