Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/e3c854-2262-4895-b92a-f2c65a7013ef/1/kPViqNxLKLGJz0U1pWD-4UylJeU.roa
File: kPViqNxLKLGJz0U1pWD-4UylJeU.roa (raw, json)
Hash identifier: 2AW+2uQDo67ZOboBNmkNB/ew0UZOFR9FDL8QIdaSNqs=
Subject key identifier: 90:F5:62:A8:DC:4B:28:B1:89:CF:45:35:A5:60:FE:E1:4C:A5:25:E5
Certificate issuer: /CN=111f4b0a73ac1b633d24ed5a094fde3a2ef51b94
Certificate serial: 01856FE6F1EF9984CB18ADC1132504339682
Authority key identifier: 11:1F:4B:0A:73:AC:1B:63:3D:24:ED:5A:09:4F:DE:3A:2E:F5:1B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER9LCnOsG2M9JO1aCU_eOi71G5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/e3c854-2262-4895-b92a-f2c65a7013ef/1/kPViqNxLKLGJz0U1pWD-4UylJeU.roa
Signing time: Mon 02 Jan 2023 00:34:44 +0000
ROA not before: Mon 02 Jan 2023 00:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24679
IP address blocks: 185.148.168.0/22 maxlen: 24
2a07:60c0::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:f1:ef:99:84:cb:18:ad:c1:13:25:04:33:96:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111f4b0a73ac1b633d24ed5a094fde3a2ef51b94
Validity
Not Before: Jan 2 00:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90f562a8dc4b28b189cf4535a560fee14ca525e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a6:d7:2d:cd:23:11:b6:7a:a7:bd:10:2f:b1:
d5:ed:60:c7:4a:3b:90:4c:0a:28:61:bc:02:d8:38:
8e:b1:d1:e8:c6:00:c8:f9:62:28:bd:98:49:11:80:
d9:27:a8:8b:5f:c7:2c:63:33:33:ea:d7:2b:44:9d:
e4:16:1d:b5:c0:89:b2:d6:e3:2a:b7:91:88:77:2c:
37:99:70:58:49:42:41:27:37:9c:8a:8a:61:42:a8:
dc:3c:76:b0:de:54:ad:83:fb:c0:b6:78:b2:ea:10:
79:d4:8f:96:ed:fe:b3:a8:f1:0c:14:f3:b5:52:b9:
a0:e8:a0:a0:60:d4:04:f4:b7:eb:97:7f:db:58:ce:
08:60:a7:b5:92:29:dc:0c:f5:86:fa:5f:de:9e:bd:
46:c9:34:b9:cb:a3:a3:37:dc:4f:1d:bd:99:10:97:
54:8b:14:8b:b9:dd:cb:53:df:b1:13:7c:94:f8:ab:
ff:24:c8:bf:fa:e0:73:bd:5f:db:2b:b2:ac:ac:75:
31:87:ba:15:0b:b8:a6:af:23:a1:52:02:94:72:f9:
19:41:c2:22:38:28:7f:91:b4:21:ce:c6:53:0a:a5:
b0:30:98:fe:82:3b:b2:24:36:92:ac:d8:df:83:29:
75:d1:6c:99:84:22:f2:72:da:8a:86:68:9b:e6:1e:
dd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F5:62:A8:DC:4B:28:B1:89:CF:45:35:A5:60:FE:E1:4C:A5:25:E5
X509v3 Authority Key Identifier:
keyid:11:1F:4B:0A:73:AC:1B:63:3D:24:ED:5A:09:4F:DE:3A:2E:F5:1B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER9LCnOsG2M9JO1aCU_eOi71G5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e3c854-2262-4895-b92a-f2c65a7013ef/1/kPViqNxLKLGJz0U1pWD-4UylJeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e3c854-2262-4895-b92a-f2c65a7013ef/1/ER9LCnOsG2M9JO1aCU_eOi71G5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.168.0/22
IPv6:
2a07:60c0::/29
Signature Algorithm: sha256WithRSAEncryption
71:a9:82:70:22:39:23:eb:2e:82:f6:ec:a1:1c:d7:d8:1f:e8:
69:1f:64:f9:2e:65:3f:ba:37:de:c0:4d:1d:09:a0:c8:6c:d1:
dd:a0:8c:da:6d:05:47:c2:66:e7:1b:b8:7a:6a:3c:44:f3:0d:
29:7d:a5:10:b1:76:62:13:c6:68:89:76:37:17:d1:9e:47:4a:
e8:d6:a8:2e:08:96:c8:6d:a2:d9:bf:d2:16:91:10:45:e8:44:
a7:d7:9c:2c:73:cb:0f:24:2f:7e:82:dc:93:d2:ec:cd:08:2f:
ef:68:a3:be:de:95:a2:7d:cc:da:80:a9:dc:42:33:b9:44:69:
18:4b:2c:fd:da:c1:44:bd:b8:84:41:30:6f:4f:d5:5c:0e:a9:
8e:f6:cc:b5:32:53:45:82:d7:98:5e:52:e7:44:21:d4:a1:9a:
34:23:a7:d3:4b:9c:40:80:cb:21:bf:1b:26:7d:2b:0c:69:af:
e7:43:29:2e:c5:af:3c:bb:1f:17:84:5e:81:95:1c:03:7f:56:
e2:8c:28:c3:52:46:61:fe:4d:20:81:11:6e:5c:45:7e:4b:0a:
36:9f:e8:a5:9c:75:f6:2a:08:0a:21:43:4b:ba:c9:02:31:7d:
64:07:0d:b1:05:ff:8d:e0:ad:62:65:54:ac:44:3a:af:86:da:
da:c7:50:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv5vHvmYTLGK3BEyUEM5aCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWY0YjBhNzNhYzFiNjMzZDI0ZWQ1YTA5NGZkZTNhMmVm
NTFiOTQwHhcNMjMwMTAyMDAzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGY1NjJhOGRjNGIyOGIxODljZjQ1MzVhNTYwZmVlMTRjYTUyNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkabXLc0jEbZ6p70QL7HV7WDHSjuQ
TAooYbwC2DiOsdHoxgDI+WIovZhJEYDZJ6iLX8csYzMz6tcrRJ3kFh21wImy1uMq
t5GIdyw3mXBYSUJBJzeciophQqjcPHaw3lStg/vAtniy6hB51I+W7f6zqPEMFPO1
Urmg6KCgYNQE9Lfrl3/bWM4IYKe1kincDPWG+l/enr1GyTS5y6OjN9xPHb2ZEJdU
ixSLud3LU9+xE3yU+Kv/JMi/+uBzvV/bK7KsrHUxh7oVC7imryOhUgKUcvkZQcIi
OCh/kbQhzsZTCqWwMJj+gjuyJDaSrNjfgyl10WyZhCLyctqKhmib5h7djwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJD1YqjcSyixic9FNaVg/uFMpSXlMB8GA1UdIwQY
MBaAFBEfSwpzrBtjPSTtWglP3jou9RuUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVI5TENuT3NHMk05Sk8xYUNVX2VPaTcxRzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9lM2M4NTQtMjI2Mi00ODk1LWI5MmEt
ZjJjNjVhNzAxM2VmLzEva1BWaXFOeExLTEdKejBVMXBXRC00VXlsSmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9lM2M4NTQtMjI2Mi00ODk1LWI5MmEtZjJjNjVhNzAxM2Vm
LzEvRVI5TENuT3NHMk05Sk8xYUNVX2VPaTcxRzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZSoMA0E
AgACMAcDBQMqB2DAMA0GCSqGSIb3DQEBCwUAA4IBAQBxqYJwIjkj6y6C9uyhHNfY
H+hpH2T5LmU/ujfewE0dCaDIbNHdoIzabQVHwmbnG7h6ajxE8w0pfaUQsXZiE8Zo
iXY3F9GeR0ro1qguCJbIbaLZv9IWkRBF6ESn15wsc8sPJC9+gtyT0uzNCC/vaKO+
3pWifczagKncQjO5RGkYSyz92sFEvbiEQTBvT9VcDqmO9sy1MlNFgteYXlLnRCHU
oZo0I6fTS5xAgMshvxsmfSsMaa/nQykuxa88ux8XhF6BlRwDf1bijCjDUkZh/k0g
gRFuXEV+Swo2n+ilnHX2KggKIUNLuskCMX1kBw2xBf+N4K1iZVSsRDqvhtrax1Bq
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:58 2024 by rpki-client on console-ams.rpki-client.org