Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/97bace-b2d5-4052-8f61-5f2dfed5d1a4/1/K4LTpuZJidu8X97SYa5KcFatHnU.roa
File: K4LTpuZJidu8X97SYa5KcFatHnU.roa (raw, json)
Hash identifier: yhNxPDxFYklQVBPfiJ4JkYl3N09cZLDyGs8AdDrosrE=
Subject key identifier: 2B:82:D3:A6:E6:49:89:DB:BC:5F:DE:D2:61:AE:4A:70:56:AD:1E:75
Certificate issuer: /CN=e3463c278b84e2df00a47bc2d80c8d80ffa9ba89
Certificate serial: 01856FE6F4B4B46E29D91BC62DF59BC18AB4
Authority key identifier: E3:46:3C:27:8B:84:E2:DF:00:A4:7B:C2:D8:0C:8D:80:FF:A9:BA:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/40Y8J4uE4t8ApHvC2AyNgP-puok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/97bace-b2d5-4052-8f61-5f2dfed5d1a4/1/K4LTpuZJidu8X97SYa5KcFatHnU.roa
Signing time: Mon 02 Jan 2023 00:34:44 +0000
ROA not before: Mon 02 Jan 2023 00:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197690
IP address blocks: 185.35.172.0/22 maxlen: 24
193.104.37.0/24 maxlen: 24
2a00:b060::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:f4:b4:b4:6e:29:d9:1b:c6:2d:f5:9b:c1:8a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3463c278b84e2df00a47bc2d80c8d80ffa9ba89
Validity
Not Before: Jan 2 00:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b82d3a6e64989dbbc5fded261ae4a7056ad1e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:76:29:b6:be:22:19:f7:6d:c7:db:e6:61:c6:
0e:ca:0b:ba:38:b4:e6:e8:6f:76:ef:c2:89:a7:da:
8b:05:7d:3b:89:b1:38:1a:d1:7c:b5:0a:32:d4:ad:
80:a7:2e:f2:f9:4c:76:08:e4:6f:96:72:33:ea:67:
7c:83:fe:1c:55:85:24:9e:c1:9a:da:99:bc:f2:2d:
46:8e:18:75:6b:7e:05:ff:e9:a3:1a:dc:3f:94:1d:
4a:0b:88:a7:19:b3:df:0c:b4:d4:d8:96:a2:21:5b:
06:5e:01:fd:fb:e0:92:ea:89:00:62:bb:ac:56:7e:
f3:13:64:af:84:38:2c:cc:88:11:9f:49:53:34:bf:
7a:66:b4:76:b4:9d:14:e0:c8:f0:5e:03:74:06:24:
48:31:08:49:17:7c:ae:b3:7f:47:e1:f8:55:00:30:
cb:e7:e3:5b:dd:1c:6f:08:98:94:97:99:5c:a5:80:
89:65:01:01:1d:dc:45:dd:38:34:d8:c0:3a:f5:d0:
77:d5:80:ca:e8:9b:11:b2:7c:b5:ff:a5:37:8b:08:
db:b0:30:95:97:ed:5e:e9:1f:7e:d7:03:ff:43:2f:
bf:14:ef:92:9d:90:bf:d1:36:ff:b8:31:4d:52:e7:
ee:bd:21:ba:9d:7f:73:0f:65:1b:2c:fa:f7:e0:7b:
47:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:82:D3:A6:E6:49:89:DB:BC:5F:DE:D2:61:AE:4A:70:56:AD:1E:75
X509v3 Authority Key Identifier:
keyid:E3:46:3C:27:8B:84:E2:DF:00:A4:7B:C2:D8:0C:8D:80:FF:A9:BA:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/40Y8J4uE4t8ApHvC2AyNgP-puok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/97bace-b2d5-4052-8f61-5f2dfed5d1a4/1/K4LTpuZJidu8X97SYa5KcFatHnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/97bace-b2d5-4052-8f61-5f2dfed5d1a4/1/40Y8J4uE4t8ApHvC2AyNgP-puok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.172.0/22
193.104.37.0/24
IPv6:
2a00:b060::/32
Signature Algorithm: sha256WithRSAEncryption
72:0d:f1:5e:5e:ef:22:7d:40:c1:29:f5:b5:39:35:cf:bc:fe:
38:97:30:ae:c5:52:d3:b1:97:d0:d5:fa:98:02:3f:a7:e9:64:
1d:70:92:45:d1:0c:da:f7:d2:60:ac:14:1a:ee:5f:96:2f:47:
74:ca:e1:c7:b2:ff:a1:6e:2d:2b:1a:e0:f0:ad:13:1a:5d:90:
8b:aa:e0:a6:7e:2d:df:70:2b:8b:14:ed:0a:15:6e:98:fa:cb:
1c:63:7b:fb:93:e5:58:a7:48:1c:49:06:e3:8a:ee:31:b6:e6:
da:51:04:38:aa:30:f4:56:61:f9:93:9d:b7:13:05:bf:47:b9:
af:08:dc:52:70:bf:67:fa:63:8d:d7:09:a4:22:37:0f:db:1f:
66:f8:77:31:73:ee:60:7c:fe:c9:9f:a5:27:c3:80:77:30:e9:
1f:cc:c2:92:f5:8a:eb:22:b9:32:6e:36:d6:2a:e1:83:00:d8:
bf:f5:ff:47:55:5d:75:3b:38:9e:35:a9:a1:dc:b7:3c:ff:a8:
13:ec:c1:65:c5:a0:2d:c3:42:fa:10:99:20:0b:91:74:13:c7:
57:31:f6:c1:3d:8f:0a:9a:f7:de:c9:ab:71:ab:e6:67:f1:e3:
39:9f:84:78:64:3a:a2:33:2a:e5:ed:67:67:1c:e6:4b:0a:ec:
55:35:68:11
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv5vS0tG4p2RvGLfWbwYq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNDYzYzI3OGI4NGUyZGYwMGE0N2JjMmQ4MGM4ZDgwZmZh
OWJhODkwHhcNMjMwMTAyMDAzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjgyZDNhNmU2NDk4OWRiYmM1ZmRlZDI2MWFlNGE3MDU2YWQxZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnYptr4iGfdtx9vmYcYOygu6OLTm
6G9278KJp9qLBX07ibE4GtF8tQoy1K2Apy7y+Ux2CORvlnIz6md8g/4cVYUknsGa
2pm88i1Gjhh1a34F/+mjGtw/lB1KC4inGbPfDLTU2JaiIVsGXgH9++CS6okAYrus
Vn7zE2SvhDgszIgRn0lTNL96ZrR2tJ0U4MjwXgN0BiRIMQhJF3yus39H4fhVADDL
5+Nb3RxvCJiUl5lcpYCJZQEBHdxF3Tg02MA69dB31YDK6JsRsny1/6U3iwjbsDCV
l+1e6R9+1wP/Qy+/FO+SnZC/0Tb/uDFNUufuvSG6nX9zD2UbLPr34HtHEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCuC06bmSYnbvF/e0mGuSnBWrR51MB8GA1UdIwQY
MBaAFONGPCeLhOLfAKR7wtgMjYD/qbqJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDBZOEo0dUU0dDhBcEh2QzJBeU5nUC1wdW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85N2JhY2UtYjJkNS00MDUyLThmNjEt
NWYyZGZlZDVkMWE0LzEvSzRMVHB1WkppZHU4WDk3U1lhNUtjRmF0SG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85N2JhY2UtYjJkNS00MDUyLThmNjEtNWYyZGZlZDVkMWE0
LzEvNDBZOEo0dUU0dDhBcEh2QzJBeU5nUC1wdW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSOsAwQA
wWglMA0EAgACMAcDBQAqALBgMA0GCSqGSIb3DQEBCwUAA4IBAQByDfFeXu8ifUDB
KfW1OTXPvP44lzCuxVLTsZfQ1fqYAj+n6WQdcJJF0Qza99JgrBQa7l+WL0d0yuHH
sv+hbi0rGuDwrRMaXZCLquCmfi3fcCuLFO0KFW6Y+sscY3v7k+VYp0gcSQbjiu4x
tubaUQQ4qjD0VmH5k523EwW/R7mvCNxScL9n+mON1wmkIjcP2x9m+Hcxc+5gfP7J
n6Unw4B3MOkfzMKS9YrrIrkybjbWKuGDANi/9f9HVV11OzieNamh3Lc8/6gT7MFl
xaAtw0L6EJkgC5F0E8dXMfbBPY8Kmvfeyatxq+Zn8eM5n4R4ZDqiMyrl7WdnHOZL
CuxVNWgR
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:35 2024 by rpki-client on console-fra.rpki-client.org