Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/bex1Oqe6xTaxDJ5LOh-geW1DBjg.roa
File: bex1Oqe6xTaxDJ5LOh-geW1DBjg.roa (raw, json)
Hash identifier: wiBoe0IKYaumBRYpHdvuSm551FDzdeNZ2zE9Hv0VV6E=
Subject key identifier: 6D:EC:75:3A:A7:BA:C5:36:B1:0C:9E:4B:3A:1F:A0:79:6D:43:06:38
Certificate issuer: /CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Certificate serial: 018572E8060481978E7E1A06442128747B87
Authority key identifier: A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/bex1Oqe6xTaxDJ5LOh-geW1DBjg.roa
Signing time: Mon 02 Jan 2023 14:34:46 +0000
ROA not before: Mon 02 Jan 2023 14:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205143
IP address blocks: 185.229.108.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:06:04:81:97:8e:7e:1a:06:44:21:28:74:7b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Validity
Not Before: Jan 2 14:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dec753aa7bac536b10c9e4b3a1fa0796d430638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f3:bc:db:d0:79:54:8d:23:89:fd:06:fc:79:
08:36:ea:e6:64:44:76:07:fa:0c:ff:99:3e:48:de:
4d:d1:2d:1b:54:ac:7d:19:d3:36:93:d2:ad:56:52:
5f:97:dc:df:86:dc:20:59:c1:8e:24:ad:a5:29:2e:
2c:29:40:d7:9b:b5:52:a4:f5:b4:e1:c8:5e:b1:56:
9d:58:db:df:cf:2f:2d:d9:3b:98:13:cd:0a:75:f2:
21:4b:07:33:b6:78:32:0a:52:b1:a3:4f:34:62:be:
2d:08:75:91:33:15:d9:f0:50:f5:30:bf:a6:27:23:
75:6f:56:fb:af:d1:5d:ea:96:9e:c4:7b:cb:9c:22:
55:ab:ad:a4:93:40:95:f9:da:47:ca:f6:98:74:9b:
c3:38:dc:9b:25:d9:cc:64:e8:a4:11:ac:dc:52:9a:
cf:91:f2:71:e1:67:d3:47:fc:9c:07:2c:36:94:29:
46:4a:f3:b6:28:d1:e5:b0:db:b9:1d:98:17:dc:ed:
33:86:f3:e3:64:30:4f:c5:ea:46:ec:c1:9b:fa:d9:
51:e5:88:0a:b2:5e:58:73:e5:2f:cc:65:2a:04:9e:
7d:c2:5b:2f:31:38:56:39:d8:d2:b7:05:34:97:48:
e0:48:67:c3:6c:96:f0:dc:da:a3:4a:39:23:a4:46:
91:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:EC:75:3A:A7:BA:C5:36:B1:0C:9E:4B:3A:1F:A0:79:6D:43:06:38
X509v3 Authority Key Identifier:
keyid:A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/bex1Oqe6xTaxDJ5LOh-geW1DBjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:a2:4c:6c:2a:55:c6:20:e1:d4:7c:da:68:8b:c9:b4:8f:b4:
24:5e:3c:10:d1:3c:30:ac:fe:29:23:5c:ca:66:f8:7f:1c:9f:
40:f3:11:0f:be:3b:d7:2a:0e:6d:4b:3f:05:a8:9d:6e:72:eb:
46:34:9c:b3:b5:32:d4:f2:33:86:ea:0a:d1:ff:c6:b7:30:ef:
c1:a3:1c:99:6a:fe:6e:46:c2:50:77:cf:fe:5b:f5:9b:25:b5:
5b:cc:01:99:08:b8:dd:10:dd:e5:ee:90:64:56:27:bc:73:06:
bb:1e:d5:ff:ed:ed:c7:a1:32:8a:47:8b:ea:66:20:5d:6c:46:
c7:d4:82:22:95:b4:62:65:23:87:1a:ff:52:57:f2:8f:ae:97:
d1:d4:89:bd:e8:e0:37:47:b8:1d:51:5a:2b:b1:d1:1b:04:c8:
01:3d:ef:d8:4d:19:4d:af:64:c8:8b:72:7a:75:b2:a2:0d:a5:
65:ba:15:bc:b4:4d:76:49:dd:08:99:d7:f0:f8:08:a2:70:73:
0a:f1:88:b8:2f:db:f6:b0:c3:15:a8:77:87:34:82:58:f3:a8:
de:10:fc:de:77:5c:d4:df:32:2d:a5:c6:0f:f5:cf:80:db:22:
bb:71:26:18:50:3d:15:23:06:a2:ae:6c:1d:48:ff:08:f7:ec:
12:7e:7a:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy6AYEgZeOfhoGRCEodHuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZWM1N2JjODQ2NGZlYzJlOWExYjA5OGZmY2UzNGMyMWFh
ZjljYTYwHhcNMjMwMTAyMTQzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGVjNzUzYWE3YmFjNTM2YjEwYzllNGIzYTFmYTA3OTZkNDMwNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfO829B5VI0jif0G/HkINurmZER2
B/oM/5k+SN5N0S0bVKx9GdM2k9KtVlJfl9zfhtwgWcGOJK2lKS4sKUDXm7VSpPW0
4chesVadWNvfzy8t2TuYE80KdfIhSwcztngyClKxo080Yr4tCHWRMxXZ8FD1ML+m
JyN1b1b7r9Fd6paexHvLnCJVq62kk0CV+dpHyvaYdJvDONybJdnMZOikEazcUprP
kfJx4WfTR/ycByw2lClGSvO2KNHlsNu5HZgX3O0zhvPjZDBPxepG7MGb+tlR5YgK
sl5Yc+UvzGUqBJ59wlsvMThWOdjStwU0l0jgSGfDbJbw3NqjSjkjpEaRVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3sdTqnusU2sQyeSzofoHltQwY4MB8GA1UdIwQY
MBaAFKnsV7yEZP7C6aGwmP/ONMIar5ymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMt
MTlhM2M1NjQ5YjU3LzEvYmV4MU9xZTZ4VGF4REo1TE9oLWdlVzFEQmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMtMTlhM2M1NjQ5YjU3
LzEvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueVsMA0G
CSqGSIb3DQEBCwUAA4IBAQCjokxsKlXGIOHUfNpoi8m0j7QkXjwQ0TwwrP4pI1zK
Zvh/HJ9A8xEPvjvXKg5tSz8FqJ1ucutGNJyztTLU8jOG6grR/8a3MO/BoxyZav5u
RsJQd8/+W/WbJbVbzAGZCLjdEN3l7pBkVie8cwa7HtX/7e3HoTKKR4vqZiBdbEbH
1IIilbRiZSOHGv9SV/KPrpfR1Im96OA3R7gdUVorsdEbBMgBPe/YTRlNr2TIi3J6
dbKiDaVluhW8tE12Sd0Imdfw+AiicHMK8Yi4L9v2sMMVqHeHNIJY86jeEPzed1zU
3zItpcYP9c+A2yK7cSYYUD0VIwairmwdSP8I9+wSfnoU
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:17 2024 by rpki-client on console-fra.rpki-client.org