Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a0b266-3c9e-4e0c-8a6d-5895b69d189e/1/b4bLjA33rBmlNO0YWY5gKBx9L_w.roa
File: b4bLjA33rBmlNO0YWY5gKBx9L_w.roa (raw, json)
Hash identifier: dHaWmAEnAIwUcrkJm/Pa8lags/F6vGQSVi/bz9aIxLc=
Subject key identifier: 6F:86:CB:8C:0D:F7:AC:19:A5:34:ED:18:59:8E:60:28:1C:7D:2F:FC
Certificate issuer: /CN=2a369ca9ba84ad847d49d31e27465faf57bf28e4
Certificate serial: 01856FE6EF4AAAE874FF235B286B646D1373
Authority key identifier: 2A:36:9C:A9:BA:84:AD:84:7D:49:D3:1E:27:46:5F:AF:57:BF:28:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KjacqbqErYR9SdMeJ0Zfr1e_KOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a0b266-3c9e-4e0c-8a6d-5895b69d189e/1/b4bLjA33rBmlNO0YWY5gKBx9L_w.roa
Signing time: Mon 02 Jan 2023 00:34:43 +0000
ROA not before: Mon 02 Jan 2023 00:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50018
IP address blocks: 185.136.64.0/22 maxlen: 22
185.136.64.0/24 maxlen: 24
185.136.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:ef:4a:aa:e8:74:ff:23:5b:28:6b:64:6d:13:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a369ca9ba84ad847d49d31e27465faf57bf28e4
Validity
Not Before: Jan 2 00:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f86cb8c0df7ac19a534ed18598e60281c7d2ffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1b:22:7f:c3:ea:05:00:70:25:f7:9f:2a:f9:
23:15:6c:8a:68:33:d9:3d:fe:c8:19:ba:fe:37:a4:
d3:c0:9a:94:9b:4a:b8:39:ff:20:43:65:ab:7d:7c:
e4:c0:de:c4:ae:fd:18:d1:73:d7:e5:c6:e9:fc:77:
72:30:d8:45:ca:78:d7:d9:d6:f1:8d:7e:bb:0f:08:
0c:cb:71:ca:78:14:8b:ee:5f:06:2e:2a:73:f2:46:
d7:a5:35:b4:c2:54:94:4f:df:49:e2:aa:44:e9:84:
88:eb:65:e5:35:7b:86:97:4c:9b:d4:1c:f9:b3:71:
e2:00:84:10:c3:5d:11:ba:b9:d4:89:2b:f6:d3:24:
b4:ba:55:fb:00:73:ad:7e:4f:e6:9f:d8:dc:8e:0c:
42:72:3d:2f:19:22:d4:be:ea:14:ab:0a:60:de:e5:
6c:a2:a1:7b:5f:37:70:bc:2d:71:d1:74:a5:9c:50:
70:08:06:01:cb:e9:0f:a9:e1:f1:44:55:e0:70:bb:
e2:7b:db:2b:74:e8:5b:1a:64:22:40:b2:84:d3:b1:
44:34:32:64:67:16:f9:16:7d:3c:73:ec:a2:07:07:
82:6f:ad:4f:4a:ac:b1:9d:36:30:ff:c9:a7:4f:d8:
c8:a8:eb:11:21:84:ea:89:cd:97:59:4f:e0:8f:36:
16:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:86:CB:8C:0D:F7:AC:19:A5:34:ED:18:59:8E:60:28:1C:7D:2F:FC
X509v3 Authority Key Identifier:
keyid:2A:36:9C:A9:BA:84:AD:84:7D:49:D3:1E:27:46:5F:AF:57:BF:28:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KjacqbqErYR9SdMeJ0Zfr1e_KOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a0b266-3c9e-4e0c-8a6d-5895b69d189e/1/b4bLjA33rBmlNO0YWY5gKBx9L_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a0b266-3c9e-4e0c-8a6d-5895b69d189e/1/KjacqbqErYR9SdMeJ0Zfr1e_KOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.64.0/22
Signature Algorithm: sha256WithRSAEncryption
94:c8:ef:ce:70:49:42:58:0f:96:8e:b9:7c:9a:69:74:2d:c9:
18:f1:46:ac:8b:8a:70:cb:38:3c:b4:8c:be:ca:58:19:95:62:
9c:0c:50:05:62:e9:79:a6:f6:74:0b:34:d4:25:23:c7:2c:bd:
92:d0:c5:5a:88:84:e8:d2:ba:73:30:34:34:61:a0:5c:e4:e9:
54:5d:e3:80:4b:6e:4f:65:ad:19:d2:bb:a2:08:ef:01:10:fd:
f9:93:68:ac:0f:4c:b4:6c:b9:e1:5f:f8:66:68:56:64:44:77:
bc:27:cb:d8:b7:51:57:ad:94:89:d5:cc:50:61:f2:fe:25:a6:
d9:65:6f:1a:c2:dd:ad:42:d6:7e:cd:d6:89:24:b8:df:18:40:
dc:ed:f2:40:f7:13:9c:2d:74:00:ac:4a:c7:13:f0:dd:12:47:
91:40:e7:b7:7e:33:22:9f:32:0e:18:6b:75:f2:f8:3c:ba:a6:
67:8b:dd:f5:2b:67:9d:0e:e3:5e:24:b5:11:4b:c2:bb:2a:f6:
6f:b4:bc:39:ac:ef:2e:a8:f8:a2:ea:46:1a:71:35:e0:f3:5e:
f6:47:7a:73:32:87:f8:41:0b:7b:ba:f5:e6:40:53:96:a2:13:
43:1f:0d:a3:68:a1:32:6d:81:af:8a:cf:99:b9:d4:9e:24:92:
4c:e1:23:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5u9Kquh0/yNbKGtkbRNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMzY5Y2E5YmE4NGFkODQ3ZDQ5ZDMxZTI3NDY1ZmFmNTdi
ZjI4ZTQwHhcNMjMwMTAyMDAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjg2Y2I4YzBkZjdhYzE5YTUzNGVkMTg1OThlNjAyODFjN2QyZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRsif8PqBQBwJfefKvkjFWyKaDPZ
Pf7IGbr+N6TTwJqUm0q4Of8gQ2WrfXzkwN7Erv0Y0XPX5cbp/HdyMNhFynjX2dbx
jX67DwgMy3HKeBSL7l8GLipz8kbXpTW0wlSUT99J4qpE6YSI62XlNXuGl0yb1Bz5
s3HiAIQQw10RurnUiSv20yS0ulX7AHOtfk/mn9jcjgxCcj0vGSLUvuoUqwpg3uVs
oqF7XzdwvC1x0XSlnFBwCAYBy+kPqeHxRFXgcLvie9srdOhbGmQiQLKE07FENDJk
Zxb5Fn08c+yiBweCb61PSqyxnTYw/8mnT9jIqOsRIYTqic2XWU/gjzYWRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+Gy4wN96wZpTTtGFmOYCgcfS/8MB8GA1UdIwQY
MBaAFCo2nKm6hK2EfUnTHidGX69XvyjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2phY3FicUVyWVI5U2RNZUowWmZyMWVfS09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hMGIyNjYtM2M5ZS00ZTBjLThhNmQt
NTg5NWI2OWQxODllLzEvYjRiTGpBMzNyQm1sTk8wWVdZNWdLQng5TF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hMGIyNjYtM2M5ZS00ZTBjLThhNmQtNTg5NWI2OWQxODll
LzEvS2phY3FicUVyWVI5U2RNZUowWmZyMWVfS09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYhAMA0G
CSqGSIb3DQEBCwUAA4IBAQCUyO/OcElCWA+Wjrl8mml0LckY8Uasi4pwyzg8tIy+
ylgZlWKcDFAFYul5pvZ0CzTUJSPHLL2S0MVaiITo0rpzMDQ0YaBc5OlUXeOAS25P
Za0Z0ruiCO8BEP35k2isD0y0bLnhX/hmaFZkRHe8J8vYt1FXrZSJ1cxQYfL+JabZ
ZW8awt2tQtZ+zdaJJLjfGEDc7fJA9xOcLXQArErHE/DdEkeRQOe3fjMinzIOGGt1
8vg8uqZni931K2edDuNeJLURS8K7KvZvtLw5rO8uqPii6kYacTXg8172R3pzMof4
QQt7uvXmQFOWohNDHw2jaKEybYGvis+ZudSeJJJM4SNE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:21 2024 by rpki-client on console-fra.rpki-client.org