Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/sF1izgGXx6ltRoTFrNIs5gWBVX4.roa
File: sF1izgGXx6ltRoTFrNIs5gWBVX4.roa (raw, json)
Hash identifier: n4+JgspXmykq3uzYwSaQUoCQ5NqfuM6x0xmFhCGbR9g=
Subject key identifier: B0:5D:62:CE:01:97:C7:A9:6D:46:84:C5:AC:D2:2C:E6:05:81:55:7E
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ADBE4C6FCEDEFF1247CC70FEA677A
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/sF1izgGXx6ltRoTFrNIs5gWBVX4.roa
Signing time: Mon 02 Jan 2023 17:15:09 +0000
ROA not before: Mon 02 Jan 2023 17:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210097
IP address blocks: 81.22.40.0/22 maxlen: 24
185.179.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:db:e4:c6:fc:ed:ef:f1:24:7c:c7:0f:ea:67:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b05d62ce0197c7a96d4684c5acd22ce60581557e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:87:cb:95:3e:e0:b5:17:d4:b7:b1:79:4d:25:
cd:4f:3c:de:50:d1:1c:21:f1:70:a9:80:ff:4e:de:
f8:40:a1:74:b3:2f:04:7f:b5:19:48:cf:1e:7b:f2:
0f:8d:ce:41:68:55:4e:a3:d3:c2:5a:0d:51:a2:ff:
d6:64:32:16:40:be:8c:62:f3:a1:70:48:8c:17:88:
1a:9b:15:fa:fc:29:4d:ec:f0:0d:94:ed:ec:60:97:
1f:88:cb:ee:4e:77:87:1f:95:c6:0f:87:56:f3:01:
5f:3f:60:a1:b7:39:36:5d:a3:5e:8e:13:96:3d:c0:
35:0f:23:fe:d8:78:3a:38:9e:a7:33:b2:37:84:d2:
8f:2f:70:89:8b:c1:fc:9a:e4:95:85:3f:f6:70:93:
3d:89:6e:d6:43:91:f7:91:9c:10:95:fa:b2:ab:44:
06:c4:b7:f9:4c:ae:d7:49:32:b0:94:bf:e6:ce:bb:
a7:1c:37:96:b5:d6:45:3c:ff:8e:c2:0b:a0:9a:2f:
60:32:ab:7c:0c:63:45:57:c5:1d:9a:79:57:a9:f1:
11:d1:73:cc:75:a3:47:4d:1a:4b:ee:64:cf:34:47:
9a:6b:74:65:f9:6c:e0:00:7e:ab:98:49:07:a5:37:
26:6f:db:e0:0f:73:14:3e:fe:70:2b:c6:f7:72:18:
0b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:5D:62:CE:01:97:C7:A9:6D:46:84:C5:AC:D2:2C:E6:05:81:55:7E
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/sF1izgGXx6ltRoTFrNIs5gWBVX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.40.0/22
185.179.244.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:a2:61:cd:37:44:b2:06:4b:23:ff:07:6c:7f:ca:ac:00:cd:
f4:90:b4:d8:bd:97:32:9a:c7:94:e3:71:f8:78:d8:67:c4:e1:
a2:40:a7:03:bf:4a:98:89:e2:22:4b:ce:d1:b5:76:35:40:7a:
ec:25:33:f1:49:62:b7:f1:c3:a0:b7:18:d5:e3:ba:cd:b5:7c:
ab:2c:4f:12:eb:b3:c0:f8:f8:86:f3:b2:68:60:65:71:13:9d:
ae:61:b9:c6:7a:5a:39:4c:ab:fa:60:05:4c:65:fd:e9:5e:1a:
8f:ec:94:82:39:26:76:31:e9:64:0a:bb:3e:43:ea:bc:59:7d:
b6:db:05:09:43:b1:36:94:96:35:ac:ba:25:43:10:57:c0:5e:
a2:53:7d:f6:bb:7f:5c:32:fc:28:e3:3e:e3:73:82:8b:0a:24:
8c:68:5e:d4:c8:53:9e:59:a3:8d:c9:1d:6d:74:85:c9:07:96:
1d:d3:59:6d:ad:5e:a8:67:74:e1:60:81:d2:8d:36:b9:af:4f:
51:f9:8f:07:cb:13:44:74:36:e7:f7:e7:e7:c7:e9:1b:46:54:
8f:56:2f:c6:59:7d:3a:b1:c2:03:41:58:98:41:9e:26:88:a3:
47:3d:37:ea:70:84:e7:d5:47:55:fc:ca:37:13:de:74:25:1a:
53:19:ad:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzetvkxvzt7/EkfMcP6md6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDVkNjJjZTAxOTdjN2E5NmQ0Njg0YzVhY2QyMmNlNjA1ODE1NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIfLlT7gtRfUt7F5TSXNTzzeUNEc
IfFwqYD/Tt74QKF0sy8Ef7UZSM8ee/IPjc5BaFVOo9PCWg1Rov/WZDIWQL6MYvOh
cEiMF4gamxX6/ClN7PANlO3sYJcfiMvuTneHH5XGD4dW8wFfP2Chtzk2XaNejhOW
PcA1DyP+2Hg6OJ6nM7I3hNKPL3CJi8H8muSVhT/2cJM9iW7WQ5H3kZwQlfqyq0QG
xLf5TK7XSTKwlL/mzrunHDeWtdZFPP+Owgugmi9gMqt8DGNFV8UdmnlXqfER0XPM
daNHTRpL7mTPNEeaa3Rl+WzgAH6rmEkHpTcmb9vgD3MUPv5wK8b3chgLEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLBdYs4Bl8epbUaExazSLOYFgVV+MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvc0YxaXpnR1h4Nmx0Um9URnJOSXM1Z1dCVlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCURYoAwQA
ubP0MA0GCSqGSIb3DQEBCwUAA4IBAQB7omHNN0SyBksj/wdsf8qsAM30kLTYvZcy
mseU43H4eNhnxOGiQKcDv0qYieIiS87RtXY1QHrsJTPxSWK38cOgtxjV47rNtXyr
LE8S67PA+PiG87JoYGVxE52uYbnGelo5TKv6YAVMZf3pXhqP7JSCOSZ2MelkCrs+
Q+q8WX222wUJQ7E2lJY1rLolQxBXwF6iU332u39cMvwo4z7jc4KLCiSMaF7UyFOe
WaONyR1tdIXJB5Yd01ltrV6oZ3ThYIHSjTa5r09R+Y8HyxNEdDbn9+fnx+kbRlSP
Vi/GWX06scIDQViYQZ4miKNHPTfqcITn1UdV/Mo3E950JRpTGa0v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org