Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/4aPEV1qxnRZCiwNy5OMs0h_lP9s.roa
File: 4aPEV1qxnRZCiwNy5OMs0h_lP9s.roa (raw, json)
Hash identifier: zdHsKtKQwH0TJWidfaiBgfRfioyzxdQt10LS7Bt/H04=
Subject key identifier: E1:A3:C4:57:5A:B1:9D:16:42:8B:03:72:E4:E3:2C:D2:1F:E5:3F:DB
Certificate issuer: /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial: 01857102D93EBF1F4925418871847D5B771E
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/4aPEV1qxnRZCiwNy5OMs0h_lP9s.roa
Signing time: Mon 02 Jan 2023 05:44:50 +0000
ROA not before: Mon 02 Jan 2023 05:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44984
IP address blocks: 185.175.84.0/22 maxlen: 22
2a0b:df00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:d9:3e:bf:1f:49:25:41:88:71:84:7d:5b:77:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Validity
Not Before: Jan 2 05:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1a3c4575ab19d16428b0372e4e32cd21fe53fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5e:05:29:3b:e5:fe:33:f7:60:a0:ee:cb:86:
46:57:20:23:b7:39:e4:97:58:22:53:42:72:71:bf:
81:db:1f:02:4b:d2:17:2e:e8:11:da:0f:47:f8:e0:
6f:9e:df:50:46:6d:b6:2d:a7:f3:3f:aa:58:9f:9a:
70:e8:0c:6d:a0:28:ae:e7:6e:da:f3:1b:97:5b:d4:
51:02:5d:63:e3:72:fd:0c:fa:d8:5d:33:6a:21:cf:
32:8a:0f:43:6b:3c:05:02:72:53:e5:da:52:fd:c3:
a2:4a:aa:12:c0:4b:c0:e4:1e:01:cb:40:2e:b0:54:
9f:98:24:39:3f:64:bc:17:87:df:ee:de:3c:f7:a5:
30:e1:4b:19:67:58:8d:97:2f:3e:de:4a:1c:36:fd:
e2:d2:a2:2b:49:cf:75:08:9e:b1:ba:fa:47:c6:8d:
ec:6e:41:bf:cc:95:ed:08:1f:85:0a:96:a7:91:d3:
1b:f0:71:ed:3d:d3:28:c4:18:77:a8:d8:e0:eb:5b:
9f:d5:4b:0d:e4:d6:bb:a9:94:2f:9c:10:ad:fc:18:
49:66:e4:8d:04:da:e4:9f:fa:1e:a4:bc:86:46:c1:
89:5b:ec:46:84:e0:15:49:4f:62:42:42:ff:53:66:
55:47:78:9e:7c:d8:75:4a:dc:af:fc:09:2a:76:64:
55:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A3:C4:57:5A:B1:9D:16:42:8B:03:72:E4:E3:2C:D2:1F:E5:3F:DB
X509v3 Authority Key Identifier:
keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/4aPEV1qxnRZCiwNy5OMs0h_lP9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.84.0/22
IPv6:
2a0b:df00::/32
Signature Algorithm: sha256WithRSAEncryption
06:08:bb:29:a6:d9:03:d0:92:83:9d:20:4e:24:11:64:a3:f8:
4e:72:be:61:92:55:f0:3e:64:0a:a0:30:a0:05:62:dd:a6:a0:
30:8a:8f:95:99:38:bd:8e:8f:89:cb:48:ec:2c:eb:11:19:9a:
c9:9d:59:03:f7:77:76:f3:7f:e8:59:7c:87:9a:73:97:ac:e2:
40:51:d9:8c:75:ad:7d:a8:bc:06:2e:9b:88:10:b3:2e:65:ba:
83:92:4d:0c:f5:f8:b3:15:fb:36:09:19:0a:88:ba:42:f0:77:
f4:78:6a:ea:56:91:c6:2a:64:dc:66:cf:ba:07:29:6c:e1:a1:
f7:f0:66:5f:c5:0f:d1:48:ed:32:d7:ae:d4:de:25:94:e6:22:
be:b6:61:05:56:f5:b6:3e:81:66:7c:2e:3b:d4:d6:eb:e1:a5:
ff:c0:a9:9f:ce:a5:fe:c2:32:a3:ab:91:c8:09:1c:5f:3a:43:
c5:c3:08:45:cf:f2:5f:ef:24:b6:4f:44:58:3d:63:c2:21:f0:
38:30:5d:06:40:84:6f:d3:9b:81:a1:3d:41:7e:06:27:2b:0c:
ad:2d:80:07:2a:02:a4:19:07:a3:66:29:7c:36:7a:82:06:6c:
46:d8:13:86:ae:dc:1c:6f:0c:44:b0:32:2a:56:7e:9f:90:6f:
15:e8:28:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxAtk+vx9JJUGIcYR9W3ceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjMwMTAyMDU0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWEzYzQ1NzVhYjE5ZDE2NDI4YjAzNzJlNGUzMmNkMjFmZTUzZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF4FKTvl/jP3YKDuy4ZGVyAjtznk
l1giU0Jycb+B2x8CS9IXLugR2g9H+OBvnt9QRm22LafzP6pYn5pw6AxtoCiu527a
8xuXW9RRAl1j43L9DPrYXTNqIc8yig9DazwFAnJT5dpS/cOiSqoSwEvA5B4By0Au
sFSfmCQ5P2S8F4ff7t4896Uw4UsZZ1iNly8+3kocNv3i0qIrSc91CJ6xuvpHxo3s
bkG/zJXtCB+FCpankdMb8HHtPdMoxBh3qNjg61uf1UsN5Na7qZQvnBCt/BhJZuSN
BNrkn/oepLyGRsGJW+xGhOAVSU9iQkL/U2ZVR3iefNh1Styv/AkqdmRV2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOGjxFdasZ0WQosDcuTjLNIf5T/bMB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvNGFQRVYxcXhuUlpDaXdOeTVPTXMwaF9sUDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua9UMA0E
AgACMAcDBQAqC98AMA0GCSqGSIb3DQEBCwUAA4IBAQAGCLspptkD0JKDnSBOJBFk
o/hOcr5hklXwPmQKoDCgBWLdpqAwio+VmTi9jo+Jy0jsLOsRGZrJnVkD93d283/o
WXyHmnOXrOJAUdmMda19qLwGLpuIELMuZbqDkk0M9fizFfs2CRkKiLpC8Hf0eGrq
VpHGKmTcZs+6Byls4aH38GZfxQ/RSO0y167U3iWU5iK+tmEFVvW2PoFmfC471Nbr
4aX/wKmfzqX+wjKjq5HICRxfOkPFwwhFz/Jf7yS2T0RYPWPCIfA4MF0GQIRv05uB
oT1BfgYnKwytLYAHKgKkGQejZil8NnqCBmxG2BOGrtwcbwxEsDIqVn6fkG8V6Cjq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org