Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/pybUKVe8_PXlV1UEuJEtNCH73qE.roa
File: pybUKVe8_PXlV1UEuJEtNCH73qE.roa (raw, json)
Hash identifier: u2pPOPLcAokhhRg6IfT7kPdKcQD0opeyPRapJKH7w6M=
Subject key identifier: A7:26:D4:29:57:BC:FC:F5:E5:57:55:04:B8:91:2D:34:21:FB:DE:A1
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AD4FDE3AE68739EDD26AF0543155A
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/pybUKVe8_PXlV1UEuJEtNCH73qE.roa
Signing time: Mon 02 Jan 2023 17:15:07 +0000
ROA not before: Mon 02 Jan 2023 17:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205512
IP address blocks: 185.93.120.0/22 maxlen: 24
185.120.44.0/22 maxlen: 24
2a06:8f40::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:d4:fd:e3:ae:68:73:9e:dd:26:af:05:43:15:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a726d42957bcfcf5e5575504b8912d3421fbdea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:89:c5:5c:1f:52:32:a0:b3:a6:ac:c5:94:c4:
2a:9e:4a:47:36:94:b3:3a:c1:6f:61:39:9f:dc:67:
0b:b2:c5:07:3b:2a:ec:44:dc:e8:0f:11:18:87:fb:
52:02:2d:9a:3a:6d:98:a3:bc:46:1c:86:d0:56:ec:
9c:a9:ab:22:f8:94:bb:fe:97:e5:f9:be:16:10:8b:
e9:48:45:03:64:b1:75:4b:15:4c:99:60:74:be:e5:
47:5e:4b:13:1b:ff:e6:b4:9c:4d:8c:ce:66:8f:43:
74:7b:ce:21:cd:ad:d8:ca:c4:ea:c6:3a:2d:c9:15:
26:d4:8b:3a:e5:15:f4:16:a7:0a:77:13:a8:22:e6:
d1:18:6c:57:05:bf:94:92:44:9a:96:99:cb:09:26:
13:80:23:f2:06:30:cf:60:14:fb:af:0a:95:c5:6b:
6d:1b:24:d1:37:6a:38:17:06:64:bc:e1:f6:e0:b5:
90:1e:ef:66:38:10:3e:7f:9f:d2:95:f4:52:92:c0:
59:ce:31:2b:2c:5a:7c:04:a4:c2:78:e9:7e:56:61:
7f:7c:7d:ca:b6:30:2e:fb:c7:26:a6:e6:d3:ee:7a:
38:a3:77:d0:4c:ec:bd:d3:55:b5:14:28:4f:02:41:
62:bd:b2:c3:1b:5b:d3:95:82:71:db:34:bb:e4:3e:
7a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:26:D4:29:57:BC:FC:F5:E5:57:55:04:B8:91:2D:34:21:FB:DE:A1
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/pybUKVe8_PXlV1UEuJEtNCH73qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.120.0/22
185.120.44.0/22
IPv6:
2a06:8f40::/29
Signature Algorithm: sha256WithRSAEncryption
96:8f:2c:62:f5:b3:50:fa:6b:87:4c:40:91:b6:49:5e:61:a0:
d5:ad:30:ed:e0:17:7c:f8:01:76:17:68:de:3c:8d:9a:72:be:
e5:22:32:4c:c9:6a:38:7b:4e:85:dd:79:ba:67:5a:72:7d:8d:
a5:0c:0d:96:6f:99:41:75:72:36:7a:42:f3:9c:ab:b0:71:a1:
61:e8:e8:86:03:16:9c:e2:9e:49:53:bd:d5:d3:7e:dd:8f:8c:
5c:8d:17:36:23:14:b5:fd:6e:40:33:30:88:84:2b:b2:87:70:
f4:2d:3b:c7:69:58:d3:a0:4a:ad:1d:7d:e5:67:ef:d7:81:ad:
6d:4e:bc:f3:c3:1f:15:e3:da:97:dc:6a:7d:f1:10:5c:91:54:
7a:12:37:c2:dd:35:dd:e1:fe:3b:65:1d:e5:14:5b:5a:1b:37:
b7:f5:27:02:78:29:5c:a5:89:7b:32:9a:7e:c1:dd:97:3f:8f:
ee:e6:9a:b9:9a:f2:d8:ae:b3:6d:58:73:6f:34:51:16:00:e7:
e2:7a:a3:d0:28:16:52:ba:06:3b:c3:15:88:89:0c:39:51:05:
17:87:93:c6:7a:a9:88:b6:f2:10:f0:4f:bd:62:76:15:a2:fc:
30:6a:2d:d2:9d:61:5b:41:5e:15:50:57:32:f0:d6:db:85:21:
fd:da:90:c7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzetT9465oc57dJq8FQxVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI2ZDQyOTU3YmNmY2Y1ZTU1NzU1MDRiODkxMmQzNDIxZmJkZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsInFXB9SMqCzpqzFlMQqnkpHNpSz
OsFvYTmf3GcLssUHOyrsRNzoDxEYh/tSAi2aOm2Yo7xGHIbQVuycqasi+JS7/pfl
+b4WEIvpSEUDZLF1SxVMmWB0vuVHXksTG//mtJxNjM5mj0N0e84hza3YysTqxjot
yRUm1Is65RX0FqcKdxOoIubRGGxXBb+UkkSalpnLCSYTgCPyBjDPYBT7rwqVxWtt
GyTRN2o4FwZkvOH24LWQHu9mOBA+f5/SlfRSksBZzjErLFp8BKTCeOl+VmF/fH3K
tjAu+8cmpubT7no4o3fQTOy901W1FChPAkFivbLDG1vTlYJx2zS75D56zwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKcm1ClXvPz15VdVBLiRLTQh+96hMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvcHliVUtWZThfUFhsVjFVRXVKRXROQ0g3M3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuV14AwQC
uXgsMA0EAgACMAcDBQMqBo9AMA0GCSqGSIb3DQEBCwUAA4IBAQCWjyxi9bNQ+muH
TECRtkleYaDVrTDt4Bd8+AF2F2jePI2acr7lIjJMyWo4e06F3Xm6Z1pyfY2lDA2W
b5lBdXI2ekLznKuwcaFh6OiGAxac4p5JU73V037dj4xcjRc2IxS1/W5AMzCIhCuy
h3D0LTvHaVjToEqtHX3lZ+/Xga1tTrzzwx8V49qX3Gp98RBckVR6EjfC3TXd4f47
ZR3lFFtaGze39ScCeClcpYl7Mpp+wd2XP4/u5pq5mvLYrrNtWHNvNFEWAOfieqPQ
KBZSugY7wxWIiQw5UQUXh5PGeqmItvIQ8E+9YnYVovwwai3SnWFbQV4VUFcy8Nbb
hSH92pDH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org