Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/1-p7jwRpgQKBess9OTEGKb-1tXGc.roa
File: 1-p7jwRpgQKBess9OTEGKb-1tXGc.roa (raw, json)
Hash identifier: QZPxnVILHF21b5sacWPznl7HvdgsigVedvLMnvgQEgA=
Subject key identifier: FA:9E:E3:C1:1A:60:40:A0:5E:B2:CF:4E:4C:41:8A:6F:ED:6D:5C:67
Certificate issuer: /CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Certificate serial: 01856D0AA06C077F12CAA0A0F9B39FD27AFA
Authority key identifier: 73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/1-p7jwRpgQKBess9OTEGKb-1tXGc.roa
Signing time: Sun 01 Jan 2023 11:14:51 +0000
ROA not before: Sun 01 Jan 2023 11:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202991
IP address blocks: 185.178.240.0/22 maxlen: 22
185.148.84.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:a0:6c:07:7f:12:ca:a0:a0:f9:b3:9f:d2:7a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Validity
Not Before: Jan 1 11:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa9ee3c11a6040a05eb2cf4e4c418a6fed6d5c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8c:e1:0f:07:8b:2d:59:6d:25:f4:6f:ee:15:
97:63:29:7c:35:64:df:0d:16:52:50:77:a9:d6:d6:
37:64:c2:15:ff:1d:44:62:b2:e0:37:6d:8e:9b:7f:
db:08:eb:19:a5:13:80:02:17:be:ba:da:9c:a8:e5:
dd:ed:09:23:0b:5f:b9:80:28:5c:19:c9:ff:37:33:
52:71:2b:e3:06:af:91:3e:6b:1f:10:19:2f:59:a9:
60:bd:b2:41:ef:52:49:d0:b3:6a:f1:07:a6:c7:29:
42:ce:60:e4:1d:dd:ff:6a:fe:da:3b:4d:ef:ec:04:
e6:64:ae:e8:7c:71:db:62:0b:cd:5a:a2:14:4e:cf:
03:9d:27:88:6f:8a:91:11:af:45:ff:4b:a0:5f:f1:
2d:21:16:fd:63:7c:1d:97:2e:fe:3e:f5:bc:cc:97:
58:53:42:7f:0c:77:d4:35:58:78:91:3f:b1:61:ca:
6f:72:81:8f:d2:53:b1:4f:f9:da:80:79:d0:c1:39:
1f:95:9c:50:40:e2:11:f1:6c:d1:25:b6:8a:fe:29:
0a:84:37:77:f1:45:c7:78:a2:51:8f:10:ea:a4:49:
ac:3a:a2:61:f2:13:4f:9f:aa:70:d6:15:a6:c6:be:
de:80:4c:bb:4f:23:3c:5a:34:25:c8:ca:eb:f1:34:
48:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9E:E3:C1:1A:60:40:A0:5E:B2:CF:4E:4C:41:8A:6F:ED:6D:5C:67
X509v3 Authority Key Identifier:
keyid:73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/1-p7jwRpgQKBess9OTEGKb-1tXGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/cwLNwp_coJ6aDz99IRPahafh1lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.84.0/22
185.178.240.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:61:98:c2:ef:d4:39:9b:16:d8:5a:e4:3e:28:35:21:45:77:
8e:1d:f6:00:49:3d:59:ec:97:ac:09:f1:6f:06:14:43:0e:33:
c5:2c:d2:a0:94:86:f9:2e:12:bc:8a:8b:d9:20:74:85:0f:29:
64:18:ec:14:73:01:c3:19:2d:55:88:39:3a:8f:04:38:d4:80:
44:41:0f:c3:6f:5e:4a:59:25:ab:c3:1b:d5:3d:2c:20:25:37:
42:27:f7:eb:55:5d:b8:d6:ea:a0:1f:bd:6e:89:2c:c8:73:80:
f9:b8:c9:65:13:1e:03:44:50:cb:ad:29:04:3e:1b:ed:12:9b:
56:ab:38:ee:94:41:66:15:a8:1c:44:bc:8e:c4:30:49:13:39:
60:e2:1c:e4:98:96:0b:09:a3:f3:7a:44:f1:d9:f7:07:2d:05:
27:4e:7e:d0:d9:2a:3f:3b:3f:d4:ea:bc:c1:be:ef:b3:a0:2b:
54:2d:cd:88:22:ef:30:ab:eb:50:88:87:9f:95:9c:b0:86:77:
90:65:c7:f2:21:c6:ca:04:d8:85:1a:c7:a7:0c:ac:63:9d:02:
c7:00:d3:ad:94:58:26:d8:01:1a:f4:6b:c2:9e:5e:3a:8a:b0:
1a:83:51:64:f6:60:7c:01:a1:2b:31:eb:96:e4:97:6c:e2:7b:
0f:e0:47:69
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVtCqBsB38SyqCg+bOf0nr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDJjZGMyOWZkY2EwOWU5YTBmM2Y3ZDIxMTNkYTg1YTdl
MWQ2NTQwHhcNMjMwMTAxMTExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTllZTNjMTFhNjA0MGEwNWViMmNmNGU0YzQxOGE2ZmVkNmQ1YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmozhDweLLVltJfRv7hWXYyl8NWTf
DRZSUHep1tY3ZMIV/x1EYrLgN22Om3/bCOsZpROAAhe+utqcqOXd7QkjC1+5gChc
Gcn/NzNScSvjBq+RPmsfEBkvWalgvbJB71JJ0LNq8QemxylCzmDkHd3/av7aO03v
7ATmZK7ofHHbYgvNWqIUTs8DnSeIb4qREa9F/0ugX/EtIRb9Y3wdly7+PvW8zJdY
U0J/DHfUNVh4kT+xYcpvcoGP0lOxT/nagHnQwTkflZxQQOIR8WzRJbaK/ikKhDd3
8UXHeKJRjxDqpEmsOqJh8hNPn6pw1hWmxr7egEy7TyM8WjQlyMrr8TRIiwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqe48EaYECgXrLPTkxBim/tbVxnMB8GA1UdIwQY
MBaAFHMCzcKf3KCemg8/fSET2oWn4dZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjIt
ZmUwMzMzZWQwMDVmLzEvMS1wN2p3UnBnUUtCZXNzOU9URUdLYi0xdFhHYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvNzcyMTdkLTgxNGItNDg2YS04ZWYyLWZlMDMzM2VkMDA1
Zi8xL2N3TE53cF9jb0o2YUR6OTlJUlBhaGFmaDFsUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArmUVAME
Army8DANBgkqhkiG9w0BAQsFAAOCAQEATmGYwu/UOZsW2FrkPig1IUV3jh32AEk9
WeyXrAnxbwYUQw4zxSzSoJSG+S4SvIqL2SB0hQ8pZBjsFHMBwxktVYg5Oo8EONSA
REEPw29eSlklq8Mb1T0sICU3Qif361VduNbqoB+9boksyHOA+bjJZRMeA0RQy60p
BD4b7RKbVqs47pRBZhWoHES8jsQwSRM5YOIc5JiWCwmj83pE8dn3By0FJ05+0Nkq
Pzs/1Oq8wb7vs6ArVC3NiCLvMKvrUIiHn5WcsIZ3kGXH8iHGygTYhRrHpwysY50C
xwDTrZRYJtgBGvRrwp5eOoqwGoNRZPZgfAGhKzHrluSXbOJ7D+BHaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:10 2024 by rpki-client on console-fra.rpki-client.org