Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/02PXwVLnwIHQdDg5xDlUx4r7F84.roa
File: 02PXwVLnwIHQdDg5xDlUx4r7F84.roa (raw, json)
Hash identifier: hbkglkjWCdCXXTDBrF3kMWO+yxyQ4fdBqIiqXXm2FZk=
Subject key identifier: D3:63:D7:C1:52:E7:C0:81:D0:74:38:39:C4:39:54:C7:8A:FB:17:CE
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 018CCA2B5D58A4E7B893AA3E02AD75BF0C93
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/02PXwVLnwIHQdDg5xDlUx4r7F84.roa
Signing time: Tue 02 Jan 2024 12:34:48 +0000
ROA not before: Tue 02 Jan 2024 12:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 185.94.242.0/23 maxlen: 23
185.124.97.0/24 maxlen: 24
185.124.96.0/24 maxlen: 24
185.94.240.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 12 Mar 2024 15:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:5d:58:a4:e7:b8:93:aa:3e:02:ad:75:bf:0c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 2 12:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d363d7c152e7c081d0743839c43954c78afb17ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:05:a6:0f:80:0e:c8:f5:b9:23:ce:fa:6d:4a:
c1:51:97:ee:f3:10:f7:9c:f7:e3:a2:09:58:7a:6d:
2b:b9:72:bc:ab:a1:21:34:33:17:55:01:0f:21:19:
81:0d:ca:3f:e3:95:4f:19:e1:d4:5d:45:2e:c0:42:
4c:ae:db:ac:12:f8:90:d4:da:1a:ea:d1:64:66:fa:
11:2b:73:39:f6:34:b6:58:4a:a2:05:ad:7f:71:eb:
9d:b8:06:af:69:32:f4:ea:c4:f4:f3:14:c0:7f:ce:
96:b8:46:ec:9f:9c:dd:88:59:a0:54:bf:27:2d:ad:
47:d6:12:68:5f:73:4a:86:86:a2:58:d8:80:f9:6b:
54:75:88:74:cb:7c:34:3e:f8:25:e1:e1:ae:96:c5:
5b:7b:81:c3:ef:61:d6:7d:b2:53:72:03:fa:7a:73:
c6:91:7a:41:ca:3a:f1:53:57:77:99:d6:5a:b4:fb:
ef:6a:70:d8:d2:53:b6:3c:b0:35:42:0f:21:43:f7:
f2:4f:87:9a:d6:9e:04:90:ea:cf:aa:15:fe:9e:c9:
e9:e5:ff:25:b2:9f:eb:e9:43:d2:b3:42:73:3a:b2:
fd:75:7e:e5:33:3a:5d:ee:8a:b6:74:1c:ec:96:c2:
4d:4d:45:b8:9a:2c:23:00:1c:83:d4:66:b0:37:ca:
5c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:63:D7:C1:52:E7:C0:81:D0:74:38:39:C4:39:54:C7:8A:FB:17:CE
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/02PXwVLnwIHQdDg5xDlUx4r7F84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.240.0/22
185.124.96.0/23
Signature Algorithm: sha256WithRSAEncryption
75:c2:46:e5:7d:c8:43:61:4d:50:4f:80:2b:4d:39:4e:77:e8:
ea:4d:c2:ce:28:5d:14:64:5c:f4:ca:cb:9d:5f:0e:63:28:94:
80:01:a0:10:04:ef:e4:4e:ec:ac:31:f8:78:be:e5:fd:89:26:
07:88:88:6f:0d:23:15:b4:6a:cb:ac:ae:cc:7c:2f:6f:a2:5e:
7b:20:65:3e:c4:48:5c:75:cc:bd:17:58:e2:fe:e1:e7:c2:3b:
fe:bf:fa:15:6c:c3:71:e8:1b:9d:e0:b4:2c:5a:cb:67:ee:43:
8e:35:38:9f:97:8d:67:3b:11:28:30:2f:6e:0a:fc:28:17:0e:
26:56:c6:84:4d:7a:30:f6:ff:fd:d8:6c:d7:f9:c5:74:2c:10:
5b:54:08:68:5e:db:4e:25:63:40:4b:c2:ba:22:c7:62:bc:85:
b0:41:99:55:ee:d4:d8:04:ba:1b:b5:bb:d6:36:1f:89:58:01:
06:b6:4a:2f:c3:d0:4d:3c:13:fc:12:48:05:60:d7:a4:a8:28:
3d:60:1c:e1:a1:8d:55:41:f1:b4:96:59:85:b6:f8:b3:9d:44:
d5:7c:80:2b:db:2a:18:41:14:03:e7:62:98:d6:dc:5f:e8:ad:
f6:ad:c0:f9:e3:e5:b0:b3:89:33:ed:8c:51:cc:6e:1c:da:eb:
a4:75:11:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK11YpOe4k6o+Aq11vwyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx
Y2FmYTQwHhcNMjQwMTAyMTIzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzYzZDdjMTUyZTdjMDgxZDA3NDM4MzljNDM5NTRjNzhhZmIxN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgWmD4AOyPW5I876bUrBUZfu8xD3
nPfjoglYem0ruXK8q6EhNDMXVQEPIRmBDco/45VPGeHUXUUuwEJMrtusEviQ1Noa
6tFkZvoRK3M59jS2WEqiBa1/ceuduAavaTL06sT08xTAf86WuEbsn5zdiFmgVL8n
La1H1hJoX3NKhoaiWNiA+WtUdYh0y3w0Pvgl4eGulsVbe4HD72HWfbJTcgP6enPG
kXpByjrxU1d3mdZatPvvanDY0lO2PLA1Qg8hQ/fyT4ea1p4EkOrPqhX+nsnp5f8l
sp/r6UPSs0JzOrL9dX7lMzpd7oq2dBzslsJNTUW4miwjAByD1GawN8pckQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNNj18FS58CB0HQ4OcQ5VMeK+xfOMB8GA1UdIwQY
MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt
MGU3MjQxNmI0ZGM3LzEvMDJQWHdWTG53SUhRZERnNXhEbFV4NHI3Rjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3
LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuV7wAwQB
uXxgMA0GCSqGSIb3DQEBCwUAA4IBAQB1wkblfchDYU1QT4ArTTlOd+jqTcLOKF0U
ZFz0ysudXw5jKJSAAaAQBO/kTuysMfh4vuX9iSYHiIhvDSMVtGrLrK7MfC9vol57
IGU+xEhcdcy9F1ji/uHnwjv+v/oVbMNx6Bud4LQsWstn7kOONTifl41nOxEoMC9u
CvwoFw4mVsaETXow9v/92GzX+cV0LBBbVAhoXttOJWNAS8K6IsdivIWwQZlV7tTY
BLobtbvWNh+JWAEGtkovw9BNPBP8EkgFYNekqCg9YBzhoY1VQfG0llmFtviznUTV
fIAr2yoYQRQD52KY1txf6K32rcD54+Wws4kz7YxRzG4c2uukdREP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:30 2024 by rpki-client on console-ams.rpki-client.org