Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/um3tKk8Ipn-yXfQqHdJvWc-49Fg.roa
File: um3tKk8Ipn-yXfQqHdJvWc-49Fg.roa (raw, json)
Hash identifier: qRkqwYMxGOlIlpx77ksu1xU24ygSCS7RjROm/qQzY0E=
Subject key identifier: BA:6D:ED:2A:4F:08:A6:7F:B2:5D:F4:2A:1D:D2:6F:59:CF:B8:F4:58
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53E561265D0A2F47C74765CBE5DB8C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/um3tKk8Ipn-yXfQqHdJvWc-49Fg.roa
Signing time: Sun 01 Jan 2023 07:55:15 +0000
ROA not before: Sun 01 Jan 2023 07:55:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22649
IP address blocks: 185.141.204.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:e5:61:26:5d:0a:2f:47:c7:47:65:cb:e5:db:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba6ded2a4f08a67fb25df42a1dd26f59cfb8f458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:94:90:07:b5:1d:79:9b:49:79:d4:ee:57:8e:
69:67:d2:0d:df:d0:ce:14:72:9f:66:65:d8:66:e4:
b2:50:2f:2a:d3:5f:66:ce:25:1c:83:fa:38:54:f9:
28:5a:05:09:8f:1e:4f:07:24:30:9a:bc:5f:0a:86:
28:27:c6:9f:35:21:69:44:b9:0d:d6:05:32:db:e9:
0a:34:0f:5a:39:85:e0:f9:de:fe:e1:55:e1:73:72:
76:dd:90:5e:76:8d:d2:06:98:01:ab:6c:97:9f:a9:
94:5e:5a:b1:0b:b2:79:75:ab:f8:46:0b:0a:47:4e:
33:4f:41:ca:53:c7:98:39:f4:d4:ff:46:d4:f9:1d:
ed:e1:d2:43:84:46:b3:94:95:76:a7:07:16:ee:df:
8a:0f:07:91:ad:b3:f3:f8:61:4c:3f:70:27:65:93:
dd:18:f8:2f:78:c0:4c:07:31:41:fb:b6:48:61:ba:
75:13:e6:02:65:7e:50:c0:1e:cd:f8:c0:65:09:64:
80:f2:ba:94:7e:8c:d8:62:05:ff:75:b8:97:41:83:
b7:a6:18:b4:78:35:9f:aa:d0:bb:f3:3d:29:24:da:
71:a8:44:00:72:94:ec:92:d0:53:c6:39:68:c0:68:
e2:a6:5f:15:84:8c:75:70:d8:28:c3:1a:80:81:3a:
1f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6D:ED:2A:4F:08:A6:7F:B2:5D:F4:2A:1D:D2:6F:59:CF:B8:F4:58
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/um3tKk8Ipn-yXfQqHdJvWc-49Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.204.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:a6:0c:91:93:06:c7:a2:7e:ed:73:14:a4:1c:0e:36:1e:0d:
f3:c7:5e:9a:c5:e0:ae:1b:07:b2:8d:0e:0b:79:af:fc:cb:12:
e6:ba:69:c1:55:81:ec:8a:6c:69:a7:b2:7e:42:a4:7a:91:3f:
c5:a0:31:1c:4d:02:d7:40:cd:f8:be:60:eb:f1:ca:ea:26:96:
e3:e7:ac:a4:f2:54:7b:33:cb:a1:b7:9b:17:90:a8:65:81:28:
83:f3:b3:a7:bf:c3:2c:34:ad:c3:96:76:62:6e:d4:16:33:75:
6e:03:4d:c7:64:08:af:70:5e:0b:e6:c4:fd:c7:4f:e3:d2:81:
9b:78:3c:2f:f0:0a:75:55:47:32:92:a4:27:2d:3e:36:e8:27:
3d:ea:5f:8b:c7:5f:12:32:cd:43:32:a5:31:d1:84:fb:05:ec:
a5:5f:8c:c2:9c:fa:1a:bc:3d:98:0c:9b:f3:ca:27:a5:c4:76:
d5:50:3d:11:12:4a:f4:23:03:65:eb:48:51:9e:76:94:63:68:
53:db:dc:32:b2:86:24:e4:98:5f:59:e6:97:12:af:51:cd:6c:
1f:c2:2d:82:bb:34:d0:f0:fd:e0:2b:c2:3e:4a:af:8c:79:21:
fe:ec:89:7c:0a:85:b9:eb:9e:9c:c6:05:8b:7b:d8:22:d7:71:
f7:45:3f:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU+VhJl0KL0fHR2XL5duMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZkZWQyYTRmMDhhNjdmYjI1ZGY0MmExZGQyNmY1OWNmYjhmNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypSQB7UdeZtJedTuV45pZ9IN39DO
FHKfZmXYZuSyUC8q019mziUcg/o4VPkoWgUJjx5PByQwmrxfCoYoJ8afNSFpRLkN
1gUy2+kKNA9aOYXg+d7+4VXhc3J23ZBedo3SBpgBq2yXn6mUXlqxC7J5dav4RgsK
R04zT0HKU8eYOfTU/0bU+R3t4dJDhEazlJV2pwcW7t+KDweRrbPz+GFMP3AnZZPd
GPgveMBMBzFB+7ZIYbp1E+YCZX5QwB7N+MBlCWSA8rqUfozYYgX/dbiXQYO3phi0
eDWfqtC78z0pJNpxqEQAcpTsktBTxjlowGjipl8VhIx1cNgowxqAgTofQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpt7SpPCKZ/sl30Kh3Sb1nPuPRYMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvdW0zdEtrOElwbi15WGZRcUhkSnZXYy00OUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY3MMA0G
CSqGSIb3DQEBCwUAA4IBAQA/pgyRkwbHon7tcxSkHA42Hg3zx16axeCuGweyjQ4L
ea/8yxLmumnBVYHsimxpp7J+QqR6kT/FoDEcTQLXQM34vmDr8crqJpbj56yk8lR7
M8uht5sXkKhlgSiD87Onv8MsNK3DlnZibtQWM3VuA03HZAivcF4L5sT9x0/j0oGb
eDwv8Ap1VUcykqQnLT426Cc96l+Lx18SMs1DMqUx0YT7BeylX4zCnPoavD2YDJvz
yielxHbVUD0REkr0IwNl60hRnnaUY2hT29wysoYk5JhfWeaXEq9RzWwfwi2CuzTQ
8P3gK8I+Sq+MeSH+7Il8CoW5656cxgWLe9gi13H3RT8I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org