Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/vT_O6qLy0K3gDNRIkQWLsI1gppw.roa
File: vT_O6qLy0K3gDNRIkQWLsI1gppw.roa (raw, json)
Hash identifier: XKSl3GbRmApsSKQ/TrIciHEA7G3Agdw7Q+nuNkJEkGQ=
Subject key identifier: BD:3F:CE:EA:A2:F2:D0:AD:E0:0C:D4:48:91:05:8B:B0:8D:60:A6:9C
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 01856F391EF74074A55E9714670BD7932803
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/vT_O6qLy0K3gDNRIkQWLsI1gppw.roa
Signing time: Sun 01 Jan 2023 21:24:52 +0000
ROA not before: Sun 01 Jan 2023 21:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211309
IP address blocks: 185.190.36.0/24 maxlen: 24
2a10:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 25 Oct 2023 11:44:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:1e:f7:40:74:a5:5e:97:14:67:0b:d7:93:28:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Jan 1 21:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd3fceeaa2f2d0ade00cd44891058bb08d60a69c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ef:33:7b:8e:8d:60:65:b7:f6:b6:55:6f:21:
e8:d6:0d:ad:bd:e6:83:f4:64:8b:ed:4c:39:e9:72:
93:12:46:25:88:f8:7c:24:ec:d1:02:57:05:75:aa:
d0:a0:41:99:71:06:ad:55:dd:cd:50:0f:72:f9:10:
ed:9c:32:f5:3b:9f:68:4a:c2:71:66:2a:8f:62:b9:
99:a9:5f:4f:ad:a1:46:ce:e5:32:46:2d:b7:c6:70:
9c:b5:4e:3b:10:2f:f9:4a:b3:ec:51:87:89:df:f9:
c4:27:83:71:77:eb:d6:93:3d:eb:9e:eb:19:6c:1b:
aa:b7:4e:f7:9b:a8:45:0c:cf:6a:05:fc:c8:1c:3c:
78:1a:d9:5f:ba:4e:8e:b4:12:90:da:6b:a9:3f:df:
8e:f9:f3:ba:fd:a8:34:1e:a4:4f:e0:b5:d9:da:ae:
5a:de:7d:83:a8:e3:16:8b:3e:e6:ab:dd:53:e2:a8:
7d:4a:a7:b2:eb:63:07:ff:0e:25:43:de:8d:6c:dd:
77:69:87:74:d0:4f:71:07:3d:d0:cf:d3:ab:3c:f7:
f3:5b:53:96:ef:f4:91:68:fb:c2:04:9b:77:cf:7e:
14:2c:20:f0:ed:8c:07:c5:df:26:b3:99:ef:0a:a6:
fb:8c:42:c0:ec:69:7d:5a:ba:d3:d9:02:94:3e:97:
17:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3F:CE:EA:A2:F2:D0:AD:E0:0C:D4:48:91:05:8B:B0:8D:60:A6:9C
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/vT_O6qLy0K3gDNRIkQWLsI1gppw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.36.0/24
IPv6:
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
23:e5:a3:11:66:f1:a9:45:5a:ff:95:d5:7d:0f:d8:5a:35:d4:
84:ac:fb:80:cf:81:32:ef:c1:3a:6b:8f:7c:5a:01:1b:b7:68:
aa:08:40:10:58:e5:5a:a6:c3:27:06:5e:43:53:3f:46:a6:38:
0f:e8:77:db:01:95:29:86:47:e7:41:ec:74:b8:0c:e7:39:a2:
05:a4:91:49:42:5d:a6:bf:e9:c6:fe:ff:7b:2f:40:bc:b2:6d:
1b:6d:9b:e1:19:aa:34:4b:b2:13:ac:b7:ee:fd:1e:30:ef:c0:
0c:d5:f2:71:2c:06:86:eb:ac:24:91:2a:05:3f:aa:5e:88:38:
0a:76:af:17:ff:15:7a:04:9d:37:4d:a8:18:5e:73:35:da:87:
7a:74:29:2a:83:1b:87:5c:04:ea:d6:7e:b9:7a:45:4c:7f:41:
35:5b:e1:fa:e4:bc:85:2d:e8:4d:f5:6f:89:67:e1:6f:65:95:
ae:3d:76:14:1d:90:ab:52:c1:72:dc:87:b5:92:b7:2e:db:23:
e1:1a:03:21:93:cf:6d:87:4b:04:b1:84:f9:06:1b:7c:cf:80:
fe:38:54:8b:1b:9f:7d:99:7c:7f:a3:25:cd:22:6f:ca:ff:2b:
69:60:a4:6b:dd:24:b2:d1:ac:cd:17:b0:7f:7e:7e:04:16:bd:
91:8b:a3:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOR73QHSlXpcUZwvXkygDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjMwMTAxMjEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNmY2VlYWEyZjJkMGFkZTAwY2Q0NDg5MTA1OGJiMDhkNjBhNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe8ze46NYGW39rZVbyHo1g2tveaD
9GSL7Uw56XKTEkYliPh8JOzRAlcFdarQoEGZcQatVd3NUA9y+RDtnDL1O59oSsJx
ZiqPYrmZqV9PraFGzuUyRi23xnCctU47EC/5SrPsUYeJ3/nEJ4Nxd+vWkz3rnusZ
bBuqt073m6hFDM9qBfzIHDx4Gtlfuk6OtBKQ2mupP9+O+fO6/ag0HqRP4LXZ2q5a
3n2DqOMWiz7mq91T4qh9Sqey62MH/w4lQ96NbN13aYd00E9xBz3Qz9OrPPfzW1OW
7/SRaPvCBJt3z34ULCDw7YwHxd8ms5nvCqb7jELA7Gl9WrrT2QKUPpcXZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL0/zuqi8tCt4AzUSJEFi7CNYKacMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvdlRfTzZxTHkwSzNnRE5SSWtRV0xzSTFncHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAub4kMA0E
AgACMAcDBQMqENZAMA0GCSqGSIb3DQEBCwUAA4IBAQAj5aMRZvGpRVr/ldV9D9ha
NdSErPuAz4Ey78E6a498WgEbt2iqCEAQWOVapsMnBl5DUz9GpjgP6HfbAZUphkfn
Qex0uAznOaIFpJFJQl2mv+nG/v97L0C8sm0bbZvhGao0S7ITrLfu/R4w78AM1fJx
LAaG66wkkSoFP6peiDgKdq8X/xV6BJ03TagYXnM12od6dCkqgxuHXATq1n65ekVM
f0E1W+H65LyFLehN9W+JZ+FvZZWuPXYUHZCrUsFy3Ie1krcu2yPhGgMhk89th0sE
sYT5Bht8z4D+OFSLG599mXx/oyXNIm/K/ytpYKRr3SSy0azNF7B/fn4EFr2Ri6Of
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:28 2024 by rpki-client on console-ams.rpki-client.org