Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/0eecfE8kCiOuCZuZR4-5CKPBzqQ.roa
File: 0eecfE8kCiOuCZuZR4-5CKPBzqQ.roa (raw, json)
Hash identifier: 6XBKGyy273AckZqGW2MIv9YSqRNOr8xI57vUcIMdYXI=
Subject key identifier: D1:E7:9C:7C:4F:24:0A:23:AE:09:9B:99:47:8F:B9:08:A3:C1:CE:A4
Certificate issuer: /CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Certificate serial: 01856FF04BA2AE82DD266163921D9218A96D
Authority key identifier: A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/0eecfE8kCiOuCZuZR4-5CKPBzqQ.roa
Signing time: Mon 02 Jan 2023 00:44:57 +0000
ROA not before: Mon 02 Jan 2023 00:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203678
IP address blocks: 185.125.140.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:4b:a2:ae:82:dd:26:61:63:92:1d:92:18:a9:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Validity
Not Before: Jan 2 00:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1e79c7c4f240a23ae099b99478fb908a3c1cea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3e:cc:5d:c4:6e:88:24:55:a7:ed:1d:17:b0:
d7:e4:b4:5c:d0:77:6c:5d:af:8a:48:15:d5:d4:62:
68:70:a2:8f:01:ef:51:b5:a1:da:f9:fb:58:0a:0e:
12:ec:88:4f:7b:58:ba:ed:5f:e8:2b:f5:a1:f3:34:
7f:90:5b:0d:ce:e6:f9:60:e9:9e:a2:24:cd:a4:b0:
e7:90:a4:42:bd:0d:3c:d5:91:ed:61:5d:a3:c4:64:
ec:15:52:2f:38:8f:8c:3d:af:a2:d1:66:27:d3:bf:
4c:90:ff:79:24:d8:7f:dc:32:0d:05:b3:92:60:02:
58:b4:b1:d9:06:30:b8:b6:db:dc:ef:e2:cc:34:dd:
a6:c7:e0:9d:bc:8f:29:3e:89:b2:37:80:00:ed:d6:
8d:c0:2e:88:30:44:60:bc:21:96:e7:29:ee:a1:e9:
98:81:77:57:73:0f:fa:27:02:a5:aa:9c:58:8a:35:
87:d2:90:67:e1:43:ef:6b:d2:35:3a:66:84:83:97:
34:09:a0:2b:27:0b:e5:bd:49:7e:c4:2d:86:b0:fc:
fa:a8:9e:b9:55:ab:ce:06:9f:78:fe:f7:51:2e:81:
e9:d8:71:0f:b9:7c:db:e3:11:8b:cd:3f:ef:a8:20:
7a:ed:ca:bb:21:8b:09:bc:a0:1e:73:e2:63:6e:a7:
00:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E7:9C:7C:4F:24:0A:23:AE:09:9B:99:47:8F:B9:08:A3:C1:CE:A4
X509v3 Authority Key Identifier:
keyid:A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/0eecfE8kCiOuCZuZR4-5CKPBzqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/o2CNaw6ApkMPtq9D-uFooOgBH-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.140.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:fe:d4:9c:b4:fa:95:c7:14:72:0a:87:6e:b5:30:cb:62:c8:
14:68:c8:4d:b5:2f:77:74:c6:6a:c9:7c:19:48:58:fb:d2:3d:
36:39:0d:ec:9a:aa:e0:30:57:8e:ba:bd:d3:7e:bf:2a:df:11:
63:cc:fb:0c:d1:14:8a:5a:af:62:f4:24:7a:4f:b6:4e:56:96:
f6:1f:80:d6:52:f4:e8:15:5e:49:e4:1d:03:69:5a:1f:0c:ed:
50:d6:40:8b:db:78:98:af:49:0f:8d:7a:ff:f8:cf:20:de:e8:
88:70:a2:80:8b:94:8a:82:e9:d8:1a:f3:44:ce:2c:a5:3b:ac:
fe:17:c9:e1:d4:99:cb:d9:18:2a:b9:5e:ca:ca:d4:31:01:20:
0b:f3:60:97:d3:2f:36:19:a6:75:2a:f6:50:f7:4d:12:eb:dc:
69:ca:6c:f7:81:1a:b8:c3:a7:36:ce:b1:f9:a3:06:66:5e:d5:
5f:18:d6:df:8c:5c:00:6f:46:44:77:09:a7:b2:f6:8a:04:2e:
1e:4b:04:f2:1d:d2:c0:34:89:50:22:d9:62:79:85:b4:4c:a1:
58:77:cd:a8:ea:71:07:34:92:30:94:1f:04:93:a5:8a:de:ee:
2e:a5:8b:47:d8:42:50:0a:0d:2f:20:00:e3:16:82:cb:4f:30:
f1:ef:d6:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8EuiroLdJmFjkh2SGKltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjA4ZDZiMGU4MGE2NDMwZmI2YWY0M2ZhZTE2OGEwZTgw
MTFmZWUwHhcNMjMwMTAyMDA0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWU3OWM3YzRmMjQwYTIzYWUwOTliOTk0NzhmYjkwOGEzYzFjZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT7MXcRuiCRVp+0dF7DX5LRc0Hds
Xa+KSBXV1GJocKKPAe9RtaHa+ftYCg4S7IhPe1i67V/oK/Wh8zR/kFsNzub5YOme
oiTNpLDnkKRCvQ081ZHtYV2jxGTsFVIvOI+MPa+i0WYn079MkP95JNh/3DINBbOS
YAJYtLHZBjC4ttvc7+LMNN2mx+CdvI8pPomyN4AA7daNwC6IMERgvCGW5ynuoemY
gXdXcw/6JwKlqpxYijWH0pBn4UPva9I1OmaEg5c0CaArJwvlvUl+xC2GsPz6qJ65
VavOBp94/vdRLoHp2HEPuXzb4xGLzT/vqCB67cq7IYsJvKAec+JjbqcArwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHnnHxPJAojrgmbmUePuQijwc6kMB8GA1UdIwQY
MBaAFKNgjWsOgKZDD7avQ/rhaKDoAR/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMt
ODNiZjcwYjFmZDZiLzEvMGVlY2ZFOGtDaU91Q1p1WlI0LTVDS1BCenFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMtODNiZjcwYjFmZDZi
LzEvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX2MMA0G
CSqGSIb3DQEBCwUAA4IBAQDL/tSctPqVxxRyCodutTDLYsgUaMhNtS93dMZqyXwZ
SFj70j02OQ3smqrgMFeOur3Tfr8q3xFjzPsM0RSKWq9i9CR6T7ZOVpb2H4DWUvTo
FV5J5B0DaVofDO1Q1kCL23iYr0kPjXr/+M8g3uiIcKKAi5SKgunYGvNEziylO6z+
F8nh1JnL2RgquV7KytQxASAL82CX0y82GaZ1KvZQ900S69xpymz3gRq4w6c2zrH5
owZmXtVfGNbfjFwAb0ZEdwmnsvaKBC4eSwTyHdLANIlQItlieYW0TKFYd82o6nEH
NJIwlB8Ek6WK3u4upYtH2EJQCg0vIADjFoLLTzDx79b/
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:32 2024 by rpki-client on console-fra.rpki-client.org