Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/5BcjoCJDlCOo0N5DFMQ29iFtU78.roa
File: 5BcjoCJDlCOo0N5DFMQ29iFtU78.roa (raw, json)
Hash identifier: vN+W/6ORtZP38759f/eXKX3QxJL4FZbtdz3T9fS2UIk=
Subject key identifier: E4:17:23:A0:22:43:94:23:A8:D0:DE:43:14:C4:36:F6:21:6D:53:BF
Certificate issuer: /CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Certificate serial: 0186184DAE1AF46876401BA1CFFD46184D77
Authority key identifier: E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/5BcjoCJDlCOo0N5DFMQ29iFtU78.roa
Signing time: Fri 03 Feb 2023 17:23:09 +0000
ROA not before: Fri 03 Feb 2023 17:23:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202551
IP address blocks: 185.160.208.0/22 maxlen: 22
2a07:c000::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:4d:ae:1a:f4:68:76:40:1b:a1:cf:fd:46:18:4d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Validity
Not Before: Feb 3 17:23:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e41723a022439423a8d0de4314c436f6216d53bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8e:9f:d3:f5:36:5b:42:da:37:81:e9:a4:bf:
f3:97:74:66:92:43:17:c3:4b:12:88:ac:fb:5e:eb:
99:2a:40:18:04:f9:84:f7:42:66:be:00:24:e0:8f:
9f:c2:25:32:75:73:77:4a:d2:e7:40:7c:31:ee:4f:
fd:bd:f8:df:d9:c6:97:52:40:6c:73:a2:fd:4b:d2:
67:23:75:37:42:b6:39:2c:cd:e8:21:b3:8c:d8:e7:
54:78:d0:d5:0f:ff:94:d1:b1:3b:67:2b:ea:53:98:
fb:5a:d1:a1:0e:71:b9:59:69:19:b3:e8:c9:f4:6c:
23:8d:7f:45:e3:52:03:09:f3:67:4d:be:b9:d5:32:
a6:a3:ee:ca:ec:dc:04:48:f4:6c:3f:3f:9e:7a:3c:
ab:b3:de:67:1a:ca:b0:69:31:6d:54:c7:50:ef:0e:
89:4c:98:c3:dc:53:7f:96:c8:63:6f:5c:fb:aa:f4:
e6:cd:c1:34:81:ad:9d:b3:b8:4d:3e:62:e8:f5:3c:
34:be:09:fc:73:b5:a6:65:b5:6e:db:72:6d:2b:0d:
94:a5:35:a6:8e:22:12:e6:b0:a1:21:96:74:e6:f5:
ff:d1:7e:28:28:b2:15:53:a3:dd:a3:5c:b1:3b:b3:
37:2e:0e:57:ab:fa:3d:79:55:5e:61:5d:f1:bc:0e:
28:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:17:23:A0:22:43:94:23:A8:D0:DE:43:14:C4:36:F6:21:6D:53:BF
X509v3 Authority Key Identifier:
keyid:E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/5BcjoCJDlCOo0N5DFMQ29iFtU78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.208.0/22
IPv6:
2a07:c000::/29
Signature Algorithm: sha256WithRSAEncryption
42:32:bc:1c:14:fc:87:ba:0f:22:71:a5:06:31:b0:e4:76:35:
95:dc:fc:ae:2b:ff:7e:11:4b:b0:31:10:68:9a:a7:be:01:d2:
90:de:47:fb:81:26:16:94:b0:86:5a:0f:eb:46:44:04:25:aa:
dd:5f:77:44:c8:bb:a0:12:1f:99:1c:18:28:50:f6:e5:ab:63:
f0:99:68:77:fd:8d:80:8d:8a:d8:62:ad:4b:af:cb:ab:ef:ef:
d9:1b:50:49:ff:27:95:e2:99:17:de:62:e1:81:ad:91:fb:fb:
ab:b1:d2:0b:6c:a9:b7:d5:6f:50:ee:4c:83:27:a6:03:84:92:
fd:bd:a8:26:03:01:65:6a:f0:8e:bb:bd:de:e5:55:82:83:2b:
29:b0:5a:d4:4e:ad:b4:19:aa:a0:4f:f3:d1:a1:7c:f9:0b:24:
d6:13:ff:5e:a0:5f:54:0f:cb:5d:a0:c3:69:59:ed:64:e1:a7:
13:ca:57:f9:d6:9b:e3:3f:81:dd:1d:a8:fd:6f:81:8d:86:b8:
bc:b6:f4:1b:a6:19:77:4c:96:44:68:b8:d7:b5:d5:ab:1f:ef:
19:2e:aa:b5:32:70:5f:5b:96:42:60:39:c0:f2:73:62:fb:04:
78:2f:d3:46:68:8a:82:b6:71:d4:f9:0f:76:6c:0e:d0:ff:b1:
cd:29:4a:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYYTa4a9Gh2QBuhz/1GGE13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4OGMwNDc3MWUyYmZhYzhmNjBmMWI0YzljYmQwOTNhYWZl
YTk3NGUwHhcNMjMwMjAzMTcyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE3MjNhMDIyNDM5NDIzYThkMGRlNDMxNGM0MzZmNjIxNmQ1M2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY6f0/U2W0LaN4HppL/zl3RmkkMX
w0sSiKz7XuuZKkAYBPmE90JmvgAk4I+fwiUydXN3StLnQHwx7k/9vfjf2caXUkBs
c6L9S9JnI3U3QrY5LM3oIbOM2OdUeNDVD/+U0bE7ZyvqU5j7WtGhDnG5WWkZs+jJ
9GwjjX9F41IDCfNnTb651TKmo+7K7NwESPRsPz+eejyrs95nGsqwaTFtVMdQ7w6J
TJjD3FN/lshjb1z7qvTmzcE0ga2ds7hNPmLo9Tw0vgn8c7WmZbVu23JtKw2UpTWm
jiIS5rChIZZ05vX/0X4oKLIVU6Pdo1yxO7M3Lg5Xq/o9eVVeYV3xvA4oGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOQXI6AiQ5QjqNDeQxTENvYhbVO/MB8GA1UdIwQY
MBaAFOiMBHceK/rI9g8bTJy9CTqv6pdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUt
YmE2NDVmMTk5MTVhLzEvNUJjam9DSkRsQ09vME41REZNUTI5aUZ0VTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUtYmE2NDVmMTk5MTVh
LzEvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaDQMA0E
AgACMAcDBQMqB8AAMA0GCSqGSIb3DQEBCwUAA4IBAQBCMrwcFPyHug8icaUGMbDk
djWV3PyuK/9+EUuwMRBomqe+AdKQ3kf7gSYWlLCGWg/rRkQEJardX3dEyLugEh+Z
HBgoUPblq2PwmWh3/Y2AjYrYYq1Lr8ur7+/ZG1BJ/yeV4pkX3mLhga2R+/ursdIL
bKm31W9Q7kyDJ6YDhJL9vagmAwFlavCOu73e5VWCgyspsFrUTq20GaqgT/PRoXz5
CyTWE/9eoF9UD8tdoMNpWe1k4acTylf51pvjP4HdHaj9b4GNhri8tvQbphl3TJZE
aLjXtdWrH+8ZLqq1MnBfW5ZCYDnA8nNi+wR4L9NGaIqCtnHU+Q92bA7Q/7HNKUpL
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:44 2024 by rpki-client on console-fra.rpki-client.org