Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/9fedd0-4ed7-4419-8e73-b5ca0adf2f08/1/4j9bnCrHt7A5ynvzaq8KOLq7Mzw.roa
File: 4j9bnCrHt7A5ynvzaq8KOLq7Mzw.roa (raw, json)
Hash identifier: E/Eoo16Pqd24WTqjlklXaPkb8hFKlAbTPVJkGJM2WDE=
Subject key identifier: E2:3F:5B:9C:2A:C7:B7:B0:39:CA:7B:F3:6A:AF:0A:38:BA:BB:33:3C
Certificate issuer: /CN=fff442affba1cfaef3102c981d7569502ce6515c
Certificate serial: 01856E2F9530E4BFD62145C757D14F2E099A
Authority key identifier: FF:F4:42:AF:FB:A1:CF:AE:F3:10:2C:98:1D:75:69:50:2C:E6:51:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/__RCr_uhz67zECyYHXVpUCzmUVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/9fedd0-4ed7-4419-8e73-b5ca0adf2f08/1/4j9bnCrHt7A5ynvzaq8KOLq7Mzw.roa
Signing time: Sun 01 Jan 2023 16:34:50 +0000
ROA not before: Sun 01 Jan 2023 16:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204861
IP address blocks: 185.237.172.0/22 maxlen: 24
2a0c:1a80::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:95:30:e4:bf:d6:21:45:c7:57:d1:4f:2e:09:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fff442affba1cfaef3102c981d7569502ce6515c
Validity
Not Before: Jan 1 16:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e23f5b9c2ac7b7b039ca7bf36aaf0a38babb333c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6b:3b:2c:d4:8a:f5:36:55:4c:17:34:8a:5e:
59:f3:f0:8c:c1:80:c8:37:1b:ad:b4:f1:28:9b:6a:
3c:2a:3f:3d:fe:3d:33:88:f5:be:56:9c:e2:78:53:
b9:fb:08:2c:04:cd:eb:92:f4:93:c7:b7:ef:df:dc:
15:67:cb:cc:f0:8d:4c:d7:b2:a2:29:7d:b5:ed:b2:
cd:ac:0a:ec:fd:ef:5e:b7:65:65:74:f2:3b:e0:ec:
fa:56:0b:78:64:8b:ec:4f:0e:ce:e3:68:a9:64:83:
fd:8a:01:61:a9:bf:dc:52:2d:28:ef:02:49:4d:ac:
13:f9:1e:c8:a0:31:6d:a3:fe:f2:2b:3b:a1:f7:6f:
8d:77:5c:7a:31:2a:f3:77:03:81:9c:df:70:b7:f1:
37:3d:0d:05:85:a6:1e:1d:48:76:8b:64:22:24:32:
53:b5:64:88:16:d8:a9:4e:0a:c6:69:2f:78:88:b4:
dd:6f:e2:fd:60:41:e0:c9:cc:ad:85:0e:15:1d:e6:
80:bc:5b:72:a2:10:f9:8b:c3:2c:6c:46:34:ac:ae:
86:ec:d2:d7:bc:c1:7a:36:ad:dd:68:e3:29:e5:3f:
e6:ff:ed:07:4c:d7:c9:6b:9b:b9:1d:88:0d:a2:46:
e3:ba:71:74:36:a3:3e:82:bf:ab:d3:44:4c:b8:d4:
6a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3F:5B:9C:2A:C7:B7:B0:39:CA:7B:F3:6A:AF:0A:38:BA:BB:33:3C
X509v3 Authority Key Identifier:
keyid:FF:F4:42:AF:FB:A1:CF:AE:F3:10:2C:98:1D:75:69:50:2C:E6:51:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/__RCr_uhz67zECyYHXVpUCzmUVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9fedd0-4ed7-4419-8e73-b5ca0adf2f08/1/4j9bnCrHt7A5ynvzaq8KOLq7Mzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9fedd0-4ed7-4419-8e73-b5ca0adf2f08/1/__RCr_uhz67zECyYHXVpUCzmUVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.172.0/22
IPv6:
2a0c:1a80::/29
Signature Algorithm: sha256WithRSAEncryption
46:d6:b4:b7:53:73:13:0d:af:dc:ce:cd:67:69:1f:db:70:36:
b5:0c:86:af:e4:b2:24:46:dc:68:f9:5d:ed:e9:05:7a:9f:e8:
52:16:7e:2a:af:c3:dc:4f:ba:2b:5d:9d:bd:4d:fc:89:3d:17:
2d:bd:fe:f6:05:eb:1a:a1:9e:70:2a:4f:8d:a6:01:a2:52:1f:
96:5e:56:a8:69:73:75:fd:f3:70:48:51:78:e6:03:9e:fb:bf:
cd:08:06:da:99:69:43:ce:9b:f9:9e:95:55:ba:3f:14:ee:25:
e2:af:0b:dd:71:d3:9d:63:24:77:b1:c5:d3:76:26:49:e3:cb:
8f:78:a0:ab:e9:e1:a4:ad:04:9c:74:af:9a:b3:58:a2:2d:61:
16:ce:32:89:29:22:78:f9:b9:58:a2:51:be:39:4f:55:e0:bf:
7d:1b:50:5b:99:70:42:ad:db:48:08:06:5b:87:ca:f9:70:ca:
44:80:f4:96:7d:c6:c8:cb:04:6d:87:ea:f5:af:3c:c1:ea:cd:
cb:10:77:d6:c9:14:68:aa:a1:2c:d0:0b:88:9c:fd:a5:ce:81:
aa:d8:54:62:b3:3a:b8:34:ea:cf:65:80:0e:6c:a5:54:23:ed:
c6:0a:bc:58:42:4c:6f:94:76:16:25:19:e1:a6:58:77:79:b1:
39:15:02:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL5Uw5L/WIUXHV9FPLgmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZjQ0MmFmZmJhMWNmYWVmMzEwMmM5ODFkNzU2OTUwMmNl
NjUxNWMwHhcNMjMwMTAxMTYzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjNmNWI5YzJhYzdiN2IwMzljYTdiZjM2YWFmMGEzOGJhYmIzMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGs7LNSK9TZVTBc0il5Z8/CMwYDI
NxuttPEom2o8Kj89/j0ziPW+VpzieFO5+wgsBM3rkvSTx7fv39wVZ8vM8I1M17Ki
KX217bLNrArs/e9et2VldPI74Oz6Vgt4ZIvsTw7O42ipZIP9igFhqb/cUi0o7wJJ
TawT+R7IoDFto/7yKzuh92+Nd1x6MSrzdwOBnN9wt/E3PQ0FhaYeHUh2i2QiJDJT
tWSIFtipTgrGaS94iLTdb+L9YEHgycythQ4VHeaAvFtyohD5i8MsbEY0rK6G7NLX
vMF6Nq3daOMp5T/m/+0HTNfJa5u5HYgNokbjunF0NqM+gr+r00RMuNRqqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOI/W5wqx7ewOcp782qvCji6uzM8MB8GA1UdIwQY
MBaAFP/0Qq/7oc+u8xAsmB11aVAs5lFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX19SQ3JfdWh6Njd6RUN5WUhYVnBVQ3ptVVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85ZmVkZDAtNGVkNy00NDE5LThlNzMt
YjVjYTBhZGYyZjA4LzEvNGo5Ym5Dckh0N0E1eW52emFxOEtPTHE3TXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85ZmVkZDAtNGVkNy00NDE5LThlNzMtYjVjYTBhZGYyZjA4
LzEvX19SQ3JfdWh6Njd6RUN5WUhYVnBVQ3ptVVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue2sMA0E
AgACMAcDBQMqDBqAMA0GCSqGSIb3DQEBCwUAA4IBAQBG1rS3U3MTDa/czs1naR/b
cDa1DIav5LIkRtxo+V3t6QV6n+hSFn4qr8PcT7orXZ29TfyJPRctvf72BesaoZ5w
Kk+NpgGiUh+WXlaoaXN1/fNwSFF45gOe+7/NCAbamWlDzpv5npVVuj8U7iXirwvd
cdOdYyR3scXTdiZJ48uPeKCr6eGkrQScdK+as1iiLWEWzjKJKSJ4+blYolG+OU9V
4L99G1BbmXBCrdtICAZbh8r5cMpEgPSWfcbIywRth+r1rzzB6s3LEHfWyRRoqqEs
0AuInP2lzoGq2FRiszq4NOrPZYAObKVUI+3GCrxYQkxvlHYWJRnhplh3ebE5FQIK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:29 2024 by rpki-client on console-ams.rpki-client.org