Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/2KjkPT0QTHnzsOYIlgjuqSQxqNA.roa
File: 2KjkPT0QTHnzsOYIlgjuqSQxqNA.roa (raw, json)
Hash identifier: kfDeYUhKneT9C/Y2+ur6n53aLnvmf/tuzjNIPDXHoB0=
Subject key identifier: D8:A8:E4:3D:3D:10:4C:79:F3:B0:E6:08:96:08:EE:A9:24:31:A8:D0
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 01856E81F4700AC324A426A5D28C44AC544E
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/2KjkPT0QTHnzsOYIlgjuqSQxqNA.roa
Signing time: Sun 01 Jan 2023 18:04:48 +0000
ROA not before: Sun 01 Jan 2023 18:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61960
IP address blocks: 185.54.48.0/22 maxlen: 24
91.243.120.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:f4:70:0a:c3:24:a4:26:a5:d2:8c:44:ac:54:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jan 1 18:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8a8e43d3d104c79f3b0e6089608eea92431a8d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a6:b8:00:7b:ec:3a:94:1b:5f:16:0c:7b:1b:
77:73:82:6e:32:e7:13:6d:93:f4:65:ec:d0:bd:0d:
2f:b4:14:c7:b0:ca:8d:7a:fe:c8:dc:1d:84:bd:81:
25:4e:41:e1:e0:47:41:95:d3:57:bd:df:89:4a:d1:
ec:f2:37:c0:df:49:13:58:2f:77:62:e4:dc:2d:8f:
91:e6:53:88:47:13:09:5f:f9:b5:42:2b:e2:83:20:
cf:9a:3d:d3:0c:f2:ca:85:3b:b9:37:39:57:a1:1e:
91:01:f7:ad:e8:39:fc:5f:aa:4a:7c:d5:a1:34:ca:
83:9e:33:74:01:e1:9b:f5:04:98:1b:1f:f2:d5:bf:
87:54:27:be:fd:41:2b:49:f9:75:96:3f:0e:9e:e6:
30:e1:78:dd:04:f0:37:fa:7e:b5:3e:02:c5:6b:aa:
59:95:92:4a:51:f5:9a:fc:b8:63:73:50:02:8e:fa:
80:c8:de:e4:5e:0e:37:d1:dd:c8:b7:49:73:a9:6a:
ae:a7:f2:2e:b7:f6:fa:8b:79:1e:4f:ac:6d:e1:f3:
5c:3b:c6:f8:30:e0:a7:d8:fe:61:16:2e:75:b1:c9:
90:a0:69:dd:91:04:99:39:df:6c:99:08:87:e6:83:
5c:91:91:1b:32:ed:e1:46:2d:fa:24:56:bb:88:59:
53:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A8:E4:3D:3D:10:4C:79:F3:B0:E6:08:96:08:EE:A9:24:31:A8:D0
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/2KjkPT0QTHnzsOYIlgjuqSQxqNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.120.0/23
185.54.48.0/22
Signature Algorithm: sha256WithRSAEncryption
13:67:59:8b:2a:a7:04:13:99:df:07:df:55:db:db:10:c1:f4:
bc:35:5b:77:80:ee:b6:10:e1:68:d9:a5:24:8d:d2:e2:e9:8d:
93:29:a7:44:16:d0:15:e4:d5:d3:1c:45:9b:a3:bc:e4:69:d3:
65:4c:c8:0d:0e:4b:ec:8c:e8:1b:81:47:2e:52:24:74:dc:fd:
25:4a:f8:3f:22:0e:87:ad:99:e5:a7:f5:d5:28:71:ca:f6:1e:
40:e5:3d:9e:4a:8f:b6:4b:8a:aa:b0:a8:e0:fe:20:ec:b7:0b:
8f:88:1c:1b:36:95:dc:e7:16:d5:b8:7e:55:c3:b3:c0:03:fb:
7d:f1:9c:36:f2:a8:1a:a2:71:c5:f9:f8:7f:8e:53:19:ca:8f:
3a:2f:30:2a:8b:bc:65:52:33:f2:9c:02:2d:1c:f6:a1:a5:80:
23:48:54:c4:f4:0e:be:2e:02:fc:ca:e9:d9:3f:89:c7:63:97:
4a:b4:de:94:6a:26:e6:cb:55:04:1f:9d:f5:bb:20:29:a1:b7:
35:30:6c:d8:a3:58:b8:63:a3:cd:dc:8e:21:b5:0e:91:2c:bf:
87:5c:7c:49:c2:33:6e:24:96:2b:1d:03:c5:82:1c:8d:92:95:
ed:63:00:36:c1:40:ab:1c:4d:4d:f7:33:a6:71:a5:17:18:b2:
68:f7:fa:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVugfRwCsMkpCal0oxErFROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjMwMTAxMTgwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE4ZTQzZDNkMTA0Yzc5ZjNiMGU2MDg5NjA4ZWVhOTI0MzFhOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6a4AHvsOpQbXxYMext3c4JuMucT
bZP0ZezQvQ0vtBTHsMqNev7I3B2EvYElTkHh4EdBldNXvd+JStHs8jfA30kTWC93
YuTcLY+R5lOIRxMJX/m1QivigyDPmj3TDPLKhTu5NzlXoR6RAfet6Dn8X6pKfNWh
NMqDnjN0AeGb9QSYGx/y1b+HVCe+/UErSfl1lj8OnuYw4XjdBPA3+n61PgLFa6pZ
lZJKUfWa/Lhjc1ACjvqAyN7kXg430d3It0lzqWqup/Iut/b6i3keT6xt4fNcO8b4
MOCn2P5hFi51scmQoGndkQSZOd9smQiH5oNckZEbMu3hRi36JFa7iFlTjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNio5D09EEx587DmCJYI7qkkMajQMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvMktqa1BUMFFUSG56c09ZSWxnanVxU1F4cU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW/N4AwQC
uTYwMA0GCSqGSIb3DQEBCwUAA4IBAQATZ1mLKqcEE5nfB99V29sQwfS8NVt3gO62
EOFo2aUkjdLi6Y2TKadEFtAV5NXTHEWbo7zkadNlTMgNDkvsjOgbgUcuUiR03P0l
Svg/Ig6HrZnlp/XVKHHK9h5A5T2eSo+2S4qqsKjg/iDstwuPiBwbNpXc5xbVuH5V
w7PAA/t98Zw28qgaonHF+fh/jlMZyo86LzAqi7xlUjPynAItHPahpYAjSFTE9A6+
LgL8yunZP4nHY5dKtN6Uaibmy1UEH531uyApobc1MGzYo1i4Y6PN3I4htQ6RLL+H
XHxJwjNuJJYrHQPFghyNkpXtYwA2wUCrHE1N9zOmcaUXGLJo9/pq
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:37 2024 by rpki-client on console-fra.rpki-client.org