Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/u92ADlw1x4RzpB5gliqj03gbTMo.roa
File: u92ADlw1x4RzpB5gliqj03gbTMo.roa (raw, json)
Hash identifier: WCikmtpUXOTcHgiHqRPmDD8K/E/VZLY/TwTWKgwJ0NY=
Subject key identifier: BB:DD:80:0E:5C:35:C7:84:73:A4:1E:60:96:2A:A3:D3:78:1B:4C:CA
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 018BBD75847B73AE5EC3420F63C9E95CB0D9
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/u92ADlw1x4RzpB5gliqj03gbTMo.roa
Signing time: Sat 11 Nov 2023 08:17:57 +0000
ROA not before: Sat 11 Nov 2023 08:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 185.7.82.0/24 maxlen: 24
185.7.83.0/24 maxlen: 24
2a03:403::/32 maxlen: 32
2a03:400::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Dec 2023 22:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:75:84:7b:73:ae:5e:c3:42:0f:63:c9:e9:5c:b0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Nov 11 08:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbdd800e5c35c78473a41e60962aa3d3781b4cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:93:7f:f5:b1:d8:a0:9e:8b:72:4e:b9:4a:83:
a6:77:d7:76:0d:2f:81:45:e1:36:41:cd:c0:4a:92:
74:ce:f6:a9:a8:b0:b1:ff:76:32:f4:b7:79:3a:37:
9c:5c:76:e0:90:8e:37:23:56:83:ce:8c:21:3f:6b:
2a:52:eb:68:34:24:81:2a:43:43:f0:4f:fe:e2:8f:
f5:7d:4d:90:ed:a7:c8:ae:69:1a:d0:9d:96:eb:56:
6d:1c:c2:69:6c:d9:34:5d:88:54:f4:64:e6:02:d3:
a7:f0:b6:a6:b9:20:31:2b:12:07:b6:60:f2:ed:37:
fb:fb:3c:3d:d4:ec:cd:aa:e0:49:71:c8:63:0d:31:
53:e2:a3:90:ad:5d:d5:74:27:5c:1b:b0:2e:c3:17:
ed:95:88:b5:d8:be:35:21:b3:70:d8:79:b3:4c:48:
84:ff:a3:39:19:5f:07:1f:d4:d8:b1:4e:6b:eb:ef:
c8:a3:bd:56:24:bb:b2:7b:da:d5:4c:e9:b0:60:8e:
2d:23:8f:6c:9a:88:1f:5d:8d:71:ba:16:55:b3:ac:
e8:55:93:52:9b:ce:65:ea:8d:48:30:bd:ec:7c:03:
28:77:ba:8a:66:3e:55:b9:69:d4:0d:d7:51:11:30:
06:8f:bf:54:a5:ef:13:b2:4f:18:7e:95:e3:5b:2c:
f7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:DD:80:0E:5C:35:C7:84:73:A4:1E:60:96:2A:A3:D3:78:1B:4C:CA
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/u92ADlw1x4RzpB5gliqj03gbTMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.82.0/23
IPv6:
2a03:400::/32
2a03:403::/32
Signature Algorithm: sha256WithRSAEncryption
79:b6:f5:fd:3a:ae:bf:12:b0:4e:59:3e:d4:ce:01:9e:28:cf:
a3:c1:9b:0b:c8:d8:8b:f0:fd:e0:29:71:5d:95:58:d0:1e:b6:
df:ab:4b:f2:cc:c8:cc:b5:7c:4a:c1:ad:62:e1:78:0c:4a:ab:
2a:a2:b9:d3:8e:dc:d2:1c:1e:c3:50:84:82:3b:29:3e:a9:8a:
88:79:13:7d:59:e1:b8:98:f8:3c:59:09:2a:79:71:d0:50:8e:
11:c6:65:f3:c1:6d:63:ce:34:b3:38:11:c9:91:29:bf:e0:05:
7d:2b:2b:1c:e9:8d:e8:d8:a2:8e:ef:62:36:f1:e6:84:42:e8:
24:4d:e0:66:2e:d7:6b:eb:d5:2f:ec:c7:b2:06:d7:34:5c:86:
ca:df:7b:09:c1:20:2d:76:6b:cf:7b:a9:f7:90:97:3f:3b:4d:
f4:fa:a0:e8:74:32:74:d0:3e:60:b6:27:b7:0d:1f:17:fc:19:
1e:80:e8:bf:f7:96:87:92:cb:7d:9b:27:f1:cd:ce:20:6c:73:
a3:12:68:ce:27:8e:86:1d:13:fa:95:19:6d:cb:85:cb:d5:6c:
b2:99:6d:d6:4a:6c:34:4d:f7:b5:68:ad:fc:9d:3a:87:c1:10:
c6:21:b0:a1:ef:4c:5a:08:ea:b7:b6:44:bb:e0:7e:0f:c0:67:
3b:f6:fa:07
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYu9dYR7c65ew0IPY8npXLDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjMxMTExMDgxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmRkODAwZTVjMzVjNzg0NzNhNDFlNjA5NjJhYTNkMzc4MWI0Y2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5N/9bHYoJ6Lck65SoOmd9d2DS+B
ReE2Qc3ASpJ0zvapqLCx/3Yy9Ld5OjecXHbgkI43I1aDzowhP2sqUutoNCSBKkND
8E/+4o/1fU2Q7afIrmka0J2W61ZtHMJpbNk0XYhU9GTmAtOn8LamuSAxKxIHtmDy
7Tf7+zw91OzNquBJcchjDTFT4qOQrV3VdCdcG7AuwxftlYi12L41IbNw2HmzTEiE
/6M5GV8HH9TYsU5r6+/Io71WJLuye9rVTOmwYI4tI49smogfXY1xuhZVs6zoVZNS
m85l6o1IML3sfAMod7qKZj5VuWnUDddRETAGj79Upe8Tsk8YfpXjWyz3+wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLvdgA5cNceEc6QeYJYqo9N4G0zKMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvdTkyQURsdzF4NFJ6cEI1Z2xpcWowM2diVE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQBuQdSMBQE
AgACMA4DBQAqAwQAAwUAKgMEAzANBgkqhkiG9w0BAQsFAAOCAQEAebb1/TquvxKw
Tlk+1M4BnijPo8GbC8jYi/D94ClxXZVY0B6236tL8szIzLV8SsGtYuF4DEqrKqK5
047c0hwew1CEgjspPqmKiHkTfVnhuJj4PFkJKnlx0FCOEcZl88FtY840szgRyZEp
v+AFfSsrHOmN6Niiju9iNvHmhELoJE3gZi7Xa+vVL+zHsgbXNFyGyt97CcEgLXZr
z3up95CXPztN9Pqg6HQydNA+YLYntw0fF/wZHoDov/eWh5LLfZsn8c3OIGxzoxJo
zieOhh0T+pUZbcuFy9Vssplt1kpsNE33tWit/J06h8EQxiGwoe9MWgjqt7ZEu+B+
D8BnO/b6Bw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:39 2024 by rpki-client on console-fra.rpki-client.org