Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/oRvr2rVOmh2nnfA8F1C1leXlL2c.roa
File: oRvr2rVOmh2nnfA8F1C1leXlL2c.roa (raw, json)
Hash identifier: MoMdwMQyJKKLmDHmdcB+lGvOuTQlR4xz+Rcf9meezno=
Subject key identifier: A1:1B:EB:DA:B5:4E:9A:1D:A7:9D:F0:3C:17:50:B5:95:E5:E5:2F:67
Certificate issuer: /CN=295579f5b673dbe2ebba348cfb0f56124cde7048
Certificate serial: 01856B9358596A52269EACD2B9AC4C3BAE72
Authority key identifier: 29:55:79:F5:B6:73:DB:E2:EB:BA:34:8C:FB:0F:56:12:4C:DE:70:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVV59bZz2-LrujSM-w9WEkzecEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/oRvr2rVOmh2nnfA8F1C1leXlL2c.roa
Signing time: Sun 01 Jan 2023 04:24:56 +0000
ROA not before: Sun 01 Jan 2023 04:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56647
IP address blocks: 185.168.112.0/24 maxlen: 24
185.94.84.0/23 maxlen: 23
185.168.113.0/24 maxlen: 24
185.94.86.0/24 maxlen: 24
2a04:2d00::/48 maxlen: 48
2a0b:f600::/48 maxlen: 48
2a04:2d01::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:58:59:6a:52:26:9e:ac:d2:b9:ac:4c:3b:ae:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295579f5b673dbe2ebba348cfb0f56124cde7048
Validity
Not Before: Jan 1 04:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a11bebdab54e9a1da79df03c1750b595e5e52f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:df:08:c6:e1:d3:db:d5:a8:2d:c6:da:82:53:
c6:67:03:0f:81:6c:ad:6c:b7:14:5e:96:ed:a8:e1:
39:fe:58:b4:71:f4:05:c9:67:8b:fd:66:5a:4a:f4:
60:ce:57:b7:ce:4d:34:fd:c2:eb:3c:66:3e:ea:83:
f0:0b:95:cb:b6:77:8f:49:0d:cf:6f:61:f1:3c:a9:
5c:34:09:7d:e4:b8:54:13:66:03:2f:bf:7d:75:44:
f7:18:37:19:26:d1:50:37:4a:7b:4d:f0:6f:14:f3:
82:92:1b:75:03:4f:94:98:d1:08:c7:38:05:b3:d1:
82:1b:d6:45:42:e3:d1:1a:e3:d5:8c:75:b7:59:34:
bb:aa:17:1a:1e:15:f9:bf:e6:e4:f5:fb:6a:be:94:
2b:c1:10:a4:59:60:49:ea:a5:fe:5e:2f:ec:14:dc:
78:c9:8c:09:cf:ea:a8:f1:5a:c8:9f:e6:e1:27:80:
02:5f:9b:96:1f:9d:ff:f3:9e:87:65:28:4b:e5:86:
e3:e8:b8:b0:6a:28:45:fc:32:91:1d:c1:13:a3:7d:
3b:aa:66:8a:69:77:38:be:0c:2b:58:ba:79:04:48:
f6:8d:71:c8:2c:99:67:17:61:b7:62:90:9a:db:91:
49:f0:73:1a:a7:0b:5d:0f:87:c7:7c:05:7b:27:0e:
4c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1B:EB:DA:B5:4E:9A:1D:A7:9D:F0:3C:17:50:B5:95:E5:E5:2F:67
X509v3 Authority Key Identifier:
keyid:29:55:79:F5:B6:73:DB:E2:EB:BA:34:8C:FB:0F:56:12:4C:DE:70:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVV59bZz2-LrujSM-w9WEkzecEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/oRvr2rVOmh2nnfA8F1C1leXlL2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/KVV59bZz2-LrujSM-w9WEkzecEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.84.0-185.94.86.255
185.168.112.0/23
IPv6:
2a04:2d00::/48
2a04:2d01::/48
2a0b:f600::/48
Signature Algorithm: sha256WithRSAEncryption
06:b8:8f:64:b3:82:6c:ea:6f:37:b1:39:ae:29:5a:8c:e3:04:
bc:6c:1a:95:3f:f0:47:27:da:3a:d3:7b:72:83:74:ac:eb:5d:
b4:a3:d8:88:b8:b8:fa:1f:af:2b:c3:27:10:be:d5:ab:7f:3d:
66:2b:d9:91:72:9b:94:b2:22:bc:62:2f:00:b6:fa:d7:70:1a:
19:5a:e9:cf:ce:cf:3f:a5:82:b5:52:aa:53:2d:8c:d7:9f:12:
a5:f5:e3:c4:81:9a:b7:15:42:cd:94:fc:6a:ca:cf:26:08:4e:
03:cd:2e:48:a3:6c:0d:bc:72:0b:b6:7f:07:8c:b8:03:c5:c1:
71:86:b3:cd:01:ee:96:36:f9:99:9e:33:1a:09:e0:17:99:28:
e5:11:82:a3:18:da:2c:45:33:2f:80:53:f2:ab:85:ef:19:5b:
6d:d7:ee:d6:9f:8d:ee:a5:c5:b1:f3:c2:39:23:f7:db:8a:81:
89:05:20:45:e6:1d:89:90:93:82:59:98:01:02:33:c1:49:30:
1d:3e:67:79:f3:56:e5:b3:c4:20:80:0e:4f:0f:4a:b7:b8:90:
6e:9a:d2:fe:0f:0a:ef:7d:d3:f2:ff:75:41:ac:23:ec:2e:42:
b2:d2:0c:34:7c:0c:cb:67:01:b4:ee:11:09:0a:3f:bd:4c:75:
02:3c:95:45
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVrk1hZalImnqzSuaxMO65yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTU3OWY1YjY3M2RiZTJlYmJhMzQ4Y2ZiMGY1NjEyNGNk
ZTcwNDgwHhcNMjMwMTAxMDQyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFiZWJkYWI1NGU5YTFkYTc5ZGYwM2MxNzUwYjU5NWU1ZTUyZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit8IxuHT29WoLcbaglPGZwMPgWyt
bLcUXpbtqOE5/li0cfQFyWeL/WZaSvRgzle3zk00/cLrPGY+6oPwC5XLtnePSQ3P
b2HxPKlcNAl95LhUE2YDL799dUT3GDcZJtFQN0p7TfBvFPOCkht1A0+UmNEIxzgF
s9GCG9ZFQuPRGuPVjHW3WTS7qhcaHhX5v+bk9ftqvpQrwRCkWWBJ6qX+Xi/sFNx4
yYwJz+qo8VrIn+bhJ4ACX5uWH53/856HZShL5Ybj6LiwaihF/DKRHcETo307qmaK
aXc4vgwrWLp5BEj2jXHILJlnF2G3YpCa25FJ8HMapwtdD4fHfAV7Jw5M2wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKEb69q1Tpodp53wPBdQtZXl5S9nMB8GA1UdIwQY
MBaAFClVefW2c9vi67o0jPsPVhJM3nBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZWNTliWnoyLUxydWpTTS13OVdFa3plY0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xNTc0YzktMDFkNS00OGZkLTk4MGYt
MzQzYzRkMjRjMjNiLzEvb1J2cjJyVk9taDJubmZBOEYxQzFsZVhsTDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xNTc0YzktMDFkNS00OGZkLTk4MGYtMzQzYzRkMjRjMjNi
LzEvS1ZWNTliWnoyLUxydWpTTS13OVdFa3plY0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAaBAIAATAUMAwDBAK5XlQD
BAC5XlYDBAG5qHAwIQQCAAIwGwMHACoELQAAAAMHACoELQEAAAMHACoL9gAAADAN
BgkqhkiG9w0BAQsFAAOCAQEABriPZLOCbOpvN7E5rilajOMEvGwalT/wRyfaOtN7
coN0rOtdtKPYiLi4+h+vK8MnEL7Vq389ZivZkXKblLIivGIvALb613AaGVrpz87P
P6WCtVKqUy2M158SpfXjxIGatxVCzZT8asrPJghOA80uSKNsDbxyC7Z/B4y4A8XB
cYazzQHuljb5mZ4zGgngF5ko5RGCoxjaLEUzL4BT8quF7xlbbdfu1p+N7qXFsfPC
OSP324qBiQUgReYdiZCTglmYAQIzwUkwHT5nefNW5bPEIIAOTw9Kt7iQbprS/g8K
733T8v91Qawj7C5CstIMNHwMy2cBtO4RCQo/vUx1AjyVRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:12 2024 by rpki-client on console-fra.rpki-client.org