Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a763fd-0b05-428b-b723-20c23868b91f/1/uNIiTb6YVPeIG-YC5L1q19lW5Qo.roa
File: uNIiTb6YVPeIG-YC5L1q19lW5Qo.roa (raw, json)
Hash identifier: 1lP89XD1s/xvNypMQPPbjWbnigdgo01iH6IOA3+7U1o=
Subject key identifier: B8:D2:22:4D:BE:98:54:F7:88:1B:E6:02:E4:BD:6A:D7:D9:56:E5:0A
Certificate issuer: /CN=667e799364d414f66df363137c79abf61239eb4d
Certificate serial: 0185734CDC4A681B212978536B42444A081E
Authority key identifier: 66:7E:79:93:64:D4:14:F6:6D:F3:63:13:7C:79:AB:F6:12:39:EB:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zn55k2TUFPZt82MTfHmr9hI5600.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a763fd-0b05-428b-b723-20c23868b91f/1/uNIiTb6YVPeIG-YC5L1q19lW5Qo.roa
Signing time: Mon 02 Jan 2023 16:24:54 +0000
ROA not before: Mon 02 Jan 2023 16:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203854
IP address blocks: 185.122.4.0/23 maxlen: 23
185.122.4.0/22 maxlen: 22
185.122.6.0/23 maxlen: 23
2a05:7e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:dc:4a:68:1b:21:29:78:53:6b:42:44:4a:08:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=667e799364d414f66df363137c79abf61239eb4d
Validity
Not Before: Jan 2 16:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8d2224dbe9854f7881be602e4bd6ad7d956e50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:0e:45:57:ce:b0:26:4c:a5:5d:bf:ed:45:
0b:8b:f2:1d:e6:fd:30:ab:03:ee:2f:5b:ba:c6:c4:
47:4a:98:d3:bf:75:e2:d0:50:5f:5d:28:21:e1:c7:
a6:b2:a0:2e:9a:c5:96:74:34:32:d4:f9:54:ab:20:
8e:9b:e9:dd:cf:34:2a:1e:d2:27:b2:b0:45:64:1c:
f8:29:2d:d5:5d:31:83:29:76:70:01:e0:d3:95:e8:
ff:22:b1:e0:7a:5c:16:cb:01:24:92:92:d5:7d:3b:
b7:4a:6b:47:4b:3d:8a:2a:4f:f1:f7:3f:7a:ff:d8:
e8:5c:7c:a5:3b:f4:b4:63:54:25:f3:3b:50:5f:ad:
61:b8:91:ff:07:30:b6:4b:02:62:8d:19:5d:79:b5:
e0:35:2d:62:12:68:8b:a7:fa:ef:22:92:8d:c7:48:
91:3c:74:b8:7f:91:ea:00:c5:f1:80:73:6c:ab:5a:
f7:da:e3:21:6f:c4:1b:cf:f5:a4:ec:4f:77:fc:96:
c9:48:68:0d:ef:81:62:a5:5a:fd:ed:24:6d:f2:eb:
2e:96:36:24:64:86:59:e9:1e:a0:65:0f:2f:fc:eb:
3c:3f:9c:6b:b1:64:40:da:98:9e:0f:2d:7b:f9:08:
48:0b:30:fb:d5:72:57:ac:c7:18:3f:c5:5a:e9:2c:
ec:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D2:22:4D:BE:98:54:F7:88:1B:E6:02:E4:BD:6A:D7:D9:56:E5:0A
X509v3 Authority Key Identifier:
keyid:66:7E:79:93:64:D4:14:F6:6D:F3:63:13:7C:79:AB:F6:12:39:EB:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zn55k2TUFPZt82MTfHmr9hI5600.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a763fd-0b05-428b-b723-20c23868b91f/1/uNIiTb6YVPeIG-YC5L1q19lW5Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a763fd-0b05-428b-b723-20c23868b91f/1/Zn55k2TUFPZt82MTfHmr9hI5600.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.4.0/22
IPv6:
2a05:7e40::/29
Signature Algorithm: sha256WithRSAEncryption
33:dc:f5:ad:fe:7b:88:7d:44:b3:1c:04:bc:0d:62:ba:22:fa:
93:1a:0c:6f:21:50:6d:37:72:eb:50:3f:91:eb:17:02:c1:61:
c5:44:e5:3e:8e:6b:5a:2d:19:f6:70:60:b1:23:07:14:89:55:
6c:b9:b9:87:29:ed:1b:84:aa:dd:af:d0:d4:55:88:3f:1d:cd:
29:21:cf:98:c8:52:62:0d:08:ac:17:77:1f:30:d4:50:cf:9b:
98:1e:d2:11:c9:ce:ef:11:61:8a:5f:27:68:d0:47:e6:a9:c5:
5a:bb:6d:34:54:cb:60:86:5f:2f:d7:32:b5:9c:17:c9:8e:71:
66:ee:15:91:14:5a:4f:97:42:c1:81:96:c2:a6:ae:1d:72:04:
6a:a3:28:7b:e6:3e:e1:15:96:97:99:c0:ba:70:ab:39:ae:75:
2a:a8:f5:c7:38:88:b5:24:97:3d:a0:fd:cb:3a:fd:fc:c4:a8:
08:1b:74:f6:b9:0e:f0:54:7b:ae:b0:9d:12:12:93:e7:ef:da:
aa:3e:0e:74:62:d1:f3:ad:b4:d0:07:da:a0:54:40:dc:b7:0b:
81:87:69:6a:2b:56:e5:a2:ac:2d:52:4c:39:11:74:a8:05:5e:
95:b0:e0:69:4d:54:10:fa:ea:c0:0f:11:9b:55:a4:5e:fa:b4:
6e:e4:22:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzTNxKaBshKXhTa0JESggeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2N2U3OTkzNjRkNDE0ZjY2ZGYzNjMxMzdjNzlhYmY2MTIz
OWViNGQwHhcNMjMwMTAyMTYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQyMjI0ZGJlOTg1NGY3ODgxYmU2MDJlNGJkNmFkN2Q5NTZlNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVsORVfOsCZMpV2/7UULi/Id5v0w
qwPuL1u6xsRHSpjTv3Xi0FBfXSgh4cemsqAumsWWdDQy1PlUqyCOm+ndzzQqHtIn
srBFZBz4KS3VXTGDKXZwAeDTlej/IrHgelwWywEkkpLVfTu3SmtHSz2KKk/x9z96
/9joXHylO/S0Y1Ql8ztQX61huJH/BzC2SwJijRldebXgNS1iEmiLp/rvIpKNx0iR
PHS4f5HqAMXxgHNsq1r32uMhb8Qbz/Wk7E93/JbJSGgN74FipVr97SRt8usuljYk
ZIZZ6R6gZQ8v/Os8P5xrsWRA2pieDy17+QhICzD71XJXrMcYP8Va6SzsUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLjSIk2+mFT3iBvmAuS9atfZVuUKMB8GA1UdIwQY
MBaAFGZ+eZNk1BT2bfNjE3x5q/YSOetNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm41NWsyVFVGUFp0ODJNVGZIbXI5aEk1NjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNzYzZmQtMGIwNS00MjhiLWI3MjMt
MjBjMjM4NjhiOTFmLzEvdU5JaVRiNllWUGVJRy1ZQzVMMXExOWxXNVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNzYzZmQtMGIwNS00MjhiLWI3MjMtMjBjMjM4NjhiOTFm
LzEvWm41NWsyVFVGUFp0ODJNVGZIbXI5aEk1NjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXoEMA0E
AgACMAcDBQMqBX5AMA0GCSqGSIb3DQEBCwUAA4IBAQAz3PWt/nuIfUSzHAS8DWK6
IvqTGgxvIVBtN3LrUD+R6xcCwWHFROU+jmtaLRn2cGCxIwcUiVVsubmHKe0bhKrd
r9DUVYg/Hc0pIc+YyFJiDQisF3cfMNRQz5uYHtIRyc7vEWGKXydo0EfmqcVau200
VMtghl8v1zK1nBfJjnFm7hWRFFpPl0LBgZbCpq4dcgRqoyh75j7hFZaXmcC6cKs5
rnUqqPXHOIi1JJc9oP3LOv38xKgIG3T2uQ7wVHuusJ0SEpPn79qqPg50YtHzrbTQ
B9qgVEDctwuBh2lqK1bloqwtUkw5EXSoBV6VsOBpTVQQ+urADxGbVaRe+rRu5CLG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:12 2024 by rpki-client on console-fra.rpki-client.org