Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rhrKZyRXk0iQtOxmeEE7sVHplWU.roa
File: rhrKZyRXk0iQtOxmeEE7sVHplWU.roa (raw, json)
Hash identifier: kD+yNezoNN4rKXLZyxbbtr29C7krfe1FNDn4xDnO4oQ=
Subject key identifier: AE:1A:CA:67:24:57:93:48:90:B4:EC:66:78:41:3B:B1:51:E9:95:65
Certificate issuer: /CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Certificate serial: 01856FA70382181E26E3F457A75389D2A953
Authority key identifier: AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rhrKZyRXk0iQtOxmeEE7sVHplWU.roa
Signing time: Sun 01 Jan 2023 23:24:54 +0000
ROA not before: Sun 01 Jan 2023 23:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 185.84.140.0/22 maxlen: 22
185.63.152.0/22 maxlen: 22
185.103.172.0/22 maxlen: 22
2a05:a640::/29 maxlen: 29
2a03:7e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 May 2023 10:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:03:82:18:1e:26:e3:f4:57:a7:53:89:d2:a9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Validity
Not Before: Jan 1 23:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae1aca672457934890b4ec6678413bb151e99565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:e7:58:b5:4d:c1:c9:16:ad:66:7a:61:96:
67:09:b3:20:42:1b:af:83:75:80:b9:4c:c6:80:49:
da:6b:3a:60:6b:c2:77:ca:c8:75:1a:91:c3:15:af:
ad:df:a5:e1:ee:d3:5e:2f:f6:25:87:cb:0e:cb:c9:
9f:e4:3c:5d:f8:21:c3:01:c4:7d:34:38:8f:69:21:
2e:69:49:10:41:9c:a2:ce:ae:26:22:41:5b:25:33:
46:44:0b:fc:65:0c:06:95:0e:0a:49:42:1b:0a:fe:
25:1f:b6:ac:a9:4e:7e:08:76:49:52:c3:eb:cc:fb:
14:f4:65:34:77:fe:15:4c:5c:3e:fb:16:99:44:69:
c6:44:4b:54:bf:42:1b:7d:5b:ef:3f:dc:e5:77:f7:
05:0a:f9:44:a3:8e:26:b2:25:f2:74:8c:21:37:9c:
d1:26:9d:11:c1:5d:4a:16:60:67:aa:07:aa:04:be:
38:af:26:40:0b:15:88:d1:fd:49:13:4c:97:19:ce:
dc:06:92:f7:b2:f8:84:55:c0:12:23:6f:ce:fe:2d:
d1:19:ed:b1:4d:4c:2a:ed:97:a1:1b:4f:94:d7:6c:
cc:a7:cd:38:e0:63:07:ab:65:a1:85:01:cf:a3:30:
06:d8:45:05:b2:4d:15:0d:fb:ff:d7:9b:18:aa:ea:
f0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1A:CA:67:24:57:93:48:90:B4:EC:66:78:41:3B:B1:51:E9:95:65
X509v3 Authority Key Identifier:
keyid:AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rhrKZyRXk0iQtOxmeEE7sVHplWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.152.0/22
185.84.140.0/22
185.103.172.0/22
IPv6:
2a03:7e0::/32
2a05:a640::/29
Signature Algorithm: sha256WithRSAEncryption
40:6c:0c:98:00:86:47:30:0d:88:93:34:00:57:40:6a:58:4b:
85:dd:52:8a:37:16:c1:1c:07:cb:69:2c:b7:42:b5:c2:c5:b8:
c7:b3:69:b0:ec:6b:7d:ca:3d:57:c5:5e:ab:02:3b:58:4c:61:
b6:09:66:82:c3:05:bb:ea:e2:d9:01:95:1d:90:3d:e8:47:d5:
a8:49:6a:d2:b4:de:09:a0:29:ad:5f:91:3f:32:dc:13:56:d5:
72:36:cf:53:26:6c:39:df:ff:bc:c7:38:24:a1:02:81:ae:3c:
87:30:77:aa:fd:17:94:84:54:fc:69:10:67:dc:d4:86:69:dd:
d0:c7:41:89:26:e6:76:ff:fa:8a:c1:73:72:1e:d1:6c:d4:52:
f9:3e:12:73:cb:0a:0b:ad:d9:ae:e7:a8:dd:76:de:49:bd:8c:
10:e7:13:b9:51:d9:a2:28:ab:20:40:5b:fd:5f:2a:61:13:54:
c7:e9:ac:83:55:f9:92:35:e4:b4:fd:2b:78:52:2f:f3:06:0f:
6f:38:ee:3c:1a:83:e7:42:11:05:89:42:70:e5:bf:1a:64:07:
98:9b:4f:04:69:f8:6f:03:cd:c7:14:71:0e:77:5e:02:2c:c6:
fc:39:4c:09:a4:94:0f:34:c0:96:2e:95:f8:1b:02:61:21:60:
da:8a:87:54
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVvpwOCGB4m4/RXp1OJ0qlTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMWQyYTU2MmM3ZGIyMTE1MWI0YTA5MjZiOGQ2ZmVlYWNl
Zjg4NTcwHhcNMjMwMTAxMjMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFhY2E2NzI0NTc5MzQ4OTBiNGVjNjY3ODQxM2JiMTUxZTk5NTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CrnWLVNwckWrWZ6YZZnCbMgQhuv
g3WAuUzGgEnaazpga8J3ysh1GpHDFa+t36Xh7tNeL/Ylh8sOy8mf5Dxd+CHDAcR9
NDiPaSEuaUkQQZyizq4mIkFbJTNGRAv8ZQwGlQ4KSUIbCv4lH7asqU5+CHZJUsPr
zPsU9GU0d/4VTFw++xaZRGnGREtUv0IbfVvvP9zld/cFCvlEo44msiXydIwhN5zR
Jp0RwV1KFmBnqgeqBL44ryZACxWI0f1JE0yXGc7cBpL3sviEVcASI2/O/i3RGe2x
TUwq7ZehG0+U12zMp8044GMHq2WhhQHPozAG2EUFsk0VDfv/15sYqurw5wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFK4aymckV5NIkLTsZnhBO7FR6ZVlMB8GA1UdIwQY
MBaAFK0dKlYsfbIRUbSgkmuNb+6s74hXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDkt
MzI5MzZjM2E0YTlkLzEvcmhyS1p5UlhrMGlRdE94bWVFRTdzVkhwbFdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDktMzI5MzZjM2E0YTlk
LzEvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuT+YAwQC
uVSMAwQCuWesMBQEAgACMA4DBQAqAwfgAwUDKgWmQDANBgkqhkiG9w0BAQsFAAOC
AQEAQGwMmACGRzANiJM0AFdAalhLhd1SijcWwRwHy2kst0K1wsW4x7NpsOxrfco9
V8VeqwI7WExhtglmgsMFu+ri2QGVHZA96EfVqElq0rTeCaAprV+RPzLcE1bVcjbP
UyZsOd//vMc4JKECga48hzB3qv0XlIRU/GkQZ9zUhmnd0MdBiSbmdv/6isFzch7R
bNRS+T4Sc8sKC63Zrueo3XbeSb2MEOcTuVHZoiirIEBb/V8qYRNUx+msg1X5kjXk
tP0reFIv8wYPbzjuPBqD50IRBYlCcOW/GmQHmJtPBGn4bwPNxxRxDndeAizG/DlM
CaSUDzTAli6V+BsCYSFg2oqHVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org