Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/t5qx3EP5Dk2KloDIrMY1GvKWj_8.roa
File: t5qx3EP5Dk2KloDIrMY1GvKWj_8.roa (raw, json)
Hash identifier: wv0LsdVzZ2+v+v/Mpmr8sr8QahD2sLhCxmit2uUL7zc=
Subject key identifier: B7:9A:B1:DC:43:F9:0E:4D:8A:96:80:C8:AC:C6:35:1A:F2:96:8F:FF
Certificate issuer: /CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Certificate serial: 01856D660FA9EA0269BE6DB64A9134DB2AF1
Authority key identifier: B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/t5qx3EP5Dk2KloDIrMY1GvKWj_8.roa
Signing time: Sun 01 Jan 2023 12:54:43 +0000
ROA not before: Sun 01 Jan 2023 12:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28715
IP address blocks: 185.104.122.0/24 maxlen: 24
185.104.123.0/24 maxlen: 24
185.104.120.0/22 maxlen: 22
185.104.120.0/24 maxlen: 24
185.104.121.0/24 maxlen: 24
2a06:3000:1::/48 maxlen: 48
2a06:3000::/29 maxlen: 29
2a06:3000:2::/48 maxlen: 48
2a06:3000:1000::/36 maxlen: 36
2a06:3000::/36 maxlen: 36
2a06:3000::/48 maxlen: 48
2a06:3000:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:0f:a9:ea:02:69:be:6d:b6:4a:91:34:db:2a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Validity
Not Before: Jan 1 12:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b79ab1dc43f90e4d8a9680c8acc6351af2968fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:48:79:0d:82:87:25:1d:43:3d:27:b9:ab:3e:
88:33:c1:81:60:7a:2c:2e:c1:3a:a4:70:f0:73:85:
3c:b7:fc:3a:1a:54:69:57:71:23:c7:72:7c:34:e9:
48:a7:e4:90:5a:a6:25:f5:e7:4a:fc:52:6f:3a:a7:
4f:d1:4b:e7:a1:be:ed:b5:ad:7f:64:8e:44:2d:d7:
5e:77:40:aa:92:3e:8b:ad:fe:f7:8b:98:19:e6:cc:
d5:bf:d7:f1:0f:e1:63:06:c3:2c:ba:c3:d4:de:00:
81:f1:ef:1b:58:02:b7:d4:05:63:f3:fa:7d:1a:8f:
10:8e:ba:79:2e:81:cf:97:9e:41:19:f0:fd:87:16:
48:12:08:f4:54:e7:49:d0:0f:9b:bf:15:db:57:7e:
0a:1c:58:47:cc:97:f2:0d:fc:05:12:eb:4a:a5:1e:
3c:e9:e5:a5:2b:14:be:d7:2e:3d:87:6e:12:5a:75:
4f:4a:9b:ab:fd:ac:95:84:b0:6d:e5:8a:27:6b:97:
30:89:e1:df:e8:3b:89:c2:bc:1a:97:8e:7d:86:62:
72:1c:94:ea:df:40:0e:57:76:f9:7d:38:51:26:fd:
7a:37:b1:54:08:97:06:6c:8f:25:c7:41:3e:2a:e9:
3d:d1:d6:a8:71:64:81:4b:89:f1:7e:7c:f4:29:70:
11:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:9A:B1:DC:43:F9:0E:4D:8A:96:80:C8:AC:C6:35:1A:F2:96:8F:FF
X509v3 Authority Key Identifier:
keyid:B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/t5qx3EP5Dk2KloDIrMY1GvKWj_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.120.0/22
IPv6:
2a06:3000::/29
Signature Algorithm: sha256WithRSAEncryption
8e:83:c6:59:f2:04:6c:6a:e1:2c:a0:bf:9a:c8:7e:f4:38:88:
94:26:aa:53:25:99:6f:65:3c:da:4f:c9:6a:37:47:e4:c8:4a:
b1:73:da:ac:51:bd:1e:57:a1:48:e8:d5:c4:d0:c4:4f:df:85:
13:9a:d7:15:de:df:b7:e3:a1:7f:a5:4c:d4:d4:45:b8:7a:55:
3b:49:32:66:f3:4f:63:67:77:81:fe:d4:7d:dd:c2:9f:d1:fc:
1a:2c:06:70:43:31:fe:e1:35:9e:9f:03:a1:1e:f9:e4:63:f4:
17:9f:81:24:bd:33:71:34:49:59:86:d5:7d:4b:06:2c:c7:60:
74:d9:5e:db:35:0a:ef:72:23:e7:b0:60:69:a7:c5:32:09:b1:
cc:77:85:b9:2f:09:3d:09:dc:dd:9f:83:a7:ed:ef:52:3b:0a:
8a:20:04:d4:75:68:83:5f:af:11:c3:10:82:3d:4d:a1:f9:fa:
2b:95:b0:55:02:b5:7e:03:05:07:a6:96:cc:c4:cc:cc:5b:79:
29:32:60:33:05:a1:4e:e4:0f:be:8a:5c:60:47:c1:8c:5b:b7:
e4:20:4a:6a:6d:6c:a1:ae:4e:8b:58:40:74:05:6f:fb:a7:47:
ae:bf:36:86:66:d2:b8:bb:bf:13:73:fb:23:4f:13:19:11:1f:
fc:11:66:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtZg+p6gJpvm22SpE02yrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzUzNzc5MDFhNzg3MWQzYmZmN2E3MDI3N2EyZjRlMmZj
MGUyNzcwHhcNMjMwMTAxMTI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzlhYjFkYzQzZjkwZTRkOGE5NjgwYzhhY2M2MzUxYWYyOTY4ZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkh5DYKHJR1DPSe5qz6IM8GBYHos
LsE6pHDwc4U8t/w6GlRpV3Ejx3J8NOlIp+SQWqYl9edK/FJvOqdP0Uvnob7tta1/
ZI5ELdded0Cqkj6Lrf73i5gZ5szVv9fxD+FjBsMsusPU3gCB8e8bWAK31AVj8/p9
Go8Qjrp5LoHPl55BGfD9hxZIEgj0VOdJ0A+bvxXbV34KHFhHzJfyDfwFEutKpR48
6eWlKxS+1y49h24SWnVPSpur/ayVhLBt5Yona5cwieHf6DuJwrwal459hmJyHJTq
30AOV3b5fThRJv16N7FUCJcGbI8lx0E+Kuk90daocWSBS4nxfnz0KXARZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLeasdxD+Q5NipaAyKzGNRrylo//MB8GA1UdIwQY
MBaAFLE1N3kBp4cdO/96cCd6L04vwOJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUt
OTEyMDQ3MTUzZTAxLzEvdDVxeDNFUDVEazJLbG9ESXJNWTFHdktXal84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUtOTEyMDQ3MTUzZTAx
LzEvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWh4MA0E
AgACMAcDBQMqBjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCOg8ZZ8gRsauEsoL+ayH70
OIiUJqpTJZlvZTzaT8lqN0fkyEqxc9qsUb0eV6FI6NXE0MRP34UTmtcV3t+346F/
pUzU1EW4elU7STJm809jZ3eB/tR93cKf0fwaLAZwQzH+4TWenwOhHvnkY/QXn4Ek
vTNxNElZhtV9SwYsx2B02V7bNQrvciPnsGBpp8UyCbHMd4W5Lwk9Cdzdn4On7e9S
OwqKIATUdWiDX68RwxCCPU2h+forlbBVArV+AwUHppbMxMzMW3kpMmAzBaFO5A++
ilxgR8GMW7fkIEpqbWyhrk6LWEB0BW/7p0euvzaGZtK4u78Tc/sjTxMZER/8EWYQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:55 2024 by rpki-client on console-fra.rpki-client.org