Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/t8Vkg5s57dIG-WA4qpyYoNRsS7k.roa
File: t8Vkg5s57dIG-WA4qpyYoNRsS7k.roa (raw, json)
Hash identifier: bN73gDYlQKxblxpTbwexk9Fn7uHJw4xsKhTYW4y6slA=
Subject key identifier: B7:C5:64:83:9B:39:ED:D2:06:F9:60:38:AA:9C:98:A0:D4:6C:4B:B9
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018920594B7A59E17F81082FEEBCD54F43E0
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/t8Vkg5s57dIG-WA4qpyYoNRsS7k.roa
Signing time: Tue 04 Jul 2023 10:01:10 +0000
ROA not before: Tue 04 Jul 2023 10:01:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2043
IP address blocks: 185.2.172.0/22 maxlen: 22
185.2.174.0/23 maxlen: 23
2a02:80c0::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:59:4b:7a:59:e1:7f:81:08:2f:ee:bc:d5:4f:43:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jul 4 10:01:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7c564839b39edd206f96038aa9c98a0d46c4bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b5:49:3a:d4:51:9b:e2:bd:e5:75:96:f8:3f:
a1:b7:04:ed:04:69:14:2a:be:9e:82:1d:5f:67:78:
e1:24:0f:62:27:07:70:22:84:f4:2d:e6:15:2b:90:
83:7c:3f:e9:16:51:02:06:5e:e1:0e:fa:d1:fa:fb:
ac:f2:e9:0a:c1:6e:9f:9b:c2:8b:81:32:cf:7f:a6:
af:14:62:28:b0:28:86:fe:d7:f2:5f:f3:0c:fa:1f:
a3:e1:c3:d8:2b:72:2f:ab:be:57:90:69:46:ab:75:
2a:22:f5:f1:c3:49:61:4d:a7:05:95:55:57:a2:dc:
41:92:a7:ea:dc:e5:38:19:b6:12:0d:65:2e:1c:3a:
6a:5c:05:f3:90:41:33:56:d2:1f:74:96:5e:5a:e0:
a2:b0:b8:de:63:52:0c:4f:ab:5d:72:8f:9f:48:9b:
5d:db:5d:c0:79:e5:b5:3c:b8:e0:79:29:0e:6d:dc:
bd:70:3f:42:84:1f:98:b2:6a:17:fe:0c:e7:d3:30:
db:03:c6:ca:73:8c:5d:79:20:2c:d3:5b:59:01:ad:
fe:ee:9c:71:5d:10:c8:a7:d0:31:08:f9:99:73:b6:
df:8b:5d:9c:d7:89:d5:75:d7:75:51:de:74:17:50:
7e:c1:a9:37:1e:df:8a:35:6d:6d:9d:d4:b1:60:51:
6d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C5:64:83:9B:39:ED:D2:06:F9:60:38:AA:9C:98:A0:D4:6C:4B:B9
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/t8Vkg5s57dIG-WA4qpyYoNRsS7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.172.0/22
IPv6:
2a02:80c0::/30
Signature Algorithm: sha256WithRSAEncryption
40:46:d2:d4:8a:b8:f7:c6:71:c9:24:68:98:9f:76:99:9c:60:
df:08:b6:55:57:61:74:ce:d6:84:66:00:c7:72:22:12:b7:78:
ee:65:a8:c0:f6:dc:15:45:7a:56:57:fd:ff:ef:dc:e7:cc:54:
ca:3a:22:d1:92:5f:c7:62:ce:00:05:4f:75:04:4b:02:cb:a0:
35:7a:33:97:4b:7d:66:14:4f:93:d1:e0:ed:34:ab:20:01:f9:
ca:bb:20:a1:e8:3c:ea:65:23:1b:f7:9e:70:52:e5:d4:c3:7b:
ff:32:10:85:ce:5d:df:4c:ae:7e:2e:40:f2:c4:88:21:2c:16:
6d:16:6c:68:d7:be:1b:40:7b:ba:e6:04:18:d1:11:3c:05:ff:
65:ff:94:17:e3:22:f7:8c:6c:67:2a:d4:75:39:da:eb:ed:8d:
60:0b:90:59:95:0f:7a:02:da:db:11:be:a6:f5:0e:43:27:5b:
15:7b:1e:90:77:60:71:23:a3:2b:26:9b:f4:e3:23:51:db:8e:
40:28:b6:c2:c9:26:0e:1a:c1:7a:a8:73:a0:05:49:fa:07:ba:
39:1e:2d:99:c3:ff:bb:43:49:07:27:8c:8d:01:81:f4:ce:89:
bd:c9:bb:2c:be:1b:8f:1d:a3:70:4b:2b:2f:e0:a7:fc:df:33:
7a:7f:9d:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkgWUt6WeF/gQgv7rzVT0PgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwNzA0MTAwMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M1NjQ4MzliMzllZGQyMDZmOTYwMzhhYTljOThhMGQ0NmM0YmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLVJOtRRm+K95XWW+D+htwTtBGkU
Kr6egh1fZ3jhJA9iJwdwIoT0LeYVK5CDfD/pFlECBl7hDvrR+vus8ukKwW6fm8KL
gTLPf6avFGIosCiG/tfyX/MM+h+j4cPYK3Ivq75XkGlGq3UqIvXxw0lhTacFlVVX
otxBkqfq3OU4GbYSDWUuHDpqXAXzkEEzVtIfdJZeWuCisLjeY1IMT6tdco+fSJtd
213AeeW1PLjgeSkObdy9cD9ChB+YsmoX/gzn0zDbA8bKc4xdeSAs01tZAa3+7pxx
XRDIp9AxCPmZc7bfi12c14nVddd1Ud50F1B+wak3Ht+KNW1tndSxYFFt6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLfFZIObOe3SBvlgOKqcmKDUbEu5MB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvdDhWa2c1czU3ZElHLVdBNHFweVlvTlJzUzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQKsMA0E
AgACMAcDBQIqAoDAMA0GCSqGSIb3DQEBCwUAA4IBAQBARtLUirj3xnHJJGiYn3aZ
nGDfCLZVV2F0ztaEZgDHciISt3juZajA9twVRXpWV/3/79znzFTKOiLRkl/HYs4A
BU91BEsCy6A1ejOXS31mFE+T0eDtNKsgAfnKuyCh6DzqZSMb955wUuXUw3v/MhCF
zl3fTK5+LkDyxIghLBZtFmxo174bQHu65gQY0RE8Bf9l/5QX4yL3jGxnKtR1Odrr
7Y1gC5BZlQ96AtrbEb6m9Q5DJ1sVex6Qd2BxI6MrJpv04yNR245AKLbCySYOGsF6
qHOgBUn6B7o5Hi2Zw/+7Q0kHJ4yNAYH0zom9ybssvhuPHaNwSysv4Kf83zN6f53X
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:44 2024 by rpki-client on console-fra.rpki-client.org