Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/9G7t2OsFt9V4ZNVabngSDo6wKRg.roa
File: 9G7t2OsFt9V4ZNVabngSDo6wKRg.roa (raw, json)
Hash identifier: 64BgBzn0xEBnVo6Ol7G9rOkvUD+LgEzBtOgSphxefww=
Subject key identifier: F4:6E:ED:D8:EB:05:B7:D5:78:64:D5:5A:6E:78:12:0E:8E:B0:29:18
Certificate issuer: /CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Certificate serial: 01857015127CE78C5A460B8ACADA495FD88C
Authority key identifier: 34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/9G7t2OsFt9V4ZNVabngSDo6wKRg.roa
Signing time: Mon 02 Jan 2023 01:25:07 +0000
ROA not before: Mon 02 Jan 2023 01:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204877
IP address blocks: 185.141.120.0/22 maxlen: 24
2a0d:ff00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:12:7c:e7:8c:5a:46:0b:8a:ca:da:49:5f:d8:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Validity
Not Before: Jan 2 01:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f46eedd8eb05b7d57864d55a6e78120e8eb02918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9e:21:31:c1:eb:01:67:23:67:29:bb:25:5f:
53:05:a2:4b:ec:f8:f4:46:7a:2d:9d:0d:86:a6:40:
7b:40:1c:7b:cc:6e:ce:e8:f9:2b:3f:19:68:55:3b:
e1:ac:17:68:12:a9:8e:4d:4a:be:6b:5c:9b:89:c8:
74:61:7e:21:0c:98:57:0c:62:dd:d6:bb:e6:2c:f5:
69:99:cd:4b:ea:f2:39:4d:1e:81:15:47:7c:17:7e:
51:4c:b3:a0:9e:c8:a3:6e:d5:11:35:8c:0e:03:0f:
7c:04:2b:f5:ba:f4:c9:f2:d9:08:eb:09:e2:c7:0a:
79:7d:d2:d6:01:8f:79:c5:11:bf:01:bb:15:4f:84:
42:d6:07:b8:ee:4a:19:c6:c4:c9:86:a2:4b:42:0c:
56:36:da:d4:1e:61:0a:6a:cb:92:cf:fb:fe:48:61:
9d:61:4f:5f:06:0f:16:1b:e0:be:aa:b0:35:36:2a:
38:5d:38:69:ab:4b:7e:c5:6e:8b:4d:6e:5d:e3:cc:
92:38:27:ff:1b:92:f6:88:9d:d5:df:dd:2d:8a:18:
a1:77:36:d4:80:15:2a:f1:81:7d:3c:31:c8:10:2b:
ed:d6:8c:91:14:6f:ff:cf:10:8f:eb:07:cc:3d:de:
ce:fe:41:48:7a:30:57:0e:05:19:a8:e0:c0:59:4b:
6d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6E:ED:D8:EB:05:B7:D5:78:64:D5:5A:6E:78:12:0E:8E:B0:29:18
X509v3 Authority Key Identifier:
keyid:34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/9G7t2OsFt9V4ZNVabngSDo6wKRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/NLqcIjJB64DivHGFO7fS5YKGvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.120.0/22
IPv6:
2a0d:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
21:ba:4b:90:63:50:0b:d9:f5:ff:a0:9b:35:20:e7:9e:3c:a4:
fa:24:48:4f:1c:f8:81:9d:d0:14:40:07:c9:56:f4:5e:06:91:
01:b9:28:30:8b:93:15:b7:cf:dd:b5:15:c7:85:af:d7:04:38:
bb:a3:4e:32:80:e2:1c:2a:ee:8a:b3:13:d7:ba:ae:38:cd:26:
65:ac:a9:be:0c:43:45:d2:a1:2a:e2:00:c4:c8:86:8e:38:34:
c5:e6:4c:ea:e5:20:fe:f2:a8:fe:16:db:f6:46:02:87:d4:dd:
fc:fc:0b:af:5e:20:2a:19:cf:54:e4:8b:5a:cf:be:a8:2f:c9:
44:88:de:4d:be:f3:cb:6c:f0:36:29:2a:9a:dc:ba:79:f3:76:
5e:a8:97:3d:6a:0e:1d:05:de:6f:c2:55:af:d5:6e:40:01:2b:
df:d3:89:17:35:7a:9d:ca:ac:b7:76:8b:6a:1a:dd:21:1e:de:
15:21:8c:3f:c2:ef:65:e2:ae:85:30:6b:80:b7:ab:3b:34:e7:
49:c1:9f:61:b6:08:eb:e0:f4:98:22:2c:bd:b2:d0:c0:4e:97:
67:c9:0f:5b:27:4a:71:63:1d:24:5e:7b:02:2a:86:81:d0:47:
01:99:64:0c:60:45:bd:c8:0b:35:98:03:77:a2:1b:73:53:42:
a2:70:d1:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFRJ854xaRguKytpJX9iMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmE5YzIyMzI0MWViODBlMmJjNzE4NTNiYjdkMmU1ODI4
NmJkZDMwHhcNMjMwMTAyMDEyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZlZWRkOGViMDViN2Q1Nzg2NGQ1NWE2ZTc4MTIwZThlYjAyOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ4hMcHrAWcjZym7JV9TBaJL7Pj0
RnotnQ2GpkB7QBx7zG7O6PkrPxloVTvhrBdoEqmOTUq+a1ybich0YX4hDJhXDGLd
1rvmLPVpmc1L6vI5TR6BFUd8F35RTLOgnsijbtURNYwOAw98BCv1uvTJ8tkI6wni
xwp5fdLWAY95xRG/AbsVT4RC1ge47koZxsTJhqJLQgxWNtrUHmEKasuSz/v+SGGd
YU9fBg8WG+C+qrA1Nio4XThpq0t+xW6LTW5d48ySOCf/G5L2iJ3V390tihihdzbU
gBUq8YF9PDHIECvt1oyRFG//zxCP6wfMPd7O/kFIejBXDgUZqODAWUttqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPRu7djrBbfVeGTVWm54Eg6OsCkYMB8GA1UdIwQY
MBaAFDS6nCIyQeuA4rxxhTu30uWChr3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzIt
MTNlZTRjOGQzMDgyLzEvOUc3dDJPc0Z0OVY0Wk5WYWJuZ1NEbzZ3S1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzItMTNlZTRjOGQzMDgy
LzEvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY14MA0E
AgACMAcDBQMqDf8AMA0GCSqGSIb3DQEBCwUAA4IBAQAhukuQY1AL2fX/oJs1IOee
PKT6JEhPHPiBndAUQAfJVvReBpEBuSgwi5MVt8/dtRXHha/XBDi7o04ygOIcKu6K
sxPXuq44zSZlrKm+DENF0qEq4gDEyIaOODTF5kzq5SD+8qj+Ftv2RgKH1N38/Auv
XiAqGc9U5Itaz76oL8lEiN5NvvPLbPA2KSqa3Lp583ZeqJc9ag4dBd5vwlWv1W5A
ASvf04kXNXqdyqy3dotqGt0hHt4VIYw/wu9l4q6FMGuAt6s7NOdJwZ9htgjr4PSY
Iiy9stDATpdnyQ9bJ0pxYx0kXnsCKoaB0EcBmWQMYEW9yAs1mAN3ohtzU0KicNGG
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:47 2024 by rpki-client on console-fra.rpki-client.org