Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/CXQ1ob-wUkYCzRpA0hBHVCsT4fU.roa
File: CXQ1ob-wUkYCzRpA0hBHVCsT4fU.roa (raw, json)
Hash identifier: ldkwAMJIAwqicI/Y95BpYwaiLOQbvyS4fkeBEtMporE=
Subject key identifier: 09:74:35:A1:BF:B0:52:46:02:CD:1A:40:D2:10:47:54:2B:13:E1:F5
Certificate issuer: /CN=75905949e963d3577be076326ca0b91ff32f9684
Certificate serial: 018AB6955FF5CAF2623CB2DDBE18ADDA366F
Authority key identifier: 75:90:59:49:E9:63:D3:57:7B:E0:76:32:6C:A0:B9:1F:F3:2F:96:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/CXQ1ob-wUkYCzRpA0hBHVCsT4fU.roa
Signing time: Thu 21 Sep 2023 07:12:37 +0000
ROA not before: Thu 21 Sep 2023 07:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.229.147.0/24 maxlen: 24
185.229.146.0/24 maxlen: 24
2a0d:d600::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:95:5f:f5:ca:f2:62:3c:b2:dd:be:18:ad:da:36:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75905949e963d3577be076326ca0b91ff32f9684
Validity
Not Before: Sep 21 07:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=097435a1bfb0524602cd1a40d21047542b13e1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bb:88:b1:21:cc:7f:e3:72:74:f5:3e:85:09:
10:73:ab:3c:1e:a1:af:fd:a7:75:83:e2:52:a9:db:
6b:17:4a:07:c5:87:99:82:50:4b:f4:d0:72:df:44:
9b:8c:da:b5:05:20:ba:63:5a:46:a5:b6:7f:e8:a8:
e0:17:aa:5d:45:53:3e:80:18:43:9a:ce:92:9a:3e:
e6:f2:a5:33:3e:40:e6:86:0a:ca:f7:68:c3:2b:f1:
f5:0b:8f:99:9d:b4:40:77:75:b4:ae:bd:02:e8:f0:
f8:2e:f6:8f:d1:9c:30:18:88:80:a3:71:5d:78:1e:
22:1b:3c:cb:b4:fc:51:01:5e:fb:71:81:c0:dc:17:
05:14:33:b8:85:12:48:4f:8c:e5:e9:61:48:4a:e6:
6f:ff:39:ce:26:0c:ee:fd:05:45:2b:47:31:72:ee:
72:93:b9:75:1d:44:ef:ba:a8:3b:e7:ce:01:d5:29:
d9:c3:f5:c6:d1:99:11:cf:a5:fd:78:5b:aa:01:2e:
37:5c:a7:75:6f:40:70:c8:30:b1:96:d2:32:ec:3e:
6e:a4:aa:3d:26:c8:9b:29:8c:83:4d:9e:da:87:69:
06:29:42:9b:b4:a7:63:73:a3:6e:8e:fb:88:25:1d:
57:3e:7a:b5:02:e0:33:f8:a9:d7:2b:0b:c0:45:61:
6e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:74:35:A1:BF:B0:52:46:02:CD:1A:40:D2:10:47:54:2B:13:E1:F5
X509v3 Authority Key Identifier:
keyid:75:90:59:49:E9:63:D3:57:7B:E0:76:32:6C:A0:B9:1F:F3:2F:96:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/CXQ1ob-wUkYCzRpA0hBHVCsT4fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/dZBZSelj01d74HYybKC5H_MvloQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.146.0/23
IPv6:
2a0d:d600::/32
Signature Algorithm: sha256WithRSAEncryption
21:b9:13:02:51:9a:5d:f1:87:c5:a2:56:18:54:79:0d:01:a0:
99:69:19:d9:71:b5:d4:a5:e4:6a:09:5c:c6:5c:29:95:4c:64:
1b:85:78:6e:91:a4:c1:b1:44:e7:cb:9f:79:0e:39:62:54:86:
df:ed:9a:5e:04:09:5e:99:9c:28:d6:e8:e7:44:e5:cb:0a:9f:
ba:40:58:44:0b:9a:0e:0d:21:bd:cb:57:45:52:c3:cc:09:32:
08:43:83:ac:b0:58:0f:3b:08:08:2f:e3:28:26:5b:49:9f:15:
e2:1d:8d:d5:e4:b6:84:e6:b9:8f:cb:79:20:a7:bf:21:cb:b7:
69:eb:de:e1:4f:15:0c:47:9c:7e:ff:06:c9:e3:1f:76:65:72:
b3:88:b5:14:3b:2b:14:6a:ae:03:04:6d:cf:5e:30:c6:2f:a8:
70:fd:97:a9:ec:c0:37:67:67:0e:eb:3f:9c:49:87:03:9f:e8:
3c:c1:ae:bf:96:a5:af:44:68:3c:97:b7:23:ff:cf:52:5f:e1:
78:14:70:21:27:20:c1:2a:7a:c1:4d:0c:ca:5f:ad:84:3a:5a:
14:87:2d:7e:c0:2d:0e:be:c3:ab:00:27:90:fc:0f:fe:23:a6:
55:e9:49:31:53:64:34:3a:69:3d:5e:08:db:bb:29:6e:c9:26:
61:c3:32:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYq2lV/1yvJiPLLdvhit2jZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OTA1OTQ5ZTk2M2QzNTc3YmUwNzYzMjZjYTBiOTFmZjMy
Zjk2ODQwHhcNMjMwOTIxMDcxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc0MzVhMWJmYjA1MjQ2MDJjZDFhNDBkMjEwNDc1NDJiMTNlMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLuIsSHMf+NydPU+hQkQc6s8HqGv
/ad1g+JSqdtrF0oHxYeZglBL9NBy30SbjNq1BSC6Y1pGpbZ/6KjgF6pdRVM+gBhD
ms6Smj7m8qUzPkDmhgrK92jDK/H1C4+ZnbRAd3W0rr0C6PD4LvaP0ZwwGIiAo3Fd
eB4iGzzLtPxRAV77cYHA3BcFFDO4hRJIT4zl6WFISuZv/znOJgzu/QVFK0cxcu5y
k7l1HUTvuqg7584B1SnZw/XG0ZkRz6X9eFuqAS43XKd1b0BwyDCxltIy7D5upKo9
JsibKYyDTZ7ah2kGKUKbtKdjc6NujvuIJR1XPnq1AuAz+KnXKwvARWFuPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAl0NaG/sFJGAs0aQNIQR1QrE+H1MB8GA1UdIwQY
MBaAFHWQWUnpY9NXe+B2MmyguR/zL5aEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFpCWlNlbGowMWQ3NEhZeWJLQzVIX012bG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kNjFmNzMtYWMwYi00NWJjLWE1YTQt
MWE4MzAxYjdlNmRlLzEvQ1hRMW9iLXdVa1lDelJwQTBoQkhWQ3NUNGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kNjFmNzMtYWMwYi00NWJjLWE1YTQtMWE4MzAxYjdlNmRl
LzEvZFpCWlNlbGowMWQ3NEhZeWJLQzVIX012bG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBueWSMA0E
AgACMAcDBQAqDdYAMA0GCSqGSIb3DQEBCwUAA4IBAQAhuRMCUZpd8YfFolYYVHkN
AaCZaRnZcbXUpeRqCVzGXCmVTGQbhXhukaTBsUTny595DjliVIbf7ZpeBAlemZwo
1ujnROXLCp+6QFhEC5oODSG9y1dFUsPMCTIIQ4OssFgPOwgIL+MoJltJnxXiHY3V
5LaE5rmPy3kgp78hy7dp697hTxUMR5x+/wbJ4x92ZXKziLUUOysUaq4DBG3PXjDG
L6hw/Zep7MA3Z2cO6z+cSYcDn+g8wa6/lqWvRGg8l7cj/89SX+F4FHAhJyDBKnrB
TQzKX62EOloUhy1+wC0OvsOrACeQ/A/+I6ZV6UkxU2Q0Omk9XgjbuyluySZhwzJH
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:12 2024 by rpki-client on console-fra.rpki-client.org