Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/FtGmml3AaMw0XCbiSLr2HewF8UU.roa
File: FtGmml3AaMw0XCbiSLr2HewF8UU.roa (raw, json)
Hash identifier: /rVzmMMh9XncJhCUGPxa3UE6VtElOLnjF0hnTgCKhMs=
Subject key identifier: 16:D1:A6:9A:5D:C0:68:CC:34:5C:26:E2:48:BA:F6:1D:EC:05:F1:45
Certificate issuer: /CN=24a55bd68397566895b15ecb97fc1d65c0c879ce
Certificate serial: 01856D5401D06E05BEA8DFC92B4120C4AE2B
Authority key identifier: 24:A5:5B:D6:83:97:56:68:95:B1:5E:CB:97:FC:1D:65:C0:C8:79:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKVb1oOXVmiVsV7Ll_wdZcDIec4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/FtGmml3AaMw0XCbiSLr2HewF8UU.roa
Signing time: Sun 01 Jan 2023 12:35:00 +0000
ROA not before: Sun 01 Jan 2023 12:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31543
IP address blocks: 185.110.136.0/22 maxlen: 24
2a06:5680::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:01:d0:6e:05:be:a8:df:c9:2b:41:20:c4:ae:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24a55bd68397566895b15ecb97fc1d65c0c879ce
Validity
Not Before: Jan 1 12:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16d1a69a5dc068cc345c26e248baf61dec05f145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b0:75:d1:ff:d2:2a:d3:54:38:38:46:35:34:
b4:9e:2e:b4:3f:00:74:9f:a0:b2:ed:1e:25:2b:e4:
70:3e:db:a2:b2:1f:13:04:ba:40:8c:5b:e0:47:72:
a3:a2:68:7e:50:77:e4:a1:dc:b2:ab:6f:51:74:1a:
11:6f:af:3d:b8:c6:3d:3c:c3:b0:60:72:f3:8a:11:
32:14:d5:23:4c:84:ca:1a:4d:3f:c5:4d:a9:be:50:
97:8b:e3:5b:0e:c1:89:f5:da:db:f7:85:ef:48:03:
4a:1a:c5:b9:f8:2e:70:f6:c5:47:7e:9e:04:34:30:
d8:4f:0a:44:2e:44:4d:96:4d:f8:85:7c:a2:54:07:
38:92:71:45:2d:de:f3:7a:42:d5:5e:02:38:e7:03:
d7:01:7e:7d:40:cd:bc:1b:2a:af:e1:3c:e2:61:77:
4c:00:07:74:f4:d4:7b:f3:7f:ef:91:96:15:f6:1c:
fc:2c:e5:9e:c1:81:b7:d7:d1:cb:9a:52:f0:04:6f:
53:17:9f:8f:3f:cd:7b:4a:a6:f6:91:0c:fa:f3:47:
ce:b2:4c:c7:bf:cb:3c:e1:a6:14:9a:64:d2:2b:29:
14:13:0c:82:b8:a6:6c:ba:88:53:95:e0:14:cb:ed:
56:e9:de:76:4e:66:8e:7b:7e:1e:ec:74:fe:5f:25:
2d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D1:A6:9A:5D:C0:68:CC:34:5C:26:E2:48:BA:F6:1D:EC:05:F1:45
X509v3 Authority Key Identifier:
keyid:24:A5:5B:D6:83:97:56:68:95:B1:5E:CB:97:FC:1D:65:C0:C8:79:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKVb1oOXVmiVsV7Ll_wdZcDIec4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/FtGmml3AaMw0XCbiSLr2HewF8UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/JKVb1oOXVmiVsV7Ll_wdZcDIec4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.136.0/22
IPv6:
2a06:5680::/29
Signature Algorithm: sha256WithRSAEncryption
4a:0c:34:6f:ff:65:96:fd:f2:c2:7f:03:80:91:03:e1:5d:9e:
28:33:20:36:f5:a2:a9:86:d2:85:84:9e:9f:0f:9c:53:60:e1:
9e:78:36:ad:28:fc:56:ff:4e:a2:94:e2:8d:ee:13:b7:a5:31:
b7:75:0a:14:ce:ce:b2:19:25:9e:ef:03:bc:05:5a:ae:e2:fc:
9e:6c:e8:e6:57:d4:aa:0d:41:9d:16:de:5b:c5:fd:e9:8c:87:
e2:e0:1d:49:83:d8:bf:fd:5a:f1:18:88:dd:a1:2d:e1:ad:91:
7f:63:cc:61:36:56:6b:0b:e6:a4:fc:5a:1a:95:1b:00:a2:7c:
4b:18:ba:0a:92:00:f9:76:8a:25:c7:da:66:3a:50:1c:c3:c9:
12:cf:34:c3:fa:dc:8c:9c:2c:2d:9d:24:26:23:ab:85:30:ca:
bd:47:78:c3:76:1e:05:2b:0b:05:d2:df:75:64:23:9f:ad:68:
8d:9c:a5:49:b5:42:d4:1d:25:06:04:50:0d:25:c7:a3:b3:f9:
8a:44:93:0d:13:cc:9e:04:3d:06:7d:11:44:d9:cc:b2:f1:6c:
d5:60:8b:11:25:96:ef:d8:27:31:e6:bf:a7:25:32:3f:e1:30:
f7:0b:b4:a1:70:89:e9:6a:f8:a1:d6:8a:e6:73:30:31:83:cd:
ee:e5:89:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtVAHQbgW+qN/JK0EgxK4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YTU1YmQ2ODM5NzU2Njg5NWIxNWVjYjk3ZmMxZDY1YzBj
ODc5Y2UwHhcNMjMwMTAxMTIzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQxYTY5YTVkYzA2OGNjMzQ1YzI2ZTI0OGJhZjYxZGVjMDVmMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLB10f/SKtNUODhGNTS0ni60PwB0
n6Cy7R4lK+RwPtuish8TBLpAjFvgR3Kjomh+UHfkodyyq29RdBoRb689uMY9PMOw
YHLzihEyFNUjTITKGk0/xU2pvlCXi+NbDsGJ9drb94XvSANKGsW5+C5w9sVHfp4E
NDDYTwpELkRNlk34hXyiVAc4knFFLd7zekLVXgI45wPXAX59QM28Gyqv4TziYXdM
AAd09NR783/vkZYV9hz8LOWewYG319HLmlLwBG9TF5+PP817Sqb2kQz680fOskzH
v8s84aYUmmTSKykUEwyCuKZsuohTleAUy+1W6d52TmaOe34e7HT+XyUtQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBbRpppdwGjMNFwm4ki69h3sBfFFMB8GA1UdIwQY
MBaAFCSlW9aDl1ZolbFey5f8HWXAyHnOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktWYjFvT1hWbWlWc1Y3TGxfd2RaY0RJZWM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wZGU4OTktMjJlMS00NjNjLWE0ZGQt
YzM0ZTkwZDdmOGVhLzEvRnRHbW1sM0FhTXcwWENiaVNMcjJIZXdGOFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wZGU4OTktMjJlMS00NjNjLWE0ZGQtYzM0ZTkwZDdmOGVh
LzEvSktWYjFvT1hWbWlWc1Y3TGxfd2RaY0RJZWM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW6IMA0E
AgACMAcDBQMqBlaAMA0GCSqGSIb3DQEBCwUAA4IBAQBKDDRv/2WW/fLCfwOAkQPh
XZ4oMyA29aKphtKFhJ6fD5xTYOGeeDatKPxW/06ilOKN7hO3pTG3dQoUzs6yGSWe
7wO8BVqu4vyebOjmV9SqDUGdFt5bxf3pjIfi4B1Jg9i//VrxGIjdoS3hrZF/Y8xh
NlZrC+ak/FoalRsAonxLGLoKkgD5doolx9pmOlAcw8kSzzTD+tyMnCwtnSQmI6uF
MMq9R3jDdh4FKwsF0t91ZCOfrWiNnKVJtULUHSUGBFANJcejs/mKRJMNE8yeBD0G
fRFE2cyy8WzVYIsRJZbv2Ccx5r+nJTI/4TD3C7ShcInpavih1ormczAxg83u5Ynq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:38 2024 by rpki-client on console-fra.rpki-client.org