Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/du4LyJlCuPX8uHF3SYV-Qa731cg.roa
File: du4LyJlCuPX8uHF3SYV-Qa731cg.roa (raw, json)
Hash identifier: PySCOll40mSkMVA8gtRObOIkiQm47t7zcLth7lrBFrI=
Subject key identifier: 76:EE:0B:C8:99:42:B8:F5:FC:B8:71:77:49:85:7E:41:AE:F7:D5:C8
Certificate issuer: /CN=faa067162e2209dc6c216ba6cfcd8be6d7386179
Certificate serial: 0187FA7FFFAA2ECCC46DEA55209630785D76
Authority key identifier: FA:A0:67:16:2E:22:09:DC:6C:21:6B:A6:CF:CD:8B:E6:D7:38:61:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qBnFi4iCdxsIWumz82L5tc4YXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/du4LyJlCuPX8uHF3SYV-Qa731cg.roa
Signing time: Mon 08 May 2023 08:35:05 +0000
ROA not before: Mon 08 May 2023 08:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 185.214.148.0/22 maxlen: 24
46.182.182.0/23 maxlen: 24
46.182.180.0/23 maxlen: 24
2a04:e1c0:1::/48 maxlen: 64
2a0b:9cc0::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:7f:ff:aa:2e:cc:c4:6d:ea:55:20:96:30:78:5d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa067162e2209dc6c216ba6cfcd8be6d7386179
Validity
Not Before: May 8 08:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76ee0bc89942b8f5fcb8717749857e41aef7d5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e3:4e:d4:92:a3:20:cb:2d:10:79:67:a8:d4:
97:b2:1f:d5:43:c4:de:52:ba:9d:53:2b:16:86:fb:
0b:12:ba:1f:9e:bf:17:df:b9:4d:4a:fc:1b:3b:28:
4e:89:18:56:24:e0:14:ce:22:31:1a:45:b4:bb:ff:
43:53:b5:c0:37:1c:24:62:8d:b7:a7:76:72:b7:ba:
f4:c4:24:09:a5:89:13:f8:c5:10:af:ae:56:8d:b5:
92:08:b6:92:b5:63:c5:98:5d:03:ff:8d:f4:40:13:
5d:ed:c2:ca:c1:20:84:86:02:36:1d:4c:45:9f:d7:
c1:fc:26:51:6a:01:75:28:89:1a:fc:2f:c5:61:fd:
2f:1a:e3:ef:79:7e:36:29:60:4e:00:8e:17:95:a0:
36:59:15:f0:27:eb:0b:d5:8c:ae:93:ca:54:12:69:
01:41:d0:0f:c0:94:8d:27:c5:72:8f:3c:16:c5:7e:
15:e9:fd:5d:b5:29:fd:fc:3c:70:e8:df:2e:96:fb:
30:f5:bb:c4:04:6a:c4:23:d5:f8:53:b6:90:63:5b:
19:06:1c:6c:9d:12:a8:9f:86:7d:db:cb:73:1e:a6:
e3:4f:0a:be:24:86:ca:63:b2:36:7d:fe:37:96:bf:
43:d3:b3:ea:69:02:45:a5:06:01:db:e9:85:e5:0c:
c9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EE:0B:C8:99:42:B8:F5:FC:B8:71:77:49:85:7E:41:AE:F7:D5:C8
X509v3 Authority Key Identifier:
keyid:FA:A0:67:16:2E:22:09:DC:6C:21:6B:A6:CF:CD:8B:E6:D7:38:61:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qBnFi4iCdxsIWumz82L5tc4YXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/du4LyJlCuPX8uHF3SYV-Qa731cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b79a00-ade4-4776-a334-29da87323a2d/1/1-qBnFi4iCdxsIWumz82L5tc4YXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.180.0/22
185.214.148.0/22
IPv6:
2a04:e1c0:1::/48
2a0b:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
71:4d:ef:f5:68:41:50:41:4e:ef:cb:c2:5f:89:c3:21:91:67:
0f:ed:3c:3e:d4:47:18:a6:94:cb:6b:f0:27:e8:70:64:dd:bc:
bd:3b:82:46:81:53:86:e2:81:35:2c:2a:a4:d2:75:84:49:4e:
3b:70:42:b2:04:57:ad:df:70:0e:7d:a8:4a:b0:f2:94:4b:dd:
e3:16:9e:7c:bf:ce:58:95:a2:23:f3:e7:d9:4a:b2:61:e1:cf:
b7:c9:ec:5d:a5:b2:2f:d7:86:3f:a7:85:c5:29:b8:fc:bc:56:
58:6d:5e:45:f9:ef:b9:8b:fe:dd:cc:25:58:89:2b:7a:06:22:
33:d5:1b:e6:15:59:8e:48:00:72:91:18:16:8b:fc:07:5c:55:
54:33:75:87:eb:fd:e4:40:34:2d:5c:95:62:43:7b:5d:91:76:
87:2a:86:f6:6b:79:6c:35:7c:f7:6e:61:e8:09:f9:0e:67:83:
e5:67:11:c2:cd:75:ff:7a:d2:d5:2a:c9:3e:61:59:f0:4a:e6:
12:d3:37:b6:56:97:84:30:76:eb:77:07:f2:5d:ab:7b:ab:b2:
b0:b3:59:71:96:c8:71:59:c8:87:89:cc:e1:dc:39:d4:7e:3d:
9e:39:62:14:45:2f:d4:76:d1:99:64:ee:95:fb:9b:83:13:ac:
57:d5:4d:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYf6f/+qLszEbepVIJYweF12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTA2NzE2MmUyMjA5ZGM2YzIxNmJhNmNmY2Q4YmU2ZDcz
ODYxNzkwHhcNMjMwNTA4MDgzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVlMGJjODk5NDJiOGY1ZmNiODcxNzc0OTg1N2U0MWFlZjdkNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzONO1JKjIMstEHlnqNSXsh/VQ8Te
UrqdUysWhvsLErofnr8X37lNSvwbOyhOiRhWJOAUziIxGkW0u/9DU7XANxwkYo23
p3Zyt7r0xCQJpYkT+MUQr65WjbWSCLaStWPFmF0D/430QBNd7cLKwSCEhgI2HUxF
n9fB/CZRagF1KIka/C/FYf0vGuPveX42KWBOAI4XlaA2WRXwJ+sL1Yyuk8pUEmkB
QdAPwJSNJ8VyjzwWxX4V6f1dtSn9/Dxw6N8ulvsw9bvEBGrEI9X4U7aQY1sZBhxs
nRKon4Z928tzHqbjTwq+JIbKY7I2ff43lr9D07PqaQJFpQYB2+mF5QzJLQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHbuC8iZQrj1/Lhxd0mFfkGu99XIMB8GA1UdIwQY
MBaAFPqgZxYuIgncbCFrps/Ni+bXOGF5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xQm5GaTRpQ2R4c0lXdW16ODJMNXRjNFlYay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvYjc5YTAwLWFkZTQtNDc3Ni1hMzM0
LTI5ZGE4NzMyM2EyZC8xL2R1NEx5SmxDdVBYOHVIRjNTWVYtUWE3MzFjZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWEvYjc5YTAwLWFkZTQtNDc3Ni1hMzM0LTI5ZGE4NzMyM2Ey
ZC8xLzEtcUJuRmk0aUNkeHNJV3VtejgyTDV0YzRZWGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMBIEAgABMAwDBAIutrQD
BAK51pQwFgQCAAIwEAMHACoE4cAAAQMFAyoLnMAwDQYJKoZIhvcNAQELBQADggEB
AHFN7/VoQVBBTu/Lwl+JwyGRZw/tPD7URximlMtr8CfocGTdvL07gkaBU4bigTUs
KqTSdYRJTjtwQrIEV63fcA59qEqw8pRL3eMWnny/zliVoiPz59lKsmHhz7fJ7F2l
si/Xhj+nhcUpuPy8VlhtXkX577mL/t3MJViJK3oGIjPVG+YVWY5IAHKRGBaL/Adc
VVQzdYfr/eRANC1clWJDe12RdocqhvZreWw1fPduYegJ+Q5ng+VnEcLNdf960tUq
yT5hWfBK5hLTN7ZWl4Qwdut3B/Jdq3ursrCzWXGWyHFZyIeJzOHcOdR+PZ45YhRF
L9R20Zlk7pX7m4MTrFfVTec=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:49 2024 by rpki-client on console-fra.rpki-client.org