Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/o48qnrvP4BS1v5AzDpx4O6XeNnI.roa
File: o48qnrvP4BS1v5AzDpx4O6XeNnI.roa (raw, json)
Hash identifier: 2ji6WO1fqjaIjbq0ooMHMk8sB1NIMy9mfSbyovhBSH0=
Subject key identifier: A3:8F:2A:9E:BB:CF:E0:14:B5:BF:90:33:0E:9C:78:3B:A5:DE:36:72
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 018571C30C64C93742DFCE819BE087BDAAFE
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/o48qnrvP4BS1v5AzDpx4O6XeNnI.roa
Signing time: Mon 02 Jan 2023 09:14:46 +0000
ROA not before: Mon 02 Jan 2023 09:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202562
IP address blocks: 185.186.10.0/24 maxlen: 24
2a0b:6b86:300::/40 maxlen: 48
2a0b:6b83::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:0c:64:c9:37:42:df:ce:81:9b:e0:87:bd:aa:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 2 09:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a38f2a9ebbcfe014b5bf90330e9c783ba5de3672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:df:b8:56:a3:cd:73:1d:c6:6d:b0:eb:8e:e6:
a4:73:ab:9f:40:fe:ee:52:14:31:34:3f:79:39:f0:
49:e9:0f:10:57:c0:2b:3b:49:46:6c:83:10:f2:4f:
8a:5e:0d:91:8c:3b:bd:ef:57:d5:32:8c:cb:3c:ce:
99:1f:3b:ae:3a:f1:03:40:21:a8:f7:d1:77:71:1c:
82:03:62:e2:83:e0:31:6d:b9:91:5e:7a:95:d4:cd:
8a:c9:2b:9e:c5:c2:be:a6:0b:c2:b8:48:d4:a2:53:
0f:c2:8c:c5:9c:c0:70:f4:16:2f:38:3c:21:9c:2d:
0e:aa:23:84:69:3e:42:05:c3:8f:89:18:3d:ea:9d:
37:8e:5e:aa:62:49:01:cc:ea:44:bb:bc:31:34:ff:
14:21:38:60:1b:bd:9d:55:70:31:fd:28:97:87:78:
94:7b:58:fd:c9:3e:23:00:2c:36:b8:50:bd:5d:05:
5b:6d:98:f4:2d:da:ca:19:80:60:29:99:12:9e:4c:
18:4c:9f:25:84:2a:18:e4:ab:cf:b6:fa:dc:8e:77:
61:91:b0:bf:92:4c:ae:94:bd:c8:b8:aa:27:79:d4:
ed:cc:5c:22:08:a8:2c:e6:c4:ea:a3:b1:49:11:b9:
89:e6:d3:ee:12:2c:2d:e0:d9:ed:7a:ce:cc:d4:6d:
01:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8F:2A:9E:BB:CF:E0:14:B5:BF:90:33:0E:9C:78:3B:A5:DE:36:72
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/o48qnrvP4BS1v5AzDpx4O6XeNnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.10.0/24
IPv6:
2a0b:6b83::/32
2a0b:6b86:300::/40
Signature Algorithm: sha256WithRSAEncryption
64:c1:40:12:29:03:bf:eb:09:f5:fb:43:63:52:0d:76:0d:82:
90:0b:42:b2:d6:32:c1:60:f4:5e:93:de:77:2c:16:d4:1b:21:
d2:0e:04:07:2b:a4:a7:07:a7:fb:c8:e1:1f:05:ee:96:97:d8:
37:59:77:20:e1:4c:8c:50:16:1a:8d:88:fa:75:1a:ca:95:98:
a9:53:05:40:a6:4e:bd:69:16:4e:cb:9c:86:58:e3:54:34:96:
43:0c:e5:b8:82:e9:fc:32:92:8a:16:4f:3c:51:d5:09:ed:e3:
7e:ac:60:31:79:6b:92:de:6c:7c:23:68:e4:17:92:78:9a:19:
43:27:5d:f3:9b:ca:af:59:4c:50:50:42:af:99:18:4e:6f:1e:
5a:40:2c:99:33:0c:83:93:2b:88:a5:21:bf:a8:f7:7e:3a:70:
22:92:ea:ed:06:46:bc:b0:4b:0e:c6:9d:65:10:61:43:df:96:
d8:b5:34:50:a9:04:d7:1b:f4:9b:c7:7b:cb:fe:74:fc:78:35:
83:8b:4c:4c:a9:4c:d4:7b:a2:00:c5:7a:86:76:ea:e2:8c:51:
5b:f1:a7:46:86:10:d5:16:0d:0e:5f:77:22:f7:77:13:39:17:
71:fe:22:47:7d:7e:74:8c:67:42:ac:79:38:6c:99:50:55:da:
c1:0b:e9:3c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxwwxkyTdC386Bm+CHvar+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhmMmE5ZWJiY2ZlMDE0YjViZjkwMzMwZTljNzgzYmE1ZGUzNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9+4VqPNcx3GbbDrjuakc6ufQP7u
UhQxND95OfBJ6Q8QV8ArO0lGbIMQ8k+KXg2RjDu971fVMozLPM6ZHzuuOvEDQCGo
99F3cRyCA2Lig+AxbbmRXnqV1M2KySuexcK+pgvCuEjUolMPwozFnMBw9BYvODwh
nC0OqiOEaT5CBcOPiRg96p03jl6qYkkBzOpEu7wxNP8UIThgG72dVXAx/SiXh3iU
e1j9yT4jACw2uFC9XQVbbZj0LdrKGYBgKZkSnkwYTJ8lhCoY5KvPtvrcjndhkbC/
kkyulL3IuKonedTtzFwiCKgs5sTqo7FJEbmJ5tPuEiwt4Nntes7M1G0BMQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKOPKp67z+AUtb+QMw6ceDul3jZyMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvbzQ4cW5ydlA0QlMxdjVBekRweDRPNlhlTm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAuboKMBUE
AgACMA8DBQAqC2uDAwYAKgtrhgMwDQYJKoZIhvcNAQELBQADggEBAGTBQBIpA7/r
CfX7Q2NSDXYNgpALQrLWMsFg9F6T3ncsFtQbIdIOBAcrpKcHp/vI4R8F7paX2DdZ
dyDhTIxQFhqNiPp1GsqVmKlTBUCmTr1pFk7LnIZY41Q0lkMM5biC6fwykooWTzxR
1Qnt436sYDF5a5LebHwjaOQXkniaGUMnXfObyq9ZTFBQQq+ZGE5vHlpALJkzDIOT
K4ilIb+o9346cCKS6u0GRrywSw7GnWUQYUPflti1NFCpBNcb9JvHe8v+dPx4NYOL
TEypTNR7ogDFeoZ26uKMUVvxp0aGENUWDQ5fdyL3dxM5F3H+Ikd9fnSMZ0KseThs
mVBV2sEL6Tw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:02 2024 by rpki-client on console-ams.rpki-client.org