Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/14bca5-9046-4876-8283-ae93def510c2/1/m3oQJtODRkUl5B4pbbtzxnahB74.roa
File: m3oQJtODRkUl5B4pbbtzxnahB74.roa (raw, json)
Hash identifier: tUn0U/6hboJXEfdgf64sGVoKe16K9mOHfYmX6mAIWFE=
Subject key identifier: 9B:7A:10:26:D3:83:46:45:25:E4:1E:29:6D:BB:73:C6:76:A1:07:BE
Certificate issuer: /CN=96329aae02b366ed1a01b52ac33abe760593a806
Certificate serial: 01856D8AB5EFABCB65561855FDD96F3B1814
Authority key identifier: 96:32:9A:AE:02:B3:66:ED:1A:01:B5:2A:C3:3A:BE:76:05:93:A8:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ljKargKzZu0aAbUqwzq-dgWTqAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/14bca5-9046-4876-8283-ae93def510c2/1/m3oQJtODRkUl5B4pbbtzxnahB74.roa
Signing time: Sun 01 Jan 2023 13:34:45 +0000
ROA not before: Sun 01 Jan 2023 13:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202796
IP address blocks: 185.134.56.0/22 maxlen: 22
185.18.236.0/22 maxlen: 22
2a05:1e80::/29 maxlen: 29
2a03:fb40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:b5:ef:ab:cb:65:56:18:55:fd:d9:6f:3b:18:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96329aae02b366ed1a01b52ac33abe760593a806
Validity
Not Before: Jan 1 13:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b7a1026d383464525e41e296dbb73c676a107be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:21:f7:fe:cf:1a:3a:a7:43:2a:38:70:00:ac:
fe:d6:3c:e0:90:37:56:3a:1b:b0:e7:e4:17:48:be:
e1:a2:87:72:2d:c5:df:c3:a9:01:e8:8b:2c:0f:8a:
e7:dd:e5:03:27:b2:46:97:e2:bf:c3:62:31:3f:6c:
cc:50:d8:9e:c7:f7:01:4f:6a:fd:53:7c:16:28:d8:
5c:3b:98:3a:51:8f:b2:fa:19:20:bb:c2:65:d5:0d:
85:e6:d2:dd:f6:97:f1:4f:c7:1d:1a:1e:98:2b:8e:
3f:a1:fa:8f:f5:51:b1:4a:2a:e7:4c:58:1e:3d:74:
a2:71:be:9b:cb:02:68:43:0c:3d:74:b4:78:20:42:
04:b9:10:0f:be:8d:47:89:80:f3:69:64:41:29:1c:
39:ba:aa:81:c6:72:23:8d:e4:0d:6c:fd:0a:63:6b:
a1:68:df:ed:02:ea:5b:51:eb:e6:96:22:d4:02:e5:
f9:88:a7:c6:dc:a1:87:9e:ea:df:c3:c8:b5:84:f9:
54:95:6b:b7:43:40:66:87:85:1a:1e:cc:fa:e1:fe:
ed:60:79:70:29:8f:ba:6a:3e:16:4c:33:3d:fd:e4:
93:37:08:62:2f:19:f6:f0:b2:83:39:ff:9d:6b:83:
70:3f:66:c4:dc:df:1c:8a:82:c4:7e:49:96:35:0a:
f6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7A:10:26:D3:83:46:45:25:E4:1E:29:6D:BB:73:C6:76:A1:07:BE
X509v3 Authority Key Identifier:
keyid:96:32:9A:AE:02:B3:66:ED:1A:01:B5:2A:C3:3A:BE:76:05:93:A8:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ljKargKzZu0aAbUqwzq-dgWTqAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/14bca5-9046-4876-8283-ae93def510c2/1/m3oQJtODRkUl5B4pbbtzxnahB74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/14bca5-9046-4876-8283-ae93def510c2/1/ljKargKzZu0aAbUqwzq-dgWTqAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.236.0/22
185.134.56.0/22
IPv6:
2a03:fb40::/29
2a05:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
5a:28:24:1c:c9:d8:cc:57:35:30:43:c9:f5:a4:95:81:cd:a3:
5f:be:de:fe:7d:ca:dd:a0:49:1c:0d:50:47:94:1b:61:2d:6f:
47:c7:95:ce:44:c0:c7:e8:69:00:98:f4:6a:4e:41:b9:e9:9b:
ef:72:e8:4b:02:32:6e:99:46:51:4e:e8:a5:2e:0b:bd:61:0f:
c9:8d:17:96:ca:36:5b:a8:b1:8a:06:a2:93:00:cd:78:64:db:
53:96:e7:14:24:91:6d:be:af:3c:19:d6:69:31:40:75:09:74:
ca:7c:28:07:d9:4e:99:f2:e6:4a:07:78:7e:77:19:a6:6c:8c:
44:3e:03:37:38:07:e8:27:b4:c1:00:03:cf:22:a3:a1:7c:93:
82:96:a6:ef:4c:0a:29:9d:c1:da:70:22:e6:9a:62:e5:dd:6d:
38:e3:a5:a1:30:f8:4a:8c:7a:99:90:05:aa:e9:dd:0d:bd:67:
7c:e6:58:dd:4d:91:62:32:1c:3e:02:83:ea:0f:81:a8:41:1a:
a0:a0:a8:50:11:53:e2:d4:42:80:35:d4:12:21:eb:3b:cb:89:
5a:eb:20:3e:8d:0a:ca:20:25:6a:93:ae:a8:4f:2e:57:d2:fb:
07:30:0d:d2:2b:55:b7:22:96:82:52:4f:1c:55:46:62:3b:7c:
a2:95:cd:4a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtirXvq8tlVhhV/dlvOxgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MzI5YWFlMDJiMzY2ZWQxYTAxYjUyYWMzM2FiZTc2MDU5
M2E4MDYwHhcNMjMwMTAxMTMzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjdhMTAyNmQzODM0NjQ1MjVlNDFlMjk2ZGJiNzNjNjc2YTEwN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSH3/s8aOqdDKjhwAKz+1jzgkDdW
Ohuw5+QXSL7hoodyLcXfw6kB6IssD4rn3eUDJ7JGl+K/w2IxP2zMUNiex/cBT2r9
U3wWKNhcO5g6UY+y+hkgu8Jl1Q2F5tLd9pfxT8cdGh6YK44/ofqP9VGxSirnTFge
PXSicb6bywJoQww9dLR4IEIEuRAPvo1HiYDzaWRBKRw5uqqBxnIjjeQNbP0KY2uh
aN/tAupbUevmliLUAuX5iKfG3KGHnurfw8i1hPlUlWu3Q0Bmh4UaHsz64f7tYHlw
KY+6aj4WTDM9/eSTNwhiLxn28LKDOf+da4NwP2bE3N8cioLEfkmWNQr2QQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJt6ECbTg0ZFJeQeKW27c8Z2oQe+MB8GA1UdIwQY
MBaAFJYymq4Cs2btGgG1KsM6vnYFk6gGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGpLYXJnS3padTBhQWJVcXd6cS1kZ1dUcUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8xNGJjYTUtOTA0Ni00ODc2LTgyODMt
YWU5M2RlZjUxMGMyLzEvbTNvUUp0T0RSa1VsNUI0cGJidHp4bmFoQjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8xNGJjYTUtOTA0Ni00ODc2LTgyODMtYWU5M2RlZjUxMGMy
LzEvbGpLYXJnS3padTBhQWJVcXd6cS1kZ1dUcUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRLsAwQC
uYY4MBQEAgACMA4DBQMqA/tAAwUDKgUegDANBgkqhkiG9w0BAQsFAAOCAQEAWigk
HMnYzFc1MEPJ9aSVgc2jX77e/n3K3aBJHA1QR5QbYS1vR8eVzkTAx+hpAJj0ak5B
uemb73LoSwIybplGUU7opS4LvWEPyY0Xlso2W6ixigaikwDNeGTbU5bnFCSRbb6v
PBnWaTFAdQl0ynwoB9lOmfLmSgd4fncZpmyMRD4DNzgH6Ce0wQADzyKjoXyTgpam
70wKKZ3B2nAi5ppi5d1tOOOloTD4Sox6mZAFqundDb1nfOZY3U2RYjIcPgKD6g+B
qEEaoKCoUBFT4tRCgDXUEiHrO8uJWusgPo0KyiAlapOuqE8uV9L7BzAN0itVtyKW
glJPHFVGYjt8opXNSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:19 2024 by rpki-client on console-fra.rpki-client.org