Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/1-lrbbdE_-mh78RpmbTZyJqSpJjU.roa
File: 1-lrbbdE_-mh78RpmbTZyJqSpJjU.roa (raw, json)
Hash identifier: cPy7y4wMIvP16KTPuKO1juxKa3wjHuERvDLh2e5BuLo=
Subject key identifier: FA:5A:DB:6D:D1:3F:FA:68:7B:F1:1A:66:6D:36:72:26:A4:A9:26:35
Certificate issuer: /CN=7171d8b4cf6773b59f0732e0e9e8d25a9b773fae
Certificate serial: 01856D38730D5235CBCEFEEF39798260FA27
Authority key identifier: 71:71:D8:B4:CF:67:73:B5:9F:07:32:E0:E9:E8:D2:5A:9B:77:3F:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/1-lrbbdE_-mh78RpmbTZyJqSpJjU.roa
Signing time: Sun 01 Jan 2023 12:04:53 +0000
ROA not before: Sun 01 Jan 2023 12:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42567
IP address blocks: 185.7.96.0/22 maxlen: 22
217.22.16.0/21 maxlen: 21
217.22.24.0/22 maxlen: 22
185.94.236.0/22 maxlen: 22
2a05:22c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 07 Apr 2023 20:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:73:0d:52:35:cb:ce:fe:ef:39:79:82:60:fa:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7171d8b4cf6773b59f0732e0e9e8d25a9b773fae
Validity
Not Before: Jan 1 12:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa5adb6dd13ffa687bf11a666d367226a4a92635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:61:41:06:c1:74:e6:bf:42:39:0d:54:1e:99:
57:40:55:83:50:8e:95:d4:ad:27:0b:f5:d5:0d:f1:
93:e5:46:db:22:b2:12:45:ff:22:6c:4b:fb:38:f1:
e7:95:08:53:c8:df:8d:a5:68:a4:0b:36:5a:f3:ba:
88:16:53:83:09:66:ef:a0:77:3e:6a:a4:1c:31:35:
d9:03:f4:5d:01:75:e6:26:ec:25:4d:e9:8a:1c:97:
e6:33:04:16:12:65:89:2b:e5:8b:ec:21:c8:86:4e:
85:67:76:08:63:d6:cd:cd:3a:f4:d9:5f:0d:2d:49:
5b:16:97:11:27:b5:6c:01:aa:ed:47:f8:89:9e:b3:
d1:cd:db:11:5b:70:d2:70:04:e1:9e:36:3c:3a:b1:
47:3b:6d:9d:9e:f1:a1:94:35:88:99:55:8a:d4:f0:
b7:45:3f:b1:8f:f2:15:79:36:26:e7:f4:f7:27:80:
94:82:7a:ad:1d:56:23:c9:48:50:4c:55:ff:31:aa:
29:91:cb:32:86:87:6d:56:ad:0d:a9:ef:91:bc:26:
e7:ab:e4:02:d7:38:6e:5e:be:d4:ae:0c:91:cf:f6:
4b:e5:e6:0f:a0:28:00:d7:77:84:dd:01:51:57:56:
98:25:75:01:fd:86:6f:69:9d:4d:fa:b6:46:2d:95:
49:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5A:DB:6D:D1:3F:FA:68:7B:F1:1A:66:6D:36:72:26:A4:A9:26:35
X509v3 Authority Key Identifier:
keyid:71:71:D8:B4:CF:67:73:B5:9F:07:32:E0:E9:E8:D2:5A:9B:77:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/1-lrbbdE_-mh78RpmbTZyJqSpJjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/cXHYtM9nc7WfBzLg6ejSWpt3P64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.96.0/22
185.94.236.0/22
217.22.16.0-217.22.27.255
IPv6:
2a05:22c0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:06:8f:c7:e4:d7:34:ef:ab:72:1e:2d:b2:35:d2:87:d6:31:
5e:17:99:15:cd:f7:f2:e3:2a:57:a8:1f:47:ef:ab:c6:27:57:
f6:e2:ee:35:6e:1c:2e:75:64:e0:08:3c:32:e4:7c:f9:11:0e:
15:8a:d1:57:38:c2:77:ab:dd:dd:5d:02:a7:6a:a7:c0:78:7b:
98:11:50:ea:4f:da:6e:49:58:b1:ee:11:5c:d5:27:c7:65:17:
1a:55:11:8e:8b:2f:0a:ab:d0:ff:cd:92:8d:4e:a3:89:21:c3:
32:12:3b:80:96:30:dc:f4:6e:27:84:ee:cb:c3:5a:f8:5d:da:
81:d2:41:2f:eb:7f:49:e4:9d:cc:69:fd:21:78:cf:09:14:66:
dd:be:0d:c9:ad:54:60:b3:33:cc:67:84:4b:e5:ec:cf:51:1b:
1d:04:78:7b:87:08:4e:b6:3f:5d:7c:95:b3:c6:9f:36:df:6a:
11:7d:fd:98:10:11:29:f2:9f:e7:39:44:0f:4d:39:a3:d9:30:
79:06:4f:dd:e9:d5:89:fe:fe:d1:48:64:47:29:0d:a0:54:22:
13:3b:a9:dd:2b:0a:5f:6e:a0:26:7f:b7:fa:ff:83:90:1a:dc:
b2:20:83:33:91:af:a3:12:cd:af:90:c9:e0:f1:9c:c8:07:21:
09:27:cc:9d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVtOHMNUjXLzv7vOXmCYPonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNzFkOGI0Y2Y2NzczYjU5ZjA3MzJlMGU5ZThkMjVhOWI3
NzNmYWUwHhcNMjMwMTAxMTIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVhZGI2ZGQxM2ZmYTY4N2JmMTFhNjY2ZDM2NzIyNmE0YTkyNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2FBBsF05r9COQ1UHplXQFWDUI6V
1K0nC/XVDfGT5UbbIrISRf8ibEv7OPHnlQhTyN+NpWikCzZa87qIFlODCWbvoHc+
aqQcMTXZA/RdAXXmJuwlTemKHJfmMwQWEmWJK+WL7CHIhk6FZ3YIY9bNzTr02V8N
LUlbFpcRJ7VsAartR/iJnrPRzdsRW3DScAThnjY8OrFHO22dnvGhlDWImVWK1PC3
RT+xj/IVeTYm5/T3J4CUgnqtHVYjyUhQTFX/MaopkcsyhodtVq0Nqe+RvCbnq+QC
1zhuXr7UrgyRz/ZL5eYPoCgA13eE3QFRV1aYJXUB/YZvaZ1N+rZGLZVJgwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPpa223RP/poe/EaZm02ciakqSY1MB8GA1UdIwQY
MBaAFHFx2LTPZ3O1nwcy4Ono0lqbdz+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1hIWXRNOW5jN1dmQnpMZzZlalNXcHQzUDY0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85Nzc4YjYtZGMyYi00NTg2LTkxZGUt
NTNhMDczNjhiOWVhLzEvMS1scmJiZEVfLW1oNzhScG1iVFp5SnFTcEpqVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGMvOTc3OGI2LWRjMmItNDU4Ni05MWRlLTUzYTA3MzY4Yjll
YS8xL2NYSFl0TTluYzdXZkJ6TGc2ZWpTV3B0M1A2NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEArkHYAME
Arle7DAMAwQE2RYQAwQC2RYYMA0EAgACMAcDBQMqBSLAMA0GCSqGSIb3DQEBCwUA
A4IBAQDABo/H5Nc076tyHi2yNdKH1jFeF5kVzffy4ypXqB9H76vGJ1f24u41bhwu
dWTgCDwy5Hz5EQ4VitFXOMJ3q93dXQKnaqfAeHuYEVDqT9puSVix7hFc1SfHZRca
VRGOiy8Kq9D/zZKNTqOJIcMyEjuAljDc9G4nhO7Lw1r4XdqB0kEv639J5J3Maf0h
eM8JFGbdvg3JrVRgszPMZ4RL5ezPURsdBHh7hwhOtj9dfJWzxp8232oRff2YEBEp
8p/nOUQPTTmj2TB5Bk/d6dWJ/v7RSGRHKQ2gVCITO6ndKwpfbqAmf7f6/4OQGtyy
IIMzka+jEs2vkMng8ZzIByEJJ8yd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:20 2024 by rpki-client on console-fra.rpki-client.org