Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/ipPbgO9jOErS0IehVsMU8BzUhwQ.roa
File: ipPbgO9jOErS0IehVsMU8BzUhwQ.roa (raw, json)
Hash identifier: spTWbCbGE3Re/csaxaSIAa4PxvJgNI7uAnPnLCiiP5c=
Subject key identifier: 8A:93:DB:80:EF:63:38:4A:D2:D0:87:A1:56:C3:14:F0:1C:D4:87:04
Certificate issuer: /CN=740f65f302335baa90ed81c05384d53f2332391a
Certificate serial: 018CBC7055EA2F38D08F370C57D16C37769D
Authority key identifier: 74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/ipPbgO9jOErS0IehVsMU8BzUhwQ.roa
Signing time: Sat 30 Dec 2023 20:35:27 +0000
ROA not before: Sat 30 Dec 2023 20:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206844
IP address blocks: 185.174.160.0/22 maxlen: 24
45.156.32.0/22 maxlen: 24
2a07:1280::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bc:70:55:ea:2f:38:d0:8f:37:0c:57:d1:6c:37:76:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=740f65f302335baa90ed81c05384d53f2332391a
Validity
Not Before: Dec 30 20:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a93db80ef63384ad2d087a156c314f01cd48704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1d:a9:08:da:4f:ff:7f:66:93:c6:3d:d9:47:
b0:fa:e3:36:6b:bc:7c:3b:5e:e7:f1:27:02:aa:92:
97:fe:84:d1:d2:14:9a:19:82:88:6b:eb:e1:46:c5:
6f:02:dc:66:83:60:ac:51:f6:81:84:35:62:52:13:
c9:f0:c6:98:c1:24:b5:b1:a6:7a:fd:0a:43:88:b0:
fc:7c:c0:72:1f:6f:34:11:e0:37:00:fc:25:32:4e:
32:c9:73:d3:0a:f6:76:76:f3:c4:72:83:50:79:99:
c2:f8:44:db:e3:22:b9:8a:90:17:9b:39:0f:e4:49:
25:b0:b0:2f:4f:1a:ae:b5:a5:b9:ee:19:87:76:22:
ca:bc:10:9f:31:61:7d:49:1f:f3:dc:04:8f:82:e8:
c3:69:fa:58:2a:ad:cb:69:1d:2b:89:6b:4d:eb:fe:
b5:0d:d5:56:34:57:07:e1:8c:66:fd:44:69:56:c3:
98:e9:c8:ff:74:94:62:6d:3d:1c:9d:23:53:bd:26:
f0:2b:37:c0:0a:bf:f9:84:f0:dc:f8:08:94:36:9d:
dc:51:8f:83:05:13:24:a2:de:de:c3:18:07:e9:e2:
38:d5:00:6a:ab:27:e6:9c:a6:5d:28:db:5b:0e:94:
a3:4e:7a:b6:8a:d5:a6:0b:4b:c7:7d:10:30:70:77:
17:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:93:DB:80:EF:63:38:4A:D2:D0:87:A1:56:C3:14:F0:1C:D4:87:04
X509v3 Authority Key Identifier:
keyid:74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/ipPbgO9jOErS0IehVsMU8BzUhwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.32.0/22
185.174.160.0/22
IPv6:
2a07:1280::/32
Signature Algorithm: sha256WithRSAEncryption
2a:57:c3:7c:21:a1:2d:2d:08:be:e9:be:14:f0:59:f1:4e:a9:
57:59:a7:ef:e8:3f:7f:ee:4d:75:36:34:88:b7:8a:53:cb:91:
44:cf:48:ee:74:db:a5:df:15:cf:33:4f:ec:61:a9:40:27:d3:
ff:af:4f:41:7c:9d:da:b2:f7:a5:68:a4:a4:8c:b5:e3:d4:d5:
86:f9:90:af:3f:2a:68:5c:76:01:79:c2:68:b1:7f:39:8a:19:
77:7a:cd:3f:f8:86:23:b6:c3:4e:7b:5d:01:db:30:13:d7:05:
ab:94:b3:8e:4e:ea:b8:00:58:f9:bc:2b:0f:d8:f9:28:a6:99:
53:a3:3a:96:b6:4b:76:0e:05:08:16:99:77:60:c7:73:48:af:
b9:5c:10:ac:0f:8d:50:f4:fc:6d:fe:3e:4b:a3:ed:ac:72:50:
6d:dc:86:22:18:a8:32:d0:e5:be:74:c4:7b:58:be:c5:49:34:
24:10:3d:fa:23:b4:f9:a9:aa:71:10:07:33:d7:26:38:f3:54:
5c:85:97:1c:36:a8:a6:19:1f:37:97:20:b1:84:58:57:ce:a7:
79:29:1c:30:42:4f:95:87:e1:0b:26:48:b2:c7:01:46:77:cf:
2d:94:8d:e8:ac:72:c3:d7:e0:f1:bb:34:f0:52:11:ca:60:66:
9d:49:cf:07
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYy8cFXqLzjQjzcMV9FsN3adMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MGY2NWYzMDIzMzViYWE5MGVkODFjMDUzODRkNTNmMjMz
MjM5MWEwHhcNMjMxMjMwMjAzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTkzZGI4MGVmNjMzODRhZDJkMDg3YTE1NmMzMTRmMDFjZDQ4NzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgR2pCNpP/39mk8Y92Uew+uM2a7x8
O17n8ScCqpKX/oTR0hSaGYKIa+vhRsVvAtxmg2CsUfaBhDViUhPJ8MaYwSS1saZ6
/QpDiLD8fMByH280EeA3APwlMk4yyXPTCvZ2dvPEcoNQeZnC+ETb4yK5ipAXmzkP
5EklsLAvTxqutaW57hmHdiLKvBCfMWF9SR/z3ASPgujDafpYKq3LaR0riWtN6/61
DdVWNFcH4Yxm/URpVsOY6cj/dJRibT0cnSNTvSbwKzfACr/5hPDc+AiUNp3cUY+D
BRMkot7ewxgH6eI41QBqqyfmnKZdKNtbDpSjTnq2itWmC0vHfRAwcHcXjwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIqT24DvYzhK0tCHoVbDFPAc1IcEMB8GA1UdIwQY
MBaAFHQPZfMCM1uqkO2BwFOE1T8jMjkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQt
ZDAzYTJjNDM1YWVjLzEvaXBQYmdPOWpPRXJTMEllaFZzTVU4QnpVaHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQtZDAzYTJjNDM1YWVj
LzEvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZwgAwQC
ua6gMA0EAgACMAcDBQAqBxKAMA0GCSqGSIb3DQEBCwUAA4IBAQAqV8N8IaEtLQi+
6b4U8FnxTqlXWafv6D9/7k11NjSIt4pTy5FEz0judNul3xXPM0/sYalAJ9P/r09B
fJ3asvelaKSkjLXj1NWG+ZCvPypoXHYBecJosX85ihl3es0/+IYjtsNOe10B2zAT
1wWrlLOOTuq4AFj5vCsP2PkopplTozqWtkt2DgUIFpl3YMdzSK+5XBCsD41Q9Pxt
/j5Lo+2sclBt3IYiGKgy0OW+dMR7WL7FSTQkED36I7T5qapxEAcz1yY481RchZcc
NqimGR83lyCxhFhXzqd5KRwwQk+Vh+ELJkiyxwFGd88tlI3orHLD1+DxuzTwUhHK
YGadSc8H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:12 2024 by rpki-client on console-fra.rpki-client.org