Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/971311-f47f-46db-8c57-e9782041cc24/1/aUrrAR3621K-dMPU14zRoVpiyZk.roa
File: aUrrAR3621K-dMPU14zRoVpiyZk.roa (raw, json)
Hash identifier: vnVmka0dtuLbHOYBlYn3b50lbZ2F/zGniX+v9PT65P8=
Subject key identifier: 69:4A:EB:01:1D:FA:DB:52:BE:74:C3:D4:D7:8C:D1:A1:5A:62:C9:99
Certificate issuer: /CN=816d220b2b5a46fbeb27ef2d969fa21dd338c5b3
Certificate serial: 0185D97BF7189F58F41AAEA983A07E46626F
Authority key identifier: 81:6D:22:0B:2B:5A:46:FB:EB:27:EF:2D:96:9F:A2:1D:D3:38:C5:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gW0iCytaRvvrJ-8tlp-iHdM4xbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/971311-f47f-46db-8c57-e9782041cc24/1/aUrrAR3621K-dMPU14zRoVpiyZk.roa
Signing time: Sun 22 Jan 2023 12:37:37 +0000
ROA not before: Sun 22 Jan 2023 12:37:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48767
IP address blocks: 185.140.52.0/24 maxlen: 24
2a07:1a80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d9:7b:f7:18:9f:58:f4:1a:ae:a9:83:a0:7e:46:62:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=816d220b2b5a46fbeb27ef2d969fa21dd338c5b3
Validity
Not Before: Jan 22 12:37:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=694aeb011dfadb52be74c3d4d78cd1a15a62c999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:51:f8:8f:f3:ab:a1:ca:1d:f1:06:bc:5a:5b:
c2:2d:7c:41:9c:fc:70:dc:3a:af:82:47:75:b0:87:
ac:38:97:55:42:ea:fb:1a:a6:10:66:b1:6e:ac:5c:
fc:f4:11:de:f6:16:ae:ff:10:94:09:ec:50:41:83:
75:11:ca:47:a3:14:5d:82:65:ba:5f:d5:57:3d:e9:
18:dd:cd:63:41:38:71:af:2d:86:ec:b5:71:df:4b:
07:53:f9:41:61:71:d3:07:77:7c:3d:8c:a1:23:97:
af:0f:24:ea:63:5b:9b:8b:ba:0d:0d:c7:3d:e1:44:
94:e2:41:ab:0a:1e:a4:d2:13:2e:fc:44:7b:eb:4f:
4c:ba:b1:29:72:ba:34:e6:36:c1:db:de:54:85:a1:
93:b4:80:7a:ba:29:aa:51:5e:48:e6:06:06:cc:3a:
b3:98:11:6b:a1:bf:a2:c5:8e:2f:d7:d2:c3:35:bc:
7a:34:ea:12:14:0f:79:7f:66:3b:4e:9d:61:b2:88:
6b:58:ab:75:5b:fc:d0:fa:b6:42:f6:ed:00:8f:be:
15:c4:b6:87:35:6d:f1:5e:16:22:d6:d0:61:56:3f:
20:1c:a5:28:2f:ca:13:54:8c:43:10:63:db:a3:01:
d4:5f:5b:f8:f9:81:24:c8:81:8d:da:43:7a:72:07:
16:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:4A:EB:01:1D:FA:DB:52:BE:74:C3:D4:D7:8C:D1:A1:5A:62:C9:99
X509v3 Authority Key Identifier:
keyid:81:6D:22:0B:2B:5A:46:FB:EB:27:EF:2D:96:9F:A2:1D:D3:38:C5:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gW0iCytaRvvrJ-8tlp-iHdM4xbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/971311-f47f-46db-8c57-e9782041cc24/1/aUrrAR3621K-dMPU14zRoVpiyZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/971311-f47f-46db-8c57-e9782041cc24/1/gW0iCytaRvvrJ-8tlp-iHdM4xbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.52.0/24
IPv6:
2a07:1a80::/48
Signature Algorithm: sha256WithRSAEncryption
6f:52:53:07:ef:48:75:25:e2:a9:c1:93:18:5f:4d:b9:9a:0b:
0a:32:d3:b8:87:e6:96:1c:f5:e4:1f:e6:fd:09:c4:39:ba:8a:
fd:0f:de:ee:2c:dc:88:44:11:0c:14:4f:a2:61:05:44:e2:08:
63:16:37:b9:94:62:0f:ea:ea:d3:55:f5:2a:02:79:70:09:7a:
1b:55:77:03:d9:9e:4d:a0:2e:b3:70:65:d6:56:86:90:f1:88:
76:1a:ba:e0:74:ff:31:8f:24:b1:ed:9b:5d:0d:68:58:5f:ab:
06:5b:22:04:e2:f7:29:9f:81:06:22:d3:9d:a4:b2:fb:a2:da:
09:28:b9:25:31:a7:7a:0b:cb:e2:de:96:4c:fa:5a:3b:fa:4f:
e6:01:9b:22:21:62:14:90:6d:3e:87:5e:a5:b4:92:b8:05:a9:
77:c4:39:b8:47:4a:d8:3d:80:cf:53:a8:fd:04:6d:ae:84:8c:
fc:f2:3c:49:2d:f1:e1:ec:f4:40:41:c8:9f:36:6c:17:42:ce:
6d:6b:e9:a1:93:2f:56:13:22:70:f5:ec:0c:aa:ee:e7:fd:18:
20:0e:cf:57:51:a1:5b:dc:8f:5c:7b:53:cb:38:29:35:56:ea:
56:02:80:11:de:9b:7d:13:5e:81:a8:26:eb:75:d6:ba:a5:17:
8c:ab:8b:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXZe/cYn1j0Gq6pg6B+RmJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNmQyMjBiMmI1YTQ2ZmJlYjI3ZWYyZDk2OWZhMjFkZDMz
OGM1YjMwHhcNMjMwMTIyMTIzNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTRhZWIwMTFkZmFkYjUyYmU3NGMzZDRkNzhjZDFhMTVhNjJjOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1H4j/Orocod8Qa8WlvCLXxBnPxw
3Dqvgkd1sIesOJdVQur7GqYQZrFurFz89BHe9hau/xCUCexQQYN1EcpHoxRdgmW6
X9VXPekY3c1jQThxry2G7LVx30sHU/lBYXHTB3d8PYyhI5evDyTqY1ubi7oNDcc9
4USU4kGrCh6k0hMu/ER7609MurEpcro05jbB295UhaGTtIB6uimqUV5I5gYGzDqz
mBFrob+ixY4v19LDNbx6NOoSFA95f2Y7Tp1hsohrWKt1W/zQ+rZC9u0Aj74VxLaH
NW3xXhYi1tBhVj8gHKUoL8oTVIxDEGPbowHUX1v4+YEkyIGN2kN6cgcWDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGlK6wEd+ttSvnTD1NeM0aFaYsmZMB8GA1UdIwQY
MBaAFIFtIgsrWkb76yfvLZafoh3TOMWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1cwaUN5dGFSdnZySi04dGxwLWlIZE00eGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzEzMTEtZjQ3Zi00NmRiLThjNTct
ZTk3ODIwNDFjYzI0LzEvYVVyckFSMzYyMUstZE1QVTE0elJvVnBpeVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzEzMTEtZjQ3Zi00NmRiLThjNTctZTk3ODIwNDFjYzI0
LzEvZ1cwaUN5dGFSdnZySi04dGxwLWlIZE00eGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYw0MA8E
AgACMAkDBwAqBxqAAAAwDQYJKoZIhvcNAQELBQADggEBAG9SUwfvSHUl4qnBkxhf
TbmaCwoy07iH5pYc9eQf5v0JxDm6iv0P3u4s3IhEEQwUT6JhBUTiCGMWN7mUYg/q
6tNV9SoCeXAJehtVdwPZnk2gLrNwZdZWhpDxiHYauuB0/zGPJLHtm10NaFhfqwZb
IgTi9ymfgQYi052ksvui2gkouSUxp3oLy+Lelkz6Wjv6T+YBmyIhYhSQbT6HXqW0
krgFqXfEObhHStg9gM9TqP0Eba6EjPzyPEkt8eHs9EBByJ82bBdCzm1r6aGTL1YT
InD17Ayq7uf9GCAOz1dRoVvcj1x7U8s4KTVW6lYCgBHem30TXoGoJut11rqlF4yr
i4Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:45 2024 by rpki-client on console-fra.rpki-client.org