Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ed9c63-56be-471b-9bab-53ed82d33d84/1/P5nRL4hZqlUPK1pWeJC4nsz7zK0.roa
File: P5nRL4hZqlUPK1pWeJC4nsz7zK0.roa (raw, json)
Hash identifier: yTT1HR9v8anGdzies415TuxgOGbWF/fHic8D7HxPDfg=
Subject key identifier: 3F:99:D1:2F:88:59:AA:55:0F:2B:5A:56:78:90:B8:9E:CC:FB:CC:AD
Certificate issuer: /CN=08561d0de62247e2085bf59a73c87d25a2438980
Certificate serial: 0185729ECABD45A4AAA2BA495706F5A3D6C6
Authority key identifier: 08:56:1D:0D:E6:22:47:E2:08:5B:F5:9A:73:C8:7D:25:A2:43:89:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CFYdDeYiR-IIW_Wac8h9JaJDiYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ed9c63-56be-471b-9bab-53ed82d33d84/1/P5nRL4hZqlUPK1pWeJC4nsz7zK0.roa
Signing time: Mon 02 Jan 2023 13:14:47 +0000
ROA not before: Mon 02 Jan 2023 13:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48296
IP address blocks: 185.7.108.0/22 maxlen: 24
2a03:2640::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:ca:bd:45:a4:aa:a2:ba:49:57:06:f5:a3:d6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08561d0de62247e2085bf59a73c87d25a2438980
Validity
Not Before: Jan 2 13:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f99d12f8859aa550f2b5a567890b89eccfbccad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:42:5a:dd:ff:01:8f:e3:4c:96:93:fc:e6:4d:
91:cd:ff:23:89:d1:be:80:9a:31:b0:d5:0f:c5:37:
99:2c:ac:c1:7a:f3:fb:ed:f1:3a:44:3b:d2:7f:73:
10:42:4c:45:e5:e9:9d:3f:91:3c:6c:da:eb:24:94:
fe:2e:e5:9a:81:2e:94:70:fb:db:e6:20:a8:c5:7c:
23:10:4b:9f:53:94:19:35:e4:7f:57:ac:86:a1:65:
9e:c8:87:40:2d:69:59:a5:43:5f:af:c5:55:34:0e:
ce:4b:e0:cc:85:3d:ff:bf:17:0f:20:65:2f:77:f5:
c7:22:c0:ea:a0:a7:b2:be:8e:9f:36:73:9c:80:ae:
2c:cf:dc:ae:02:1d:0b:a7:06:29:e6:c3:63:65:01:
eb:67:06:72:36:9a:a1:39:76:32:c8:65:2a:93:fe:
38:41:60:c2:b7:30:0d:e9:d7:99:f6:c5:a9:45:ba:
3c:94:ec:ff:af:16:3b:f8:69:e1:20:51:3b:74:7c:
9b:9f:62:81:8f:37:ff:50:23:cd:24:d9:b4:78:f6:
ae:bc:3f:02:4b:8b:bc:d3:56:40:8e:7f:bd:8b:0b:
64:f3:68:05:2e:8b:b9:65:a5:1a:05:55:10:bd:df:
de:66:22:88:2b:0f:8d:be:ea:35:d7:86:63:17:62:
79:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:99:D1:2F:88:59:AA:55:0F:2B:5A:56:78:90:B8:9E:CC:FB:CC:AD
X509v3 Authority Key Identifier:
keyid:08:56:1D:0D:E6:22:47:E2:08:5B:F5:9A:73:C8:7D:25:A2:43:89:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CFYdDeYiR-IIW_Wac8h9JaJDiYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ed9c63-56be-471b-9bab-53ed82d33d84/1/P5nRL4hZqlUPK1pWeJC4nsz7zK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ed9c63-56be-471b-9bab-53ed82d33d84/1/CFYdDeYiR-IIW_Wac8h9JaJDiYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.108.0/22
IPv6:
2a03:2640::/32
Signature Algorithm: sha256WithRSAEncryption
40:05:12:57:4f:87:42:cf:97:9c:9f:72:56:4c:4d:01:88:96:
43:39:12:1d:42:65:e6:d8:7a:9f:03:d7:93:2d:d7:42:af:db:
b8:41:92:cb:12:a3:8e:74:26:35:3b:a9:38:cf:15:4c:17:a6:
3d:f8:7d:d9:00:81:e5:79:8f:7d:df:1c:d7:dc:5c:4d:fa:7b:
20:b0:18:91:3b:e3:35:7c:90:9e:f9:17:c1:d9:20:95:7e:c0:
76:cf:1d:1b:2e:11:93:dc:55:4d:31:68:42:5a:0e:2e:ca:c4:
35:85:e8:c5:07:d1:5c:38:35:4a:05:5c:94:1e:cd:23:fb:f9:
a8:1d:c0:84:83:4a:77:78:f0:93:e6:32:54:e9:47:77:8e:d2:
65:71:b4:9d:bc:54:13:75:56:78:62:a9:91:2e:94:0f:20:05:
1a:07:9f:c2:45:55:02:d9:b2:99:6c:a0:0d:65:0f:c8:ef:15:
e2:79:35:c1:98:ac:4c:b8:b8:63:19:ca:79:f7:27:f2:03:d0:
1c:9f:10:61:17:b9:9b:33:4e:23:a5:3b:20:6e:22:2b:30:06:
fd:38:77:82:eb:ad:57:9f:7b:95:62:cd:d8:1e:94:b8:34:35:
36:56:4d:d7:a0:db:46:04:a0:7f:e5:71:50:1b:84:cc:da:9c:
5c:30:a5:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVynsq9RaSqorpJVwb1o9bGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NTYxZDBkZTYyMjQ3ZTIwODViZjU5YTczYzg3ZDI1YTI0
Mzg5ODAwHhcNMjMwMTAyMTMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjk5ZDEyZjg4NTlhYTU1MGYyYjVhNTY3ODkwYjg5ZWNjZmJjY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0Ja3f8Bj+NMlpP85k2Rzf8jidG+
gJoxsNUPxTeZLKzBevP77fE6RDvSf3MQQkxF5emdP5E8bNrrJJT+LuWagS6UcPvb
5iCoxXwjEEufU5QZNeR/V6yGoWWeyIdALWlZpUNfr8VVNA7OS+DMhT3/vxcPIGUv
d/XHIsDqoKeyvo6fNnOcgK4sz9yuAh0LpwYp5sNjZQHrZwZyNpqhOXYyyGUqk/44
QWDCtzAN6deZ9sWpRbo8lOz/rxY7+GnhIFE7dHybn2KBjzf/UCPNJNm0ePauvD8C
S4u801ZAjn+9iwtk82gFLou5ZaUaBVUQvd/eZiKIKw+Nvuo114ZjF2J54QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD+Z0S+IWapVDytaVniQuJ7M+8ytMB8GA1UdIwQY
MBaAFAhWHQ3mIkfiCFv1mnPIfSWiQ4mAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0ZZZERlWWlSLUlJV19XYWM4aDlKYUpEaVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lZDljNjMtNTZiZS00NzFiLTliYWIt
NTNlZDgyZDMzZDg0LzEvUDVuUkw0aFpxbFVQSzFwV2VKQzRuc3o3ekswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lZDljNjMtNTZiZS00NzFiLTliYWItNTNlZDgyZDMzZDg0
LzEvQ0ZZZERlWWlSLUlJV19XYWM4aDlKYUpEaVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQdsMA0E
AgACMAcDBQAqAyZAMA0GCSqGSIb3DQEBCwUAA4IBAQBABRJXT4dCz5ecn3JWTE0B
iJZDORIdQmXm2HqfA9eTLddCr9u4QZLLEqOOdCY1O6k4zxVMF6Y9+H3ZAIHleY99
3xzX3FxN+nsgsBiRO+M1fJCe+RfB2SCVfsB2zx0bLhGT3FVNMWhCWg4uysQ1hejF
B9FcODVKBVyUHs0j+/moHcCEg0p3ePCT5jJU6Ud3jtJlcbSdvFQTdVZ4YqmRLpQP
IAUaB5/CRVUC2bKZbKANZQ/I7xXieTXBmKxMuLhjGcp59yfyA9AcnxBhF7mbM04j
pTsgbiIrMAb9OHeC661Xn3uVYs3YHpS4NDU2Vk3XoNtGBKB/5XFQG4TM2pxcMKVp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:14 2024 by rpki-client on console-ams.rpki-client.org