Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/C02EefB6UTjndzTaqy3w6C7Oj_Y.roa
File: C02EefB6UTjndzTaqy3w6C7Oj_Y.roa (raw, json)
Hash identifier: 4rqUhf9QII/VaTcg2uwsjrJZmvlONqsZJlQSMY6+xlg=
Subject key identifier: 0B:4D:84:79:F0:7A:51:38:E7:77:34:DA:AB:2D:F0:E8:2E:CE:8F:F6
Certificate issuer: /CN=cb2d9ff86e363db34d0556ec16451f2f7f303d24
Certificate serial: 01856D53D3B1D281344F2A44C02170F5AA53
Authority key identifier: CB:2D:9F:F8:6E:36:3D:B3:4D:05:56:EC:16:45:1F:2F:7F:30:3D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yy2f-G42PbNNBVbsFkUfL38wPSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/C02EefB6UTjndzTaqy3w6C7Oj_Y.roa
Signing time: Sun 01 Jan 2023 12:34:48 +0000
ROA not before: Sun 01 Jan 2023 12:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 185.74.120.0/22 maxlen: 22
5.153.112.0/20 maxlen: 20
2a00:d3a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:d3:b1:d2:81:34:4f:2a:44:c0:21:70:f5:aa:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb2d9ff86e363db34d0556ec16451f2f7f303d24
Validity
Not Before: Jan 1 12:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b4d8479f07a5138e77734daab2df0e82ece8ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:85:6a:77:9a:66:10:5b:00:e0:a8:0c:b5:01:
04:51:2c:8b:50:53:9b:c4:db:ea:cc:d1:0c:5f:99:
61:93:96:19:89:33:b0:88:7c:e7:00:73:cf:98:04:
dd:3b:07:fc:70:3b:17:8d:76:23:41:9d:c4:08:cc:
9b:88:80:33:a7:80:8f:de:a5:85:c0:ae:30:81:a9:
45:b2:1b:7a:3e:03:f1:20:31:3c:65:56:66:66:7c:
a4:f7:38:73:29:99:e4:cd:9b:28:be:56:a3:de:7b:
6b:fe:51:83:51:56:f0:9e:a9:7e:33:03:ba:81:e6:
44:44:63:af:95:69:e2:ca:f8:69:c5:dd:0e:b9:29:
fc:2e:93:47:30:67:57:26:e1:39:fd:07:a5:ab:01:
39:5e:55:5b:89:da:9a:05:42:13:d4:ee:33:f5:42:
59:c4:fe:c8:c6:9e:37:e8:12:b7:0c:df:06:4e:27:
b7:e8:bc:2a:ec:96:20:b5:ed:d0:41:c1:da:f6:09:
4e:79:52:6d:3a:5b:73:b3:6f:ef:bd:9c:79:ec:7d:
4c:3f:ae:e9:5a:97:f3:51:a6:dd:4c:ad:70:85:2a:
9b:ca:7c:26:2e:5e:af:a7:06:79:32:e2:36:36:24:
22:a5:39:ed:99:72:95:b2:c1:c6:3f:8c:f5:f2:03:
55:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4D:84:79:F0:7A:51:38:E7:77:34:DA:AB:2D:F0:E8:2E:CE:8F:F6
X509v3 Authority Key Identifier:
keyid:CB:2D:9F:F8:6E:36:3D:B3:4D:05:56:EC:16:45:1F:2F:7F:30:3D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yy2f-G42PbNNBVbsFkUfL38wPSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/C02EefB6UTjndzTaqy3w6C7Oj_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/yy2f-G42PbNNBVbsFkUfL38wPSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.112.0/20
185.74.120.0/22
IPv6:
2a00:d3a0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:07:cc:ce:04:72:cc:78:c9:37:4c:11:28:2b:ff:d8:62:27:
87:90:69:1f:14:7f:f2:cc:84:ca:96:a1:77:84:f9:8f:57:fb:
ca:eb:f0:b3:2c:02:3f:a5:42:7a:4b:e2:dc:59:64:17:22:1e:
23:03:1b:de:6e:fd:36:10:b9:fc:c9:08:92:1c:d3:5c:cc:4e:
23:4d:6a:46:5f:08:73:68:c8:a8:ed:a5:6e:a7:a6:dd:7a:82:
3d:41:e4:d2:ff:bf:ec:e0:af:09:4b:24:63:59:a5:c8:e9:aa:
95:c7:b4:47:16:85:11:f0:7e:21:dd:10:41:bb:d0:07:8b:95:
35:5e:68:fe:53:1f:60:eb:42:6a:a0:b6:a2:53:78:34:1a:7c:
8e:a9:da:9e:4f:8f:8e:9d:bd:ca:e2:95:48:d8:f8:50:d9:9e:
41:e9:8d:01:28:d4:d0:55:31:43:21:79:5b:8b:03:63:83:03:
fe:b5:15:9b:c4:f7:5d:83:49:ed:3a:2b:eb:eb:5c:71:67:d3:
f0:ec:11:dc:6b:c7:b7:03:66:05:cf:32:9d:62:49:e1:72:b6:
0c:6e:79:15:41:c2:65:dc:58:95:d7:46:c8:d4:cf:a1:54:4d:
83:00:3c:6a:74:07:0c:e6:b3:d1:57:fe:e8:89:49:d8:b4:df:
53:d9:e1:53
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtU9Ox0oE0TypEwCFw9apTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMmQ5ZmY4NmUzNjNkYjM0ZDA1NTZlYzE2NDUxZjJmN2Yz
MDNkMjQwHhcNMjMwMTAxMTIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjRkODQ3OWYwN2E1MTM4ZTc3NzM0ZGFhYjJkZjBlODJlY2U4ZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4Vqd5pmEFsA4KgMtQEEUSyLUFOb
xNvqzNEMX5lhk5YZiTOwiHznAHPPmATdOwf8cDsXjXYjQZ3ECMybiIAzp4CP3qWF
wK4wgalFsht6PgPxIDE8ZVZmZnyk9zhzKZnkzZsovlaj3ntr/lGDUVbwnql+MwO6
geZERGOvlWniyvhpxd0OuSn8LpNHMGdXJuE5/QelqwE5XlVbidqaBUIT1O4z9UJZ
xP7Ixp436BK3DN8GTie36Lwq7JYgte3QQcHa9glOeVJtOltzs2/vvZx57H1MP67p
WpfzUabdTK1whSqbynwmLl6vpwZ5MuI2NiQipTntmXKVssHGP4z18gNVKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAtNhHnwelE453c02qst8Oguzo/2MB8GA1UdIwQY
MBaAFMstn/huNj2zTQVW7BZFHy9/MD0kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXkyZi1HNDJQYk5OQlZic0ZrVWZMMzh3UFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMWFmNWItMDg5ZS00Y2JlLWJiZTkt
NDI1ZWU5NjhkZjBiLzEvQzAyRWVmQjZVVGpuZHpUYXF5M3c2QzdPal9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMWFmNWItMDg5ZS00Y2JlLWJiZTktNDI1ZWU5NjhkZjBi
LzEveXkyZi1HNDJQYk5OQlZic0ZrVWZMMzh3UFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEBZlwAwQC
uUp4MA0EAgACMAcDBQMqANOgMA0GCSqGSIb3DQEBCwUAA4IBAQBsB8zOBHLMeMk3
TBEoK//YYieHkGkfFH/yzITKlqF3hPmPV/vK6/CzLAI/pUJ6S+LcWWQXIh4jAxve
bv02ELn8yQiSHNNczE4jTWpGXwhzaMio7aVup6bdeoI9QeTS/7/s4K8JSyRjWaXI
6aqVx7RHFoUR8H4h3RBBu9AHi5U1Xmj+Ux9g60JqoLaiU3g0GnyOqdqeT4+Onb3K
4pVI2PhQ2Z5B6Y0BKNTQVTFDIXlbiwNjgwP+tRWbxPddg0ntOivr61xxZ9Pw7BHc
a8e3A2YFzzKdYknhcrYMbnkVQcJl3FiV10bI1M+hVE2DADxqdAcM5rPRV/7oiUnY
tN9T2eFT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:43 2024 by rpki-client on console-fra.rpki-client.org