Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/utXzfsot4DVx5g1nVL1yaj7vY1I.roa
File: utXzfsot4DVx5g1nVL1yaj7vY1I.roa (raw, json)
Hash identifier: +EUfEjqA1Fcz2Ll4LXB4ilABczy3WknCOiBvsD44O7E=
Subject key identifier: BA:D5:F3:7E:CA:2D:E0:35:71:E6:0D:67:54:BD:72:6A:3E:EF:63:52
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 018C34B4D24AA1FA2F129BAA9F987E55A53F
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/utXzfsot4DVx5g1nVL1yaj7vY1I.roa
Signing time: Mon 04 Dec 2023 12:01:54 +0000
ROA not before: Mon 04 Dec 2023 12:01:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203847
IP address blocks: 185.206.52.0/23 maxlen: 23
185.122.44.0/22 maxlen: 22
2a01:57e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 09 Dec 2023 20:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:b4:d2:4a:a1:fa:2f:12:9b:aa:9f:98:7e:55:a5:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Dec 4 12:01:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bad5f37eca2de03571e60d6754bd726a3eef6352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bc:be:c1:a7:2b:d2:b6:95:75:29:85:f3:9b:
ab:13:62:0d:24:77:c8:47:ee:6c:80:fc:2c:a8:5d:
e7:13:38:7c:bf:60:19:37:a2:e6:71:61:c4:8e:59:
2c:a5:73:9b:64:29:03:1d:22:c5:97:a7:f6:f1:20:
d4:12:a2:0e:3f:fc:0e:4e:af:cc:95:3a:77:88:1b:
3a:2c:54:8a:aa:75:46:3f:ce:36:53:ab:16:4c:83:
b8:e5:dd:c7:b9:da:2d:7c:55:48:b6:17:79:78:61:
b8:1e:ea:7f:49:4a:3e:91:0f:40:98:6f:0c:f9:5e:
73:36:bc:20:27:20:5d:81:1a:c6:ee:3b:48:02:91:
59:ac:8a:a2:2b:9d:b1:87:8e:69:9b:93:b2:3a:90:
be:c1:d8:d6:85:06:47:12:1e:f1:75:8d:15:6b:73:
18:26:86:59:b4:0e:42:cf:42:e5:2b:fd:2b:f9:88:
d1:aa:9c:5e:d9:43:0a:5b:25:ca:b4:2a:bd:6f:d2:
d4:97:f9:60:85:66:34:71:d5:d2:89:df:4d:b5:9c:
da:64:1c:8e:ea:6a:b1:e8:39:33:09:0c:5b:8a:e7:
ab:61:b5:78:69:11:4c:16:83:f2:f0:d4:54:64:04:
7c:8c:90:50:40:18:84:a9:76:43:54:eb:02:39:e0:
d7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D5:F3:7E:CA:2D:E0:35:71:E6:0D:67:54:BD:72:6A:3E:EF:63:52
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/utXzfsot4DVx5g1nVL1yaj7vY1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.44.0/22
185.206.52.0/23
IPv6:
2a01:57e0::/32
Signature Algorithm: sha256WithRSAEncryption
03:66:46:83:2b:8c:7a:fa:53:96:74:21:66:86:58:96:15:17:
35:92:f4:0d:0a:b6:7e:19:bf:5f:ee:53:9d:d5:47:a6:99:32:
11:1a:6e:8e:56:ca:89:07:b5:87:2a:51:ab:b1:fd:d6:3f:55:
a6:19:c8:f6:6c:7c:c0:0e:6b:20:20:a8:2a:f0:29:1f:ed:74:
fd:56:28:b2:79:a2:5f:49:75:14:84:47:5a:88:56:cd:85:86:
20:42:5d:a7:63:6a:3e:9f:fc:0e:4b:1d:1a:3f:bb:6e:b0:4d:
e0:02:0d:87:d2:99:61:72:be:8e:3c:c7:c1:11:19:bf:10:1d:
84:10:ea:f3:9f:43:c5:88:d0:67:15:b2:e8:75:02:dc:b3:85:
39:9f:4a:e5:16:41:99:c6:d3:30:37:e3:ae:cd:5d:e2:31:77:
19:35:08:d4:6e:49:52:80:7b:f3:c6:0f:84:4d:1e:8b:fe:41:
3d:95:ae:af:ea:f7:fc:ed:eb:6b:7c:56:87:0d:e3:26:36:91:
3e:17:09:e6:a6:26:e2:e8:e4:06:93:e3:88:d5:9f:ba:12:9b:
76:73:30:f9:1f:c0:49:d3:2d:77:66:da:44:5a:2b:96:ad:92:
74:fd:f0:a3:20:75:36:19:c5:07:b8:41:78:a3:0d:c9:14:80:
77:90:29:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYw0tNJKofovEpuqn5h+VaU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjMxMjA0MTIwMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWQ1ZjM3ZWNhMmRlMDM1NzFlNjBkNjc1NGJkNzI2YTNlZWY2MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAory+wacr0raVdSmF85urE2INJHfI
R+5sgPwsqF3nEzh8v2AZN6LmcWHEjlkspXObZCkDHSLFl6f28SDUEqIOP/wOTq/M
lTp3iBs6LFSKqnVGP842U6sWTIO45d3HudotfFVIthd5eGG4Hup/SUo+kQ9AmG8M
+V5zNrwgJyBdgRrG7jtIApFZrIqiK52xh45pm5OyOpC+wdjWhQZHEh7xdY0Va3MY
JoZZtA5Cz0LlK/0r+YjRqpxe2UMKWyXKtCq9b9LUl/lghWY0cdXSid9NtZzaZByO
6mqx6DkzCQxbiuerYbV4aRFMFoPy8NRUZAR8jJBQQBiEqXZDVOsCOeDX+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLrV837KLeA1ceYNZ1S9cmo+72NSMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvdXRYemZzb3Q0RFZ4NWcxblZMMXlhajd2WTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXosAwQB
uc40MA0EAgACMAcDBQAqAVfgMA0GCSqGSIb3DQEBCwUAA4IBAQADZkaDK4x6+lOW
dCFmhliWFRc1kvQNCrZ+Gb9f7lOd1UemmTIRGm6OVsqJB7WHKlGrsf3WP1WmGcj2
bHzADmsgIKgq8Ckf7XT9ViiyeaJfSXUUhEdaiFbNhYYgQl2nY2o+n/wOSx0aP7tu
sE3gAg2H0plhcr6OPMfBERm/EB2EEOrzn0PFiNBnFbLodQLcs4U5n0rlFkGZxtMw
N+OuzV3iMXcZNQjUbklSgHvzxg+ETR6L/kE9la6v6vf87etrfFaHDeMmNpE+Fwnm
pibi6OQGk+OI1Z+6Ept2czD5H8BJ0y13ZtpEWiuWrZJ0/fCjIHU2GcUHuEF4ow3J
FIB3kCkE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org