Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/S81zsK14m6Q2eXcM3qNTU5z8vbA.roa
File: S81zsK14m6Q2eXcM3qNTU5z8vbA.roa (raw, json)
Hash identifier: 1N5CCbHpUWNWgas8m5SzJGoWMFSNrvIqeeutvlg/7LI=
Subject key identifier: 4B:CD:73:B0:AD:78:9B:A4:36:79:77:0C:DE:A3:53:53:9C:FC:BD:B0
Certificate issuer: /CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Certificate serial: 0192BF6CE200C175982341A80DF55214A40A
Authority key identifier: 34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/S81zsK14m6Q2eXcM3qNTU5z8vbA.roa
Signing time: Thu 24 Oct 2024 16:47:16 +0000
ROA not before: Thu 24 Oct 2024 16:47:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204877
IP address blocks: 185.141.120.0/22 maxlen: 24
2a0d:ff00::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 25 Oct 2024 16:28:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:6c:e2:00:c1:75:98:23:41:a8:0d:f5:52:14:a4:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Validity
Not Before: Oct 24 16:47:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bcd73b0ad789ba43679770cdea353539cfcbdb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d1:3f:fa:32:8e:49:68:4d:1a:a3:77:51:cb:
91:aa:ad:58:d2:b0:ea:bd:e7:d8:b4:54:42:85:b3:
a2:54:25:1c:38:0c:52:c5:7c:12:27:0c:bc:1a:19:
06:4d:dd:23:23:9a:c5:fa:33:cc:6d:4a:e7:04:d7:
8e:8c:ce:3a:8d:6e:f2:ec:0a:67:e6:c1:88:db:b6:
25:47:3e:99:5c:59:60:c9:6b:77:55:77:67:c3:c1:
68:a9:8e:96:ba:b0:e9:cc:af:30:9b:58:04:74:12:
6b:5e:3a:7c:32:a1:93:c2:f0:30:92:69:69:96:26:
f0:22:1a:57:21:35:5e:d3:8d:e5:e2:eb:8c:36:60:
03:60:eb:6a:d0:54:0b:1f:74:ac:c0:9b:65:4a:43:
ea:78:9d:e6:aa:a9:03:96:05:f8:4a:46:3b:79:71:
87:1b:ab:c3:83:d0:48:99:61:e6:88:fc:d6:7c:21:
24:f7:e7:ff:c6:33:b5:fe:8b:61:8b:f4:9c:80:e1:
8d:ca:0c:df:cb:c9:b1:eb:61:f6:d4:bb:31:c4:b6:
52:4c:9c:dc:4a:7b:16:c3:3e:3c:6a:51:9a:aa:cd:
b2:d5:52:fc:f5:9a:5a:37:79:57:b3:ff:76:34:b6:
85:97:2d:d5:d4:30:00:1c:06:81:fd:c8:5c:6c:c6:
24:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CD:73:B0:AD:78:9B:A4:36:79:77:0C:DE:A3:53:53:9C:FC:BD:B0
X509v3 Authority Key Identifier:
keyid:34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/S81zsK14m6Q2eXcM3qNTU5z8vbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/NLqcIjJB64DivHGFO7fS5YKGvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.120.0/22
IPv6:
2a0d:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
50:42:da:77:f6:81:e8:92:66:d4:42:2b:46:e8:56:32:cb:16:
63:59:ca:33:4b:b1:9e:7e:c6:53:f5:69:d1:cb:8f:7d:ad:0e:
ca:c9:17:42:f4:b4:52:fd:c9:08:af:3d:69:9b:29:3b:22:da:
e4:cf:20:a7:d3:2d:e8:6c:e0:89:65:31:41:bf:db:43:f1:51:
5f:b1:a3:32:ae:5c:cd:34:ac:4c:ed:28:2f:bd:38:bb:9a:fd:
4e:6d:57:42:be:73:38:bd:e6:b0:54:68:1d:ca:90:2a:ba:14:
96:a2:4d:97:a8:b0:7d:e8:28:83:73:ad:3f:e0:f8:67:2b:ec:
19:9f:41:a3:1a:38:c2:bd:8b:b8:f6:ae:0d:b7:1b:d2:e1:37:
cd:d7:65:54:5e:e3:7c:bf:12:97:9a:0f:a7:30:35:74:31:a2:
29:67:d8:9e:59:a8:01:e6:91:ad:fd:d9:20:ab:dc:fa:df:d0:
da:c5:24:f4:fd:df:e3:1b:25:c6:1f:63:74:75:15:cc:e0:d4:
8c:3c:80:61:95:a8:ea:02:87:15:5f:40:f6:12:2b:db:7f:b2:
df:70:79:99:62:3b:b2:05:ec:3e:13:ef:9b:85:99:83:fc:c8:
30:3b:24:db:71:ba:22:0a:e3:65:46:a5:71:f2:cf:77:98:45:
88:7e:2b:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZK/bOIAwXWYI0GoDfVSFKQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmE5YzIyMzI0MWViODBlMmJjNzE4NTNiYjdkMmU1ODI4
NmJkZDMwHhcNMjQxMDI0MTY0NzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNkNzNiMGFkNzg5YmE0MzY3OTc3MGNkZWEzNTM1MzljZmNiZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldE/+jKOSWhNGqN3UcuRqq1Y0rDq
vefYtFRChbOiVCUcOAxSxXwSJwy8GhkGTd0jI5rF+jPMbUrnBNeOjM46jW7y7Apn
5sGI27YlRz6ZXFlgyWt3VXdnw8FoqY6WurDpzK8wm1gEdBJrXjp8MqGTwvAwkmlp
libwIhpXITVe043l4uuMNmADYOtq0FQLH3SswJtlSkPqeJ3mqqkDlgX4SkY7eXGH
G6vDg9BImWHmiPzWfCEk9+f/xjO1/othi/ScgOGNygzfy8mx62H21LsxxLZSTJzc
SnsWwz48alGaqs2y1VL89ZpaN3lXs/92NLaFly3V1DAAHAaB/chcbMYkYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEvNc7CteJukNnl3DN6jU1Oc/L2wMB8GA1UdIwQY
MBaAFDS6nCIyQeuA4rxxhTu30uWChr3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzIt
MTNlZTRjOGQzMDgyLzEvUzgxenNLMTRtNlEyZVhjTTNxTlRVNXo4dmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzItMTNlZTRjOGQzMDgy
LzEvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY14MA0E
AgACMAcDBQMqDf8AMA0GCSqGSIb3DQEBCwUAA4IBAQBQQtp39oHokmbUQitG6FYy
yxZjWcozS7GefsZT9WnRy499rQ7KyRdC9LRS/ckIrz1pmyk7ItrkzyCn0y3obOCJ
ZTFBv9tD8VFfsaMyrlzNNKxM7SgvvTi7mv1ObVdCvnM4veawVGgdypAquhSWok2X
qLB96CiDc60/4PhnK+wZn0GjGjjCvYu49q4NtxvS4TfN12VUXuN8vxKXmg+nMDV0
MaIpZ9ieWagB5pGt/dkgq9z639DaxST0/d/jGyXGH2N0dRXM4NSMPIBhlajqAocV
X0D2Eivbf7LfcHmZYjuyBew+E++bhZmD/MgwOyTbcboiCuNlRqVx8s93mEWIfit8
-----END CERTIFICATE-----
Generated at Fri Oct 25 20:38:12 2024 by rpki-client on console-ams.rpki-client.org