Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/P9EOhlHt7vd9HIvAaoie3WV6UFo.roa
File: P9EOhlHt7vd9HIvAaoie3WV6UFo.roa (raw, json)
Hash identifier: Qifhpf9xv6yz6mEEHpoWTzf844txVpXCgF6Faf2zwAM=
Subject key identifier: 3F:D1:0E:86:51:ED:EE:F7:7D:1C:8B:C0:6A:88:9E:DD:65:7A:50:5A
Certificate issuer: /CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Certificate serial: 0185A179FE1D60B65AEA13BFE8F17590B7A2
Authority key identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/P9EOhlHt7vd9HIvAaoie3WV6UFo.roa
Signing time: Wed 11 Jan 2023 15:36:44 +0000
ROA not before: Wed 11 Jan 2023 15:36:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43902
IP address blocks: 185.56.107.0/24 maxlen: 24
2a00:7fc0:8001::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:79:fe:1d:60:b6:5a:ea:13:bf:e8:f1:75:90:b7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Validity
Not Before: Jan 11 15:36:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fd10e8651edeef77d1c8bc06a889edd657a505a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8b:a4:64:a3:a8:f1:dd:3c:82:ff:37:3e:53:
4e:8f:59:77:16:86:a1:f1:d4:4d:b0:d2:ae:3e:cc:
4f:f2:c8:e5:82:fa:9d:02:0f:f3:e7:2d:43:85:a5:
4b:fd:c4:09:a0:cd:90:03:13:31:ea:85:a6:57:1d:
ec:af:e8:cc:f3:1e:80:bc:58:eb:30:f6:17:e2:37:
ed:1b:2f:7c:bf:61:e3:e3:ed:1e:0d:8b:58:c7:ff:
8b:6d:a7:95:04:e0:db:d1:87:e9:e1:8d:a7:e5:60:
b2:50:c3:87:e5:3f:15:42:0f:20:a7:38:98:64:ff:
48:99:8e:44:6a:69:87:e9:ae:8d:c5:af:53:da:77:
e8:d2:46:a6:f1:39:f1:85:01:3f:dc:87:dd:d1:2c:
17:9d:06:83:c6:1a:dd:fb:af:66:f3:53:bf:fc:2a:
49:fa:81:f1:53:4c:4c:94:4e:e6:d2:d7:5e:47:58:
4b:2b:91:95:d4:98:45:d5:98:5f:ab:8f:fa:2d:d0:
56:ef:45:34:12:b2:ab:ce:31:f6:de:02:c0:47:d0:
64:45:e3:a2:39:b0:63:c8:e7:97:0e:24:47:2c:a2:
0a:dd:60:80:75:0b:79:6f:d3:21:bb:f0:93:a7:3d:
20:23:05:54:2c:62:60:70:2c:d4:e8:90:e3:7f:7f:
42:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D1:0E:86:51:ED:EE:F7:7D:1C:8B:C0:6A:88:9E:DD:65:7A:50:5A
X509v3 Authority Key Identifier:
keyid:72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/P9EOhlHt7vd9HIvAaoie3WV6UFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.107.0/24
IPv6:
2a00:7fc0:8001::/48
Signature Algorithm: sha256WithRSAEncryption
2a:3f:fa:ea:cf:8b:b1:b2:cd:16:17:4f:31:98:0d:58:55:04:
e7:0d:dc:3c:c7:9d:67:ee:af:4c:1f:ec:6d:a7:0a:b2:13:96:
8a:90:8b:7c:1b:4d:12:4f:61:72:71:76:9a:99:8c:0c:56:41:
0b:80:31:ac:c9:8c:9b:4d:89:37:7b:23:10:b1:e4:f8:82:d4:
45:a9:f3:89:9e:10:6f:28:3c:82:35:45:36:81:ff:a7:67:93:
4b:b7:ec:b0:ea:30:78:69:91:91:e3:ca:fe:db:86:48:b3:0a:
cb:28:2a:85:74:ab:81:69:78:25:09:3b:8b:e9:50:29:bd:14:
f5:71:6b:d2:5d:91:76:2d:59:5c:fa:d2:2b:d1:f6:34:af:c0:
a8:9d:27:06:95:0d:d4:04:2d:97:df:88:6c:05:a4:3f:1e:7a:
b5:1a:45:da:a7:b8:d0:71:42:60:c3:62:a9:a9:de:b4:38:e1:
b3:36:c2:a0:a6:57:3d:90:c7:b2:a0:4f:a6:6e:b7:80:89:73:
68:1e:80:ec:49:c7:d6:db:97:c4:7e:cf:0b:45:62:7f:2f:86:
6d:2f:b6:d4:4e:98:dc:e4:4d:37:f2:70:86:c5:cc:f8:ba:b6:
34:c8:93:a4:1b:e4:34:46:47:4a:64:57:76:78:26:50:76:77:
1c:6b:41:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWhef4dYLZa6hO/6PF1kLeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI2YWJjOWUwNmMxYWZlZjliNWZkMmRhNDA0MTJlN2Fl
ZTZiNDcwHhcNMjMwMTExMTUzNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQxMGU4NjUxZWRlZWY3N2QxYzhiYzA2YTg4OWVkZDY1N2E1MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIukZKOo8d08gv83PlNOj1l3Foah
8dRNsNKuPsxP8sjlgvqdAg/z5y1DhaVL/cQJoM2QAxMx6oWmVx3sr+jM8x6AvFjr
MPYX4jftGy98v2Hj4+0eDYtYx/+LbaeVBODb0Yfp4Y2n5WCyUMOH5T8VQg8gpziY
ZP9ImY5EammH6a6Nxa9T2nfo0kam8TnxhQE/3Ifd0SwXnQaDxhrd+69m81O//CpJ
+oHxU0xMlE7m0tdeR1hLK5GV1JhF1Zhfq4/6LdBW70U0ErKrzjH23gLAR9BkReOi
ObBjyOeXDiRHLKIK3WCAdQt5b9Mhu/CTpz0gIwVULGJgcCzU6JDjf39CHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD/RDoZR7e73fRyLwGqInt1lelBaMB8GA1UdIwQY
MBaAFHLCaryeBsGv75tf0tpAQS567mtHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMt
Y2Q3ZDYxOTEzMjg4LzEvUDlFT2hsSHQ3dmQ5SEl2QWFvaWUzV1Y2VUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMtY2Q3ZDYxOTEzMjg4
LzEvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuThrMA8E
AgACMAkDBwAqAH/AgAEwDQYJKoZIhvcNAQELBQADggEBACo/+urPi7GyzRYXTzGY
DVhVBOcN3DzHnWfur0wf7G2nCrITloqQi3wbTRJPYXJxdpqZjAxWQQuAMazJjJtN
iTd7IxCx5PiC1EWp84meEG8oPII1RTaB/6dnk0u37LDqMHhpkZHjyv7bhkizCsso
KoV0q4FpeCUJO4vpUCm9FPVxa9JdkXYtWVz60ivR9jSvwKidJwaVDdQELZffiGwF
pD8eerUaRdqnuNBxQmDDYqmp3rQ44bM2wqCmVz2Qx7KgT6Zut4CJc2gegOxJx9bb
l8R+zwtFYn8vhm0vttROmNzkTTfycIbFzPi6tjTIk6Qb5DRGR0pkV3Z4JlB2dxxr
QTQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:46 2024 by rpki-client on console-fra.rpki-client.org