Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/O8eLhqlKRmRcUm6Jxu4ZzcpjIYM.roa
File: O8eLhqlKRmRcUm6Jxu4ZzcpjIYM.roa (raw, json)
Hash identifier: CqUPFJHLSTJMJ94ACi5Ovzf7Ft6uSZY18gtrHeFvdMA=
Subject key identifier: 3B:C7:8B:86:A9:4A:46:64:5C:52:6E:89:C6:EE:19:CD:CA:63:21:83
Certificate issuer: /CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Certificate serial: 018A6EB388BF25CAAF29E4D8E54FCF8DF2B8
Authority key identifier: 1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/O8eLhqlKRmRcUm6Jxu4ZzcpjIYM.roa
Signing time: Thu 07 Sep 2023 08:12:54 +0000
ROA not before: Thu 07 Sep 2023 08:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203450
IP address blocks: 185.134.160.0/22 maxlen: 22
2a06:ed40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6e:b3:88:bf:25:ca:af:29:e4:d8:e5:4f:cf:8d:f2:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Validity
Not Before: Sep 7 08:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bc78b86a94a46645c526e89c6ee19cdca632183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3b:14:c1:78:ae:8e:14:dc:7b:07:14:1f:68:
79:c1:61:a4:5f:ae:78:25:20:f8:a3:87:fd:53:0e:
f9:d7:cc:e1:a6:e8:33:61:c7:8e:22:63:06:82:69:
7f:07:23:bd:9b:dd:05:de:fc:98:5d:26:fa:ac:69:
a8:8a:a5:fe:9a:24:6e:f9:8d:43:9a:29:2c:cd:35:
99:c4:a2:06:6e:1c:40:b4:3e:1c:92:24:00:86:b6:
95:e8:3d:da:7c:1b:9d:78:a5:e4:5a:37:ab:ef:87:
19:d4:f1:fe:34:fc:d8:fe:26:d7:08:cd:51:81:d4:
3c:d5:c4:7d:d6:34:07:c1:57:72:39:63:d0:5a:5a:
2e:40:e8:3c:64:b7:10:c0:5d:16:05:91:3c:ed:05:
8d:63:42:c6:98:e3:84:90:dd:d6:7e:2d:58:53:8e:
24:cb:a0:46:80:cc:1d:17:87:2c:c4:be:c8:c5:2c:
c7:7b:c7:2b:92:74:f9:e6:67:ec:87:fb:9c:05:21:
22:fe:6e:15:a3:e2:87:4c:b1:6f:da:a1:91:b2:78:
b0:e7:4c:35:ec:bd:55:98:15:57:3e:36:04:48:7a:
88:95:07:71:a0:0d:ce:7c:7b:23:fe:3b:88:7b:12:
e0:f5:8b:3f:6d:5a:7a:8f:cd:da:ba:d5:29:e5:6b:
a8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C7:8B:86:A9:4A:46:64:5C:52:6E:89:C6:EE:19:CD:CA:63:21:83
X509v3 Authority Key Identifier:
keyid:1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/O8eLhqlKRmRcUm6Jxu4ZzcpjIYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.160.0/22
IPv6:
2a06:ed40::/29
Signature Algorithm: sha256WithRSAEncryption
16:76:ba:b0:82:9e:6f:91:06:64:61:49:cf:10:cd:ab:df:12:
96:62:ec:f6:3e:89:2c:b4:c0:d5:c6:69:72:9e:aa:18:68:7e:
7b:ae:3b:ce:89:da:bf:e1:dc:99:27:8f:3b:1d:85:3b:d7:89:
25:6e:c9:35:39:67:6a:b1:26:5e:60:f5:e2:a4:22:73:f6:4e:
69:b6:a7:ea:e3:28:74:84:e4:63:fe:3d:99:06:4c:c0:fe:3a:
69:ac:d6:ac:fd:c2:37:31:1d:b1:86:f2:1b:c1:f2:c7:67:5b:
9d:51:2f:d3:8f:d1:ac:2e:79:18:56:84:39:19:5d:0a:78:a4:
fb:61:95:d2:e8:e4:73:f3:e9:2c:b3:99:12:66:86:d8:32:04:
b7:7a:2c:d8:4a:74:f7:36:09:bd:3c:d2:e2:e1:0a:f8:37:a0:
01:b0:b0:a9:d6:57:a6:ed:9e:65:24:59:a6:d7:22:85:0c:5f:
0c:1e:62:ec:dd:20:6e:c3:e0:42:75:1e:29:25:b4:86:d4:ca:
75:16:e5:ba:02:e1:2b:90:e5:24:59:46:03:dd:d6:4a:1f:cb:
4f:82:f4:6a:3f:81:ca:89:10:e2:bf:2f:46:6d:b6:68:19:fc:
81:15:08:20:d5:ec:04:8d:69:a7:4c:bd:b2:e5:93:1f:df:26:
2f:0b:97:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpus4i/JcqvKeTY5U/PjfK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTljNzVmZTU3NzdlMTM2NTczZTFlNTFlZmJhNjc4MWYz
YTViMTYwHhcNMjMwOTA3MDgxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM3OGI4NmE5NGE0NjY0NWM1MjZlODljNmVlMTljZGNhNjMyMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDsUwXiujhTcewcUH2h5wWGkX654
JSD4o4f9Uw7518zhpugzYceOImMGgml/ByO9m90F3vyYXSb6rGmoiqX+miRu+Y1D
mikszTWZxKIGbhxAtD4ckiQAhraV6D3afBudeKXkWjer74cZ1PH+NPzY/ibXCM1R
gdQ81cR91jQHwVdyOWPQWlouQOg8ZLcQwF0WBZE87QWNY0LGmOOEkN3Wfi1YU44k
y6BGgMwdF4csxL7IxSzHe8crknT55mfsh/ucBSEi/m4Vo+KHTLFv2qGRsniw50w1
7L1VmBVXPjYESHqIlQdxoA3OfHsj/juIexLg9Ys/bVp6j83autUp5Wuo2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDvHi4apSkZkXFJuicbuGc3KYyGDMB8GA1UdIwQY
MBaAFBqZx1/ld34TZXPh5R77pngfOlsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAt
YTY5OWJjYjA4YWUzLzEvTzhlTGhxbEtSbVJjVW02Snh1NFp6Y3BqSVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAtYTY5OWJjYjA4YWUz
LzEvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYagMA0E
AgACMAcDBQMqBu1AMA0GCSqGSIb3DQEBCwUAA4IBAQAWdrqwgp5vkQZkYUnPEM2r
3xKWYuz2PokstMDVxmlynqoYaH57rjvOidq/4dyZJ487HYU714klbsk1OWdqsSZe
YPXipCJz9k5ptqfq4yh0hORj/j2ZBkzA/jpprNas/cI3MR2xhvIbwfLHZ1udUS/T
j9GsLnkYVoQ5GV0KeKT7YZXS6ORz8+kss5kSZobYMgS3eizYSnT3Ngm9PNLi4Qr4
N6ABsLCp1lem7Z5lJFmm1yKFDF8MHmLs3SBuw+BCdR4pJbSG1Mp1FuW6AuErkOUk
WUYD3dZKH8tPgvRqP4HKiRDivy9GbbZoGfyBFQgg1ewEjWmnTL2y5ZMf3yYvC5eS
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:08 2024 by rpki-client on console-fra.rpki-client.org