Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/v6BUsVas_5uLg-wgO7BGoA7crdU.roa
File: v6BUsVas_5uLg-wgO7BGoA7crdU.roa (raw, json)
Hash identifier: z7QtbVQgsXm8/OTqNkBMlePAq5X8ckxgGS8ACDnckms=
Subject key identifier: BF:A0:54:B1:56:AC:FF:9B:8B:83:EC:20:3B:B0:46:A0:0E:DC:AD:D5
Certificate issuer: /CN=758e823cf274d3810ce05c1d1bf5eef95cb211dc
Certificate serial: 01856E8B3B633A4B901E5BD231F17F49E3DD
Authority key identifier: 75:8E:82:3C:F2:74:D3:81:0C:E0:5C:1D:1B:F5:EE:F9:5C:B2:11:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/v6BUsVas_5uLg-wgO7BGoA7crdU.roa
Signing time: Sun 01 Jan 2023 18:14:56 +0000
ROA not before: Sun 01 Jan 2023 18:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39384
IP address blocks: 185.118.112.0/22 maxlen: 24
45.154.64.0/22 maxlen: 24
185.240.248.0/22 maxlen: 24
2a0d:3b80::/29 maxlen: 32
2a03:6420::/32 maxlen: 32
2a0f:c700::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:3b:63:3a:4b:90:1e:5b:d2:31:f1:7f:49:e3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=758e823cf274d3810ce05c1d1bf5eef95cb211dc
Validity
Not Before: Jan 1 18:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfa054b156acff9b8b83ec203bb046a00edcadd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6a:7b:92:29:c0:ed:62:4b:c2:e6:aa:91:02:
56:b7:94:e0:ca:02:53:c5:62:fc:fe:4e:cc:09:18:
4d:ed:ac:da:0d:78:27:38:62:3a:dd:70:46:85:06:
62:f5:ca:69:b2:d0:0f:d0:53:1b:4b:b4:2b:ca:5d:
3f:eb:ce:5a:54:a5:ea:8e:f4:a2:2f:a1:15:38:2c:
0e:e8:c6:55:28:0c:81:43:7e:6c:e3:e1:21:cf:65:
f6:04:d0:b7:29:da:ba:20:0d:c7:ee:21:84:ca:c8:
12:86:95:8b:4b:ee:de:ba:a8:e6:ed:2c:c9:65:8d:
e9:36:29:a7:da:31:1f:3c:73:5d:52:b9:66:20:e4:
6b:c7:f6:92:a6:14:58:4a:83:47:44:3e:13:5e:a3:
bd:03:b2:93:cb:47:d7:36:36:74:84:86:df:f0:da:
e5:46:03:1b:7c:7d:bc:4e:e3:3d:49:d8:98:65:20:
67:dc:ec:75:cd:3c:01:19:bf:8b:e1:a7:60:aa:81:
27:d2:b7:10:cb:6d:f0:7b:e3:ac:e9:ce:64:24:d4:
58:82:0b:54:5b:c3:c4:8d:65:5e:44:3a:cd:37:9a:
d2:1c:5e:41:2c:13:a9:65:42:84:51:16:7a:d4:7c:
63:e0:97:8c:22:a6:62:11:a2:c6:4a:9b:d9:b2:aa:
26:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A0:54:B1:56:AC:FF:9B:8B:83:EC:20:3B:B0:46:A0:0E:DC:AD:D5
X509v3 Authority Key Identifier:
keyid:75:8E:82:3C:F2:74:D3:81:0C:E0:5C:1D:1B:F5:EE:F9:5C:B2:11:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/v6BUsVas_5uLg-wgO7BGoA7crdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/dY6CPPJ004EM4FwdG_Xu-VyyEdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.64.0/22
185.118.112.0/22
185.240.248.0/22
IPv6:
2a03:6420::/32
2a0d:3b80::/29
2a0f:c700::/29
Signature Algorithm: sha256WithRSAEncryption
64:d9:64:b5:83:6b:62:14:9b:fc:74:ba:92:31:18:58:8a:2e:
1d:3e:2e:76:f4:0e:07:21:3f:b4:70:b3:ee:0e:41:38:0c:dc:
6c:d3:c9:a3:86:0a:cf:c3:c4:6b:f3:5f:9d:ec:7d:17:30:8f:
01:15:8e:69:ba:a7:a4:10:a4:80:6f:9c:bf:fc:ca:02:93:d6:
18:98:8e:f5:c6:78:d8:ee:ce:69:6b:35:66:83:e9:b2:de:56:
95:b4:c0:78:ea:df:57:ea:82:18:1a:e0:66:d9:f4:70:12:db:
66:2c:2a:59:85:1c:36:f8:51:24:32:b2:32:d8:a3:4b:54:23:
f0:7a:7f:1e:d2:a2:62:b3:3c:3e:89:b9:cf:64:a9:47:e4:c3:
d0:31:6b:b4:b3:bd:d6:c8:c0:00:09:36:d1:67:94:fd:b2:4c:
70:9e:0e:16:cc:12:19:9b:a8:50:ab:de:51:32:55:28:e7:c5:
c2:4f:a0:72:86:23:aa:22:d1:f4:59:7c:42:46:1a:ca:34:2c:
2a:5a:22:56:56:e8:af:10:6a:98:8c:ef:cc:84:21:8e:6f:5f:
ea:e9:9d:90:aa:a6:08:b6:cc:c1:00:7b:f6:f1:9f:af:24:5f:
8c:6c:66:b4:80:6b:73:1e:6d:d1:43:21:26:62:46:f6:f9:8c:
e7:0b:f2:6c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVuiztjOkuQHlvSMfF/SePdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OGU4MjNjZjI3NGQzODEwY2UwNWMxZDFiZjVlZWY5NWNi
MjExZGMwHhcNMjMwMTAxMTgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmEwNTRiMTU2YWNmZjliOGI4M2VjMjAzYmIwNDZhMDBlZGNhZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWp7kinA7WJLwuaqkQJWt5TgygJT
xWL8/k7MCRhN7azaDXgnOGI63XBGhQZi9cppstAP0FMbS7Qryl0/685aVKXqjvSi
L6EVOCwO6MZVKAyBQ35s4+Ehz2X2BNC3Kdq6IA3H7iGEysgShpWLS+7euqjm7SzJ
ZY3pNimn2jEfPHNdUrlmIORrx/aSphRYSoNHRD4TXqO9A7KTy0fXNjZ0hIbf8Nrl
RgMbfH28TuM9SdiYZSBn3Ox1zTwBGb+L4adgqoEn0rcQy23we+Os6c5kJNRYggtU
W8PEjWVeRDrNN5rSHF5BLBOpZUKEURZ61Hxj4JeMIqZiEaLGSpvZsqom6wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFL+gVLFWrP+bi4PsIDuwRqAO3K3VMB8GA1UdIwQY
MBaAFHWOgjzydNOBDOBcHRv17vlcshHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFk2Q1BQSjAwNEVNNEZ3ZEdfWHUtVnl5RWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80M2Q2OWUtYjY4ZC00MTQ5LThiMjkt
MDNkYjhiMzZkMzE5LzEvdjZCVXNWYXNfNXVMZy13Z083QkdvQTdjcmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80M2Q2OWUtYjY4ZC00MTQ5LThiMjktMDNkYjhiMzZkMzE5
LzEvZFk2Q1BQSjAwNEVNNEZ3ZEdfWHUtVnl5RWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLZpAAwQC
uXZwAwQCufD4MBsEAgACMBUDBQAqA2QgAwUDKg07gAMFAyoPxwAwDQYJKoZIhvcN
AQELBQADggEBAGTZZLWDa2IUm/x0upIxGFiKLh0+Lnb0DgchP7Rws+4OQTgM3GzT
yaOGCs/DxGvzX53sfRcwjwEVjmm6p6QQpIBvnL/8ygKT1hiYjvXGeNjuzmlrNWaD
6bLeVpW0wHjq31fqghga4GbZ9HAS22YsKlmFHDb4USQysjLYo0tUI/B6fx7SomKz
PD6Juc9kqUfkw9Axa7SzvdbIwAAJNtFnlP2yTHCeDhbMEhmbqFCr3lEyVSjnxcJP
oHKGI6oi0fRZfEJGGso0LCpaIlZW6K8QapiM78yEIY5vX+rpnZCqpgi2zMEAe/bx
n68kX4xsZrSAa3MebdFDISZiRvb5jOcL8mw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:11 2024 by rpki-client on console-fra.rpki-client.org