Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/Cbr5cV4Uo30xE8AgP_UA_z_2jw0.roa
File: Cbr5cV4Uo30xE8AgP_UA_z_2jw0.roa (raw, json)
Hash identifier: EciZzHIWPPsH04RXrxcbYcnwX6ZzzcRzQ/OtDN7ZR7k=
Subject key identifier: 09:BA:F9:71:5E:14:A3:7D:31:13:C0:20:3F:F5:00:FF:3F:F6:8F:0D
Certificate issuer: /CN=ee0644f70621dd4a24a78b67b4602948573758c0
Certificate serial: 018CC9BC055EE1116FD43A37A66871C10FF7
Authority key identifier: EE:06:44:F7:06:21:DD:4A:24:A7:8B:67:B4:60:29:48:57:37:58:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gZE9wYh3Uokp4tntGApSFc3WMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/Cbr5cV4Uo30xE8AgP_UA_z_2jw0.roa
Signing time: Tue 02 Jan 2024 10:33:11 +0000
ROA not before: Tue 02 Jan 2024 10:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50749
IP address blocks: 185.134.96.0/22 maxlen: 22
185.202.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 10 Nov 2024 07:36:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:05:5e:e1:11:6f:d4:3a:37:a6:68:71:c1:0f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0644f70621dd4a24a78b67b4602948573758c0
Validity
Not Before: Jan 2 10:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09baf9715e14a37d3113c0203ff500ff3ff68f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ae:29:d0:d6:26:63:e0:a2:18:c0:c6:2f:1f:
5a:c3:22:70:38:03:79:23:95:0f:8f:60:9e:1a:5f:
12:29:81:66:3c:55:0e:f1:bf:c9:01:f0:64:51:f2:
3e:3e:5c:3f:e5:fa:22:7c:d1:33:94:61:47:0a:65:
a0:05:ba:40:7e:f8:35:50:e7:24:e7:66:7b:a0:b5:
ca:1b:8f:4a:02:93:30:a0:7a:37:48:d8:7e:72:a8:
1f:b9:c2:8e:9e:48:57:74:e9:0b:16:b7:9e:29:12:
34:f0:bf:fa:d1:61:88:c2:a7:36:91:bb:1e:7e:8d:
be:6f:ee:39:6a:78:c2:ff:70:d6:d9:d3:c6:39:ea:
75:d2:de:fc:52:ae:ae:29:d8:74:22:a2:7e:40:8b:
46:d6:47:cc:ed:19:6e:d0:b1:e5:bc:13:a8:34:01:
8f:ab:fd:41:82:e2:4f:10:be:29:4e:7b:c0:22:6b:
e8:60:a7:c2:9b:62:95:3c:3c:2b:3f:6f:4d:61:fe:
a3:1b:69:3c:06:b4:f4:1f:af:72:80:1c:69:46:9b:
53:c3:63:a2:d4:25:f6:f2:e7:d6:d3:48:c6:07:66:
c7:fb:e1:1a:b5:2e:14:12:00:10:d7:e9:63:f8:6f:
5a:9a:53:b5:3c:84:e8:96:c3:0f:15:c9:3c:13:23:
5a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BA:F9:71:5E:14:A3:7D:31:13:C0:20:3F:F5:00:FF:3F:F6:8F:0D
X509v3 Authority Key Identifier:
keyid:EE:06:44:F7:06:21:DD:4A:24:A7:8B:67:B4:60:29:48:57:37:58:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gZE9wYh3Uokp4tntGApSFc3WMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/Cbr5cV4Uo30xE8AgP_UA_z_2jw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/7gZE9wYh3Uokp4tntGApSFc3WMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.96.0/22
185.202.56.0/22
Signature Algorithm: sha256WithRSAEncryption
89:c1:8c:73:43:83:8e:c0:63:29:48:98:dc:26:ba:b5:76:95:
3d:8b:da:2a:ae:2e:54:bd:28:ae:b5:0c:2d:c1:05:c7:45:e1:
6f:f9:f0:85:72:d3:99:df:31:07:e0:56:fd:51:85:c0:9e:bd:
bf:13:73:c4:5a:65:d9:87:8d:cc:b1:13:be:b8:c7:13:33:c7:
a6:53:d0:ea:b3:ea:c8:69:68:23:4a:82:ce:c7:e7:0a:80:1c:
ff:8a:ee:94:1c:e5:00:b3:20:c7:11:86:8e:f3:ea:2f:e4:e6:
dc:ed:10:67:2b:34:28:f9:73:e7:4a:36:28:df:16:10:b7:2f:
58:01:f8:72:bd:24:77:44:b9:38:19:ef:cd:cc:5c:58:83:ef:
3d:2a:a7:23:7f:80:b6:1f:74:57:3d:58:8c:10:e3:8c:02:88:
cf:80:fd:ca:58:24:d4:bb:72:08:d7:73:57:88:5d:b8:23:aa:
26:3e:6b:45:ca:10:5e:8d:d1:5d:f3:86:f8:a1:6d:55:d5:cf:
ac:4b:6c:0b:02:b8:9a:b2:96:50:7d:a7:1a:23:2f:95:27:91:
c4:4d:91:fd:06:46:7f:23:4f:6e:0c:9f:a4:de:d4:5d:e9:9c:
7a:1c:cf:7c:14:15:c7:8a:d5:9c:5e:49:ca:2c:06:ee:8c:ec:
7a:dd:f5:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvAVe4RFv1Do3pmhxwQ/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDY0NGY3MDYyMWRkNGEyNGE3OGI2N2I0NjAyOTQ4NTcz
NzU4YzAwHhcNMjQwMTAyMTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWJhZjk3MTVlMTRhMzdkMzExM2MwMjAzZmY1MDBmZjNmZjY4ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja4p0NYmY+CiGMDGLx9awyJwOAN5
I5UPj2CeGl8SKYFmPFUO8b/JAfBkUfI+Plw/5foifNEzlGFHCmWgBbpAfvg1UOck
52Z7oLXKG49KApMwoHo3SNh+cqgfucKOnkhXdOkLFreeKRI08L/60WGIwqc2kbse
fo2+b+45anjC/3DW2dPGOep10t78Uq6uKdh0IqJ+QItG1kfM7Rlu0LHlvBOoNAGP
q/1BguJPEL4pTnvAImvoYKfCm2KVPDwrP29NYf6jG2k8BrT0H69ygBxpRptTw2Oi
1CX28ufW00jGB2bH++EatS4UEgAQ1+lj+G9amlO1PITolsMPFck8EyNaqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAm6+XFeFKN9MRPAID/1AP8/9o8NMB8GA1UdIwQY
MBaAFO4GRPcGId1KJKeLZ7RgKUhXN1jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2daRTl3WWgzVW9rcDR0bnRHQXBTRmMzV01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8wMmRhYzMtMzllYi00NjljLWFjYzkt
MDBjZDVlYzAwZDExLzEvQ2JyNWNWNFVvMzB4RThBZ1BfVUFfel8yancwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8wMmRhYzMtMzllYi00NjljLWFjYzktMDBjZDVlYzAwZDEx
LzEvN2daRTl3WWgzVW9rcDR0bnRHQXBTRmMzV01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYZgAwQC
uco4MA0GCSqGSIb3DQEBCwUAA4IBAQCJwYxzQ4OOwGMpSJjcJrq1dpU9i9oqri5U
vSiutQwtwQXHReFv+fCFctOZ3zEH4Fb9UYXAnr2/E3PEWmXZh43MsRO+uMcTM8em
U9Dqs+rIaWgjSoLOx+cKgBz/iu6UHOUAsyDHEYaO8+ov5Obc7RBnKzQo+XPnSjYo
3xYQty9YAfhyvSR3RLk4Ge/NzFxYg+89Kqcjf4C2H3RXPViMEOOMAojPgP3KWCTU
u3II13NXiF24I6omPmtFyhBejdFd84b4oW1V1c+sS2wLAriaspZQfacaIy+VJ5HE
TZH9BkZ/I09uDJ+k3tRd6Zx6HM98FBXHitWcXknKLAbujOx63fW4
-----END CERTIFICATE-----
Generated at Sun Nov 10 09:36:25 2024 by rpki-client on console-fra.rpki-client.org