Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/fda216-ecba-42ee-aab5-4782b7a8ea29/1/up12wBQ_c5qzYnDwjUIQrRpHSVY.roa
File: up12wBQ_c5qzYnDwjUIQrRpHSVY.roa (raw, json)
Hash identifier: eqvAtNwl1humtBIA2uwmBm8k+kTqOV/Wwfs+qCkDqWA=
Subject key identifier: BA:9D:76:C0:14:3F:73:9A:B3:62:70:F0:8D:42:10:AD:1A:47:49:56
Certificate issuer: /CN=a51d833d347e6c6ca69ea0a8ab2a83f49267ade4
Certificate serial: 0188A06FA7899D3BBF2C021CD90240291B72
Authority key identifier: A5:1D:83:3D:34:7E:6C:6C:A6:9E:A0:A8:AB:2A:83:F4:92:67:AD:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pR2DPTR-bGymnqCoqyqD9JJnreQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/fda216-ecba-42ee-aab5-4782b7a8ea29/1/up12wBQ_c5qzYnDwjUIQrRpHSVY.roa
Signing time: Fri 09 Jun 2023 13:54:11 +0000
ROA not before: Fri 09 Jun 2023 13:54:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206187
IP address blocks: 185.194.41.0/24 maxlen: 24
185.194.42.0/24 maxlen: 24
185.194.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:6f:a7:89:9d:3b:bf:2c:02:1c:d9:02:40:29:1b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a51d833d347e6c6ca69ea0a8ab2a83f49267ade4
Validity
Not Before: Jun 9 13:54:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba9d76c0143f739ab36270f08d4210ad1a474956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1d:c0:14:97:fa:41:80:bc:d2:e5:0b:a8:dd:
73:9a:aa:97:d6:87:ec:b2:91:f8:7e:2b:88:a0:43:
e1:6c:12:2f:2f:2f:4b:29:bb:e7:2f:f9:18:bc:90:
45:7e:e0:8b:23:8c:f9:1f:d6:55:e8:25:52:73:a4:
12:0d:54:c6:39:18:2f:d5:1e:b6:1b:28:23:b9:0f:
2a:68:09:39:f8:81:ba:80:76:5c:65:12:7f:7e:8d:
d9:8b:39:60:66:0a:38:ee:19:f4:8b:fd:0a:ea:53:
a1:c1:9c:0a:84:ee:12:cd:09:ef:71:61:84:c0:f6:
62:e3:ec:28:53:84:22:09:8b:f1:fa:b2:f3:15:2e:
c2:0b:85:cd:75:fd:40:b4:38:45:86:a7:1b:16:70:
0c:f2:55:d4:20:63:6d:6b:d4:b5:1c:9b:4e:7a:4b:
25:24:0d:99:e9:88:15:bc:99:1e:8c:f3:81:77:15:
b3:9b:25:a8:15:d9:9e:a6:46:f2:fa:33:69:7c:e0:
fb:0a:06:37:ff:9d:cd:bf:1d:e9:d1:17:d8:d7:9c:
74:86:d9:f5:b0:7f:ab:5a:88:ac:2c:6b:e5:ac:0c:
0b:42:1d:0f:26:2a:db:c9:2b:ec:2b:2e:eb:3c:a2:
80:8f:d1:0a:44:3b:61:00:b8:2f:9f:71:fa:c5:c3:
69:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9D:76:C0:14:3F:73:9A:B3:62:70:F0:8D:42:10:AD:1A:47:49:56
X509v3 Authority Key Identifier:
keyid:A5:1D:83:3D:34:7E:6C:6C:A6:9E:A0:A8:AB:2A:83:F4:92:67:AD:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pR2DPTR-bGymnqCoqyqD9JJnreQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fda216-ecba-42ee-aab5-4782b7a8ea29/1/up12wBQ_c5qzYnDwjUIQrRpHSVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fda216-ecba-42ee-aab5-4782b7a8ea29/1/pR2DPTR-bGymnqCoqyqD9JJnreQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.40.0-185.194.42.255
Signature Algorithm: sha256WithRSAEncryption
3b:67:61:7a:27:a7:44:76:7d:18:d5:cb:4d:a1:84:1d:a7:b6:
1e:87:8f:ef:78:25:64:b2:e1:bc:c7:f9:cc:5a:8f:7d:e9:de:
4f:36:e9:b3:4f:6e:d4:44:76:79:70:1d:ea:88:1a:4b:5e:04:
60:08:ea:f0:df:76:06:df:36:e9:8e:72:03:81:7f:7e:c8:94:
17:68:49:53:90:8e:12:b1:3c:60:af:b7:5b:4f:54:23:e4:44:
e8:1e:2c:e1:24:f3:83:40:70:08:e4:ef:66:60:53:90:bb:2c:
95:40:1a:5f:fc:59:5e:d8:b9:df:94:90:0a:c1:3c:17:90:8f:
5f:c1:e2:7d:ae:1b:4c:81:2c:56:5b:9c:cb:0f:59:2c:b5:94:
d6:79:fe:b9:b9:e3:25:8d:7a:63:6d:90:7a:d3:88:eb:98:85:
d2:6b:3f:e7:ae:11:43:09:37:63:10:fe:5a:f5:21:8d:73:2b:
89:99:36:97:a3:70:19:7e:51:b0:40:f5:b8:43:61:06:98:14:
09:5e:e6:1d:d6:3f:7a:49:25:0d:45:1d:20:a6:df:6d:5d:54:
9f:c4:97:92:c5:3e:f7:a7:f2:d7:ea:b6:f5:09:52:fd:49:db:
80:de:a4:e5:ab:52:80:71:44:6a:ca:bd:ea:9b:88:54:6c:93:
f5:fd:e5:7b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYigb6eJnTu/LAIc2QJAKRtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MWQ4MzNkMzQ3ZTZjNmNhNjllYTBhOGFiMmE4M2Y0OTI2
N2FkZTQwHhcNMjMwNjA5MTM1NDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTlkNzZjMDE0M2Y3MzlhYjM2MjcwZjA4ZDQyMTBhZDFhNDc0OTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB3AFJf6QYC80uULqN1zmqqX1ofs
spH4fiuIoEPhbBIvLy9LKbvnL/kYvJBFfuCLI4z5H9ZV6CVSc6QSDVTGORgv1R62
GygjuQ8qaAk5+IG6gHZcZRJ/fo3ZizlgZgo47hn0i/0K6lOhwZwKhO4SzQnvcWGE
wPZi4+woU4QiCYvx+rLzFS7CC4XNdf1AtDhFhqcbFnAM8lXUIGNta9S1HJtOeksl
JA2Z6YgVvJkejPOBdxWzmyWoFdmepkby+jNpfOD7CgY3/53Nvx3p0RfY15x0htn1
sH+rWoisLGvlrAwLQh0PJirbySvsKy7rPKKAj9EKRDthALgvn3H6xcNpFwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLqddsAUP3Oas2Jw8I1CEK0aR0lWMB8GA1UdIwQY
MBaAFKUdgz00fmxspp6gqKsqg/SSZ63kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFIyRFBUUi1iR3ltbnFDb3F5cUQ5SkpucmVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mZGEyMTYtZWNiYS00MmVlLWFhYjUt
NDc4MmI3YThlYTI5LzEvdXAxMndCUV9jNXF6WW5Ed2pVSVFyUnBIU1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mZGEyMTYtZWNiYS00MmVlLWFhYjUtNDc4MmI3YThlYTI5
LzEvcFIyRFBUUi1iR3ltbnFDb3F5cUQ5SkpucmVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5wigD
BAC5wiowDQYJKoZIhvcNAQELBQADggEBADtnYXonp0R2fRjVy02hhB2nth6Hj+94
JWSy4bzH+cxaj33p3k826bNPbtREdnlwHeqIGkteBGAI6vDfdgbfNumOcgOBf37I
lBdoSVOQjhKxPGCvt1tPVCPkROgeLOEk84NAcAjk72ZgU5C7LJVAGl/8WV7Yud+U
kArBPBeQj1/B4n2uG0yBLFZbnMsPWSy1lNZ5/rm54yWNemNtkHrTiOuYhdJrP+eu
EUMJN2MQ/lr1IY1zK4mZNpejcBl+UbBA9bhDYQaYFAle5h3WP3pJJQ1FHSCm321d
VJ/El5LFPven8tfqtvUJUv1J24DepOWrUoBxRGrKveqbiFRsk/X95Xs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:05 2024 by rpki-client on console-ams.rpki-client.org