Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/i10Ofos779voLjlRN5EJ7WedmIc.roa
File: i10Ofos779voLjlRN5EJ7WedmIc.roa (raw, json)
Hash identifier: U/IYLVwE73nhT+O6iiCm2GIVm0/5YP6s9brykRdHV7k=
Subject key identifier: 8B:5D:0E:7E:8B:3B:EF:DB:E8:2E:39:51:37:91:09:ED:67:9D:98:87
Certificate issuer: /CN=109b05a35d4109a1e4a834ccadacdd2c6f56b05a
Certificate serial: 01856F1D89B75A5D474D7993C6397AD0F4FF
Authority key identifier: 10:9B:05:A3:5D:41:09:A1:E4:A8:34:CC:AD:AC:DD:2C:6F:56:B0:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EJsFo11BCaHkqDTMrazdLG9WsFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/i10Ofos779voLjlRN5EJ7WedmIc.roa
Signing time: Sun 01 Jan 2023 20:54:44 +0000
ROA not before: Sun 01 Jan 2023 20:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197667
IP address blocks: 185.139.43.0/24 maxlen: 24
185.139.40.0/22 maxlen: 22
185.139.41.0/24 maxlen: 24
185.139.42.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:89:b7:5a:5d:47:4d:79:93:c6:39:7a:d0:f4:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=109b05a35d4109a1e4a834ccadacdd2c6f56b05a
Validity
Not Before: Jan 1 20:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b5d0e7e8b3befdbe82e3951379109ed679d9887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1b:9f:91:3c:00:15:e1:af:4c:c2:29:16:23:
45:08:e1:e1:8d:01:0e:dd:db:92:28:20:89:f0:22:
52:f1:92:a6:10:c1:da:86:49:27:96:d7:87:44:1c:
76:7b:1e:d8:c2:ea:cc:33:f1:20:67:b6:bb:3d:06:
af:d7:8d:7a:89:74:5c:bd:a2:31:36:a5:76:ab:05:
b9:f1:1f:78:fa:4e:ac:fe:01:a5:a8:fd:1c:fa:fa:
a6:46:7a:6f:27:4e:e4:90:c1:b6:78:20:fe:8e:6a:
72:87:67:4a:e6:f7:3e:79:27:3f:e5:b2:5b:06:18:
a4:ed:e2:01:40:f6:9d:d6:a9:53:e1:87:32:e5:a4:
02:f2:43:43:4a:60:5d:2d:a2:55:57:f2:ff:3a:61:
ac:36:7d:ee:90:72:02:68:86:25:83:cc:f8:84:9f:
e0:5e:6c:19:86:11:d7:88:85:c2:0d:00:70:6d:d4:
19:a6:6f:c3:1c:9a:ca:a7:be:36:df:f7:ad:a6:35:
0a:56:71:90:b3:24:f6:d1:f4:fa:50:4e:b8:63:e7:
50:f9:69:d7:06:89:29:9c:83:da:27:65:71:2b:70:
f7:d2:01:91:00:5b:2c:77:8a:7d:57:fc:11:f3:13:
74:9f:60:0d:7d:c5:92:8b:11:44:92:41:fa:a6:c5:
0a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5D:0E:7E:8B:3B:EF:DB:E8:2E:39:51:37:91:09:ED:67:9D:98:87
X509v3 Authority Key Identifier:
keyid:10:9B:05:A3:5D:41:09:A1:E4:A8:34:CC:AD:AC:DD:2C:6F:56:B0:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJsFo11BCaHkqDTMrazdLG9WsFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/i10Ofos779voLjlRN5EJ7WedmIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/EJsFo11BCaHkqDTMrazdLG9WsFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.40.0/22
Signature Algorithm: sha256WithRSAEncryption
70:93:90:e5:2e:10:ad:d5:66:c5:89:8d:1d:c9:ea:eb:df:a9:
a7:b2:c5:8f:52:27:53:d6:fc:86:98:ee:94:16:82:d0:b4:eb:
d0:16:22:9b:b6:4c:4b:5d:67:05:11:f2:50:cf:52:74:74:b2:
cf:d2:3c:1c:55:77:91:f6:6e:38:07:c8:45:1e:cd:13:b8:e2:
ee:5e:09:1c:94:0a:80:16:01:62:a9:5e:7d:0b:e2:d1:7f:76:
2e:c5:d1:a9:0d:42:19:e9:32:0c:a2:fc:ae:0d:fd:72:41:9c:
db:d2:9a:b8:c6:ef:ef:15:4f:00:3e:23:f4:6a:f3:b9:47:be:
43:d1:70:89:90:a9:e2:b7:85:a9:51:d8:34:30:5b:5d:68:00:
6c:2a:4a:2a:d1:0a:94:0f:b3:f8:95:0b:0b:9a:76:18:93:be:
c6:b0:49:ff:80:69:e6:dc:3e:ac:b8:fe:9f:5d:dd:8d:6e:ed:
2f:2d:bc:82:17:31:21:ed:e3:36:70:c4:b4:0c:d4:3f:06:ac:
f0:cb:b5:c0:9a:23:56:3f:82:ce:97:07:43:eb:a5:88:a5:2e:
94:28:16:83:5e:dc:13:12:53:c6:32:d1:65:b5:e1:01:d4:85:
b8:62:e6:76:00:9f:a1:a3:03:de:32:d6:bc:5d:a4:62:0a:0a:
19:44:92:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHYm3Wl1HTXmTxjl60PT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOWIwNWEzNWQ0MTA5YTFlNGE4MzRjY2FkYWNkZDJjNmY1
NmIwNWEwHhcNMjMwMTAxMjA1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVkMGU3ZThiM2JlZmRiZTgyZTM5NTEzNzkxMDllZDY3OWQ5ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxufkTwAFeGvTMIpFiNFCOHhjQEO
3duSKCCJ8CJS8ZKmEMHahkknlteHRBx2ex7YwurMM/EgZ7a7PQav1416iXRcvaIx
NqV2qwW58R94+k6s/gGlqP0c+vqmRnpvJ07kkMG2eCD+jmpyh2dK5vc+eSc/5bJb
Bhik7eIBQPad1qlT4Ycy5aQC8kNDSmBdLaJVV/L/OmGsNn3ukHICaIYlg8z4hJ/g
XmwZhhHXiIXCDQBwbdQZpm/DHJrKp7423/etpjUKVnGQsyT20fT6UE64Y+dQ+WnX
BokpnIPaJ2VxK3D30gGRAFssd4p9V/wR8xN0n2ANfcWSixFEkkH6psUKmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItdDn6LO+/b6C45UTeRCe1nnZiHMB8GA1UdIwQY
MBaAFBCbBaNdQQmh5Kg0zK2s3SxvVrBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpzRm8xMUJDYUhrcURUTXJhemRMRzlXc0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9jYWFjMGUtNTI2OC00MjNhLWFmYjAt
NDQ5MTUyZjFkM2I3LzEvaTEwT2Zvczc3OXZvTGpsUk41RUo3V2VkbUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9jYWFjMGUtNTI2OC00MjNhLWFmYjAtNDQ5MTUyZjFkM2I3
LzEvRUpzRm8xMUJDYUhrcURUTXJhemRMRzlXc0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYsoMA0G
CSqGSIb3DQEBCwUAA4IBAQBwk5DlLhCt1WbFiY0dyerr36mnssWPUidT1vyGmO6U
FoLQtOvQFiKbtkxLXWcFEfJQz1J0dLLP0jwcVXeR9m44B8hFHs0TuOLuXgkclAqA
FgFiqV59C+LRf3YuxdGpDUIZ6TIMovyuDf1yQZzb0pq4xu/vFU8APiP0avO5R75D
0XCJkKnit4WpUdg0MFtdaABsKkoq0QqUD7P4lQsLmnYYk77GsEn/gGnm3D6suP6f
Xd2Nbu0vLbyCFzEh7eM2cMS0DNQ/Bqzwy7XAmiNWP4LOlwdD66WIpS6UKBaDXtwT
ElPGMtFlteEB1IW4YuZ2AJ+howPeMta8XaRiCgoZRJJM
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:14 2024 by rpki-client on console-ams.rpki-client.org