Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/s_ZrQn2UDEdLcMPv3eYvouDTSFo.roa
File: s_ZrQn2UDEdLcMPv3eYvouDTSFo.roa (raw, json)
Hash identifier: 442NQS5pjShRHf8Sn4dSfhFne4hKPTAsGDAtoevUxGg=
Subject key identifier: B3:F6:6B:42:7D:94:0C:47:4B:70:C3:EF:DD:E6:2F:A2:E0:D3:48:5A
Certificate issuer: /CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc
Certificate serial: 01856D01639CCFCF39C29B46D25A2A9669C2
Authority key identifier: 04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/s_ZrQn2UDEdLcMPv3eYvouDTSFo.roa
Signing time: Sun 01 Jan 2023 11:04:45 +0000
ROA not before: Sun 01 Jan 2023 11:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205495
IP address blocks: 185.136.184.0/22 maxlen: 24
45.153.44.0/22 maxlen: 24
185.216.80.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:63:9c:cf:cf:39:c2:9b:46:d2:5a:2a:96:69:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc
Validity
Not Before: Jan 1 11:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3f66b427d940c474b70c3efdde62fa2e0d3485a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1f:5b:84:2b:c2:30:17:09:1d:33:fe:ed:b2:
43:93:5d:28:fe:f7:b6:3d:eb:ff:47:03:f0:8f:a5:
9a:8d:06:01:56:0e:f9:34:84:6a:e8:d2:54:05:c3:
85:ba:e4:4d:0c:d2:cb:20:38:52:15:89:f3:94:35:
cb:74:a0:81:5b:0f:7e:1c:04:4a:84:e2:e7:01:be:
7a:bb:e2:f1:23:d9:fa:9f:8e:16:16:7a:dd:4a:3f:
23:d7:64:6a:78:99:54:65:46:0f:be:03:94:73:31:
af:a4:27:cb:77:cb:67:4b:62:0b:b2:ab:6f:0e:70:
13:c7:79:74:fb:0c:77:7f:8c:1a:93:d3:6b:27:09:
43:62:77:bc:8e:23:91:fc:e1:13:cd:f4:8a:44:d7:
5d:59:fd:5d:13:01:3f:15:5f:79:48:e1:c7:2b:8e:
15:9a:0d:ae:42:60:b1:e9:a5:5a:3b:28:ec:71:f1:
0c:a9:01:eb:03:2f:4f:32:18:e4:5c:d6:8b:da:cd:
ab:6b:c9:ed:87:ea:92:a6:03:e0:9e:21:3d:86:c1:
16:0c:5f:d2:c6:ed:4e:e1:ba:bf:3c:8b:fc:bc:b5:
73:cb:b0:05:e3:a6:97:4e:8a:39:74:57:0e:00:5a:
d3:b0:ff:88:d3:55:58:b6:08:bd:c7:c8:ab:a2:74:
80:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F6:6B:42:7D:94:0C:47:4B:70:C3:EF:DD:E6:2F:A2:E0:D3:48:5A
X509v3 Authority Key Identifier:
keyid:04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/s_ZrQn2UDEdLcMPv3eYvouDTSFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.44.0/22
185.136.184.0/22
185.216.80.0/23
Signature Algorithm: sha256WithRSAEncryption
08:d5:31:f1:0e:46:26:d5:16:54:d6:9e:20:a8:2a:35:3f:a0:
3e:9f:e9:86:bb:93:5e:34:91:44:36:4d:22:c9:cf:76:29:fb:
9e:8c:c9:0b:f9:cf:e1:a8:12:dd:2e:86:7d:a5:1b:30:de:47:
c9:d0:59:c0:0a:a7:b8:0f:2b:a6:90:13:16:2c:06:da:72:57:
6f:84:df:f2:99:2d:ca:80:9d:10:cc:f2:74:9b:73:ae:5c:11:
81:66:a1:40:86:a7:dd:26:67:5b:8a:79:dd:50:85:0f:f1:f9:
6f:ff:1a:70:f5:fa:78:5d:4b:81:c4:2a:9e:1e:ca:c3:47:b6:
89:b9:d5:be:af:b5:0b:f1:c4:76:7b:2a:dc:b6:cd:df:07:83:
40:c9:ab:00:d7:b1:3c:a5:c0:21:a4:70:1e:a1:2a:c7:57:f2:
f1:3e:e9:4e:96:62:ef:f8:23:ff:f4:0b:01:90:54:1b:3d:94:
a7:5d:e9:04:d9:bf:42:35:7d:64:d8:20:78:ab:20:e7:9a:e0:
ba:d9:af:6a:0a:d4:8a:1e:59:81:44:c2:06:ca:e8:30:8a:c2:
b9:71:0c:e8:a9:02:39:ea:74:7b:f2:05:de:63:6e:cd:92:72:
67:b2:aa:f1:62:f5:08:1e:86:d0:a4:71:7f:18:86:20:99:5a:
6f:83:e4:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtAWOcz885wptG0loqlmnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTljZmYyNDk4MWQ3MjYzZDFiN2Q2Mzc3OWY1ZDY3M2Rl
MmJkYmMwHhcNMjMwMTAxMTEwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Y2NmI0MjdkOTQwYzQ3NGI3MGMzZWZkZGU2MmZhMmUwZDM0ODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh9bhCvCMBcJHTP+7bJDk10o/ve2
Pev/RwPwj6WajQYBVg75NIRq6NJUBcOFuuRNDNLLIDhSFYnzlDXLdKCBWw9+HARK
hOLnAb56u+LxI9n6n44WFnrdSj8j12RqeJlUZUYPvgOUczGvpCfLd8tnS2ILsqtv
DnATx3l0+wx3f4wak9NrJwlDYne8jiOR/OETzfSKRNddWf1dEwE/FV95SOHHK44V
mg2uQmCx6aVaOyjscfEMqQHrAy9PMhjkXNaL2s2ra8nth+qSpgPgniE9hsEWDF/S
xu1O4bq/PIv8vLVzy7AF46aXToo5dFcOAFrTsP+I01VYtgi9x8ironSAmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLP2a0J9lAxHS3DD793mL6Lg00haMB8GA1UdIwQY
MBaAFASpz/JJgdcmPRt9Y3efXWc94r28MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lZWNmOGItM2Q2My00YzljLWJkODQt
Y2QwZDllNTc0MmNiLzEvc19aclFuMlVERWRMY01QdjNlWXZvdURUU0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lZWNmOGItM2Q2My00YzljLWJkODQtY2QwZDllNTc0MmNi
LzEvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZksAwQC
uYi4AwQBudhQMA0GCSqGSIb3DQEBCwUAA4IBAQAI1THxDkYm1RZU1p4gqCo1P6A+
n+mGu5NeNJFENk0iyc92KfuejMkL+c/hqBLdLoZ9pRsw3kfJ0FnACqe4DyumkBMW
LAbacldvhN/ymS3KgJ0QzPJ0m3OuXBGBZqFAhqfdJmdbinndUIUP8flv/xpw9fp4
XUuBxCqeHsrDR7aJudW+r7UL8cR2eyrcts3fB4NAyasA17E8pcAhpHAeoSrHV/Lx
PulOlmLv+CP/9AsBkFQbPZSnXekE2b9CNX1k2CB4qyDnmuC62a9qCtSKHlmBRMIG
yugwisK5cQzoqQI56nR78gXeY27NknJnsqrxYvUIHobQpHF/GIYgmVpvg+SU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:21 2024 by rpki-client on console-fra.rpki-client.org