Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/sTiHfdFMBfLJ15mmjvJnSaCjcp0.roa
File: sTiHfdFMBfLJ15mmjvJnSaCjcp0.roa (raw, json)
Hash identifier: c0sxRG/UFIvfGiIjT0SRJn4b+eBO0G5F6c1440+V5/U=
Subject key identifier: B1:38:87:7D:D1:4C:05:F2:C9:D7:99:A6:8E:F2:67:49:A0:A3:72:9D
Certificate issuer: /CN=1713129ef4fa454e0f0ac407e008e957a1b795a0
Certificate serial: 018570951E83947A6C1499E6A139EAA86473
Authority key identifier: 17:13:12:9E:F4:FA:45:4E:0F:0A:C4:07:E0:08:E9:57:A1:B7:95:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/sTiHfdFMBfLJ15mmjvJnSaCjcp0.roa
Signing time: Mon 02 Jan 2023 03:44:58 +0000
ROA not before: Mon 02 Jan 2023 03:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204786
IP address blocks: 185.240.52.0/22 maxlen: 24
2a0c:7280::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:1e:83:94:7a:6c:14:99:e6:a1:39:ea:a8:64:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1713129ef4fa454e0f0ac407e008e957a1b795a0
Validity
Not Before: Jan 2 03:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b138877dd14c05f2c9d799a68ef26749a0a3729d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fe:7b:ac:ea:6d:d2:dc:22:85:14:87:f1:05:
87:60:ec:92:af:da:82:87:45:c8:80:cb:ac:94:8f:
7e:9b:5e:f8:0d:1b:a8:af:73:87:17:ba:49:70:fc:
ea:5a:80:e2:b9:0b:f6:7d:79:04:fa:0a:e5:7b:bf:
40:cf:72:66:c9:e4:9b:07:44:7f:ef:f7:ed:58:a3:
d1:d3:55:b4:77:ad:be:e8:de:7f:79:e4:8a:b8:6d:
7f:63:b6:a8:17:4e:5d:27:d8:6b:a1:e3:92:2d:cd:
f6:3e:1c:62:9b:36:1e:58:5d:70:15:80:d4:b7:18:
86:c0:d5:ba:57:d8:f3:2e:03:f1:36:1b:96:85:3c:
8e:b9:7b:5b:8f:ae:10:4a:7a:f3:58:a0:4c:a3:0b:
90:9b:ad:9f:a5:77:30:4d:19:76:47:30:e4:e1:86:
3b:eb:a5:82:9a:1a:9b:3e:c2:8c:8c:3b:8e:44:84:
ac:da:09:01:c5:ed:07:c4:9f:4a:17:22:41:a8:88:
4b:05:b4:76:af:fb:8f:d5:e9:32:09:a4:03:c5:0c:
09:17:c9:f6:88:43:69:00:82:2e:e0:27:a2:19:d7:
30:49:14:be:a1:76:63:4a:91:8f:9e:3c:4d:b8:b1:
6d:e5:f6:08:b9:c6:d1:87:03:92:cc:c7:ba:3f:1e:
5f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:38:87:7D:D1:4C:05:F2:C9:D7:99:A6:8E:F2:67:49:A0:A3:72:9D
X509v3 Authority Key Identifier:
keyid:17:13:12:9E:F4:FA:45:4E:0F:0A:C4:07:E0:08:E9:57:A1:B7:95:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/sTiHfdFMBfLJ15mmjvJnSaCjcp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/FxMSnvT6RU4PCsQH4AjpV6G3laA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.52.0/22
IPv6:
2a0c:7280::/29
Signature Algorithm: sha256WithRSAEncryption
17:6b:71:f0:bd:d3:48:fd:46:f9:1a:0b:6f:f2:b0:c1:a8:17:
ae:c2:b4:43:88:d2:30:02:c8:de:0c:12:34:fa:1e:e1:84:51:
38:a6:7d:7b:f9:62:d9:e6:50:3a:c8:92:74:dd:e7:3f:c8:e8:
cc:1b:18:4c:f6:b1:e0:31:90:0c:36:72:59:9a:06:e0:23:29:
26:10:49:e5:a3:cf:68:ed:d3:a2:ce:e7:25:9e:18:88:2a:d9:
aa:2c:f9:9b:0e:8d:0c:98:83:40:2a:be:cd:66:ac:dd:25:31:
02:fe:ae:bb:1e:aa:0c:fd:37:e6:1b:4a:0e:6c:69:18:e2:e5:
bf:fe:d4:58:9c:a9:50:80:b6:c9:41:52:b7:c5:0d:1a:3d:b1:
1e:ce:71:c5:0e:aa:e1:cb:89:8d:66:5d:a8:5d:6f:2d:29:52:
f8:3d:4b:47:95:87:82:91:c2:f1:90:db:5e:89:97:9c:26:4f:
e2:96:3c:23:90:83:6c:f3:bb:46:23:5e:8f:f8:4f:a9:17:23:
31:44:40:fe:08:b9:7b:d5:f5:01:ae:e0:de:93:a0:93:bd:f8:
c3:15:30:9b:ec:19:f8:01:d6:b3:08:a0:62:7b:2a:42:9a:1c:
43:4a:5c:c0:91:1b:1b:f0:33:b7:08:08:cf:8e:56:29:38:60:
36:41:55:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwlR6DlHpsFJnmoTnqqGRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MTMxMjllZjRmYTQ1NGUwZjBhYzQwN2UwMDhlOTU3YTFi
Nzk1YTAwHhcNMjMwMTAyMDM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTM4ODc3ZGQxNGMwNWYyYzlkNzk5YTY4ZWYyNjc0OWEwYTM3MjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv57rOpt0twihRSH8QWHYOySr9qC
h0XIgMuslI9+m174DRuor3OHF7pJcPzqWoDiuQv2fXkE+grle79Az3JmyeSbB0R/
7/ftWKPR01W0d62+6N5/eeSKuG1/Y7aoF05dJ9hroeOSLc32PhximzYeWF1wFYDU
txiGwNW6V9jzLgPxNhuWhTyOuXtbj64QSnrzWKBMowuQm62fpXcwTRl2RzDk4YY7
66WCmhqbPsKMjDuORISs2gkBxe0HxJ9KFyJBqIhLBbR2r/uP1ekyCaQDxQwJF8n2
iENpAIIu4CeiGdcwSRS+oXZjSpGPnjxNuLFt5fYIucbRhwOSzMe6Px5fLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLE4h33RTAXyydeZpo7yZ0mgo3KdMB8GA1UdIwQY
MBaAFBcTEp70+kVODwrEB+AI6Veht5WgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnhNU252VDZSVTRQQ3NRSDRBanBWNkczbGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xNTcyOTktOWQxYy00YzViLTlhNDEt
YzI1ZmRjNGNhMmY2LzEvc1RpSGZkRk1CZkxKMTVtbWp2Sm5TYUNqY3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xNTcyOTktOWQxYy00YzViLTlhNDEtYzI1ZmRjNGNhMmY2
LzEvRnhNU252VDZSVTRQQ3NRSDRBanBWNkczbGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufA0MA0E
AgACMAcDBQMqDHKAMA0GCSqGSIb3DQEBCwUAA4IBAQAXa3HwvdNI/Ub5Ggtv8rDB
qBeuwrRDiNIwAsjeDBI0+h7hhFE4pn17+WLZ5lA6yJJ03ec/yOjMGxhM9rHgMZAM
NnJZmgbgIykmEEnlo89o7dOizuclnhiIKtmqLPmbDo0MmINAKr7NZqzdJTEC/q67
HqoM/TfmG0oObGkY4uW//tRYnKlQgLbJQVK3xQ0aPbEeznHFDqrhy4mNZl2oXW8t
KVL4PUtHlYeCkcLxkNteiZecJk/iljwjkINs87tGI16P+E+pFyMxRED+CLl71fUB
ruDek6CTvfjDFTCb7Bn4AdazCKBieypCmhxDSlzAkRsb8DO3CAjPjlYpOGA2QVVN
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:37 2024 by rpki-client on console-fra.rpki-client.org