Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/2uvMEJADdUB6bYfsv9AVGwlgrls.roa
File: 2uvMEJADdUB6bYfsv9AVGwlgrls.roa (raw, json)
Hash identifier: IA/EHO78UX690C7ng9BCvl/QB3HI5vm4HyQGD3mxaG8=
Subject key identifier: DA:EB:CC:10:90:03:75:40:7A:6D:87:EC:BF:D0:15:1B:09:60:AE:5B
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 01879CA39E96EE129420C8FE464447EFFB65
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/2uvMEJADdUB6bYfsv9AVGwlgrls.roa
Signing time: Thu 20 Apr 2023 03:09:41 +0000
ROA not before: Thu 20 Apr 2023 03:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 185.154.192.0/24 maxlen: 24
185.154.194.0/24 maxlen: 24
185.154.195.0/24 maxlen: 24
185.154.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 12:03:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9c:a3:9e:96:ee:12:94:20:c8:fe:46:44:47:ef:fb:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Apr 20 03:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daebcc10900375407a6d87ecbfd0151b0960ae5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c8:a2:6e:6b:56:f6:7b:21:cf:99:8b:78:30:
d9:d1:75:1f:3c:97:7f:05:b6:09:f5:a6:5f:0a:54:
c7:cf:02:fc:0e:43:3a:7b:fb:6e:9b:63:19:ab:7a:
7d:d7:2d:42:5d:0a:4b:3c:31:1f:25:3e:8b:8f:dc:
27:c8:7e:80:f6:d8:cb:d0:a3:1b:2c:4e:8a:b8:3f:
73:aa:39:51:99:8d:c8:bf:7a:74:7a:31:bb:d0:ad:
59:94:43:a6:73:1d:10:81:7c:3e:62:76:ee:b9:02:
3a:ad:4f:f4:6e:c9:93:78:eb:3e:c3:37:57:3d:2c:
d7:92:9a:b4:23:38:be:84:7b:81:f7:99:8d:9b:ec:
bd:3a:ef:d7:86:a7:2c:df:8d:7a:e7:5e:8f:33:97:
7d:e3:01:55:30:ce:0f:0a:6e:da:32:80:ec:8a:05:
bf:72:2f:c1:6f:b3:8a:52:1f:78:58:87:a5:ef:b4:
33:8d:db:2c:3b:a9:d2:01:c7:7f:69:df:45:2c:66:
5d:13:1d:b3:5c:4b:7d:c4:a0:9c:25:fb:0f:a0:82:
01:b3:a2:2f:4b:9d:bd:b2:82:40:b5:42:69:ff:49:
0e:f2:ac:dd:d5:eb:7f:84:c5:44:db:c7:41:c7:59:
f5:41:4e:a3:d5:b9:53:a8:8b:93:a6:92:f3:c6:19:
b0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:EB:CC:10:90:03:75:40:7A:6D:87:EC:BF:D0:15:1B:09:60:AE:5B
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/2uvMEJADdUB6bYfsv9AVGwlgrls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:4c:0a:d1:92:51:53:e7:ce:11:b2:22:38:00:f8:ce:31:d4:
a0:74:d1:cc:ef:7f:33:d4:74:b5:61:3e:21:08:e3:bf:c6:6a:
ec:fb:c8:04:7e:44:d0:4a:12:ad:e9:cf:1b:ee:26:d2:fe:f3:
de:e6:cf:7f:77:2c:47:a6:c5:af:0d:28:95:62:bc:46:2f:d2:
6d:86:7c:92:de:1e:7f:35:37:ab:9c:fb:16:ba:0b:71:0c:79:
3a:e6:c0:db:97:02:49:0d:16:e3:73:2f:58:82:8f:ad:35:d9:
dd:d3:c8:b4:cf:ba:af:0c:be:be:11:97:7d:c3:d3:3a:8f:c5:
5d:b1:5e:e6:21:78:c2:17:16:12:e7:99:5c:ab:11:fc:69:5e:
8f:f4:bb:d6:53:9b:b8:cf:25:2e:b0:2f:52:cc:5b:e2:e2:8e:
f4:fb:18:13:f7:ba:7e:59:a0:c4:6c:4d:66:88:30:7b:e9:e3:
46:c1:1b:ca:79:d0:a0:60:74:a6:aa:e1:a2:5a:c1:54:5f:9d:
ee:da:2d:f9:46:a9:29:78:4b:61:44:b8:12:25:98:d4:e2:b2:
1b:fc:92:cf:bb:93:d2:e6:01:95:a3:b9:45:f3:ab:e2:6c:7c:
b3:13:0a:13:ae:c4:09:cd:05:84:7f:01:b9:21:95:33:47:e8:
9b:46:0c:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeco56W7hKUIMj+RkRH7/tlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjMwNDIwMDMwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWViY2MxMDkwMDM3NTQwN2E2ZDg3ZWNiZmQwMTUxYjA5NjBhZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8iibmtW9nshz5mLeDDZ0XUfPJd/
BbYJ9aZfClTHzwL8DkM6e/tum2MZq3p91y1CXQpLPDEfJT6Lj9wnyH6A9tjL0KMb
LE6KuD9zqjlRmY3Iv3p0ejG70K1ZlEOmcx0QgXw+YnbuuQI6rU/0bsmTeOs+wzdX
PSzXkpq0Izi+hHuB95mNm+y9Ou/Xhqcs3416516PM5d94wFVMM4PCm7aMoDsigW/
ci/Bb7OKUh94WIel77QzjdssO6nSAcd/ad9FLGZdEx2zXEt9xKCcJfsPoIIBs6Iv
S529soJAtUJp/0kO8qzd1et/hMVE28dBx1n1QU6j1blTqIuTppLzxhmwAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrrzBCQA3VAem2H7L/QFRsJYK5bMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvMnV2TUVKQURkVUI2Yllmc3Y5QVZHd2xncmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZrAMA0G
CSqGSIb3DQEBCwUAA4IBAQClTArRklFT584RsiI4APjOMdSgdNHM738z1HS1YT4h
COO/xmrs+8gEfkTQShKt6c8b7ibS/vPe5s9/dyxHpsWvDSiVYrxGL9JthnyS3h5/
NTernPsWugtxDHk65sDblwJJDRbjcy9Ygo+tNdnd08i0z7qvDL6+EZd9w9M6j8Vd
sV7mIXjCFxYS55lcqxH8aV6P9LvWU5u4zyUusC9SzFvi4o70+xgT97p+WaDEbE1m
iDB76eNGwRvKedCgYHSmquGiWsFUX53u2i35RqkpeEthRLgSJZjU4rIb/JLPu5PS
5gGVo7lF86vibHyzEwoTrsQJzQWEfwG5IZUzR+ibRgy8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org