Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/eJIDAWG-fXrXPbUBIG8zPxLOwsQ.roa
File: eJIDAWG-fXrXPbUBIG8zPxLOwsQ.roa (raw, json)
Hash identifier: 2mlbS/PN4eWPH/xmq40D9CtlKXSk1TzRr1hyTpq/N8Q=
Subject key identifier: 78:92:03:01:61:BE:7D:7A:D7:3D:B5:01:20:6F:33:3F:12:CE:C2:C4
Certificate issuer: /CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Certificate serial: 01856FF0451383E5DDE4143312D82195DA2C
Authority key identifier: 85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/eJIDAWG-fXrXPbUBIG8zPxLOwsQ.roa
Signing time: Mon 02 Jan 2023 00:44:55 +0000
ROA not before: Mon 02 Jan 2023 00:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203505
IP address blocks: 185.146.225.0/24 maxlen: 24
185.146.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:45:13:83:e5:dd:e4:14:33:12:d8:21:95:da:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Validity
Not Before: Jan 2 00:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7892030161be7d7ad73db501206f333f12cec2c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:de:9a:4d:0a:a8:6e:89:37:76:4c:30:47:52:
06:21:d8:3e:7b:4c:2d:58:8a:db:ad:05:f2:aa:da:
3c:60:7f:8a:19:e4:81:87:43:02:12:67:0b:e9:a0:
d7:38:d9:2a:98:2f:ef:59:63:e4:1b:47:c5:a1:7c:
c0:e2:2f:be:97:c0:11:21:f1:b5:91:f5:13:12:1a:
e0:92:e8:fb:0f:f5:4b:a5:ef:f0:1e:9b:d5:d6:69:
ea:0a:f3:b2:72:35:be:0e:d0:7a:b6:02:1b:e1:6e:
58:0a:ca:14:a4:b7:f5:a4:fe:11:fe:2c:5d:a7:5c:
0a:0b:2e:e6:f8:44:56:36:10:32:fe:3f:3f:d6:e6:
3b:e3:be:2f:59:13:0e:0c:df:39:3d:d0:25:4b:7d:
7a:09:33:ca:d7:c9:9f:49:83:65:b2:00:51:70:c4:
4c:a7:4d:bc:c4:6a:8a:7a:ac:32:44:ae:5b:38:e3:
28:f2:dc:d2:a2:0c:ec:a8:75:0b:b2:d7:95:ad:57:
04:39:d6:79:30:51:26:70:03:ad:0f:b0:c3:c4:a8:
49:94:bf:40:a7:3e:5b:71:a9:4e:1b:e8:50:4f:bd:
42:ab:bd:2c:1f:e6:a6:0d:5d:24:4d:57:af:51:56:
ad:f0:05:49:84:32:01:2d:b0:92:26:d8:2d:a9:bc:
34:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:92:03:01:61:BE:7D:7A:D7:3D:B5:01:20:6F:33:3F:12:CE:C2:C4
X509v3 Authority Key Identifier:
keyid:85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/eJIDAWG-fXrXPbUBIG8zPxLOwsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/hfTuFPbTinzwcSed_3s5FwLjcTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.224.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:df:0f:ff:e4:dd:5f:b0:92:c3:36:8e:56:e3:fc:c0:7e:c6:
bb:b6:7a:f5:d9:d5:a4:b5:7d:26:84:b8:05:35:48:51:54:aa:
d3:a3:0b:bc:e6:82:cf:18:40:31:79:0a:5d:7e:30:d0:52:80:
9f:80:73:ac:ee:10:99:f2:76:5f:81:87:e5:8a:23:aa:ef:64:
cb:08:d2:db:bb:e8:fc:26:89:df:39:09:83:80:2c:28:7c:a4:
47:09:9e:1f:7a:29:ab:b3:8e:c5:2c:fb:3b:4d:20:03:4a:c3:
1c:17:b7:c4:e4:ce:08:32:99:c7:ea:67:56:f3:0d:e4:fd:b6:
29:ba:c8:99:6b:c3:37:8f:cb:91:ce:d1:4b:7b:5f:ce:c7:61:
ba:1e:3f:a8:79:df:21:4c:fd:ea:be:9c:c1:4e:38:75:01:c8:
15:c4:89:25:b2:5a:7f:44:8f:75:0c:2d:f1:af:3c:b4:2b:4d:
7a:de:0b:1c:58:66:b7:b7:cd:59:b0:9b:a0:a8:d5:08:57:5e:
b1:04:1a:14:0d:08:3a:83:6c:43:be:88:16:92:31:a5:f4:c1:
24:1c:44:76:b5:c1:f5:9e:3b:dc:f5:d4:4b:53:e9:56:12:f9:
8c:2f:ae:2d:cc:04:e9:6f:61:34:dd:c2:f6:57:13:26:14:8f:
e6:5e:7a:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8EUTg+Xd5BQzEtghldosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZjRlZTE0ZjZkMzhhN2NmMDcxMjc5ZGZmN2IzOTE3MDJl
MzcxMzUwHhcNMjMwMTAyMDA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODkyMDMwMTYxYmU3ZDdhZDczZGI1MDEyMDZmMzMzZjEyY2VjMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN6aTQqobok3dkwwR1IGIdg+e0wt
WIrbrQXyqto8YH+KGeSBh0MCEmcL6aDXONkqmC/vWWPkG0fFoXzA4i++l8ARIfG1
kfUTEhrgkuj7D/VLpe/wHpvV1mnqCvOycjW+DtB6tgIb4W5YCsoUpLf1pP4R/ixd
p1wKCy7m+ERWNhAy/j8/1uY7474vWRMODN85PdAlS316CTPK18mfSYNlsgBRcMRM
p028xGqKeqwyRK5bOOMo8tzSogzsqHULsteVrVcEOdZ5MFEmcAOtD7DDxKhJlL9A
pz5bcalOG+hQT71Cq70sH+amDV0kTVevUVat8AVJhDIBLbCSJtgtqbw0bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHiSAwFhvn161z21ASBvMz8SzsLEMB8GA1UdIwQY
MBaAFIX07hT204p88HEnnf97ORcC43E1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUt
YmZkOTVhOWE2ZTY0LzEvZUpJREFXRy1mWHJYUGJVQklHOHpQeExPd3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUtYmZkOTVhOWE2ZTY0
LzEvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZLgMA0G
CSqGSIb3DQEBCwUAA4IBAQAM3w//5N1fsJLDNo5W4/zAfsa7tnr12dWktX0mhLgF
NUhRVKrTowu85oLPGEAxeQpdfjDQUoCfgHOs7hCZ8nZfgYfliiOq72TLCNLbu+j8
JonfOQmDgCwofKRHCZ4feimrs47FLPs7TSADSsMcF7fE5M4IMpnH6mdW8w3k/bYp
usiZa8M3j8uRztFLe1/Ox2G6Hj+oed8hTP3qvpzBTjh1AcgVxIklslp/RI91DC3x
rzy0K0163gscWGa3t81ZsJugqNUIV16xBBoUDQg6g2xDvogWkjGl9MEkHER2tcH1
njvc9dRLU+lWEvmML64tzATpb2E03cL2VxMmFI/mXnoK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:03 2024 by rpki-client on console-fra.rpki-client.org