Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/1p4Tsr9PxozK7-KifaQzvMmPUlY.roa
File: 1p4Tsr9PxozK7-KifaQzvMmPUlY.roa (raw, json)
Hash identifier: TbdvftJvD/zeLKa3FYSs/npy+EhpRDl89pkviQtCGGA=
Subject key identifier: D6:9E:13:B2:BF:4F:C6:8C:CA:EF:E2:A2:7D:A4:33:BC:C9:8F:52:56
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 018572A7E99AD702E21FD797FB4EAED1664B
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/1p4Tsr9PxozK7-KifaQzvMmPUlY.roa
Signing time: Mon 02 Jan 2023 13:24:45 +0000
ROA not before: Mon 02 Jan 2023 13:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28941
IP address blocks: 185.103.112.0/24 maxlen: 24
185.103.112.0/22 maxlen: 22
185.103.115.0/24 maxlen: 24
185.103.114.0/24 maxlen: 24
185.103.113.0/24 maxlen: 24
2a04:c8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:e9:9a:d7:02:e2:1f:d7:97:fb:4e:ae:d1:66:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Jan 2 13:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d69e13b2bf4fc68ccaefe2a27da433bcc98f5256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:50:27:4e:4c:a2:2d:3a:67:30:f6:02:6b:fa:
7a:ff:6e:73:da:cd:b9:2f:e8:2a:ff:f1:b6:38:33:
5a:a7:fc:70:6d:7c:3a:6b:9d:f3:10:14:b4:81:31:
cb:58:68:24:12:76:53:57:8a:bc:22:a5:34:ff:21:
22:30:8d:52:58:a2:d4:19:6e:4b:ec:49:f5:95:d9:
cd:1b:1b:b2:94:1f:a9:a6:05:8f:44:21:b2:49:6b:
40:69:34:f8:42:07:28:00:9d:18:dc:b0:b6:13:3f:
32:48:63:0b:34:80:07:97:72:82:31:38:96:13:73:
35:63:45:26:cd:f1:46:91:f5:77:9a:4e:a1:80:bc:
43:b2:13:dc:75:12:30:84:14:c7:27:72:fc:39:b6:
d6:f6:2d:f9:10:03:60:1b:d6:c6:37:38:c0:a0:bd:
c8:74:0e:9e:0e:32:b7:cd:20:d9:8e:9b:12:5a:68:
4f:75:d9:9d:c1:a4:ba:f6:1b:fc:5f:0b:06:04:72:
47:1e:aa:0d:67:40:fb:f9:37:23:66:19:01:f1:78:
81:06:05:d4:3f:69:35:c4:1e:6f:f7:f5:16:13:0b:
a1:b4:9b:38:89:0e:9c:42:5f:83:50:96:a2:bf:92:
4d:69:cc:55:d3:a2:78:89:aa:23:c8:a4:02:89:fa:
d4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9E:13:B2:BF:4F:C6:8C:CA:EF:E2:A2:7D:A4:33:BC:C9:8F:52:56
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/1p4Tsr9PxozK7-KifaQzvMmPUlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.112.0/22
IPv6:
2a04:c8c0::/29
Signature Algorithm: sha256WithRSAEncryption
34:ee:61:86:ab:ee:4e:41:05:f8:19:cd:84:1c:5f:b9:d1:57:
6e:fd:66:e8:26:a1:f0:7d:28:e6:ee:ac:34:bb:e5:e8:64:ad:
7b:e3:b6:71:39:3c:25:64:61:51:9a:9c:e0:f1:af:a9:ae:d9:
32:02:58:f0:9e:b6:91:6f:88:2a:4e:31:6e:07:96:68:f9:ce:
26:04:eb:8e:1a:29:42:70:d5:87:e9:83:6a:45:50:f0:b9:ac:
b2:ca:e6:82:aa:2f:6b:02:4a:a0:7f:10:96:74:c4:c6:74:58:
31:f3:7c:9f:25:06:78:9b:80:5a:1c:6d:98:c4:32:22:5c:37:
2e:73:fa:65:84:7c:45:5b:15:6d:49:df:77:5d:8e:5c:f0:7d:
28:10:5f:94:8c:6e:ec:9b:d2:6b:92:5d:86:fd:9d:84:0a:d5:
57:90:3c:f8:48:60:b2:fe:62:3f:d1:10:52:5d:38:71:18:15:
73:fe:ad:1d:4d:b8:75:43:11:31:13:3d:91:7c:a6:a7:02:b7:
ae:2d:9d:05:66:b0:33:83:4e:75:f1:a2:d6:ed:5b:14:47:b3:
a8:f6:87:61:40:a7:32:e6:ed:c0:d9:da:ef:38:73:f7:3e:ad:
ee:cf:a1:4a:cf:0a:b7:b8:ae:11:f8:9c:ef:32:90:e3:9b:8a:
82:de:90:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyp+ma1wLiH9eX+06u0WZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjMwMTAyMTMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjllMTNiMmJmNGZjNjhjY2FlZmUyYTI3ZGE0MzNiY2M5OGY1MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVAnTkyiLTpnMPYCa/p6/25z2s25
L+gq//G2ODNap/xwbXw6a53zEBS0gTHLWGgkEnZTV4q8IqU0/yEiMI1SWKLUGW5L
7En1ldnNGxuylB+ppgWPRCGySWtAaTT4QgcoAJ0Y3LC2Ez8ySGMLNIAHl3KCMTiW
E3M1Y0UmzfFGkfV3mk6hgLxDshPcdRIwhBTHJ3L8ObbW9i35EANgG9bGNzjAoL3I
dA6eDjK3zSDZjpsSWmhPddmdwaS69hv8XwsGBHJHHqoNZ0D7+TcjZhkB8XiBBgXU
P2k1xB5v9/UWEwuhtJs4iQ6cQl+DUJaiv5JNacxV06J4iaojyKQCifrUYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNaeE7K/T8aMyu/ion2kM7zJj1JWMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvMXA0VHNyOVB4b3pLNy1LaWZhUXp2TW1QVWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWdwMA0E
AgACMAcDBQMqBMjAMA0GCSqGSIb3DQEBCwUAA4IBAQA07mGGq+5OQQX4Gc2EHF+5
0Vdu/WboJqHwfSjm7qw0u+XoZK1747ZxOTwlZGFRmpzg8a+prtkyAljwnraRb4gq
TjFuB5Zo+c4mBOuOGilCcNWH6YNqRVDwuayyyuaCqi9rAkqgfxCWdMTGdFgx83yf
JQZ4m4BaHG2YxDIiXDcuc/plhHxFWxVtSd93XY5c8H0oEF+UjG7sm9Jrkl2G/Z2E
CtVXkDz4SGCy/mI/0RBSXThxGBVz/q0dTbh1QxExEz2RfKanAreuLZ0FZrAzg051
8aLW7VsUR7Oo9odhQKcy5u3A2drvOHP3Pq3uz6FKzwq3uK4R+JzvMpDjm4qC3pD6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:11 2024 by rpki-client on console-fra.rpki-client.org