Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9445a9-3f7f-4f4a-80b8-5b910157271b/1/xF8Gc1TGc4dIeJ0_S82kO1LCd7w.roa
File: xF8Gc1TGc4dIeJ0_S82kO1LCd7w.roa (raw, json)
Hash identifier: gBKU/WzdUTt0ebF/6lFoxq4RQos2WKu7u5tfwYXFb7o=
Subject key identifier: C4:5F:06:73:54:C6:73:87:48:78:9D:3F:4B:CD:A4:3B:52:C2:77:BC
Certificate issuer: /CN=0d1e3fd5040bb9fb9126e5119e5ff7c074da5bbc
Certificate serial: 01856FDDC6400B65966614F03AD1BCE096D4
Authority key identifier: 0D:1E:3F:D5:04:0B:B9:FB:91:26:E5:11:9E:5F:F7:C0:74:DA:5B:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DR4_1QQLufuRJuURnl_3wHTaW7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/9445a9-3f7f-4f4a-80b8-5b910157271b/1/xF8Gc1TGc4dIeJ0_S82kO1LCd7w.roa
Signing time: Mon 02 Jan 2023 00:24:43 +0000
ROA not before: Mon 02 Jan 2023 00:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203081
IP address blocks: 185.145.4.0/22 maxlen: 22
2a07:44c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:c6:40:0b:65:96:66:14:f0:3a:d1:bc:e0:96:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d1e3fd5040bb9fb9126e5119e5ff7c074da5bbc
Validity
Not Before: Jan 2 00:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c45f067354c6738748789d3f4bcda43b52c277bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:40:bb:ce:a1:fb:55:c8:31:5e:02:f9:a0:c2:
26:07:2e:5e:99:42:22:e7:80:66:ee:fe:ec:4b:db:
c9:48:fe:ea:1f:b3:2f:c2:e1:13:96:da:34:8b:49:
9f:c9:df:68:47:f6:93:7f:e8:ef:44:8d:cb:68:28:
0b:7c:f3:bb:d1:3b:95:88:66:8a:2c:ad:f2:f7:ac:
84:1b:9f:48:08:b6:20:96:51:15:29:30:88:77:f7:
4c:61:39:9c:af:ac:80:f7:b2:63:50:ae:6b:e3:81:
4f:e3:cf:df:65:f8:78:c3:0f:eb:1f:ee:15:09:03:
db:91:3e:4b:56:f3:74:d8:28:fb:05:15:b3:b5:46:
d4:be:9b:d0:bb:c1:61:77:43:38:12:2a:62:da:3c:
2a:f6:b0:a5:7c:e5:9c:49:08:53:2c:cf:0b:6d:fa:
24:93:8c:61:08:c6:b9:15:64:c8:70:8f:b9:44:42:
03:92:8b:43:28:29:6a:5b:78:cf:62:3d:04:61:e7:
bd:59:6c:88:11:cc:de:9a:08:c0:c2:b2:4c:69:76:
e7:4f:8a:22:54:fd:86:e0:ee:8b:d5:cd:49:d0:af:
6f:00:b1:a4:e1:21:f0:cb:d7:6e:a0:6e:71:32:39:
df:f8:00:fd:f2:d1:23:dc:38:e3:34:dd:3e:84:ba:
8a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5F:06:73:54:C6:73:87:48:78:9D:3F:4B:CD:A4:3B:52:C2:77:BC
X509v3 Authority Key Identifier:
keyid:0D:1E:3F:D5:04:0B:B9:FB:91:26:E5:11:9E:5F:F7:C0:74:DA:5B:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DR4_1QQLufuRJuURnl_3wHTaW7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9445a9-3f7f-4f4a-80b8-5b910157271b/1/xF8Gc1TGc4dIeJ0_S82kO1LCd7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9445a9-3f7f-4f4a-80b8-5b910157271b/1/DR4_1QQLufuRJuURnl_3wHTaW7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.4.0/22
IPv6:
2a07:44c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:2c:70:dc:f3:dc:81:f3:e2:bd:c3:3e:13:cb:23:1b:87:3a:
9f:48:e1:98:16:5a:3b:c0:53:5f:80:14:44:eb:16:61:a0:1e:
39:fb:ff:39:9e:d6:9f:d4:79:83:b6:4a:dd:18:16:72:6a:b4:
40:bb:65:cf:b6:cc:77:82:c1:f1:55:8b:73:df:85:71:c6:7f:
65:2c:5e:40:a8:80:e5:86:5b:47:28:66:f4:c4:6e:a4:c0:84:
1f:49:c5:2c:97:98:14:1e:92:56:ef:63:1b:c4:52:36:41:4d:
e7:ca:02:eb:fa:8d:76:56:12:57:f3:bc:86:35:ab:39:6a:73:
76:0b:15:03:60:47:67:34:82:b5:0a:21:57:d7:35:1b:6d:b1:
dc:f3:36:77:33:a9:28:4a:4c:dc:2a:7b:87:78:3f:d4:73:20:
d8:4d:d0:67:d8:b3:70:70:66:83:c7:74:43:3c:1f:b6:83:81:
bd:10:91:95:e1:eb:b0:86:2f:80:bc:e9:4f:77:af:a0:0b:24:
de:69:85:a4:c5:b9:aa:d0:51:52:1d:e5:0b:56:a3:bf:d6:68:
73:39:e0:aa:72:84:9f:10:6a:1b:6c:87:da:3f:5b:91:e1:cf:
3e:5e:a5:24:92:1c:f4:f3:e6:1e:41:c2:ec:f9:77:39:36:a0:
b7:7d:cd:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv3cZAC2WWZhTwOtG84JbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMWUzZmQ1MDQwYmI5ZmI5MTI2ZTUxMTllNWZmN2MwNzRk
YTViYmMwHhcNMjMwMTAyMDAyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDVmMDY3MzU0YzY3Mzg3NDg3ODlkM2Y0YmNkYTQzYjUyYzI3N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70C7zqH7VcgxXgL5oMImBy5emUIi
54Bm7v7sS9vJSP7qH7MvwuETlto0i0mfyd9oR/aTf+jvRI3LaCgLfPO70TuViGaK
LK3y96yEG59ICLYgllEVKTCId/dMYTmcr6yA97JjUK5r44FP48/fZfh4ww/rH+4V
CQPbkT5LVvN02Cj7BRWztUbUvpvQu8Fhd0M4Eipi2jwq9rClfOWcSQhTLM8Lbfok
k4xhCMa5FWTIcI+5REIDkotDKClqW3jPYj0EYee9WWyIEczemgjAwrJMaXbnT4oi
VP2G4O6L1c1J0K9vALGk4SHwy9duoG5xMjnf+AD98tEj3DjjNN0+hLqKOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMRfBnNUxnOHSHidP0vNpDtSwne8MB8GA1UdIwQY
MBaAFA0eP9UEC7n7kSblEZ5f98B02lu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFI0XzFRUUx1ZnVSSnVVUm5sXzN3SFRhVzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NDQ1YTktM2Y3Zi00ZjRhLTgwYjgt
NWI5MTAxNTcyNzFiLzEveEY4R2MxVEdjNGRJZUowX1M4MmtPMUxDZDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NDQ1YTktM2Y3Zi00ZjRhLTgwYjgtNWI5MTAxNTcyNzFi
LzEvRFI0XzFRUUx1ZnVSSnVVUm5sXzN3SFRhVzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZEEMA0E
AgACMAcDBQMqB0TAMA0GCSqGSIb3DQEBCwUAA4IBAQAZLHDc89yB8+K9wz4TyyMb
hzqfSOGYFlo7wFNfgBRE6xZhoB45+/85ntaf1HmDtkrdGBZyarRAu2XPtsx3gsHx
VYtz34Vxxn9lLF5AqIDlhltHKGb0xG6kwIQfScUsl5gUHpJW72MbxFI2QU3nygLr
+o12VhJX87yGNas5anN2CxUDYEdnNIK1CiFX1zUbbbHc8zZ3M6koSkzcKnuHeD/U
cyDYTdBn2LNwcGaDx3RDPB+2g4G9EJGV4euwhi+AvOlPd6+gCyTeaYWkxbmq0FFS
HeULVqO/1mhzOeCqcoSfEGobbIfaP1uR4c8+XqUkkhz08+YeQcLs+Xc5NqC3fc29
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org