Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/vK7zI94LpIT765sb_Ue9nKwsXoA.roa
File: vK7zI94LpIT765sb_Ue9nKwsXoA.roa (raw, json)
Hash identifier: b9/tgQmXq7payOIYkg3wjCD4Z3KQb1bXp7o1aw/1C7o=
Subject key identifier: BC:AE:F3:23:DE:0B:A4:84:FB:EB:9B:1B:FD:47:BD:9C:AC:2C:5E:80
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 018570708586EAF69FA42CB4EA47CBA2ACC3
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/vK7zI94LpIT765sb_Ue9nKwsXoA.roa
Signing time: Mon 02 Jan 2023 03:05:00 +0000
ROA not before: Mon 02 Jan 2023 03:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30925
IP address blocks: 185.142.248.0/22 maxlen: 24
109.109.96.0/19 maxlen: 24
83.98.224.0/19 maxlen: 24
185.34.156.0/22 maxlen: 24
185.26.56.0/22 maxlen: 24
185.34.168.0/22 maxlen: 24
2a02:988::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:85:86:ea:f6:9f:a4:2c:b4:ea:47:cb:a2:ac:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Jan 2 03:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcaef323de0ba484fbeb9b1bfd47bd9cac2c5e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:38:0e:ee:e9:92:7c:e4:06:16:d5:7c:2a:e1:
93:a9:0c:e1:4a:0c:23:4d:2e:08:26:6e:3c:d8:e0:
22:5c:9b:e3:d2:22:3f:31:0e:6d:89:81:25:89:cc:
6b:24:03:08:8b:3e:b4:ae:a6:a8:fb:56:e6:b4:a1:
d0:5b:b1:84:b6:c2:df:7c:27:05:0e:46:38:d8:c8:
a3:d5:10:1c:b7:db:0a:3c:7b:24:4c:96:e2:72:23:
0a:a4:1e:a1:30:d0:97:7d:f7:1e:98:4a:80:dc:e1:
5d:d9:19:ac:b6:6f:bf:ef:d3:f2:6a:91:f0:ba:18:
7f:20:e4:57:20:07:d1:5a:48:0d:d8:c4:44:16:7d:
e9:66:22:5d:13:30:0e:9d:8b:18:b8:1b:3b:31:c8:
f5:e9:b8:ea:b6:20:64:bd:96:e0:92:3c:b2:6a:5d:
f2:86:f4:14:8b:79:89:4b:74:e6:9f:d7:73:a0:f9:
5d:83:65:8a:16:a3:63:91:62:3a:29:66:1c:94:b0:
16:ca:07:92:8f:8f:90:6e:98:a7:5e:56:81:f0:85:
fd:80:76:63:97:a9:64:f4:b2:f5:c2:82:98:4f:40:
63:b3:2f:0d:ca:81:27:ed:3d:64:0f:00:2a:01:23:
09:34:46:1f:70:75:47:b8:fd:80:2f:63:ed:d0:52:
b9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AE:F3:23:DE:0B:A4:84:FB:EB:9B:1B:FD:47:BD:9C:AC:2C:5E:80
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/vK7zI94LpIT765sb_Ue9nKwsXoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.98.224.0/19
109.109.96.0/19
185.26.56.0/22
185.34.156.0/22
185.34.168.0/22
185.142.248.0/22
IPv6:
2a02:988::/32
Signature Algorithm: sha256WithRSAEncryption
65:c3:50:a1:7d:51:29:43:2a:48:1a:27:7c:90:c9:26:a4:8a:
1e:fb:90:07:6e:e5:de:5d:5c:5d:f0:40:6e:68:1e:ef:b2:32:
54:1e:88:8a:77:00:6c:2d:57:59:8e:03:f4:5a:1e:4f:8b:2b:
aa:b5:c3:db:d4:5d:62:93:78:b3:cd:c4:4e:a9:92:b1:7d:18:
56:3e:7d:19:d3:bd:6f:2e:3b:96:ee:a6:bb:8a:90:2e:28:da:
c0:c5:62:52:ac:c9:c8:d8:34:f6:94:f9:86:5e:92:30:db:56:
1d:e2:74:e2:f9:30:c5:92:fc:87:81:6a:3d:bf:72:96:4d:78:
6d:49:6f:9a:92:72:d0:26:5c:60:d6:13:18:b6:50:f7:ea:5f:
f9:e5:d3:7c:68:45:5b:c4:1a:bf:2b:1c:6f:9d:bb:81:49:3f:
2d:54:dd:c3:16:13:df:72:1e:f4:81:d1:ef:6c:b4:dc:74:31:
39:69:e2:36:9b:26:ff:e8:64:5f:7b:32:50:f2:dd:30:66:68:
f1:38:8a:8b:b9:41:bb:b4:c5:8b:37:c8:98:66:3b:3a:d3:86:
7f:47:98:9c:2a:bd:c5:be:e5:24:ce:24:fe:2f:c4:b9:81:a9:
d5:ea:e0:72:98:c7:d4:89:72:c4:7e:15:1a:9a:e0:c6:7d:4e:
ed:c1:2c:35
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVwcIWG6vafpCy06kfLoqzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjMwMTAyMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FlZjMyM2RlMGJhNDg0ZmJlYjliMWJmZDQ3YmQ5Y2FjMmM1ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjgO7umSfOQGFtV8KuGTqQzhSgwj
TS4IJm482OAiXJvj0iI/MQ5tiYElicxrJAMIiz60rqao+1bmtKHQW7GEtsLffCcF
DkY42Mij1RAct9sKPHskTJbiciMKpB6hMNCXffcemEqA3OFd2Rmstm+/79PyapHw
uhh/IORXIAfRWkgN2MREFn3pZiJdEzAOnYsYuBs7Mcj16bjqtiBkvZbgkjyyal3y
hvQUi3mJS3Tmn9dzoPldg2WKFqNjkWI6KWYclLAWygeSj4+QbpinXlaB8IX9gHZj
l6lk9LL1woKYT0Bjsy8NyoEn7T1kDwAqASMJNEYfcHVHuP2AL2Pt0FK5gQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLyu8yPeC6SE++ubG/1HvZysLF6AMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvdks3ekk5NExwSVQ3NjVzYl9VZTluS3dzWG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFU2LgAwQF
bW1gAwQCuRo4AwQCuSKcAwQCuSKoAwQCuY74MA0EAgACMAcDBQAqAgmIMA0GCSqG
SIb3DQEBCwUAA4IBAQBlw1ChfVEpQypIGid8kMkmpIoe+5AHbuXeXVxd8EBuaB7v
sjJUHoiKdwBsLVdZjgP0Wh5PiyuqtcPb1F1ik3izzcROqZKxfRhWPn0Z071vLjuW
7qa7ipAuKNrAxWJSrMnI2DT2lPmGXpIw21Yd4nTi+TDFkvyHgWo9v3KWTXhtSW+a
knLQJlxg1hMYtlD36l/55dN8aEVbxBq/KxxvnbuBST8tVN3DFhPfch70gdHvbLTc
dDE5aeI2myb/6GRfezJQ8t0wZmjxOIqLuUG7tMWLN8iYZjs604Z/R5icKr3FvuUk
ziT+L8S5ganV6uBymMfUiXLEfhUamuDGfU7twSw1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org