Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/s95oHiRHDH7e9Jl0xkf7hcBcddg.roa
File: s95oHiRHDH7e9Jl0xkf7hcBcddg.roa (raw, json)
Hash identifier: jBF16hak3B+NnoJTr5EBinO4wwZWVl7BO3NDlNDAnBk=
Subject key identifier: B3:DE:68:1E:24:47:0C:7E:DE:F4:99:74:C6:47:FB:85:C0:5C:75:D8
Certificate issuer: /CN=87992088e7655cb134020ca95b0e57d4e6daf40f
Certificate serial: 01856C781F87583120F10CE3ED27D8212D89
Authority key identifier: 87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/s95oHiRHDH7e9Jl0xkf7hcBcddg.roa
Signing time: Sun 01 Jan 2023 08:34:49 +0000
ROA not before: Sun 01 Jan 2023 08:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203201
IP address blocks: 185.146.128.0/22 maxlen: 22
2a07:50c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:1f:87:58:31:20:f1:0c:e3:ed:27:d8:21:2d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87992088e7655cb134020ca95b0e57d4e6daf40f
Validity
Not Before: Jan 1 08:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3de681e24470c7edef49974c647fb85c05c75d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:43:17:34:fd:5c:5c:8d:bf:4c:0e:0a:8a:47:
96:28:47:d0:01:dd:c7:3e:9d:3b:0d:31:68:e2:86:
ea:96:0f:2c:bb:65:43:a3:36:25:be:4f:32:6c:33:
2c:80:5d:fb:66:fb:20:7f:b0:61:b3:8d:94:fd:67:
83:a1:87:18:1e:b7:7f:aa:99:ac:e8:6f:77:b6:fb:
fe:ca:a4:98:a2:24:93:38:2a:cd:f8:bc:11:97:db:
ac:9e:66:32:c9:d1:d7:fb:f1:13:8b:32:ab:f7:75:
f6:01:fb:1e:2c:4c:fa:7c:da:11:aa:7f:a7:7a:28:
6f:8d:be:92:f2:79:ef:12:3e:64:47:0f:16:75:ce:
a5:11:5c:cf:22:b2:38:85:da:32:52:dc:45:a2:65:
0c:97:2e:32:51:83:d5:51:f6:5d:98:09:06:03:9c:
18:ac:e3:ae:62:f5:b7:a8:2e:a2:6e:64:b3:e7:f7:
93:75:6e:f5:82:da:c0:82:95:18:81:2b:8b:65:80:
e3:be:f7:8f:13:13:d7:06:92:a4:30:ac:2e:a5:b6:
40:88:bc:f4:69:f1:e8:49:c8:55:3c:84:d2:57:3c:
46:a1:19:17:97:84:de:07:29:59:5d:7c:92:3d:29:
e7:0b:a4:33:75:32:7e:8e:b8:3f:74:92:1d:7c:e7:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DE:68:1E:24:47:0C:7E:DE:F4:99:74:C6:47:FB:85:C0:5C:75:D8
X509v3 Authority Key Identifier:
keyid:87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/s95oHiRHDH7e9Jl0xkf7hcBcddg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.128.0/22
IPv6:
2a07:50c0::/29
Signature Algorithm: sha256WithRSAEncryption
78:cf:b2:c3:b9:e6:13:cb:f9:41:e0:ab:18:5f:0e:dc:62:a0:
6d:57:21:42:a5:dd:e9:6d:6a:72:ad:61:36:2b:ef:b3:a3:e4:
58:2c:70:21:48:ff:5f:c6:44:98:cc:f3:e0:d3:39:00:10:a6:
16:72:79:a7:e1:3e:a9:39:7c:2a:f7:c5:08:9b:d2:dc:a9:89:
5f:4a:76:88:1c:f0:f5:ec:bc:36:19:22:3d:13:58:01:b5:c5:
d5:ce:9a:99:7a:d4:50:96:93:53:c4:3d:a9:d9:19:bd:de:9e:
7b:81:0c:d2:87:2c:33:c1:5b:58:ed:17:50:0c:ab:64:8e:62:
52:43:9b:61:9b:ea:e1:8f:06:d5:33:75:91:72:5c:17:34:24:
dc:ab:7d:2a:8c:ad:c3:2c:72:31:ae:6a:3e:d6:b3:36:48:9c:
20:63:44:7b:37:8f:ab:0f:8b:f7:87:2b:9a:24:2d:2d:c9:e5:
6b:69:54:d9:cf:54:cd:08:fb:aa:e1:9c:3c:f6:a9:19:a0:17:
8f:57:96:8d:d1:aa:3e:29:e2:97:1a:e3:36:3a:7f:67:c1:e8:
ef:09:59:6f:ce:43:d9:c2:a3:84:6d:16:92:e7:9f:61:74:72:
3f:c6:2f:35:c1:c5:66:f2:24:b8:fb:b0:ac:fa:e6:e3:e0:00:
02:02:68:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVseB+HWDEg8Qzj7SfYIS2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTkyMDg4ZTc2NTVjYjEzNDAyMGNhOTViMGU1N2Q0ZTZk
YWY0MGYwHhcNMjMwMTAxMDgzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RlNjgxZTI0NDcwYzdlZGVmNDk5NzRjNjQ3ZmI4NWMwNWM3NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUMXNP1cXI2/TA4KikeWKEfQAd3H
Pp07DTFo4obqlg8su2VDozYlvk8ybDMsgF37Zvsgf7Bhs42U/WeDoYcYHrd/qpms
6G93tvv+yqSYoiSTOCrN+LwRl9usnmYyydHX+/ETizKr93X2AfseLEz6fNoRqn+n
eihvjb6S8nnvEj5kRw8Wdc6lEVzPIrI4hdoyUtxFomUMly4yUYPVUfZdmAkGA5wY
rOOuYvW3qC6ibmSz5/eTdW71gtrAgpUYgSuLZYDjvvePExPXBpKkMKwupbZAiLz0
afHoSchVPITSVzxGoRkXl4TeBylZXXySPSnnC6QzdTJ+jrg/dJIdfOdo2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLPeaB4kRwx+3vSZdMZH+4XAXHXYMB8GA1UdIwQY
MBaAFIeZIIjnZVyxNAIMqVsOV9Tm2vQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMt
ODVlYTYzYzI0NDc0LzEvczk1b0hpUkhESDdlOUpsMHhrZjdoY0JjZGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMtODVlYTYzYzI0NDc0
LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZKAMA0E
AgACMAcDBQMqB1DAMA0GCSqGSIb3DQEBCwUAA4IBAQB4z7LDueYTy/lB4KsYXw7c
YqBtVyFCpd3pbWpyrWE2K++zo+RYLHAhSP9fxkSYzPPg0zkAEKYWcnmn4T6pOXwq
98UIm9LcqYlfSnaIHPD17Lw2GSI9E1gBtcXVzpqZetRQlpNTxD2p2Rm93p57gQzS
hywzwVtY7RdQDKtkjmJSQ5thm+rhjwbVM3WRclwXNCTcq30qjK3DLHIxrmo+1rM2
SJwgY0R7N4+rD4v3hyuaJC0tyeVraVTZz1TNCPuq4Zw89qkZoBePV5aN0ao+KeKX
GuM2On9nwejvCVlvzkPZwqOEbRaS559hdHI/xi81wcVm8iS4+7Cs+ubj4AACAmjZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:04 2024 by rpki-client on console-fra.rpki-client.org