Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/510765-e22a-4a5c-be17-18309d8a4c63/1/bQToROh2cF1brgIGhTSj6bJWr_8.roa
File: bQToROh2cF1brgIGhTSj6bJWr_8.roa (raw, json)
Hash identifier: h1pwahue12rPoGBZ3Qzc7cXRC/jymbp8KHTwLvyCy7k=
Subject key identifier: 6D:04:E8:44:E8:76:70:5D:5B:AE:02:06:85:34:A3:E9:B2:56:AF:FF
Certificate issuer: /CN=73f2599d95ec919327ff68742d6c49c2a6a54888
Certificate serial: 01892BD0ADF9912C03E7C5C13FE3963A3B01
Authority key identifier: 73:F2:59:9D:95:EC:91:93:27:FF:68:74:2D:6C:49:C2:A6:A5:48:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_JZnZXskZMn_2h0LWxJwqalSIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/510765-e22a-4a5c-be17-18309d8a4c63/1/bQToROh2cF1brgIGhTSj6bJWr_8.roa
Signing time: Thu 06 Jul 2023 15:27:23 +0000
ROA not before: Thu 06 Jul 2023 15:27:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25433
IP address blocks: 94.232.160.0/21 maxlen: 21
185.197.80.0/22 maxlen: 22
2a0a:7840::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:d0:ad:f9:91:2c:03:e7:c5:c1:3f:e3:96:3a:3b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f2599d95ec919327ff68742d6c49c2a6a54888
Validity
Not Before: Jul 6 15:27:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d04e844e876705d5bae02068534a3e9b256afff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:db:b0:e1:12:33:19:57:92:b5:0b:6c:61:1f:
66:2f:de:da:45:e0:38:42:30:26:f0:de:22:24:38:
b1:6e:03:72:91:ca:b4:68:84:26:d3:92:f9:5e:85:
87:49:30:a7:d5:1a:38:fa:4f:72:7c:25:a5:cd:ba:
da:bf:10:0d:91:c0:83:57:61:8b:29:02:b2:be:be:
29:78:5d:25:30:3c:c4:96:4d:75:9b:e0:56:d8:b4:
42:d8:1d:01:2d:1b:f6:39:4c:6d:cb:3a:78:dd:17:
11:e8:42:4b:57:d1:3f:45:f8:8b:39:08:2e:bd:40:
a1:15:20:81:ca:37:1c:90:5f:8b:74:b4:f2:00:0b:
ac:90:e9:27:02:d8:91:77:61:a5:eb:c6:26:24:a2:
80:19:f5:8b:a7:73:a4:60:7e:8f:22:4b:da:1e:5e:
00:12:80:86:fb:92:ed:4a:95:df:b1:f0:fc:e3:37:
3e:89:ec:06:3a:b4:af:9e:4c:92:81:c2:b9:39:f4:
9d:d0:d7:e9:cc:22:0a:ed:34:c7:7b:07:85:b1:b6:
77:e3:87:63:06:c8:5b:51:0c:cf:8a:e3:e9:de:91:
91:d5:e7:b8:a2:3e:44:d8:99:0a:a4:56:2b:8a:98:
a4:a9:8e:96:60:56:41:c7:a0:a9:a7:df:e3:c8:17:
d3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:04:E8:44:E8:76:70:5D:5B:AE:02:06:85:34:A3:E9:B2:56:AF:FF
X509v3 Authority Key Identifier:
keyid:73:F2:59:9D:95:EC:91:93:27:FF:68:74:2D:6C:49:C2:A6:A5:48:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_JZnZXskZMn_2h0LWxJwqalSIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/510765-e22a-4a5c-be17-18309d8a4c63/1/bQToROh2cF1brgIGhTSj6bJWr_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/510765-e22a-4a5c-be17-18309d8a4c63/1/c_JZnZXskZMn_2h0LWxJwqalSIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.160.0/21
185.197.80.0/22
IPv6:
2a0a:7840::/29
Signature Algorithm: sha256WithRSAEncryption
47:65:23:34:85:01:db:31:23:88:1e:77:cf:8b:c1:b6:6d:75:
58:80:65:d6:2b:89:22:7d:76:3e:39:6c:06:9a:c7:f4:f5:68:
79:1f:a0:91:fc:c1:45:5d:fb:fd:51:46:a9:9c:fe:e9:a1:3b:
b2:c4:a9:23:95:ec:99:88:c9:3e:cb:02:63:93:0a:3b:f1:75:
1d:79:0b:c2:df:4c:2e:b1:64:11:42:dd:7e:16:ab:49:18:d2:
bc:ce:9a:28:39:d4:86:d4:6c:cf:09:b6:5f:6d:61:e3:57:06:
ba:0c:7a:f5:bd:50:0a:ee:21:ed:49:83:e9:d5:e3:d0:8f:d9:
ff:fa:08:d5:c4:0d:ae:7f:92:0c:08:d5:15:51:a2:6d:b1:7f:
1b:29:41:f2:c9:b6:5e:4e:63:92:69:29:f4:29:1d:bd:e5:e1:
3f:14:db:20:34:6a:c7:4a:33:0a:a3:61:05:d3:3f:ac:36:89:
1e:e3:14:46:a3:20:3b:28:9d:16:98:44:47:21:16:e4:f7:70:
98:00:64:cf:07:b5:1d:cf:44:7b:fb:c2:e2:7f:6c:79:ab:c0:
8a:0a:75:a1:5d:4b:5c:60:81:f4:6d:cd:c2:85:d7:e9:6e:c4:
6a:c3:41:e0:24:ae:eb:cc:a4:16:a0:fd:9f:32:c2:f8:b1:48:
e9:4d:b8:2c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYkr0K35kSwD58XBP+OWOjsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjI1OTlkOTVlYzkxOTMyN2ZmNjg3NDJkNmM0OWMyYTZh
NTQ4ODgwHhcNMjMwNzA2MTUyNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA0ZTg0NGU4NzY3MDVkNWJhZTAyMDY4NTM0YTNlOWIyNTZhZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNuw4RIzGVeStQtsYR9mL97aReA4
QjAm8N4iJDixbgNykcq0aIQm05L5XoWHSTCn1Ro4+k9yfCWlzbravxANkcCDV2GL
KQKyvr4peF0lMDzElk11m+BW2LRC2B0BLRv2OUxtyzp43RcR6EJLV9E/RfiLOQgu
vUChFSCByjcckF+LdLTyAAuskOknAtiRd2Gl68YmJKKAGfWLp3OkYH6PIkvaHl4A
EoCG+5LtSpXfsfD84zc+iewGOrSvnkySgcK5OfSd0NfpzCIK7TTHeweFsbZ344dj
BshbUQzPiuPp3pGR1ee4oj5E2JkKpFYripikqY6WYFZBx6Cpp9/jyBfT5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG0E6ETodnBdW64CBoU0o+myVq//MB8GA1UdIwQY
MBaAFHPyWZ2V7JGTJ/9odC1sScKmpUiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19KWm5aWHNrWk1uXzJoMExXeEp3cWFsU0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTA3NjUtZTIyYS00YTVjLWJlMTct
MTgzMDlkOGE0YzYzLzEvYlFUb1JPaDJjRjFicmdJR2hUU2o2YkpXcl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTA3NjUtZTIyYS00YTVjLWJlMTctMTgzMDlkOGE0YzYz
LzEvY19KWm5aWHNrWk1uXzJoMExXeEp3cWFsU0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXuigAwQC
ucVQMA0EAgACMAcDBQMqCnhAMA0GCSqGSIb3DQEBCwUAA4IBAQBHZSM0hQHbMSOI
HnfPi8G2bXVYgGXWK4kifXY+OWwGmsf09Wh5H6CR/MFFXfv9UUapnP7poTuyxKkj
leyZiMk+ywJjkwo78XUdeQvC30wusWQRQt1+FqtJGNK8zpooOdSG1GzPCbZfbWHj
Vwa6DHr1vVAK7iHtSYPp1ePQj9n/+gjVxA2uf5IMCNUVUaJtsX8bKUHyybZeTmOS
aSn0KR295eE/FNsgNGrHSjMKo2EF0z+sNoke4xRGoyA7KJ0WmERHIRbk93CYAGTP
B7Udz0R7+8Lif2x5q8CKCnWhXUtcYIH0bc3ChdfpbsRqw0HgJK7rzKQWoP2fMsL4
sUjpTbgs
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:18 2024 by rpki-client on console-fra.rpki-client.org