Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/eohHJwKPzI3aaaf_Xg6KmbPxguw.roa
File: eohHJwKPzI3aaaf_Xg6KmbPxguw.roa (raw, json)
Hash identifier: cLG7/MsbrGyYNJkPTdkWFdNnPycABIo9sDQkshhL9Aw=
Subject key identifier: 7A:88:47:27:02:8F:CC:8D:DA:69:A7:FF:5E:0E:8A:99:B3:F1:82:EC
Certificate issuer: /CN=5b9b05a93d5f3fcc5a0b0104c1b0f6d24c2cd1f6
Certificate serial: 01856E5D5B7F633477F57681AC49939442E8
Authority key identifier: 5B:9B:05:A9:3D:5F:3F:CC:5A:0B:01:04:C1:B0:F6:D2:4C:2C:D1:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W5sFqT1fP8xaCwEEwbD20kws0fY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/eohHJwKPzI3aaaf_Xg6KmbPxguw.roa
Signing time: Sun 01 Jan 2023 17:24:50 +0000
ROA not before: Sun 01 Jan 2023 17:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9036
IP address blocks: 185.140.128.0/22 maxlen: 24
212.85.128.0/20 maxlen: 24
2001:4b30::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:5b:7f:63:34:77:f5:76:81:ac:49:93:94:42:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b9b05a93d5f3fcc5a0b0104c1b0f6d24c2cd1f6
Validity
Not Before: Jan 1 17:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a884727028fcc8dda69a7ff5e0e8a99b3f182ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:10:96:1f:cd:c4:25:bd:d3:91:95:cf:a1:11:
03:ec:f0:22:15:ac:e0:68:17:7a:88:33:85:0d:d3:
73:27:c8:70:30:6d:d0:b2:78:34:5b:1a:67:38:c2:
0e:39:81:b3:89:f9:a8:bc:c9:7b:ed:aa:d9:c0:a1:
36:e3:b5:4a:68:ec:de:47:59:a8:21:9c:1c:84:23:
13:43:7f:75:1f:fc:01:8e:ae:5f:c7:e5:06:7a:0e:
cb:63:02:db:71:22:68:9d:75:f9:a1:8e:0e:48:d3:
ad:93:0c:e6:64:1e:61:ce:60:04:16:b0:54:f5:1a:
42:1d:48:01:46:61:86:74:06:f2:7a:01:69:6c:d5:
df:a7:cf:15:24:e9:15:fe:d9:aa:e4:d9:ce:aa:d8:
6f:3d:26:6f:e4:59:24:1f:7b:b5:c2:47:e7:9f:63:
84:95:c9:ff:36:10:fc:f1:71:8b:78:51:39:07:ef:
26:3d:68:4d:24:43:dd:01:e7:8d:87:79:e8:fe:72:
64:1a:36:c0:cc:d3:46:48:14:fb:e0:e2:1d:5f:d0:
09:44:6b:02:8f:d8:3e:5a:5e:99:2f:d9:e8:c1:dd:
7e:e0:62:aa:90:5f:fd:a7:38:78:bc:94:bb:bd:6c:
f2:c0:1b:1b:95:cf:8d:a8:e4:66:12:27:0e:02:71:
49:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:88:47:27:02:8F:CC:8D:DA:69:A7:FF:5E:0E:8A:99:B3:F1:82:EC
X509v3 Authority Key Identifier:
keyid:5B:9B:05:A9:3D:5F:3F:CC:5A:0B:01:04:C1:B0:F6:D2:4C:2C:D1:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5sFqT1fP8xaCwEEwbD20kws0fY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/eohHJwKPzI3aaaf_Xg6KmbPxguw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/W5sFqT1fP8xaCwEEwbD20kws0fY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.128.0/22
212.85.128.0/20
IPv6:
2001:4b30::/29
Signature Algorithm: sha256WithRSAEncryption
82:e2:a1:b4:44:86:fc:9e:af:f9:70:40:94:34:85:65:b9:3c:
18:8d:33:32:1a:ff:00:8a:05:b6:1e:02:a0:22:a3:7f:49:75:
82:75:a7:e2:21:af:52:9c:a0:61:be:74:3f:ac:4b:b0:d0:2a:
eb:2f:b6:02:ad:0d:3e:a3:7e:b7:34:3d:5e:35:ed:98:d4:29:
67:fe:be:1a:d4:ba:76:af:5d:05:b4:fb:78:cf:b4:86:b4:29:
eb:1c:a3:1e:ab:fb:19:31:fb:7c:aa:66:cb:b2:fb:06:5a:95:
43:f5:44:05:ff:fe:d8:9a:dd:65:56:71:8f:4a:30:32:42:26:
8e:d6:1e:cb:c9:ce:2e:8f:53:cb:65:fc:56:7c:8f:32:a8:e2:
db:79:92:f3:0a:b6:ea:6b:24:a8:2d:bb:87:27:6a:68:9f:a9:
c1:f2:a5:59:a9:5c:87:b8:a3:29:e9:ba:ee:15:59:ec:d4:0d:
0d:77:47:26:c1:ea:f2:9c:45:1a:5c:ee:09:77:f9:2d:61:3e:
ab:1d:5e:c1:f0:e6:16:c7:73:24:2d:8a:af:58:6e:e7:03:98:
a4:a3:41:52:8d:72:33:f5:a6:cc:5c:dd:84:cf:aa:2f:b0:02:
30:d5:19:d6:0f:2e:c9:d8:dc:c2:bf:e9:cc:3e:18:4f:4f:97:
df:d1:2c:d7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuXVt/YzR39XaBrEmTlELoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOWIwNWE5M2Q1ZjNmY2M1YTBiMDEwNGMxYjBmNmQyNGMy
Y2QxZjYwHhcNMjMwMTAxMTcyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTg4NDcyNzAyOGZjYzhkZGE2OWE3ZmY1ZTBlOGE5OWIzZjE4MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRCWH83EJb3TkZXPoRED7PAiFazg
aBd6iDOFDdNzJ8hwMG3Qsng0WxpnOMIOOYGzifmovMl77arZwKE247VKaOzeR1mo
IZwchCMTQ391H/wBjq5fx+UGeg7LYwLbcSJonXX5oY4OSNOtkwzmZB5hzmAEFrBU
9RpCHUgBRmGGdAbyegFpbNXfp88VJOkV/tmq5NnOqthvPSZv5FkkH3u1wkfnn2OE
lcn/NhD88XGLeFE5B+8mPWhNJEPdAeeNh3no/nJkGjbAzNNGSBT74OIdX9AJRGsC
j9g+Wl6ZL9nowd1+4GKqkF/9pzh4vJS7vWzywBsblc+NqORmEicOAnFJbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHqIRycCj8yN2mmn/14Oipmz8YLsMB8GA1UdIwQY
MBaAFFubBak9Xz/MWgsBBMGw9tJMLNH2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzVzRnFUMWZQOHhhQ3dFRXdiRDIwa3dzMGZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi82MWUxNmEtZGI3OS00ZTA3LWExOWIt
YWU3NjJjYTJhYmQwLzEvZW9oSEp3S1B6STNhYWFmX1hnNkttYlB4Z3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi82MWUxNmEtZGI3OS00ZTA3LWExOWItYWU3NjJjYTJhYmQw
LzEvVzVzRnFUMWZQOHhhQ3dFRXdiRDIwa3dzMGZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYyAAwQE
1FWAMA0EAgACMAcDBQMgAUswMA0GCSqGSIb3DQEBCwUAA4IBAQCC4qG0RIb8nq/5
cECUNIVluTwYjTMyGv8AigW2HgKgIqN/SXWCdafiIa9SnKBhvnQ/rEuw0CrrL7YC
rQ0+o363ND1eNe2Y1Cln/r4a1Lp2r10FtPt4z7SGtCnrHKMeq/sZMft8qmbLsvsG
WpVD9UQF//7Ymt1lVnGPSjAyQiaO1h7Lyc4uj1PLZfxWfI8yqOLbeZLzCrbqaySo
LbuHJ2pon6nB8qVZqVyHuKMp6bruFVns1A0Nd0cmwerynEUaXO4Jd/ktYT6rHV7B
8OYWx3MkLYqvWG7nA5iko0FSjXIz9abMXN2Ez6ovsAIw1RnWDy7J2NzCv+nMPhhP
T5ff0SzX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:28 2024 by rpki-client on console-fra.rpki-client.org