Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/69f3f3-0faa-465f-aa7a-d71ca19f989e/1/SYxUeAMqtYQZhPbotXvQBogk05o.roa
File: SYxUeAMqtYQZhPbotXvQBogk05o.roa (raw, json)
Hash identifier: qCEa37P7nHyw021QUOlCiTt9h2eQALkgfvQOjJoBCSo=
Subject key identifier: 49:8C:54:78:03:2A:B5:84:19:84:F6:E8:B5:7B:D0:06:88:24:D3:9A
Certificate issuer: /CN=75b982eaba4408cd941899f5ceec1da6a67c5c49
Certificate serial: 018572FA6E81658AAEBE4B00BC170D91CC18
Authority key identifier: 75:B9:82:EA:BA:44:08:CD:94:18:99:F5:CE:EC:1D:A6:A6:7C:5C:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dbmC6rpECM2UGJn1zuwdpqZ8XEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/69f3f3-0faa-465f-aa7a-d71ca19f989e/1/SYxUeAMqtYQZhPbotXvQBogk05o.roa
Signing time: Mon 02 Jan 2023 14:54:52 +0000
ROA not before: Mon 02 Jan 2023 14:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203111
IP address blocks: 185.144.104.0/22 maxlen: 22
2a07:3e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:6e:81:65:8a:ae:be:4b:00:bc:17:0d:91:cc:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75b982eaba4408cd941899f5ceec1da6a67c5c49
Validity
Not Before: Jan 2 14:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=498c5478032ab5841984f6e8b57bd0068824d39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fa:e3:f0:0f:cc:93:08:c6:31:29:61:2e:97:
0f:9d:48:21:d8:1d:7a:f2:0b:3f:c2:3b:66:ff:ed:
17:97:9a:33:4d:c4:50:fa:65:ee:8f:42:fe:97:67:
4c:8c:5f:c5:14:4c:d2:e9:d0:f6:5e:68:44:f9:da:
a5:48:d5:e6:2a:f0:52:e9:39:fb:9a:76:1a:9c:7f:
07:2a:6a:97:1d:b4:01:d6:ea:1a:b0:60:c8:8c:98:
d7:d4:05:69:f0:2b:b7:95:65:4b:13:d9:a8:22:e4:
fa:14:95:e7:fb:4a:e5:3e:cd:6c:ea:a8:a8:99:95:
e8:b9:b9:62:df:30:8d:a4:47:8a:cc:dd:f6:8d:39:
95:fe:18:33:07:51:33:0b:e0:e5:0c:df:33:aa:66:
28:c8:8e:e5:40:ca:95:84:55:7b:b5:4e:38:0f:7c:
ec:ad:bb:02:98:b8:19:31:52:da:57:c9:01:d0:af:
b7:aa:ba:20:5d:da:d0:7e:7a:5e:c3:9b:f0:26:91:
d7:e5:88:19:19:44:26:1d:37:4f:9c:3f:ab:71:50:
6d:9a:72:fd:9e:43:ee:75:a0:d8:f9:88:a0:dd:08:
9c:ed:36:28:3e:69:34:49:8d:ad:99:5e:63:8c:e7:
f1:72:59:fe:d7:4e:58:27:57:d6:8a:95:50:84:88:
b0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:8C:54:78:03:2A:B5:84:19:84:F6:E8:B5:7B:D0:06:88:24:D3:9A
X509v3 Authority Key Identifier:
keyid:75:B9:82:EA:BA:44:08:CD:94:18:99:F5:CE:EC:1D:A6:A6:7C:5C:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbmC6rpECM2UGJn1zuwdpqZ8XEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/69f3f3-0faa-465f-aa7a-d71ca19f989e/1/SYxUeAMqtYQZhPbotXvQBogk05o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/69f3f3-0faa-465f-aa7a-d71ca19f989e/1/dbmC6rpECM2UGJn1zuwdpqZ8XEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.104.0/22
IPv6:
2a07:3e80::/29
Signature Algorithm: sha256WithRSAEncryption
0b:36:d7:cb:72:70:b6:21:20:09:3c:62:27:b3:25:af:5f:27:
e2:64:15:be:04:44:88:ed:9f:4d:5a:a8:72:93:aa:72:91:4c:
31:8c:15:af:52:2c:f1:84:70:31:01:2a:41:05:93:15:b7:1a:
5d:c3:96:61:19:70:88:31:a8:68:a8:61:cb:e0:00:af:ed:07:
27:89:91:bf:ce:29:b6:5c:20:5e:31:88:19:c0:85:92:df:4c:
98:a6:45:43:38:7f:4d:1c:a4:48:3d:e5:86:66:da:6c:96:00:
3b:f4:e8:1a:21:b7:61:87:39:36:d1:9c:bd:e3:d4:a4:5e:0a:
34:2a:18:62:72:30:c8:f0:7c:e0:c4:61:13:49:a9:2f:59:25:
a0:fb:a0:6c:fd:0b:35:29:e1:7a:b9:36:3f:02:aa:af:b7:d7:
59:5f:23:91:12:32:1c:b2:a6:b6:67:07:4f:b8:5d:4d:dc:f7:
49:d9:a6:21:78:07:7d:02:60:8b:f7:1e:af:2c:ad:0e:1c:b0:
db:96:8d:09:e9:1d:fe:66:bc:d8:1f:64:58:9d:78:1a:2f:02:
13:45:eb:65:31:13:ea:2f:61:79:b0:49:16:78:13:17:9d:a9:
23:49:37:ce:a5:85:5d:6a:94:4d:d0:c1:05:ca:50:41:05:b8:
ff:43:a9:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy+m6BZYquvksAvBcNkcwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Yjk4MmVhYmE0NDA4Y2Q5NDE4OTlmNWNlZWMxZGE2YTY3
YzVjNDkwHhcNMjMwMTAyMTQ1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OThjNTQ3ODAzMmFiNTg0MTk4NGY2ZThiNTdiZDAwNjg4MjRkMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivrj8A/MkwjGMSlhLpcPnUgh2B16
8gs/wjtm/+0Xl5ozTcRQ+mXuj0L+l2dMjF/FFEzS6dD2XmhE+dqlSNXmKvBS6Tn7
mnYanH8HKmqXHbQB1uoasGDIjJjX1AVp8Cu3lWVLE9moIuT6FJXn+0rlPs1s6qio
mZXoubli3zCNpEeKzN32jTmV/hgzB1EzC+DlDN8zqmYoyI7lQMqVhFV7tU44D3zs
rbsCmLgZMVLaV8kB0K+3qrogXdrQfnpew5vwJpHX5YgZGUQmHTdPnD+rcVBtmnL9
nkPudaDY+Yig3Qic7TYoPmk0SY2tmV5jjOfxcln+105YJ1fWipVQhIiw7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEmMVHgDKrWEGYT26LV70AaIJNOaMB8GA1UdIwQY
MBaAFHW5guq6RAjNlBiZ9c7sHaamfFxJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJtQzZycEVDTTJVR0puMXp1d2RwcVo4WEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82OWYzZjMtMGZhYS00NjVmLWFhN2Et
ZDcxY2ExOWY5ODllLzEvU1l4VWVBTXF0WVFaaFBib3RYdlFCb2drMDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82OWYzZjMtMGZhYS00NjVmLWFhN2EtZDcxY2ExOWY5ODll
LzEvZGJtQzZycEVDTTJVR0puMXp1d2RwcVo4WEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZBoMA0E
AgACMAcDBQMqBz6AMA0GCSqGSIb3DQEBCwUAA4IBAQALNtfLcnC2ISAJPGInsyWv
XyfiZBW+BESI7Z9NWqhyk6pykUwxjBWvUizxhHAxASpBBZMVtxpdw5ZhGXCIMaho
qGHL4ACv7QcniZG/zim2XCBeMYgZwIWS30yYpkVDOH9NHKRIPeWGZtpslgA79Oga
Ibdhhzk20Zy949SkXgo0KhhicjDI8HzgxGETSakvWSWg+6Bs/Qs1KeF6uTY/Aqqv
t9dZXyOREjIcsqa2ZwdPuF1N3PdJ2aYheAd9AmCL9x6vLK0OHLDblo0J6R3+ZrzY
H2RYnXgaLwITRetlMRPqL2F5sEkWeBMXnakjSTfOpYVdapRN0MEFylBBBbj/Q6kD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:58 2024 by rpki-client on console-ams.rpki-client.org