Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/69c880-23ef-49c0-adbf-3d113d39f77b/1/aBYshe4EWAhSFZ1smZssfxvRMVg.roa
File: aBYshe4EWAhSFZ1smZssfxvRMVg.roa (raw, json)
Hash identifier: ca+aXivqKT2FbCmZoFwJzF/1ILyswlW7cmB3kLPXW2g=
Subject key identifier: 68:16:2C:85:EE:04:58:08:52:15:9D:6C:99:9B:2C:7F:1B:D1:31:58
Certificate issuer: /CN=b8cc59d994ac860e5b25e09575d99f94370e91cb
Certificate serial: 0186CA9FC4B8A2C338C150C88A2E53DB0B89
Authority key identifier: B8:CC:59:D9:94:AC:86:0E:5B:25:E0:95:75:D9:9F:94:37:0E:91:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMxZ2ZSshg5bJeCVddmflDcOkcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/69c880-23ef-49c0-adbf-3d113d39f77b/1/aBYshe4EWAhSFZ1smZssfxvRMVg.roa
Signing time: Fri 10 Mar 2023 08:25:13 +0000
ROA not before: Fri 10 Mar 2023 08:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205358
IP address blocks: 185.131.205.0/24 maxlen: 24
2a12:da40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:9f:c4:b8:a2:c3:38:c1:50:c8:8a:2e:53:db:0b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8cc59d994ac860e5b25e09575d99f94370e91cb
Validity
Not Before: Mar 10 08:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68162c85ee04580852159d6c999b2c7f1bd13158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:14:29:fe:a1:fe:7d:04:96:95:18:f8:b0:e1:
e9:56:97:9b:83:ea:0e:cf:70:0c:af:f8:91:2a:75:
92:83:22:a6:88:f1:2d:a8:bf:ed:13:cf:ba:87:1a:
01:88:a6:54:bb:08:6c:a6:14:3b:f3:7e:2f:84:69:
c0:a6:ae:57:a7:61:81:0f:44:dd:f1:9b:01:0a:97:
a4:32:2e:87:68:2e:78:62:36:b3:01:f3:92:2e:85:
4a:a7:da:84:69:33:ae:cb:4d:64:24:bd:aa:d1:da:
23:38:c3:55:56:70:f7:10:59:37:66:c7:73:85:85:
fc:d8:8b:ef:80:3c:5e:35:f4:5b:d9:98:cf:c3:cb:
64:93:05:3c:32:3d:76:43:c2:8e:c8:64:cb:7d:04:
69:6d:36:c2:9b:2a:07:e8:d9:ed:ba:63:3f:e0:ca:
c3:96:1a:66:dc:63:ff:47:d4:af:71:ac:f2:d4:31:
e8:e6:66:94:2e:ac:80:81:27:fd:26:bf:a2:4e:00:
78:53:73:77:5d:9f:32:f2:d3:c1:f7:ca:a8:c1:40:
c3:29:b4:43:06:c8:36:32:46:e3:0b:0c:63:01:8c:
82:19:15:20:fc:44:4f:7c:ca:a2:fe:0d:26:9c:4e:
28:04:64:42:ce:fb:28:8a:d8:9c:06:ab:0b:d5:7e:
72:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:16:2C:85:EE:04:58:08:52:15:9D:6C:99:9B:2C:7F:1B:D1:31:58
X509v3 Authority Key Identifier:
keyid:B8:CC:59:D9:94:AC:86:0E:5B:25:E0:95:75:D9:9F:94:37:0E:91:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMxZ2ZSshg5bJeCVddmflDcOkcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/69c880-23ef-49c0-adbf-3d113d39f77b/1/aBYshe4EWAhSFZ1smZssfxvRMVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/69c880-23ef-49c0-adbf-3d113d39f77b/1/uMxZ2ZSshg5bJeCVddmflDcOkcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.205.0/24
IPv6:
2a12:da40::/29
Signature Algorithm: sha256WithRSAEncryption
4d:33:26:d1:5c:3e:3e:1e:f3:a3:a6:ad:b6:b7:9e:f9:fa:9b:
1d:85:81:8a:d5:74:df:ed:d6:c4:a8:d5:79:27:88:bc:6e:7f:
7c:7d:a1:86:90:a9:a5:93:3f:ea:fb:0b:de:9e:fb:99:d6:75:
9d:a8:8e:1f:7e:6d:82:29:ef:d1:e0:9b:66:64:c3:e0:4a:6f:
c6:38:f3:dc:bf:45:b4:46:50:95:8b:6c:2a:4d:31:db:4b:6b:
3d:1c:a4:f5:a2:69:32:d4:2a:4f:3d:d7:9f:7b:e4:b2:66:f1:
cc:23:5b:7a:51:24:05:7b:e8:82:32:36:a2:be:64:bd:25:c5:
b6:c6:18:a7:49:56:9e:6d:c1:0b:6f:a2:55:cd:97:ca:8c:72:
6e:4b:ad:47:8f:6c:2e:56:7b:9e:81:28:2c:2b:15:3a:ad:85:
e6:96:ec:1c:c4:72:13:37:0e:c2:82:f7:53:2c:23:fd:5e:d4:
aa:c4:33:9c:0f:b9:12:d6:d4:e5:7e:0c:a6:aa:44:d1:ad:63:
e6:95:98:db:28:e2:da:04:bf:24:87:85:af:94:b3:28:b9:f0:
82:7c:0b:d3:a3:f0:ff:48:cb:e6:2e:0f:09:29:fe:73:d6:6c:
3e:2d:1b:37:c1:5c:38:9e:56:af:45:a7:26:50:59:c7:69:0d:
1b:23:88:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbKn8S4osM4wVDIii5T2wuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4Y2M1OWQ5OTRhYzg2MGU1YjI1ZTA5NTc1ZDk5Zjk0Mzcw
ZTkxY2IwHhcNMjMwMzEwMDgyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODE2MmM4NWVlMDQ1ODA4NTIxNTlkNmM5OTliMmM3ZjFiZDEzMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhQp/qH+fQSWlRj4sOHpVpebg+oO
z3AMr/iRKnWSgyKmiPEtqL/tE8+6hxoBiKZUuwhsphQ7834vhGnApq5Xp2GBD0Td
8ZsBCpekMi6HaC54YjazAfOSLoVKp9qEaTOuy01kJL2q0dojOMNVVnD3EFk3Zsdz
hYX82IvvgDxeNfRb2ZjPw8tkkwU8Mj12Q8KOyGTLfQRpbTbCmyoH6NntumM/4MrD
lhpm3GP/R9Svcazy1DHo5maULqyAgSf9Jr+iTgB4U3N3XZ8y8tPB98qowUDDKbRD
Bsg2MkbjCwxjAYyCGRUg/ERPfMqi/g0mnE4oBGRCzvsoiticBqsL1X5ywQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGgWLIXuBFgIUhWdbJmbLH8b0TFYMB8GA1UdIwQY
MBaAFLjMWdmUrIYOWyXglXXZn5Q3DpHLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU14WjJaU3NoZzViSmVDVmRkbWZsRGNPa2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82OWM4ODAtMjNlZi00OWMwLWFkYmYt
M2QxMTNkMzlmNzdiLzEvYUJZc2hlNEVXQWhTRloxc21ac3NmeHZSTVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82OWM4ODAtMjNlZi00OWMwLWFkYmYtM2QxMTNkMzlmNzdi
LzEvdU14WjJaU3NoZzViSmVDVmRkbWZsRGNPa2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYPNMA0E
AgACMAcDBQMqEtpAMA0GCSqGSIb3DQEBCwUAA4IBAQBNMybRXD4+HvOjpq22t575
+psdhYGK1XTf7dbEqNV5J4i8bn98faGGkKmlkz/q+wvenvuZ1nWdqI4ffm2CKe/R
4JtmZMPgSm/GOPPcv0W0RlCVi2wqTTHbS2s9HKT1omky1CpPPdefe+SyZvHMI1t6
USQFe+iCMjaivmS9JcW2xhinSVaebcELb6JVzZfKjHJuS61Hj2wuVnuegSgsKxU6
rYXmluwcxHITNw7CgvdTLCP9XtSqxDOcD7kS1tTlfgymqkTRrWPmlZjbKOLaBL8k
h4WvlLMoufCCfAvTo/D/SMvmLg8JKf5z1mw+LRs3wVw4nlavRacmUFnHaQ0bI4i3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:34 2024 by rpki-client on console-ams.rpki-client.org