Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/eFK9R7vOQY5YdsCUVe5IishLs0c.roa
File: eFK9R7vOQY5YdsCUVe5IishLs0c.roa (raw, json)
Hash identifier: J6Ctz4JgGFWtvCfk+dHSL/4+d/rzrohfyNVRnANNQy0=
Subject key identifier: 78:52:BD:47:BB:CE:41:8E:58:76:C0:94:55:EE:48:8A:C8:4B:B3:47
Certificate issuer: /CN=fd3af2b06f4a5016e0e5abed183f465db15f41d5
Certificate serial: 01856EA68430576B3968A32814CE4F03EEFF
Authority key identifier: FD:3A:F2:B0:6F:4A:50:16:E0:E5:AB:ED:18:3F:46:5D:B1:5F:41:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TrysG9KUBbg5avtGD9GXbFfQdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/eFK9R7vOQY5YdsCUVe5IishLs0c.roa
Signing time: Sun 01 Jan 2023 18:44:44 +0000
ROA not before: Sun 01 Jan 2023 18:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24971
IP address blocks: 185.145.160.0/22 maxlen: 22
2a07:4880::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:84:30:57:6b:39:68:a3:28:14:ce:4f:03:ee:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd3af2b06f4a5016e0e5abed183f465db15f41d5
Validity
Not Before: Jan 1 18:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7852bd47bbce418e5876c09455ee488ac84bb347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ab:1a:39:61:7b:9a:b3:72:66:99:65:ab:14:
87:c3:e6:0e:91:b7:1e:9c:6c:1b:0b:12:3c:ca:12:
16:22:33:5e:22:2b:ee:86:e8:fd:af:09:77:9f:4e:
fd:b2:49:ae:99:fc:b4:60:05:fe:87:61:a6:db:66:
ad:6d:86:dc:db:24:e7:68:48:4d:fc:15:d1:d0:89:
89:b6:76:f1:88:b9:96:b3:b4:f0:9b:b2:31:3e:2d:
c0:44:c3:f6:24:81:79:89:20:82:1e:70:a3:01:02:
f0:74:68:62:63:4b:83:b1:de:89:14:99:4f:e5:4b:
d1:fc:e9:fe:01:46:34:b8:9b:09:a8:8f:0f:fa:51:
e2:9e:a3:cb:4e:44:0d:ef:b3:dd:2a:de:fe:e8:91:
d8:e2:cf:d2:33:8f:0d:4b:15:a0:9b:35:77:6e:c5:
b1:78:10:cf:67:9d:41:1e:b5:25:0b:da:a9:64:3a:
91:90:f0:f0:fd:18:4f:4c:65:22:dc:c9:33:60:da:
89:eb:db:76:18:90:b8:5c:37:9e:70:a9:b6:4c:75:
16:7c:d0:84:da:7a:ce:d1:ac:84:33:6e:93:f8:77:
c6:ff:1b:af:45:11:33:31:f0:67:d9:f6:44:f7:55:
40:3e:66:29:ca:b6:be:54:68:9c:5b:58:4b:b3:bb:
40:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:52:BD:47:BB:CE:41:8E:58:76:C0:94:55:EE:48:8A:C8:4B:B3:47
X509v3 Authority Key Identifier:
keyid:FD:3A:F2:B0:6F:4A:50:16:E0:E5:AB:ED:18:3F:46:5D:B1:5F:41:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TrysG9KUBbg5avtGD9GXbFfQdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/eFK9R7vOQY5YdsCUVe5IishLs0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/_TrysG9KUBbg5avtGD9GXbFfQdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.160.0/22
IPv6:
2a07:4880::/29
Signature Algorithm: sha256WithRSAEncryption
62:54:13:80:35:9b:3a:7c:7e:ee:1c:49:f8:9e:0b:3d:d0:81:
ac:82:14:5d:14:58:e0:fd:1a:99:db:05:52:25:1c:6f:37:fb:
86:5f:e4:cf:af:0a:7c:20:97:4e:b2:87:1f:91:76:a1:99:fc:
99:bd:54:40:37:03:a9:30:b4:55:3e:20:3e:e8:ee:1d:69:fd:
b6:e9:fc:7c:f1:51:c7:2b:16:d0:8d:74:d9:95:55:3f:05:a5:
25:dc:ea:e2:e2:65:87:74:e7:65:55:e8:c9:71:52:73:d7:6c:
7d:5b:ce:33:68:f3:b5:5a:74:e7:e6:6f:2a:ac:4b:55:f2:bb:
6b:35:b9:88:b5:58:69:aa:27:77:de:c0:7b:7e:ee:ae:a7:40:
b7:18:83:03:95:4d:bd:49:fa:09:6c:de:c6:ac:67:93:70:7a:
67:12:1e:15:98:65:be:3e:79:35:a4:c0:68:87:76:3f:00:70:
b4:07:7c:e0:6a:ca:9a:c1:be:3f:ee:82:9d:f1:a4:63:b8:3a:
ec:8a:d3:cf:f9:18:d4:8e:9a:21:79:f1:e0:e8:96:93:8c:00:
20:e9:d5:6b:72:68:1f:30:f8:bf:b8:75:17:ad:5f:c9:23:93:
59:51:4e:ee:2b:80:18:d8:ea:f2:77:b0:72:7b:33:e6:f3:7b:
1e:a1:df:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVupoQwV2s5aKMoFM5PA+7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkM2FmMmIwNmY0YTUwMTZlMGU1YWJlZDE4M2Y0NjVkYjE1
ZjQxZDUwHhcNMjMwMTAxMTg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODUyYmQ0N2JiY2U0MThlNTg3NmMwOTQ1NWVlNDg4YWM4NGJiMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqsaOWF7mrNyZpllqxSHw+YOkbce
nGwbCxI8yhIWIjNeIivuhuj9rwl3n079skmumfy0YAX+h2Gm22atbYbc2yTnaEhN
/BXR0ImJtnbxiLmWs7Twm7IxPi3ARMP2JIF5iSCCHnCjAQLwdGhiY0uDsd6JFJlP
5UvR/On+AUY0uJsJqI8P+lHinqPLTkQN77PdKt7+6JHY4s/SM48NSxWgmzV3bsWx
eBDPZ51BHrUlC9qpZDqRkPDw/RhPTGUi3MkzYNqJ69t2GJC4XDeecKm2THUWfNCE
2nrO0ayEM26T+HfG/xuvRREzMfBn2fZE91VAPmYpyra+VGicW1hLs7tAzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHhSvUe7zkGOWHbAlFXuSIrIS7NHMB8GA1UdIwQY
MBaAFP068rBvSlAW4OWr7Rg/Rl2xX0HVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RyeXNHOUtVQmJnNWF2dEdEOUdYYkZmUWRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85MjI2MmUtMjI3Ni00YTg4LWE3MzMt
MDQ5YmQ3YjFlMTE5LzEvZUZLOVI3dk9RWTVZZHNDVVZlNUlpc2hMczBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85MjI2MmUtMjI3Ni00YTg4LWE3MzMtMDQ5YmQ3YjFlMTE5
LzEvX1RyeXNHOUtVQmJnNWF2dEdEOUdYYkZmUWRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZGgMA0E
AgACMAcDBQMqB0iAMA0GCSqGSIb3DQEBCwUAA4IBAQBiVBOANZs6fH7uHEn4ngs9
0IGsghRdFFjg/RqZ2wVSJRxvN/uGX+TPrwp8IJdOsocfkXahmfyZvVRANwOpMLRV
PiA+6O4daf226fx88VHHKxbQjXTZlVU/BaUl3Ori4mWHdOdlVejJcVJz12x9W84z
aPO1WnTn5m8qrEtV8rtrNbmItVhpqid33sB7fu6up0C3GIMDlU29SfoJbN7GrGeT
cHpnEh4VmGW+Pnk1pMBoh3Y/AHC0B3zgasqawb4/7oKd8aRjuDrsitPP+RjUjpoh
efHg6JaTjAAg6dVrcmgfMPi/uHUXrV/JI5NZUU7uK4AY2Oryd7ByezPm83seod9G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:31 2024 by rpki-client on console-fra.rpki-client.org