Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/1kPnmwh6jqgwrFkoJuMf_bug548.roa
File: 1kPnmwh6jqgwrFkoJuMf_bug548.roa (raw, json)
Hash identifier: paQMKPgvrntHjnCfCa2YEcADjJl9c2lIm/5hOmLkqpM=
Subject key identifier: D6:43:E7:9B:08:7A:8E:A8:30:AC:59:28:26:E3:1F:FD:BB:A0:E7:8F
Certificate issuer: /CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Certificate serial: 01907D367262FF99C1D12A0875876783B7CB
Authority key identifier: A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/1kPnmwh6jqgwrFkoJuMf_bug548.roa
Signing time: Thu 04 Jul 2024 10:07:18 +0000
ROA not before: Thu 04 Jul 2024 10:07:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205143
IP address blocks: 185.229.108.0/22 maxlen: 32
185.229.111.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jul 2024 08:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:36:72:62:ff:99:c1:d1:2a:08:75:87:67:83:b7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Validity
Not Before: Jul 4 10:07:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d643e79b087a8ea830ac592826e31ffdbba0e78f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:75:8f:32:7a:a4:2d:46:bd:79:9c:38:7f:60:
bd:20:25:e5:d6:16:dd:4b:08:ca:5b:b3:ad:33:e1:
73:15:c7:02:89:a0:05:25:4a:c0:93:f7:78:64:be:
9b:76:4e:5f:ab:d0:54:b9:84:1b:80:85:f4:f4:80:
6a:c6:83:e9:5d:d8:ce:e5:d9:a4:b5:c6:35:93:68:
c3:10:5c:33:0b:62:6c:ce:63:4e:f4:fa:68:87:e0:
cc:77:30:bc:a8:7e:ac:03:1e:25:6d:61:44:e9:c9:
49:a5:fe:8e:2d:84:d6:39:d9:2b:24:2c:87:8d:7e:
54:69:ba:6e:3e:a5:95:ed:5f:43:ab:e4:f1:84:4c:
6f:6b:f4:c5:ef:a0:97:48:bf:74:31:6b:d3:6c:f6:
ff:00:77:4f:02:72:e5:95:d7:1f:39:71:93:03:7c:
19:ef:20:bb:9f:55:a9:04:16:a3:a1:0c:c4:57:b5:
d6:1e:26:54:72:b7:8a:19:9c:37:2f:78:b0:17:27:
c7:a0:b1:7b:07:5b:74:c4:68:25:13:e7:a2:b5:b6:
7d:5e:a8:bc:be:a5:b4:41:de:73:74:51:cf:b1:83:
fe:b5:05:7e:8e:5f:a5:0b:eb:55:41:e6:42:d0:88:
47:0b:d1:f3:23:1c:9d:a1:38:fb:4a:da:fe:6a:39:
c5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:43:E7:9B:08:7A:8E:A8:30:AC:59:28:26:E3:1F:FD:BB:A0:E7:8F
X509v3 Authority Key Identifier:
keyid:A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/1kPnmwh6jqgwrFkoJuMf_bug548.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.108.0/22
Signature Algorithm: sha256WithRSAEncryption
35:bf:7c:f5:53:25:59:0e:0f:b5:b4:20:8a:d5:00:08:08:78:
ce:57:f0:b3:b0:ad:af:eb:fb:1a:73:aa:0f:53:45:3a:37:9b:
0b:ae:c2:95:93:7f:c4:ea:b6:15:5d:1c:ba:c5:2d:2e:89:2d:
f8:b4:2b:f8:b5:9e:cd:a4:1b:79:12:23:31:6e:83:e2:e0:f8:
fc:b8:71:5b:66:e8:f0:d5:86:f3:41:93:05:05:1c:10:91:d6:
ff:62:18:c0:ee:a9:6c:98:37:60:3d:01:85:a0:22:b2:36:a4:
2b:64:91:11:1f:91:f8:2e:e3:06:1c:c8:be:1b:4c:ec:7e:77:
32:c4:aa:c3:fb:31:e4:ff:83:eb:43:35:13:49:b1:99:1a:d7:
18:da:89:55:27:2d:f5:bd:07:1b:9d:b7:ba:33:14:4a:9b:3c:
31:c6:db:ee:69:04:e7:4d:92:25:c5:75:ef:48:2b:06:62:8a:
3e:b0:53:6c:44:46:2c:72:8f:67:cc:64:70:ad:6c:52:6c:e3:
f6:e3:93:26:6d:93:f0:01:8b:a9:12:72:bc:30:01:84:be:e5:
8b:32:5a:ee:ce:78:31:47:21:de:e6:9b:0d:56:68:a8:9a:e5:
3e:b2:34:13:c5:68:17:a5:e8:6c:95:7b:7a:94:d1:72:cf:c2:
ad:a9:e1:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZB9NnJi/5nB0SoIdYdng7fLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZWM1N2JjODQ2NGZlYzJlOWExYjA5OGZmY2UzNGMyMWFh
ZjljYTYwHhcNMjQwNzA0MTAwNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQzZTc5YjA4N2E4ZWE4MzBhYzU5MjgyNmUzMWZmZGJiYTBlNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXWPMnqkLUa9eZw4f2C9ICXl1hbd
SwjKW7OtM+FzFccCiaAFJUrAk/d4ZL6bdk5fq9BUuYQbgIX09IBqxoPpXdjO5dmk
tcY1k2jDEFwzC2JszmNO9Ppoh+DMdzC8qH6sAx4lbWFE6clJpf6OLYTWOdkrJCyH
jX5UabpuPqWV7V9Dq+TxhExva/TF76CXSL90MWvTbPb/AHdPAnLlldcfOXGTA3wZ
7yC7n1WpBBajoQzEV7XWHiZUcreKGZw3L3iwFyfHoLF7B1t0xGglE+eitbZ9Xqi8
vqW0Qd5zdFHPsYP+tQV+jl+lC+tVQeZC0IhHC9HzIxydoTj7Str+ajnFqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZD55sIeo6oMKxZKCbjH/27oOePMB8GA1UdIwQY
MBaAFKnsV7yEZP7C6aGwmP/ONMIar5ymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMt
MTlhM2M1NjQ5YjU3LzEvMWtQbm13aDZqcWd3ckZrb0p1TWZfYnVnNTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMtMTlhM2M1NjQ5YjU3
LzEvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueVsMA0G
CSqGSIb3DQEBCwUAA4IBAQA1v3z1UyVZDg+1tCCK1QAICHjOV/CzsK2v6/sac6oP
U0U6N5sLrsKVk3/E6rYVXRy6xS0uiS34tCv4tZ7NpBt5EiMxboPi4Pj8uHFbZujw
1YbzQZMFBRwQkdb/YhjA7qlsmDdgPQGFoCKyNqQrZJERH5H4LuMGHMi+G0zsfncy
xKrD+zHk/4PrQzUTSbGZGtcY2olVJy31vQcbnbe6MxRKmzwxxtvuaQTnTZIlxXXv
SCsGYoo+sFNsREYsco9nzGRwrWxSbOP245MmbZPwAYupEnK8MAGEvuWLMlruzngx
RyHe5psNVmiomuU+sjQTxWgXpehslXt6lNFyz8KtqeGh
-----END CERTIFICATE-----
Generated at Fri Jul 5 10:30:55 2024 by rpki-client on console-ams.rpki-client.org