Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/2fc167-b357-4394-b4e8-c825be2813bc/1/lisTTtpzg0KUz1RakvWDAs8viu4.roa
File: lisTTtpzg0KUz1RakvWDAs8viu4.roa (raw, json)
Hash identifier: 9z5vQI7bZ6efj/3zc8YZA4X2+TlWBDUr2XmAoDg3rpA=
Subject key identifier: 96:2B:13:4E:DA:73:83:42:94:CF:54:5A:92:F5:83:02:CF:2F:8A:EE
Certificate issuer: /CN=0b84ea549f88211058b34bfcab0640c3030393c3
Certificate serial: 01856EF42B768861EB7F2F68F121A4751629
Authority key identifier: 0B:84:EA:54:9F:88:21:10:58:B3:4B:FC:AB:06:40:C3:03:03:93:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C4TqVJ-IIRBYs0v8qwZAwwMDk8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/2fc167-b357-4394-b4e8-c825be2813bc/1/lisTTtpzg0KUz1RakvWDAs8viu4.roa
Signing time: Sun 01 Jan 2023 20:09:33 +0000
ROA not before: Sun 01 Jan 2023 20:09:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52195
IP address blocks: 185.12.20.0/22 maxlen: 23
46.149.208.0/20 maxlen: 23
185.237.160.0/24 maxlen: 24
2a02:ea80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 19 Jun 2023 11:57:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:2b:76:88:61:eb:7f:2f:68:f1:21:a4:75:16:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b84ea549f88211058b34bfcab0640c3030393c3
Validity
Not Before: Jan 1 20:09:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=962b134eda73834294cf545a92f58302cf2f8aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f2:68:7e:f7:62:a1:93:cc:06:4f:ef:c2:4f:
1c:a6:25:bf:98:98:44:73:17:ba:23:08:b6:7a:40:
ab:6e:7b:38:92:26:75:b7:55:11:94:46:86:ae:ca:
2d:7c:8b:02:1a:b1:15:09:6b:e5:b1:08:7e:71:f4:
d1:ea:7b:0b:8f:25:02:17:0d:55:75:6a:9a:17:cb:
95:33:13:d1:f4:20:86:cc:0a:ae:bc:53:c1:41:75:
12:a3:58:20:82:5b:e3:e3:23:af:31:b0:d0:70:69:
42:bf:f3:b1:0f:8e:49:14:46:4e:41:e6:3b:2f:9a:
40:f9:91:f2:5e:58:33:79:4d:2c:99:ba:94:40:a7:
3b:78:9d:97:74:5f:ab:a7:17:a0:4a:0d:ff:1f:21:
25:4d:da:c8:81:69:22:59:2c:bf:9c:7c:ef:0d:bc:
92:76:62:f8:08:7e:48:78:76:50:fd:fe:fe:08:0f:
11:e3:55:18:f0:e2:ea:7d:a3:1e:d8:a9:f7:95:44:
ec:45:90:d2:46:b5:09:bc:5c:72:19:4d:84:cf:de:
86:53:ff:4a:b9:83:37:35:b2:72:74:ab:3d:31:b3:
41:2f:8c:a7:64:88:1a:18:5f:a4:0c:4f:56:d7:39:
26:45:f5:af:c1:f6:cb:14:02:dd:49:a4:4d:56:37:
31:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2B:13:4E:DA:73:83:42:94:CF:54:5A:92:F5:83:02:CF:2F:8A:EE
X509v3 Authority Key Identifier:
keyid:0B:84:EA:54:9F:88:21:10:58:B3:4B:FC:AB:06:40:C3:03:03:93:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4TqVJ-IIRBYs0v8qwZAwwMDk8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/2fc167-b357-4394-b4e8-c825be2813bc/1/lisTTtpzg0KUz1RakvWDAs8viu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/2fc167-b357-4394-b4e8-c825be2813bc/1/C4TqVJ-IIRBYs0v8qwZAwwMDk8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.208.0/20
185.12.20.0/22
185.237.160.0/24
IPv6:
2a02:ea80::/32
Signature Algorithm: sha256WithRSAEncryption
01:14:aa:18:60:50:c0:e0:a9:ac:bf:5a:a3:2f:96:9e:95:d9:
aa:59:9f:0e:6b:98:6a:78:34:9a:21:9f:cf:b8:66:4c:dd:13:
01:2a:6b:35:59:89:4a:c7:1c:3a:87:41:80:c7:55:12:bd:42:
7e:0e:5c:21:31:b1:96:46:b1:5d:29:55:6c:78:0b:2a:fe:b1:
2a:a2:9d:1f:14:5d:ac:37:43:71:e7:ed:98:68:c8:cb:22:f1:
0a:44:f3:6a:42:99:c2:ae:71:63:97:d7:a6:b5:05:a8:f4:30:
de:45:e0:0f:55:fc:ee:95:3d:cf:98:9f:aa:31:55:81:be:ee:
fc:14:29:6a:e2:90:38:f2:4b:0f:db:10:a7:78:c3:6f:4d:96:
5a:d7:90:07:3b:ca:d6:ba:ac:0f:30:d3:d9:35:1d:10:ea:43:
6f:c1:db:8e:f0:0d:e0:19:60:46:d2:02:16:f4:6f:9a:c9:a6:
fa:7d:d2:47:32:4d:37:bf:c7:20:4f:f3:49:24:04:50:49:8d:
bd:e0:6c:b3:28:ef:c1:90:8f:72:31:db:a9:c1:ba:be:46:4b:
57:d6:fb:49:c7:b0:fe:b9:69:0c:5b:df:5e:86:fc:8b:52:59:
2c:e5:c5:d0:8d:36:37:52:b2:35:a5:38:9f:7e:f5:1a:f0:d8:
c0:e0:2d:85
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVu9Ct2iGHrfy9o8SGkdRYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiODRlYTU0OWY4ODIxMTA1OGIzNGJmY2FiMDY0MGMzMDMw
MzkzYzMwHhcNMjMwMTAxMjAwOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJiMTM0ZWRhNzM4MzQyOTRjZjU0NWE5MmY1ODMwMmNmMmY4YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPJofvdioZPMBk/vwk8cpiW/mJhE
cxe6Iwi2ekCrbns4kiZ1t1URlEaGrsotfIsCGrEVCWvlsQh+cfTR6nsLjyUCFw1V
dWqaF8uVMxPR9CCGzAquvFPBQXUSo1ggglvj4yOvMbDQcGlCv/OxD45JFEZOQeY7
L5pA+ZHyXlgzeU0smbqUQKc7eJ2XdF+rpxegSg3/HyElTdrIgWkiWSy/nHzvDbyS
dmL4CH5IeHZQ/f7+CA8R41UY8OLqfaMe2Kn3lUTsRZDSRrUJvFxyGU2Ez96GU/9K
uYM3NbJydKs9MbNBL4ynZIgaGF+kDE9W1zkmRfWvwfbLFALdSaRNVjcxswIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJYrE07ac4NClM9UWpL1gwLPL4ruMB8GA1UdIwQY
MBaAFAuE6lSfiCEQWLNL/KsGQMMDA5PDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzRUcVZKLUlJUkJZczB2OHF3WkF3d01EazhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yZmMxNjctYjM1Ny00Mzk0LWI0ZTgt
YzgyNWJlMjgxM2JjLzEvbGlzVFR0cHpnMEtVejFSYWt2V0RBczh2aXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yZmMxNjctYjM1Ny00Mzk0LWI0ZTgtYzgyNWJlMjgxM2Jj
LzEvQzRUcVZKLUlJUkJZczB2OHF3WkF3d01EazhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELpXQAwQC
uQwUAwQAue2gMA0EAgACMAcDBQAqAuqAMA0GCSqGSIb3DQEBCwUAA4IBAQABFKoY
YFDA4Kmsv1qjL5aeldmqWZ8Oa5hqeDSaIZ/PuGZM3RMBKms1WYlKxxw6h0GAx1US
vUJ+DlwhMbGWRrFdKVVseAsq/rEqop0fFF2sN0Nx5+2YaMjLIvEKRPNqQpnCrnFj
l9emtQWo9DDeReAPVfzulT3PmJ+qMVWBvu78FClq4pA48ksP2xCneMNvTZZa15AH
O8rWuqwPMNPZNR0Q6kNvwduO8A3gGWBG0gIW9G+ayab6fdJHMk03v8cgT/NJJARQ
SY294GyzKO/BkI9yMdupwbq+RktX1vtJx7D+uWkMW99ehvyLUlks5cXQjTY3UrI1
pTiffvUa8NjA4C2F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org