Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/X8Gc_4F44iEqdGS1XDQIkqvxGcc.roa
File: X8Gc_4F44iEqdGS1XDQIkqvxGcc.roa (raw, json)
Hash identifier: PEEjP6GjJkTN7qEQv0hplPk8bbbCnxTGU+l9Gl36eXU=
Subject key identifier: 5F:C1:9C:FF:81:78:E2:21:2A:74:64:B5:5C:34:08:92:AB:F1:19:C7
Certificate issuer: /CN=ec51314e04ec9676f2b60248e1b9bd02ef00e168
Certificate serial: 0185701EE25B5ABF0C131E1D24357076B9D0
Authority key identifier: EC:51:31:4E:04:EC:96:76:F2:B6:02:48:E1:B9:BD:02:EF:00:E1:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/X8Gc_4F44iEqdGS1XDQIkqvxGcc.roa
Signing time: Mon 02 Jan 2023 01:35:50 +0000
ROA not before: Mon 02 Jan 2023 01:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204189
IP address blocks: 185.111.148.0/22 maxlen: 24
157.97.184.0/21 maxlen: 24
2a0d:ce80::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e2:5b:5a:bf:0c:13:1e:1d:24:35:70:76:b9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec51314e04ec9676f2b60248e1b9bd02ef00e168
Validity
Not Before: Jan 2 01:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fc19cff8178e2212a7464b55c340892abf119c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0d:ca:1f:4a:17:30:f0:09:8e:84:5c:5d:e6:
56:b6:62:a8:1d:a1:30:f1:7b:af:c2:34:db:a0:20:
d8:00:e8:28:a9:08:51:a5:5b:9e:1d:2a:a5:be:42:
ab:de:38:2b:58:d6:2f:5e:be:f7:08:c1:99:4b:65:
0d:95:b1:da:3f:8f:aa:ed:55:c8:5c:f7:1c:08:cf:
0e:59:94:a1:3c:bb:0e:ae:c2:24:fe:b0:66:a8:4e:
01:39:a7:5e:74:80:42:c1:b4:d7:fc:1e:b1:11:b7:
9f:bd:41:2a:90:58:34:db:26:78:01:70:14:48:f4:
56:e8:45:43:b9:5e:22:df:d2:c7:c6:7d:fc:97:55:
ea:37:81:f8:b9:6a:23:1e:51:76:1a:68:3f:b2:c0:
0e:53:2b:c6:7f:38:4c:de:8a:c9:6b:07:39:17:02:
c6:95:93:38:69:e4:7d:9e:41:15:4a:43:c4:03:2c:
c6:3b:8d:cf:cf:97:61:6b:64:f7:03:03:df:bf:ab:
92:81:ae:9d:16:7a:b9:a8:ac:da:85:91:25:72:09:
33:f9:37:b3:d4:3f:1e:6b:3d:70:0d:f2:81:56:84:
8d:54:4c:41:0a:cc:7a:e7:ce:43:21:ef:d3:14:fb:
c6:3e:1c:af:65:51:38:5a:af:1e:f4:7b:29:5c:aa:
40:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C1:9C:FF:81:78:E2:21:2A:74:64:B5:5C:34:08:92:AB:F1:19:C7
X509v3 Authority Key Identifier:
keyid:EC:51:31:4E:04:EC:96:76:F2:B6:02:48:E1:B9:BD:02:EF:00:E1:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/X8Gc_4F44iEqdGS1XDQIkqvxGcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/7FExTgTslnbytgJI4bm9Au8A4Wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.184.0/21
185.111.148.0/22
IPv6:
2a0d:ce80::/29
Signature Algorithm: sha256WithRSAEncryption
b8:a7:76:26:cb:36:2a:19:1b:7e:b6:25:e4:b5:dd:98:e7:cb:
ed:54:fc:ac:33:e6:58:f7:d7:8c:6b:74:79:79:d3:36:c6:bb:
58:aa:14:82:af:39:74:4a:31:13:d4:66:5b:e9:d4:2e:77:12:
04:f6:b4:fb:7b:99:66:fa:8a:72:7b:c1:16:14:e7:68:03:28:
46:ff:ea:97:3e:b6:d1:86:72:5e:06:d8:e5:54:94:15:3e:86:
0f:6f:c7:90:d9:28:51:63:5c:e3:14:9e:52:bc:1e:c0:5d:d5:
24:01:8a:cd:93:f8:64:21:93:84:42:0d:27:68:bf:8b:a4:8c:
c8:57:6a:57:3e:0a:6f:2b:2a:94:2a:62:35:bb:c9:c0:af:75:
e8:c0:79:9f:e0:fe:d2:56:ae:84:56:23:2d:05:02:ba:09:9a:
c7:b2:86:04:bd:90:6b:9c:23:6f:c0:14:3f:e0:7b:4e:73:a2:
66:82:c4:e3:51:dc:fc:5d:3b:ac:31:88:cb:42:3b:78:f6:be:
dd:77:fe:56:ad:ec:6a:49:41:85:56:73:e7:0f:96:b8:8e:d2:
bd:3e:40:aa:bc:39:9a:6d:ea:bc:51:b6:49:79:2c:80:72:20:
db:ea:d3:7f:b1:fa:0a:62:e9:08:cc:11:af:6d:d0:b0:b2:48:
bf:b9:ac:6e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwHuJbWr8MEx4dJDVwdrnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNTEzMTRlMDRlYzk2NzZmMmI2MDI0OGUxYjliZDAyZWYw
MGUxNjgwHhcNMjMwMTAyMDEzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmMxOWNmZjgxNzhlMjIxMmE3NDY0YjU1YzM0MDg5MmFiZjExOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ3KH0oXMPAJjoRcXeZWtmKoHaEw
8XuvwjTboCDYAOgoqQhRpVueHSqlvkKr3jgrWNYvXr73CMGZS2UNlbHaP4+q7VXI
XPccCM8OWZShPLsOrsIk/rBmqE4BOadedIBCwbTX/B6xEbefvUEqkFg02yZ4AXAU
SPRW6EVDuV4i39LHxn38l1XqN4H4uWojHlF2Gmg/ssAOUyvGfzhM3orJawc5FwLG
lZM4aeR9nkEVSkPEAyzGO43Pz5dha2T3AwPfv6uSga6dFnq5qKzahZElcgkz+Tez
1D8eaz1wDfKBVoSNVExBCsx6585DIe/TFPvGPhyvZVE4Wq8e9HspXKpAcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF/BnP+BeOIhKnRktVw0CJKr8RnHMB8GA1UdIwQY
MBaAFOxRMU4E7JZ28rYCSOG5vQLvAOFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZFeFRnVHNsbmJ5dGdKSTRibTlBdThBNFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kYjUzOTktNmZiYi00Y2UyLTg5N2It
M2JiYmNhMzEwZDcxLzEvWDhHY180RjQ0aUVxZEdTMVhEUUlrcXZ4R2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kYjUzOTktNmZiYi00Y2UyLTg5N2ItM2JiYmNhMzEwZDcx
LzEvN0ZFeFRnVHNsbmJ5dGdKSTRibTlBdThBNFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDnWG4AwQC
uW+UMA0EAgACMAcDBQMqDc6AMA0GCSqGSIb3DQEBCwUAA4IBAQC4p3YmyzYqGRt+
tiXktd2Y58vtVPysM+ZY99eMa3R5edM2xrtYqhSCrzl0SjET1GZb6dQudxIE9rT7
e5lm+opye8EWFOdoAyhG/+qXPrbRhnJeBtjlVJQVPoYPb8eQ2ShRY1zjFJ5SvB7A
XdUkAYrNk/hkIZOEQg0naL+LpIzIV2pXPgpvKyqUKmI1u8nAr3XowHmf4P7SVq6E
ViMtBQK6CZrHsoYEvZBrnCNvwBQ/4HtOc6JmgsTjUdz8XTusMYjLQjt49r7dd/5W
rexqSUGFVnPnD5a4jtK9PkCqvDmabeq8UbZJeSyAciDb6tN/sfoKYukIzBGvbdCw
ski/uaxu
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:38 2024 by rpki-client on console-fra.rpki-client.org