Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/sDo2-YaDTnyz7km-WQBwBYykZZk.roa
File: sDo2-YaDTnyz7km-WQBwBYykZZk.roa (raw, json)
Hash identifier: X/9XQZ4LecT0AZypVCZ6z9udmGA+k9WLt6Mm/j+kk1U=
Subject key identifier: B0:3A:36:F9:86:83:4E:7C:B3:EE:49:BE:59:00:70:05:8C:A4:65:99
Certificate issuer: /CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Certificate serial: 01856D6F80CCD33814B201BC2C3B3ECDC7DA
Authority key identifier: 40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/sDo2-YaDTnyz7km-WQBwBYykZZk.roa
Signing time: Sun 01 Jan 2023 13:05:02 +0000
ROA not before: Sun 01 Jan 2023 13:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58264
IP address blocks: 94.143.64.0/21 maxlen: 21
185.246.228.0/22 maxlen: 22
2a06:b140::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:80:cc:d3:38:14:b2:01:bc:2c:3b:3e:cd:c7:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Validity
Not Before: Jan 1 13:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b03a36f986834e7cb3ee49be590070058ca46599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:08:c1:ad:5b:64:2b:02:27:12:c4:54:79:8e:
c0:10:b6:91:99:dd:73:fa:e3:97:12:93:ba:cc:ad:
4d:1f:07:ea:1f:b1:a9:7a:53:37:1d:6e:67:58:9c:
a9:f8:a0:15:80:7f:91:a4:63:78:48:b9:a4:e7:a2:
82:71:b7:4a:6b:b3:b0:08:46:6d:ec:a5:18:13:23:
38:c0:f4:06:b8:24:9c:42:a7:ce:ed:3b:9a:79:8b:
5a:f3:73:50:72:06:15:b8:c6:93:33:8d:24:d8:d6:
94:c5:5e:32:56:88:01:a9:3e:92:40:0d:ff:23:40:
fe:68:09:bb:29:07:9a:bb:fe:6f:09:56:12:0f:5d:
f0:69:0e:1e:a3:38:60:6d:87:0d:6b:b4:01:d9:92:
d3:95:6e:15:66:8b:8d:7d:38:ca:5f:8d:0e:c5:26:
02:fc:9c:32:cc:27:b3:9c:ef:53:c8:03:e7:a0:f1:
8f:61:34:a5:b5:96:9c:d7:8d:cd:31:3a:ba:50:e1:
0f:ea:58:6b:ef:e1:ff:e2:53:56:55:75:ba:2f:62:
89:24:8c:41:6b:c8:76:90:8d:07:d7:2b:e7:f2:a5:
3a:e3:03:54:7b:06:31:b7:aa:da:f7:5d:59:87:d8:
a3:b3:82:aa:b6:08:29:43:6e:da:4f:5d:20:f0:b1:
87:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3A:36:F9:86:83:4E:7C:B3:EE:49:BE:59:00:70:05:8C:A4:65:99
X509v3 Authority Key Identifier:
keyid:40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/sDo2-YaDTnyz7km-WQBwBYykZZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.64.0/21
185.246.228.0/22
IPv6:
2a06:b140::/29
Signature Algorithm: sha256WithRSAEncryption
21:ed:4a:0f:33:a7:4d:43:ac:3b:f0:fe:62:5a:9f:ca:f6:06:
6c:8c:9b:e7:00:bd:23:50:89:9f:0f:19:a2:1d:e1:3a:c2:aa:
03:be:f3:59:65:3b:4f:c2:6b:2d:fa:f6:38:4c:8f:77:f6:38:
3b:d9:26:da:b9:fd:61:43:29:bb:37:c3:d3:c2:02:aa:48:01:
21:b8:1a:d7:03:c9:f6:76:57:c8:2d:3d:66:53:95:19:55:98:
94:e1:be:ba:64:7f:2e:10:6d:40:bf:03:02:3f:35:dc:a9:09:
b6:db:df:83:4f:3d:a4:01:2e:d0:55:c6:dc:85:ae:89:6c:67:
9f:cb:59:9c:c1:bb:58:9a:4f:11:06:2f:de:0b:54:85:b8:4b:
be:ee:46:95:03:26:34:01:3d:f6:d9:ea:15:a2:7d:81:23:54:
f9:a2:16:fa:a8:41:42:59:e5:b5:1b:8a:57:57:cb:4f:64:e8:
d5:6b:a9:c3:ee:27:3d:08:7f:93:b9:f7:49:b2:94:c4:5f:79:
6b:ab:00:b4:f9:a3:12:ec:51:21:d9:47:37:13:cf:19:6c:70:
b4:22:a2:dc:f2:be:ca:d3:ac:b6:ad:23:9a:8a:5f:89:75:eb:
b2:19:f3:7f:e2:26:1c:77:9f:0b:df:f3:eb:54:04:10:68:b9:
e2:ca:24:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtb4DM0zgUsgG8LDs+zcfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU2MTBiZGNkMjNiYWQyYjExOTJiZDQ1Y2E4YTk3NmQz
ODU1ZGEwHhcNMjMwMTAxMTMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDNhMzZmOTg2ODM0ZTdjYjNlZTQ5YmU1OTAwNzAwNThjYTQ2NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgjBrVtkKwInEsRUeY7AELaRmd1z
+uOXEpO6zK1NHwfqH7GpelM3HW5nWJyp+KAVgH+RpGN4SLmk56KCcbdKa7OwCEZt
7KUYEyM4wPQGuCScQqfO7TuaeYta83NQcgYVuMaTM40k2NaUxV4yVogBqT6SQA3/
I0D+aAm7KQeau/5vCVYSD13waQ4eozhgbYcNa7QB2ZLTlW4VZouNfTjKX40OxSYC
/JwyzCeznO9TyAPnoPGPYTSltZac143NMTq6UOEP6lhr7+H/4lNWVXW6L2KJJIxB
a8h2kI0H1yvn8qU64wNUewYxt6ra911Zh9ijs4KqtggpQ27aT10g8LGHFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLA6NvmGg058s+5JvlkAcAWMpGWZMB8GA1UdIwQY
MBaAFEDuYQvc0jutKxGSvUXKipdtOFXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ZWZhZTUtMmM5Mi00MGQwLWEzYjYt
YTZjMTdjZTgyZDc3LzEvc0RvMi1ZYURUbnl6N2ttLVdRQndCWXlrWlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ZWZhZTUtMmM5Mi00MGQwLWEzYjYtYTZjMTdjZTgyZDc3
LzEvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo9AAwQC
ufbkMA0EAgACMAcDBQMqBrFAMA0GCSqGSIb3DQEBCwUAA4IBAQAh7UoPM6dNQ6w7
8P5iWp/K9gZsjJvnAL0jUImfDxmiHeE6wqoDvvNZZTtPwmst+vY4TI939jg72Sba
uf1hQym7N8PTwgKqSAEhuBrXA8n2dlfILT1mU5UZVZiU4b66ZH8uEG1AvwMCPzXc
qQm229+DTz2kAS7QVcbcha6JbGefy1mcwbtYmk8RBi/eC1SFuEu+7kaVAyY0AT32
2eoVon2BI1T5ohb6qEFCWeW1G4pXV8tPZOjVa6nD7ic9CH+TufdJspTEX3lrqwC0
+aMS7FEh2Uc3E88ZbHC0IqLc8r7K06y2rSOail+JdeuyGfN/4iYcd58L3/PrVAQQ
aLniyiRg
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:36:04 2024 by rpki-client on console-ams.rpki-client.org