Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/myijrXdrYWaNz7rksVA7zC4rbKM.roa
File: myijrXdrYWaNz7rksVA7zC4rbKM.roa (raw, json)
Hash identifier: ukDtnxGmGjANB93852Xj5aPKFqafMmIjGTl+QF++AjE=
Subject key identifier: 9B:28:A3:AD:77:6B:61:66:8D:CF:BA:E4:B1:50:3B:CC:2E:2B:6C:A3
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53E2DF5C8E0C82A2BBF42318150D64
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/myijrXdrYWaNz7rksVA7zC4rbKM.roa
Signing time: Sun 01 Jan 2023 07:55:14 +0000
ROA not before: Sun 01 Jan 2023 07:55:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3170
IP address blocks: 185.133.73.0/24 maxlen: 32
194.156.159.0/24 maxlen: 32
185.137.181.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 128
Validation: Failed, certificate revoked on Mon 13 Nov 2023 04:53:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:e2:df:5c:8e:0c:82:a2:bb:f4:23:18:15:0d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b28a3ad776b61668dcfbae4b1503bcc2e2b6ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:76:eb:54:a7:48:01:93:a0:86:7b:20:47:75:
7d:92:83:3d:0a:ca:9e:f2:92:d8:db:e9:cf:f7:90:
e9:81:36:1c:ac:41:c7:cf:37:9d:05:0d:7b:46:d3:
ca:c0:34:72:8e:c7:dc:00:46:91:45:90:60:4f:fe:
fd:0e:cf:9c:75:f0:35:80:87:d6:83:19:8e:1a:28:
14:d1:6b:97:d5:b9:0a:91:b8:72:44:82:09:02:1b:
6c:71:94:bc:2d:76:11:fc:70:b4:ea:cc:a3:7c:71:
b7:7d:d2:8f:03:ae:0c:75:e0:67:89:d5:6e:f0:c9:
58:b1:3e:65:35:12:05:be:6a:eb:fa:33:df:b4:28:
9f:e7:9c:88:96:ff:35:44:93:c4:22:9d:ff:11:09:
44:61:7b:14:55:e3:70:7c:71:26:eb:8f:92:c3:be:
7b:2a:af:d1:db:db:9d:c4:08:6b:a7:9e:0f:9b:ba:
ac:d7:5c:44:d7:46:e9:a2:7a:04:61:7c:b0:e0:e1:
ec:36:08:23:75:9e:c4:53:23:24:98:e1:75:7a:98:
60:b4:a2:c3:c7:eb:e6:da:25:6c:6e:5e:b8:bd:28:
45:ee:da:7a:54:8a:d6:b3:0d:d4:85:e2:fa:36:e0:
45:2d:78:fb:c4:bd:e1:32:32:ad:84:57:3c:ad:bd:
5d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:28:A3:AD:77:6B:61:66:8D:CF:BA:E4:B1:50:3B:CC:2E:2B:6C:A3
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/myijrXdrYWaNz7rksVA7zC4rbKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.73.0/24
185.137.181.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
5d:a2:7e:27:31:3f:f8:ae:5a:68:e5:24:3c:42:49:48:1a:f1:
f9:a4:29:e5:46:61:0c:65:e7:89:da:ca:55:36:da:0f:cb:8a:
3c:da:a7:7a:00:cf:a8:8c:38:14:d1:34:a4:65:84:91:41:f4:
8c:0a:60:2e:ba:bd:a7:44:fb:3e:4b:22:73:07:f8:06:bc:a6:
a7:b1:60:f7:8c:93:1a:02:57:1c:66:7c:b6:19:16:6c:4b:7d:
91:8a:6f:3a:1d:79:cb:98:d9:be:1f:d2:eb:30:fd:22:1b:69:
fe:20:b5:06:0b:1b:cf:dc:86:39:08:b3:94:e2:bb:f4:de:06:
9c:37:8e:a3:f7:64:8e:7d:80:3c:f5:fc:1c:b0:4a:3e:dd:98:
ad:d3:04:d6:2d:f3:ea:73:09:7b:a3:59:80:00:58:48:84:f0:
ad:de:ce:47:f1:93:ea:0d:ed:3a:7a:1b:2a:82:86:f6:c2:90:
49:a8:2f:d1:b3:9a:04:6a:55:1d:0d:d3:65:7e:3c:c4:4a:99:
2b:93:73:64:08:18:b7:d8:2d:cc:f0:7f:4a:21:36:5c:18:fe:
e4:ee:ac:68:05:de:7e:73:75:ff:bd:d7:13:89:97:4e:b0:21:
e9:07:da:76:44:66:1d:f7:ee:ff:09:ab:af:db:62:5c:6d:fb:
c9:71:59:fe
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVsU+LfXI4MgqK79CMYFQ1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjI4YTNhZDc3NmI2MTY2OGRjZmJhZTRiMTUwM2JjYzJlMmI2Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnbrVKdIAZOghnsgR3V9koM9Csqe
8pLY2+nP95DpgTYcrEHHzzedBQ17RtPKwDRyjsfcAEaRRZBgT/79Ds+cdfA1gIfW
gxmOGigU0WuX1bkKkbhyRIIJAhtscZS8LXYR/HC06syjfHG3fdKPA64MdeBnidVu
8MlYsT5lNRIFvmrr+jPftCif55yIlv81RJPEIp3/EQlEYXsUVeNwfHEm64+Sw757
Kq/R29udxAhrp54Pm7qs11xE10bponoEYXyw4OHsNggjdZ7EUyMkmOF1ephgtKLD
x+vm2iVsbl64vShF7tp6VIrWsw3UheL6NuBFLXj7xL3hMjKthFc8rb1dhQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJsoo613a2Fmjc+65LFQO8wuK2yjMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbXlpanJYZHJZV2FOejdya3NWQTd6QzRyYktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAuYVJAwQA
uYm1AwQAwpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAF2i
ficxP/iuWmjlJDxCSUga8fmkKeVGYQxl54naylU22g/Lijzap3oAz6iMOBTRNKRl
hJFB9IwKYC66vadE+z5LInMH+Aa8pqexYPeMkxoCVxxmfLYZFmxLfZGKbzodecuY
2b4f0usw/SIbaf4gtQYLG8/chjkIs5Tiu/TeBpw3jqP3ZI59gDz1/BywSj7dmK3T
BNYt8+pzCXujWYAAWEiE8K3ezkfxk+oN7Tp6GyqChvbCkEmoL9GzmgRqVR0N02V+
PMRKmSuTc2QIGLfYLczwf0ohNlwY/uTurGgF3n5zdf+91xOJl06wIekH2nZEZh33
7v8Jq6/bYlxt+8lxWf4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org