Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0a94e4-001c-4d15-91e9-47a412815fb4/1/7Kw2jQBiEELr_xQJUIa45Kp5U-8.roa
File: 7Kw2jQBiEELr_xQJUIa45Kp5U-8.roa (raw, json)
Hash identifier: f/x9FN3qYbeRdlyQ+IloFUUHxsooW27OXaYWH5FQKhw=
Subject key identifier: EC:AC:36:8D:00:62:10:42:EB:FF:14:09:50:86:B8:E4:AA:79:53:EF
Certificate issuer: /CN=9d23c330ebe853e125b0c1ad2b16d79d25e4f3f8
Certificate serial: 01856C9CB13CE99051CC30DCE6D4EA20855C
Authority key identifier: 9D:23:C3:30:EB:E8:53:E1:25:B0:C1:AD:2B:16:D7:9D:25:E4:F3:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSPDMOvoU-ElsMGtKxbXnSXk8_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/0a94e4-001c-4d15-91e9-47a412815fb4/1/7Kw2jQBiEELr_xQJUIa45Kp5U-8.roa
Signing time: Sun 01 Jan 2023 09:14:46 +0000
ROA not before: Sun 01 Jan 2023 09:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3331
IP address blocks: 185.106.164.0/22 maxlen: 22
2a04:ea40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:b1:3c:e9:90:51:cc:30:dc:e6:d4:ea:20:85:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d23c330ebe853e125b0c1ad2b16d79d25e4f3f8
Validity
Not Before: Jan 1 09:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecac368d00621042ebff14095086b8e4aa7953ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a6:4a:b2:8a:8f:33:9b:7a:f6:85:68:24:25:
7f:5f:15:87:0b:53:22:f9:b4:fe:df:48:1e:57:58:
c1:81:bf:93:4b:0c:b3:83:ae:59:d7:9d:fc:7a:38:
30:f1:3c:40:8b:34:3d:af:7d:e5:e1:f6:cf:d3:77:
f3:9f:dd:24:50:62:87:4b:ba:84:2d:7a:04:3a:b3:
8c:c6:17:81:38:c5:cd:51:20:18:d8:cf:69:bf:fb:
ce:4a:4d:4d:cf:00:f1:a9:4c:a7:62:a8:40:9a:0c:
a8:19:70:57:dd:d0:fe:04:0d:b7:2f:2f:d8:83:d4:
b0:c7:3e:1d:35:c1:79:7a:b1:53:63:ef:8f:35:6f:
01:0b:88:a0:bd:1d:7d:88:63:f2:d5:cd:2c:c8:f1:
8a:4c:f2:ea:7c:b5:6e:ed:36:6c:3b:71:dd:26:cd:
77:9b:7b:03:52:77:c1:ee:c2:a0:0b:dc:9c:2d:7c:
1e:18:60:51:f5:1c:9e:08:ea:aa:a9:dc:e7:a4:12:
4e:e4:79:09:ac:a0:8b:d9:a7:70:4c:c0:49:c6:bc:
66:78:d8:ad:25:90:24:71:3d:7a:6e:78:bd:4e:fa:
34:ed:a4:e6:50:34:8f:53:35:bb:55:ca:bf:7b:c8:
e4:e2:be:d7:6e:57:97:5b:77:90:80:90:b7:33:46:
e2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:AC:36:8D:00:62:10:42:EB:FF:14:09:50:86:B8:E4:AA:79:53:EF
X509v3 Authority Key Identifier:
keyid:9D:23:C3:30:EB:E8:53:E1:25:B0:C1:AD:2B:16:D7:9D:25:E4:F3:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSPDMOvoU-ElsMGtKxbXnSXk8_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0a94e4-001c-4d15-91e9-47a412815fb4/1/7Kw2jQBiEELr_xQJUIa45Kp5U-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0a94e4-001c-4d15-91e9-47a412815fb4/1/nSPDMOvoU-ElsMGtKxbXnSXk8_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.164.0/22
IPv6:
2a04:ea40::/29
Signature Algorithm: sha256WithRSAEncryption
6c:a0:d6:f4:41:a9:70:37:d9:0f:9f:f4:d0:e8:e7:16:a9:c8:
54:99:58:d7:a4:3d:91:36:84:36:50:50:c6:f2:5e:3c:fe:95:
a7:62:80:70:99:a0:96:8a:49:4b:d3:16:2c:1d:3a:ac:fc:af:
6e:a2:66:90:21:b0:26:75:6f:36:85:eb:cd:b6:df:db:e6:55:
a9:a6:d8:48:a3:39:c6:01:b4:66:69:c0:52:8a:9b:af:6d:eb:
2f:94:04:a7:83:73:f1:a7:39:bb:d5:63:e3:9f:ab:44:4f:ba:
a5:7b:28:a2:0e:8f:28:a1:1d:d7:b9:91:f1:ca:b8:3f:b6:90:
a1:b0:96:0b:dd:b5:65:a1:76:55:07:71:38:66:17:f3:aa:6a:
51:18:86:d7:49:2a:5b:b5:26:50:46:55:5c:94:17:89:a3:e4:
29:6d:44:fd:54:7d:31:d8:75:1c:1d:60:68:79:6b:de:62:10:
b0:35:61:84:6f:ce:75:46:e6:a2:f4:24:5f:8d:21:66:8d:8c:
c8:fd:cb:c3:67:0e:1b:98:51:98:3f:e0:e0:e9:5d:e1:27:9b:
f6:13:af:2c:ed:e3:9e:d8:a1:88:c2:8c:0d:66:94:e4:27:ad:
81:01:f2:3a:99:10:24:9a:96:61:07:d1:04:28:03:7d:4a:bd:
5c:34:ce:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsnLE86ZBRzDDc5tTqIIVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNjMzMwZWJlODUzZTEyNWIwYzFhZDJiMTZkNzlkMjVl
NGYzZjgwHhcNMjMwMTAxMDkxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2FjMzY4ZDAwNjIxMDQyZWJmZjE0MDk1MDg2YjhlNGFhNzk1M2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqZKsoqPM5t69oVoJCV/XxWHC1Mi
+bT+30geV1jBgb+TSwyzg65Z1538ejgw8TxAizQ9r33l4fbP03fzn90kUGKHS7qE
LXoEOrOMxheBOMXNUSAY2M9pv/vOSk1NzwDxqUynYqhAmgyoGXBX3dD+BA23Ly/Y
g9Swxz4dNcF5erFTY++PNW8BC4igvR19iGPy1c0syPGKTPLqfLVu7TZsO3HdJs13
m3sDUnfB7sKgC9ycLXweGGBR9RyeCOqqqdznpBJO5HkJrKCL2adwTMBJxrxmeNit
JZAkcT16bni9Tvo07aTmUDSPUzW7Vcq/e8jk4r7XbleXW3eQgJC3M0biiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOysNo0AYhBC6/8UCVCGuOSqeVPvMB8GA1UdIwQY
MBaAFJ0jwzDr6FPhJbDBrSsW150l5PP4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQRE1Pdm9VLUVsc01HdEt4YlhuU1hrOF9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wYTk0ZTQtMDAxYy00ZDE1LTkxZTkt
NDdhNDEyODE1ZmI0LzEvN0t3MmpRQmlFRUxyX3hRSlVJYTQ1S3A1VS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wYTk0ZTQtMDAxYy00ZDE1LTkxZTktNDdhNDEyODE1ZmI0
LzEvblNQRE1Pdm9VLUVsc01HdEt4YlhuU1hrOF9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWqkMA0E
AgACMAcDBQMqBOpAMA0GCSqGSIb3DQEBCwUAA4IBAQBsoNb0QalwN9kPn/TQ6OcW
qchUmVjXpD2RNoQ2UFDG8l48/pWnYoBwmaCWiklL0xYsHTqs/K9uomaQIbAmdW82
hevNtt/b5lWppthIoznGAbRmacBSipuvbesvlASng3Pxpzm71WPjn6tET7qleyii
Do8ooR3XuZHxyrg/tpChsJYL3bVloXZVB3E4ZhfzqmpRGIbXSSpbtSZQRlVclBeJ
o+QpbUT9VH0x2HUcHWBoeWveYhCwNWGEb851Ruai9CRfjSFmjYzI/cvDZw4bmFGY
P+Dg6V3hJ5v2E68s7eOe2KGIwowNZpTkJ62BAfI6mRAkmpZhB9EEKAN9Sr1cNM4n
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:40 2024 by rpki-client on console-fra.rpki-client.org