Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/gSBB8KYa7sDVxkYDVpk95-nrfSc.roa
File: gSBB8KYa7sDVxkYDVpk95-nrfSc.roa (raw, json)
Hash identifier: 7Xo18R1ZP2cOoytJVTWekbrZCrcnBWgfAwE+vOOArQE=
Subject key identifier: 81:20:41:F0:A6:1A:EE:C0:D5:C6:46:03:56:99:3D:E7:E9:EB:7D:27
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 01856DCADA4A40AF6781239923D1F4641AED
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/gSBB8KYa7sDVxkYDVpk95-nrfSc.roa
Signing time: Sun 01 Jan 2023 14:44:48 +0000
ROA not before: Sun 01 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 185.13.208.0/22 maxlen: 24
2a03:a540::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:da:4a:40:af:67:81:23:99:23:d1:f4:64:1a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Jan 1 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=812041f0a61aeec0d5c6460356993de7e9eb7d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:05:75:d5:e8:5a:c9:4f:e3:4e:3b:d3:11:f6:
ae:7f:01:86:9c:3b:40:6d:f9:e1:69:07:ca:69:41:
b1:3d:ed:9a:45:6a:92:9a:da:9b:19:b5:de:b8:3e:
2b:00:6d:5e:4e:1c:9f:5f:84:dc:66:db:62:8e:21:
96:f7:ba:8f:24:96:6d:61:fe:66:db:b3:ac:d8:7b:
1e:14:87:58:f4:8a:ff:8c:c1:2c:97:ee:9b:d7:58:
8a:52:06:cf:d2:e5:37:1c:dd:f1:47:e2:c2:fc:47:
2f:56:88:5a:29:df:24:36:b1:2f:17:91:8b:fc:d4:
22:70:3d:90:ce:db:d6:f1:b4:fd:ba:e7:42:9b:02:
e6:c0:f8:87:6a:56:94:5b:9b:db:a7:25:ad:07:07:
c5:f9:b9:2d:27:50:f5:ad:de:e6:51:64:aa:4a:18:
64:ac:a8:94:e8:38:1b:6d:81:5b:e0:2f:42:75:10:
21:56:9c:67:69:03:7f:08:d1:c9:cc:7d:13:89:cd:
4b:be:99:44:96:05:77:ca:3c:99:28:0e:30:5c:f1:
8a:b4:86:5c:61:22:6d:ba:f7:72:60:56:fc:bb:43:
33:d7:ea:f1:cb:7f:93:0f:c1:41:e5:fd:bc:c8:13:
6c:65:2b:57:f2:5e:2f:cb:e8:c7:c9:29:a3:4f:45:
7d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:20:41:F0:A6:1A:EE:C0:D5:C6:46:03:56:99:3D:E7:E9:EB:7D:27
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/gSBB8KYa7sDVxkYDVpk95-nrfSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
5a:e9:e2:6f:ea:62:bb:eb:af:ff:27:ea:6b:cb:5a:35:c8:ea:
cc:90:10:dd:98:20:89:52:96:47:24:99:f3:cb:fb:52:ad:e2:
9d:73:fd:95:e4:78:da:e5:95:e5:5a:87:97:5d:28:6c:1a:26:
65:75:e4:a0:5c:c3:d3:ff:4a:7d:37:4b:bd:ff:94:58:6a:aa:
f7:01:19:de:a9:26:68:ee:cb:6b:bb:74:dd:67:d0:b5:a4:99:
18:c6:30:dc:f9:3e:cc:ee:81:77:17:8b:e2:38:e5:75:3c:77:
72:1c:1a:3c:44:2a:95:7d:56:48:6c:46:0b:c1:2d:60:93:a6:
e9:58:d4:30:0b:a1:96:2b:b6:f7:99:5a:57:79:30:ba:1c:5e:
c7:0a:7b:35:fb:cd:5c:47:c3:97:c1:c4:1d:5b:f6:da:ee:d9:
55:96:f0:0f:0a:b6:a6:13:76:93:56:ab:af:af:4e:f5:85:e2:
e5:fe:28:c1:d3:24:ac:69:5e:d8:e8:49:f4:11:00:81:5b:b1:
b8:d0:3b:86:37:a4:73:1c:e6:31:f8:70:08:e5:ea:c2:2e:e2:
8b:32:8d:3d:45:08:a1:a3:45:ea:22:50:97:4a:8a:68:e4:9e:
3b:2e:c3:1c:cb:39:88:2a:08:c0:ae:c5:e9:3f:19:41:da:f8:
34:0a:8f:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtytpKQK9ngSOZI9H0ZBrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjMwMTAxMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTIwNDFmMGE2MWFlZWMwZDVjNjQ2MDM1Njk5M2RlN2U5ZWI3ZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wV11ehayU/jTjvTEfaufwGGnDtA
bfnhaQfKaUGxPe2aRWqSmtqbGbXeuD4rAG1eThyfX4TcZttijiGW97qPJJZtYf5m
27Os2HseFIdY9Ir/jMEsl+6b11iKUgbP0uU3HN3xR+LC/EcvVohaKd8kNrEvF5GL
/NQicD2QztvW8bT9uudCmwLmwPiHalaUW5vbpyWtBwfF+bktJ1D1rd7mUWSqShhk
rKiU6DgbbYFb4C9CdRAhVpxnaQN/CNHJzH0Tic1LvplElgV3yjyZKA4wXPGKtIZc
YSJtuvdyYFb8u0Mz1+rxy3+TD8FB5f28yBNsZStX8l4vy+jHySmjT0V9uQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIEgQfCmGu7A1cZGA1aZPefp630nMB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvZ1NCQjhLWWE3c0RWeGtZRFZwazk1LW5yZlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQBa6eJv6mK766//J+pry1o1
yOrMkBDdmCCJUpZHJJnzy/tSreKdc/2V5Hja5ZXlWoeXXShsGiZldeSgXMPT/0p9
N0u9/5RYaqr3ARneqSZo7stru3TdZ9C1pJkYxjDc+T7M7oF3F4viOOV1PHdyHBo8
RCqVfVZIbEYLwS1gk6bpWNQwC6GWK7b3mVpXeTC6HF7HCns1+81cR8OXwcQdW/ba
7tlVlvAPCramE3aTVquvr071heLl/ijB0ySsaV7Y6En0EQCBW7G40DuGN6RzHOYx
+HAI5erCLuKLMo09RQiho0XqIlCXSopo5J47LsMcyzmIKgjArsXpPxlB2vg0Co+i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:39 2024 by rpki-client on console-fra.rpki-client.org