Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/biuNDuYgYOE7Ti3KYb6z17nFzwA.roa
File: biuNDuYgYOE7Ti3KYb6z17nFzwA.roa (raw, json)
Hash identifier: Rsrpy2pHiwnahkQ9gftDT1925/79X/uDrtUqiS4wMaU=
Subject key identifier: 6E:2B:8D:0E:E6:20:60:E1:3B:4E:2D:CA:61:BE:B3:D7:B9:C5:CF:00
Certificate issuer: /CN=10f7741cd1af2bb34c86c73ea3bd6c76d9968d0d
Certificate serial: 018571F0DBBDAB7064DC6CB47D0A8F6B79C7
Authority key identifier: 10:F7:74:1C:D1:AF:2B:B3:4C:86:C7:3E:A3:BD:6C:76:D9:96:8D:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EPd0HNGvK7NMhsc-o71sdtmWjQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/biuNDuYgYOE7Ti3KYb6z17nFzwA.roa
Signing time: Mon 02 Jan 2023 10:04:48 +0000
ROA not before: Mon 02 Jan 2023 10:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20495
IP address blocks: 185.37.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:db:bd:ab:70:64:dc:6c:b4:7d:0a:8f:6b:79:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10f7741cd1af2bb34c86c73ea3bd6c76d9968d0d
Validity
Not Before: Jan 2 10:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e2b8d0ee62060e13b4e2dca61beb3d7b9c5cf00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:11:da:58:8a:e9:4e:a8:d0:90:06:51:aa:07:
37:2c:71:48:98:9f:ce:28:d7:04:65:84:d5:bb:32:
fd:65:bd:dd:41:fc:c7:69:41:a2:d8:5d:4b:60:c9:
d5:41:81:20:91:0e:90:35:fe:a2:79:63:29:ea:f4:
e3:fc:2c:da:4a:a9:96:cf:e9:bf:66:bb:aa:11:4a:
73:a5:3f:de:7a:43:b4:cc:f3:aa:50:65:f7:ff:9c:
24:8a:84:8e:d9:c2:3e:bc:3c:66:b0:04:70:53:2e:
e6:1d:19:f0:3c:38:95:37:03:c3:0a:f1:00:c6:71:
b5:74:04:48:56:f7:6a:fb:3c:53:41:8e:84:9e:59:
d2:b3:0a:41:e9:3a:5a:1c:de:b6:a5:9e:1b:0c:38:
23:bb:30:b1:5d:d9:6d:95:6d:de:57:e9:26:5c:2b:
10:ac:02:91:e0:30:b8:76:7d:70:e7:16:de:44:67:
5f:8d:9b:4e:bc:d0:3c:f9:38:da:1c:dd:fd:0b:7e:
d2:5a:2e:80:c5:d5:fd:ae:53:10:75:c4:91:59:c9:
c9:84:a7:24:0a:40:0e:7f:f1:82:3b:71:bd:b0:e9:
04:47:79:cd:75:a8:0d:a8:fe:92:0d:b7:ce:e4:68:
34:e8:3e:4e:83:27:c9:96:13:47:c9:e8:77:3e:cf:
ce:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2B:8D:0E:E6:20:60:E1:3B:4E:2D:CA:61:BE:B3:D7:B9:C5:CF:00
X509v3 Authority Key Identifier:
keyid:10:F7:74:1C:D1:AF:2B:B3:4C:86:C7:3E:A3:BD:6C:76:D9:96:8D:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EPd0HNGvK7NMhsc-o71sdtmWjQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/biuNDuYgYOE7Ti3KYb6z17nFzwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/def7ce-25d4-43c1-8eae-1a64cf21a604/1/EPd0HNGvK7NMhsc-o71sdtmWjQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.7.0/24
Signature Algorithm: sha256WithRSAEncryption
96:97:a4:6e:b9:9d:20:d5:e8:42:2e:2e:29:7c:e5:9e:6c:68:
3d:d3:bd:49:c5:4d:84:13:0f:d2:13:a5:49:ea:34:70:62:b3:
f1:9f:b8:7a:2c:dd:0c:d3:e6:c4:af:a4:96:a3:8e:97:5b:26:
f5:f6:0e:49:2f:b2:92:a3:56:6c:68:ce:fe:d8:e2:7a:9c:ea:
9b:cf:af:da:fc:57:96:8c:cc:84:48:cf:ea:78:d4:91:56:78:
60:71:cf:48:3a:81:1d:b2:5b:73:90:01:66:79:b4:b5:02:b1:
9f:18:c1:fb:17:2a:5c:6c:47:01:23:20:d3:0a:7b:94:df:ae:
c2:5b:9f:eb:23:6e:d3:d8:ef:e5:42:c2:9b:fe:60:27:fe:da:
6b:24:d2:9a:7a:f5:cc:7d:7f:c9:0c:20:a8:d4:c6:34:df:6c:
34:42:36:a4:7c:71:9d:79:57:99:7b:74:1b:55:d2:24:fe:7f:
28:80:19:da:5b:05:0e:32:d8:f5:62:2b:96:f4:84:a2:90:4e:
b0:19:33:9d:6e:c2:5f:78:4f:1f:2a:a6:87:1a:8b:8f:49:a2:
b6:3d:c0:ea:22:1e:56:c8:77:87:44:49:a1:53:33:bb:42:3c:
cc:4a:d2:a1:90:f6:db:c0:cf:46:88:e3:45:30:ac:d8:67:98:
24:5c:65:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8Nu9q3Bk3Gy0fQqPa3nHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZjc3NDFjZDFhZjJiYjM0Yzg2YzczZWEzYmQ2Yzc2ZDk5
NjhkMGQwHhcNMjMwMTAyMTAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJiOGQwZWU2MjA2MGUxM2I0ZTJkY2E2MWJlYjNkN2I5YzVjZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghHaWIrpTqjQkAZRqgc3LHFImJ/O
KNcEZYTVuzL9Zb3dQfzHaUGi2F1LYMnVQYEgkQ6QNf6ieWMp6vTj/CzaSqmWz+m/
ZruqEUpzpT/eekO0zPOqUGX3/5wkioSO2cI+vDxmsARwUy7mHRnwPDiVNwPDCvEA
xnG1dARIVvdq+zxTQY6EnlnSswpB6TpaHN62pZ4bDDgjuzCxXdltlW3eV+kmXCsQ
rAKR4DC4dn1w5xbeRGdfjZtOvNA8+TjaHN39C37SWi6AxdX9rlMQdcSRWcnJhKck
CkAOf/GCO3G9sOkER3nNdagNqP6SDbfO5Gg06D5OgyfJlhNHyeh3Ps/OKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4rjQ7mIGDhO04tymG+s9e5xc8AMB8GA1UdIwQY
MBaAFBD3dBzRryuzTIbHPqO9bHbZlo0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVBkMEhOR3ZLN05NaHNjLW83MXNkdG1XalEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZWY3Y2UtMjVkNC00M2MxLThlYWUt
MWE2NGNmMjFhNjA0LzEvYml1TkR1WWdZT0U3VGkzS1liNnoxN25GendBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZWY3Y2UtMjVkNC00M2MxLThlYWUtMWE2NGNmMjFhNjA0
LzEvRVBkMEhOR3ZLN05NaHNjLW83MXNkdG1XalEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSUHMA0G
CSqGSIb3DQEBCwUAA4IBAQCWl6RuuZ0g1ehCLi4pfOWebGg9071JxU2EEw/SE6VJ
6jRwYrPxn7h6LN0M0+bEr6SWo46XWyb19g5JL7KSo1ZsaM7+2OJ6nOqbz6/a/FeW
jMyESM/qeNSRVnhgcc9IOoEdsltzkAFmebS1ArGfGMH7FypcbEcBIyDTCnuU367C
W5/rI27T2O/lQsKb/mAn/tprJNKaevXMfX/JDCCo1MY032w0QjakfHGdeVeZe3Qb
VdIk/n8ogBnaWwUOMtj1YiuW9ISikE6wGTOdbsJfeE8fKqaHGouPSaK2PcDqIh5W
yHeHREmhUzO7QjzMStKhkPbbwM9GiONFMKzYZ5gkXGXB
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:57 2024 by rpki-client on console-fra.rpki-client.org