Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/R68D51nw613LkcMZ1bEIcn1msm8.roa
File: R68D51nw613LkcMZ1bEIcn1msm8.roa (raw, json)
Hash identifier: wtA3owCRNQroKugdtAvgzZNOBRl71tlKV7K/IvPB90w=
Subject key identifier: 47:AF:03:E7:59:F0:EB:5D:CB:91:C3:19:D5:B1:08:72:7D:66:B2:6F
Certificate issuer: /CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Certificate serial: 0186A1A8A4E09F41DCF525C7488261AE2EC0
Authority key identifier: E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/R68D51nw613LkcMZ1bEIcn1msm8.roa
Signing time: Thu 02 Mar 2023 09:30:29 +0000
ROA not before: Thu 02 Mar 2023 09:30:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 185.69.120.0/22 maxlen: 22
185.129.208.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:a8:a4:e0:9f:41:dc:f5:25:c7:48:82:61:ae:2e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Validity
Not Before: Mar 2 09:30:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47af03e759f0eb5dcb91c319d5b108727d66b26f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ab:cd:4c:92:13:11:e7:5c:f2:bf:ba:70:fe:
52:d2:e9:26:6c:a4:3d:23:3e:78:41:0a:b6:1e:4b:
a7:eb:b7:b9:a0:02:4d:d4:10:3e:62:9d:ac:00:bd:
88:db:00:1a:c8:0c:59:ef:b7:73:21:b2:28:2b:57:
95:e3:28:72:0a:1a:fb:eb:e6:8c:a2:4e:d6:19:d8:
f9:50:09:d2:db:ca:7e:ff:b6:39:51:e7:92:ad:7c:
91:0a:1b:14:1f:eb:bf:1d:1b:30:64:63:d5:45:3a:
f6:6f:ec:3d:8d:ab:16:e8:2c:0b:c6:3d:02:7c:3e:
a7:b1:95:51:ed:ef:62:9b:e5:2a:f6:54:30:f1:08:
e2:f1:22:5b:0d:40:46:05:da:74:0f:aa:2f:8d:60:
d7:ab:46:b5:08:16:d2:2e:48:da:fb:2b:f0:92:22:
16:33:98:62:5e:26:2e:69:0c:22:b4:85:e3:35:8e:
3b:cf:57:5a:47:35:5f:a3:dc:88:73:0d:98:a3:48:
67:c9:65:1e:a9:0e:dd:71:fe:0c:c7:0a:24:70:a7:
e6:c8:c9:26:bd:89:3d:2f:52:f6:bf:24:2d:f5:80:
4d:c4:b2:ad:56:60:2e:f2:c2:93:2e:d4:ed:59:9f:
4b:78:f8:c1:47:ca:f7:80:c7:96:72:a2:d3:80:8d:
e4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AF:03:E7:59:F0:EB:5D:CB:91:C3:19:D5:B1:08:72:7D:66:B2:6F
X509v3 Authority Key Identifier:
keyid:E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/R68D51nw613LkcMZ1bEIcn1msm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.120.0/22
185.129.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:69:bb:c1:cb:29:ad:dd:ca:0d:53:8b:b6:30:70:a9:4b:cc:
95:36:f1:b3:4b:ff:c2:c2:d0:e6:9b:65:cc:1d:6b:fa:40:e3:
c8:98:ce:6b:a2:e1:05:78:1a:af:41:a0:9c:e8:de:4d:fa:cd:
59:aa:8a:aa:b8:b0:f8:28:1d:de:57:e9:ab:45:77:56:e5:81:
87:e6:33:ff:ca:a4:e3:c1:28:c7:3f:86:67:ab:e8:ee:30:f9:
1e:77:01:f4:14:07:f8:28:81:ad:ad:f7:a4:ee:28:6a:d6:02:
48:36:30:bb:68:98:c6:53:f8:01:5f:b6:95:2b:df:a8:36:35:
22:3e:1f:83:9f:00:09:bf:3c:46:99:bf:60:dc:b7:f5:2f:00:
05:e7:2b:9f:d8:1d:1a:e3:b6:63:03:dd:90:26:27:c6:fe:92:
8e:d1:70:08:e2:83:76:5a:6f:b1:a8:59:aa:94:f7:00:f6:11:
0a:07:0a:fb:21:55:c3:9f:02:87:d4:c4:33:ac:86:2b:be:b0:
c2:1a:94:dd:94:9e:13:31:53:8f:06:c6:a6:82:8c:19:f9:ec:
e4:0f:ae:20:88:b9:78:5c:3e:fa:77:67:cb:20:eb:63:e7:09:
77:7a:84:cc:1b:48:c9:ff:c2:2a:bf:5b:a6:30:c7:5e:8c:2c:
8f:2a:87:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYahqKTgn0Hc9SXHSIJhri7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWJkN2RkMWY4YWM4YjQxOTJiYTc4YTU5MjM0OGI1ZGQw
YTFhNjYwHhcNMjMwMzAyMDkzMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FmMDNlNzU5ZjBlYjVkY2I5MWMzMTlkNWIxMDg3MjdkNjZiMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKvNTJITEedc8r+6cP5S0ukmbKQ9
Iz54QQq2Hkun67e5oAJN1BA+Yp2sAL2I2wAayAxZ77dzIbIoK1eV4yhyChr76+aM
ok7WGdj5UAnS28p+/7Y5UeeSrXyRChsUH+u/HRswZGPVRTr2b+w9jasW6CwLxj0C
fD6nsZVR7e9im+Uq9lQw8Qji8SJbDUBGBdp0D6ovjWDXq0a1CBbSLkja+yvwkiIW
M5hiXiYuaQwitIXjNY47z1daRzVfo9yIcw2Yo0hnyWUeqQ7dcf4MxwokcKfmyMkm
vYk9L1L2vyQt9YBNxLKtVmAu8sKTLtTtWZ9LePjBR8r3gMeWcqLTgI3k6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEevA+dZ8Otdy5HDGdWxCHJ9ZrJvMB8GA1UdIwQY
MBaAFOYb190fisi0GSunilkjSLXdChpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2Njct
ZGU5YjJmOGY3ZTI5LzEvUjY4RDUxbnc2MTNMa2NNWjFiRUljbjFtc204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2NjctZGU5YjJmOGY3ZTI5
LzEvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUV4AwQC
uYHQMA0GCSqGSIb3DQEBCwUAA4IBAQAvabvByymt3coNU4u2MHCpS8yVNvGzS//C
wtDmm2XMHWv6QOPImM5rouEFeBqvQaCc6N5N+s1ZqoqquLD4KB3eV+mrRXdW5YGH
5jP/yqTjwSjHP4Znq+juMPkedwH0FAf4KIGtrfek7ihq1gJINjC7aJjGU/gBX7aV
K9+oNjUiPh+DnwAJvzxGmb9g3Lf1LwAF5yuf2B0a47ZjA92QJifG/pKO0XAI4oN2
Wm+xqFmqlPcA9hEKBwr7IVXDnwKH1MQzrIYrvrDCGpTdlJ4TMVOPBsamgowZ+ezk
D64giLl4XD76d2fLIOtj5wl3eoTMG0jJ/8Iqv1umMMdejCyPKof8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org