Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/u0dWN6O6IMkqzUtJeAjzSouxMcw.roa
File: u0dWN6O6IMkqzUtJeAjzSouxMcw.roa (raw, json)
Hash identifier: bezBMPXsOfDbORQVXhuDjfhAxxwAK3c1ytgjU9HoICI=
Subject key identifier: BB:47:56:37:A3:BA:20:C9:2A:CD:4B:49:78:08:F3:4A:8B:B1:31:CC
Certificate issuer: /CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Certificate serial: 0189F4380436507BE973C92470223C46D571
Authority key identifier: 03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/u0dWN6O6IMkqzUtJeAjzSouxMcw.roa
Signing time: Mon 14 Aug 2023 13:24:19 +0000
ROA not before: Mon 14 Aug 2023 13:24:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 185.55.100.0/22 maxlen: 22
185.55.100.0/23 maxlen: 23
185.55.102.0/23 maxlen: 23
2a01:8e20::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:38:04:36:50:7b:e9:73:c9:24:70:22:3c:46:d5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Validity
Not Before: Aug 14 13:24:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb475637a3ba20c92acd4b497808f34a8bb131cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:51:fc:46:b2:a2:b1:01:e3:fd:62:42:b6:ac:
ec:a7:07:0e:3b:c4:c1:16:bb:76:f1:44:58:37:4c:
64:21:cb:9e:8b:69:a1:ec:23:04:d8:2d:e5:25:11:
77:77:20:b2:41:4a:46:fa:3c:b6:de:fb:56:96:a0:
99:be:97:36:29:bf:c7:3c:5d:be:bd:46:9f:7f:b3:
ac:f5:c4:94:57:1a:97:85:5d:20:36:ec:ea:61:9b:
a2:7a:b6:33:97:a7:eb:80:da:4a:26:f2:b8:33:66:
70:77:d4:ee:1b:f7:76:a7:41:e0:90:de:df:3a:65:
8a:3e:58:ff:83:aa:36:c9:18:0c:6e:2a:4e:d8:86:
ab:bf:3a:ab:ba:22:cb:45:cf:00:1a:d0:02:2e:57:
3f:2b:dc:57:29:34:c3:1c:00:59:f2:07:9c:b2:d2:
49:26:33:c3:3a:5d:b6:f8:eb:fb:fa:a4:77:12:34:
e4:91:45:fc:cc:d3:79:53:89:41:a5:56:18:25:5a:
87:8d:06:36:28:47:d7:5c:a5:1e:6a:08:a4:67:2e:
66:82:d7:60:a1:52:25:43:70:1c:23:85:48:82:f0:
f8:14:ea:8e:79:8e:f5:bf:aa:6e:de:68:63:7e:19:
94:c4:02:f4:58:93:bb:24:3e:45:89:82:68:72:2d:
9a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:47:56:37:A3:BA:20:C9:2A:CD:4B:49:78:08:F3:4A:8B:B1:31:CC
X509v3 Authority Key Identifier:
keyid:03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/u0dWN6O6IMkqzUtJeAjzSouxMcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.100.0/22
IPv6:
2a01:8e20::/32
Signature Algorithm: sha256WithRSAEncryption
31:89:96:7a:6a:54:d3:76:bd:99:1d:09:9d:31:a8:5b:21:b3:
2c:da:f7:78:17:6f:e2:02:65:14:05:30:00:b2:db:6d:1b:24:
e4:e0:ad:a9:2a:93:05:5d:74:6d:ae:9d:2d:35:95:e1:06:bc:
35:db:3d:1d:fe:e2:46:15:fe:6d:d2:a8:e3:92:3f:35:2f:19:
37:f4:70:5e:3e:3a:97:1c:ba:3c:c9:2a:e2:bd:64:5f:06:de:
9e:c5:b9:2b:73:17:b1:b2:c4:5d:bf:ff:fb:28:24:57:f6:91:
fd:d8:b8:33:f7:e8:bc:01:51:e8:1e:f0:f0:ee:70:1a:0d:99:
ee:6d:f3:47:0c:64:42:5d:d0:21:d3:0b:fa:59:dd:37:2e:ed:
9b:fc:bf:c5:78:7c:cd:5b:91:bd:aa:14:8d:b3:0b:b1:84:6e:
7c:b7:e7:40:53:57:7a:7a:1e:3a:c6:1f:25:8f:b9:0e:2e:60:
87:4b:8e:df:b8:54:f1:bc:66:1b:96:06:dc:47:8d:71:f1:aa:
ee:ff:6b:ab:d5:0a:9f:14:db:d7:7d:4b:76:b2:bf:85:fe:19:
e2:2e:b3:a7:d2:ae:8f:8f:32:ea:e2:bd:f6:d1:cb:e5:bb:1d:
3a:2c:be:57:3e:fa:79:de:31:fa:8c:e0:15:74:59:8d:0e:f6:
c7:26:f6:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYn0OAQ2UHvpc8kkcCI8RtVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWE1MDhhODViYzczYTlhYWEyMDNhOGE3YmFmOWMxNjJl
NmYzNmMwHhcNMjMwODE0MTMyNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ3NTYzN2EzYmEyMGM5MmFjZDRiNDk3ODA4ZjM0YThiYjEzMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1H8RrKisQHj/WJCtqzspwcOO8TB
Frt28URYN0xkIcuei2mh7CME2C3lJRF3dyCyQUpG+jy23vtWlqCZvpc2Kb/HPF2+
vUaff7Os9cSUVxqXhV0gNuzqYZuierYzl6frgNpKJvK4M2Zwd9TuG/d2p0HgkN7f
OmWKPlj/g6o2yRgMbipO2IarvzqruiLLRc8AGtACLlc/K9xXKTTDHABZ8gecstJJ
JjPDOl22+Ov7+qR3EjTkkUX8zNN5U4lBpVYYJVqHjQY2KEfXXKUeagikZy5mgtdg
oVIlQ3AcI4VIgvD4FOqOeY71v6pu3mhjfhmUxAL0WJO7JD5FiYJoci2a/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLtHVjejuiDJKs1LSXgI80qLsTHMMB8GA1UdIwQY
MBaAFAPqUIqFvHOpqqIDqKe6+cFi5vNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAt
ZDcyNzA5MDVlOTIzLzEvdTBkV042TzZJTWtxelV0SmVBanpTb3V4TWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAtZDcyNzA5MDVlOTIz
LzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTdkMA0E
AgACMAcDBQAqAY4gMA0GCSqGSIb3DQEBCwUAA4IBAQAxiZZ6alTTdr2ZHQmdMahb
IbMs2vd4F2/iAmUUBTAAstttGyTk4K2pKpMFXXRtrp0tNZXhBrw12z0d/uJGFf5t
0qjjkj81Lxk39HBePjqXHLo8ySrivWRfBt6exbkrcxexssRdv//7KCRX9pH92Lgz
9+i8AVHoHvDw7nAaDZnubfNHDGRCXdAh0wv6Wd03Lu2b/L/FeHzNW5G9qhSNswux
hG58t+dAU1d6eh46xh8lj7kOLmCHS47fuFTxvGYblgbcR41x8aru/2ur1QqfFNvX
fUt2sr+F/hniLrOn0q6PjzLq4r320cvlux06LL5XPvp53jH6jOAVdFmNDvbHJvbY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:14 2024 by rpki-client on console-fra.rpki-client.org