Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/db8OV5pHedSNMGClvVNHPpxNa2o.roa
File: db8OV5pHedSNMGClvVNHPpxNa2o.roa (raw, json)
Hash identifier: zN8SOtOzP3G8hOdoThuCLCwuctYgOovslpETA4idB6Y=
Subject key identifier: 75:BF:0E:57:9A:47:79:D4:8D:30:60:A5:BD:53:47:3E:9C:4D:6B:6A
Certificate issuer: /CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Certificate serial: 0187B8F8C2A1FA6006C8B10430C46CE6447D
Authority key identifier: EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/db8OV5pHedSNMGClvVNHPpxNa2o.roa
Signing time: Tue 25 Apr 2023 15:12:03 +0000
ROA not before: Tue 25 Apr 2023 15:12:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51262
IP address blocks: 185.147.8.0/24 maxlen: 24
185.147.11.0/24 maxlen: 24
185.147.10.0/24 maxlen: 24
185.147.10.0/23 maxlen: 23
185.147.9.0/24 maxlen: 24
2a0a:dc01::/32 maxlen: 32
2a0a:dc05::/32 maxlen: 32
2a0a:dc02::/32 maxlen: 32
2a0a:dc00::/32 maxlen: 32
2a0a:dc06::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:f8:c2:a1:fa:60:06:c8:b1:04:30:c4:6c:e6:44:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Validity
Not Before: Apr 25 15:12:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75bf0e579a4779d48d3060a5bd53473e9c4d6b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a7:13:50:27:98:a3:01:d7:3c:08:a0:f4:b8:
0f:40:84:09:b9:c0:83:10:26:ee:a2:49:13:ad:c0:
26:8f:d1:69:28:b9:53:11:e7:0e:b9:48:bf:13:4b:
06:35:d6:e5:67:12:74:b9:ba:73:b1:89:b3:39:fe:
5a:f8:e9:bb:b7:1e:67:81:7f:66:9b:d0:8a:f3:10:
3e:f2:44:5e:a3:a1:f5:eb:d3:f1:af:f8:e9:f0:5d:
f2:1e:67:c8:12:0d:a8:61:14:36:54:82:5b:bc:d3:
f1:27:f8:ad:08:b0:db:fc:1c:bc:b2:27:ba:87:b2:
ae:fd:ea:cd:40:e9:bf:78:8d:7f:f5:ee:44:ee:98:
25:e3:af:da:1c:50:2f:36:e7:f3:12:9e:f6:43:e8:
b8:5a:07:eb:19:0e:10:53:55:aa:66:f8:72:48:a3:
0d:c5:01:f7:38:0d:83:87:76:2d:f8:2d:dc:d6:0a:
9a:0e:a4:02:6c:75:38:1c:2a:05:a4:3a:5f:f4:2e:
21:a6:5a:cb:b3:8b:75:53:2e:96:de:de:9a:68:85:
a9:14:58:76:b4:cb:be:48:14:de:bb:c3:a5:18:94:
44:44:dc:ea:f8:20:c4:aa:b2:d2:b9:fd:69:1c:ff:
a1:30:74:5e:b0:d2:c5:5e:4f:94:03:60:8e:1b:eb:
6c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BF:0E:57:9A:47:79:D4:8D:30:60:A5:BD:53:47:3E:9C:4D:6B:6A
X509v3 Authority Key Identifier:
keyid:EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/db8OV5pHedSNMGClvVNHPpxNa2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.8.0/22
IPv6:
2a0a:dc00::-2a0a:dc02:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:dc05::-2a0a:dc06:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3f:92:e9:49:43:7a:94:a3:36:d1:2c:32:e6:90:80:db:41:c0:
c4:2f:80:f9:ab:10:7b:dd:fc:af:5f:0b:fe:8a:db:68:76:88:
9f:e5:aa:f2:6e:3a:fd:1b:ea:43:fb:ad:bf:3d:b3:e7:73:6f:
4c:ab:12:4d:5b:23:fa:7d:e0:a7:a4:a1:ab:ff:b7:0e:78:a1:
4e:23:87:7e:36:c3:08:45:74:bd:8a:1c:aa:6d:a2:49:ae:8a:
49:c3:f2:db:2f:38:ab:31:d9:91:9e:7e:73:05:30:e5:b4:fa:
6c:f8:95:09:fc:e7:60:b8:62:a6:8d:2d:6c:63:71:91:e7:f3:
92:5b:62:3a:e3:ef:64:fe:a6:d0:fd:ba:8e:de:42:a3:80:38:
d2:c5:eb:0b:c7:c7:21:27:4f:24:ae:a6:e7:8f:35:db:5e:56:
62:b0:39:d2:76:be:bb:db:d6:d3:4d:ee:60:4d:42:62:00:25:
3d:95:fa:cc:15:3a:28:0b:7e:8b:39:d5:95:21:da:99:9f:7b:
42:cc:16:a7:15:71:6a:d8:64:6b:5a:e9:0c:16:2d:bb:60:63:
ae:2d:c6:2c:32:c5:4c:37:e9:46:57:4f:4a:1b:b3:c9:59:e1:
81:c0:6e:8c:29:01:6a:fd:fe:5d:51:81:b1:a4:e4:4c:f2:12:
57:3d:b9:b3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYe4+MKh+mAGyLEEMMRs5kR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTY5MTQyN2M2ZTQxODA2ZjZjZWIxZTIxOGE3ZGM2MzIw
ZmRlZWQwHhcNMjMwNDI1MTUxMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJmMGU1NzlhNDc3OWQ0OGQzMDYwYTViZDUzNDczZTljNGQ2YjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKcTUCeYowHXPAig9LgPQIQJucCD
ECbuokkTrcAmj9FpKLlTEecOuUi/E0sGNdblZxJ0ubpzsYmzOf5a+Om7tx5ngX9m
m9CK8xA+8kReo6H169Pxr/jp8F3yHmfIEg2oYRQ2VIJbvNPxJ/itCLDb/By8sie6
h7Ku/erNQOm/eI1/9e5E7pgl46/aHFAvNufzEp72Q+i4WgfrGQ4QU1WqZvhySKMN
xQH3OA2Dh3Yt+C3c1gqaDqQCbHU4HCoFpDpf9C4hplrLs4t1Uy6W3t6aaIWpFFh2
tMu+SBTeu8OlGJRERNzq+CDEqrLSuf1pHP+hMHResNLFXk+UA2COG+tsfQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHW/DleaR3nUjTBgpb1TRz6cTWtqMB8GA1UdIwQY
MBaAFO/mkUJ8bkGAb2zrHiGKfcYyD97tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMt
MzgxNGM1N2ZlOWJiLzEvZGI4T1Y1cEhlZFNOTUdDbHZWTkhQcHhOYTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMtMzgxNGM1N2ZlOWJi
LzEvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAMBAIAATAGAwQCuZMIMCUE
AgACMB8wDQMEAioK3AMFACoK3AIwDgMFACoK3AUDBQAqCtwGMA0GCSqGSIb3DQEB
CwUAA4IBAQA/kulJQ3qUozbRLDLmkIDbQcDEL4D5qxB73fyvXwv+ittodoif5ary
bjr9G+pD+62/PbPnc29MqxJNWyP6feCnpKGr/7cOeKFOI4d+NsMIRXS9ihyqbaJJ
ropJw/LbLzirMdmRnn5zBTDltPps+JUJ/OdguGKmjS1sY3GR5/OSW2I64+9k/qbQ
/bqO3kKjgDjSxesLx8chJ08krqbnjzXbXlZisDnSdr6729bTTe5gTUJiACU9lfrM
FTooC36LOdWVIdqZn3tCzBanFXFq2GRrWukMFi27YGOuLcYsMsVMN+lGV09KG7PJ
WeGBwG6MKQFq/f5dUYGxpORM8hJXPbmz
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:48 2024 by rpki-client on console-ams.rpki-client.org