Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/273487-889a-43fe-a56e-4b48f59ec155/1/uXrGTuTTVeIPJh8ayGcnLe6vOeQ.roa
File: uXrGTuTTVeIPJh8ayGcnLe6vOeQ.roa (raw, json)
Hash identifier: hTVXGMM0pu4CWRn1dMppNOoO+gN80i7Pk62TyEvgTHQ=
Subject key identifier: B9:7A:C6:4E:E4:D3:55:E2:0F:26:1F:1A:C8:67:27:2D:EE:AF:39:E4
Certificate issuer: /CN=e2f68414fcaca07c813555e53691dba84e3988c8
Certificate serial: 0185714C2A9CA5B9A044774C4BC811F5C610
Authority key identifier: E2:F6:84:14:FC:AC:A0:7C:81:35:55:E5:36:91:DB:A8:4E:39:88:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4vaEFPysoHyBNVXlNpHbqE45iMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/273487-889a-43fe-a56e-4b48f59ec155/1/uXrGTuTTVeIPJh8ayGcnLe6vOeQ.roa
Signing time: Mon 02 Jan 2023 07:04:55 +0000
ROA not before: Mon 02 Jan 2023 07:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206476
IP address blocks: 185.255.184.0/22 maxlen: 24
185.137.224.0/22 maxlen: 24
2a07:780::/29 maxlen: 48
2a0c:bcc0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:2a:9c:a5:b9:a0:44:77:4c:4b:c8:11:f5:c6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2f68414fcaca07c813555e53691dba84e3988c8
Validity
Not Before: Jan 2 07:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b97ac64ee4d355e20f261f1ac867272deeaf39e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:34:12:de:1b:da:5c:4b:68:3f:91:6b:4f:54:
23:d6:24:f4:06:e2:e9:97:6d:24:28:9f:a3:5d:5b:
08:63:19:44:cb:be:7d:8b:c9:87:4b:4d:a6:f1:b7:
e8:dc:b5:09:2d:c2:ce:9a:2f:85:ca:31:df:46:64:
6f:55:70:2f:49:7a:c4:33:86:ac:99:a4:75:06:13:
1c:af:63:da:f5:16:7c:24:54:ba:b4:a7:10:24:28:
3d:8c:9a:25:9a:fd:71:87:3e:7b:ea:d6:3e:07:82:
ad:b1:da:5c:af:ed:ca:56:b1:44:01:e5:6d:b6:f3:
60:35:8a:4f:65:84:9a:5e:db:66:84:6c:4b:19:0f:
96:23:7e:ca:29:1b:87:55:83:d7:90:fe:c7:a5:0a:
e9:b0:9b:33:b5:b5:d4:57:2a:f7:38:ed:3e:a8:5c:
58:51:e5:77:e4:43:14:da:6f:8c:b4:55:97:50:f1:
21:8f:37:fd:69:68:26:0e:36:32:69:63:a1:f2:b6:
b5:51:c8:4e:06:90:6b:89:e6:be:65:ce:f6:d1:0c:
0a:e3:9f:d5:3d:25:be:c4:04:4f:b5:98:3f:89:5e:
8c:59:1a:86:6f:fb:67:b3:0f:f8:b8:61:19:9e:03:
a7:a9:22:d6:55:c6:8b:bc:3a:8e:6c:cc:c6:37:f2:
7c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7A:C6:4E:E4:D3:55:E2:0F:26:1F:1A:C8:67:27:2D:EE:AF:39:E4
X509v3 Authority Key Identifier:
keyid:E2:F6:84:14:FC:AC:A0:7C:81:35:55:E5:36:91:DB:A8:4E:39:88:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4vaEFPysoHyBNVXlNpHbqE45iMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/273487-889a-43fe-a56e-4b48f59ec155/1/uXrGTuTTVeIPJh8ayGcnLe6vOeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/273487-889a-43fe-a56e-4b48f59ec155/1/4vaEFPysoHyBNVXlNpHbqE45iMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.224.0/22
185.255.184.0/22
IPv6:
2a07:780::/29
2a0c:bcc0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:59:5a:2c:3e:02:7e:33:54:75:38:0e:8a:a0:ff:cb:e7:94:
86:ec:db:58:bf:e7:c2:7e:2d:ac:a2:6e:15:ff:c5:a5:36:33:
34:27:b1:01:ac:99:f2:5e:61:19:b8:58:5a:39:d1:c9:8f:dc:
4c:25:2e:cb:6f:0e:3d:01:9c:6d:0b:45:8b:5d:53:c2:2c:02:
de:bc:62:23:6a:1b:bf:c8:be:6b:e5:03:da:1d:77:3c:a0:59:
67:17:3c:ca:7d:07:7f:96:03:cf:13:97:a6:eb:55:c1:1f:9d:
99:96:ef:f5:db:7a:b2:1c:1d:e7:7b:11:42:5b:a4:79:1a:03:
2f:c5:15:05:b5:de:e7:db:e4:36:49:aa:2c:25:d2:6a:83:9a:
87:c3:7b:cc:2c:8b:82:42:d2:36:b0:19:8b:ad:4f:6a:94:09:
5c:69:2d:1c:16:af:ca:d8:2b:ea:f1:6a:e4:72:32:5f:57:1e:
75:cf:e4:e6:69:71:86:c2:2c:8c:14:7a:10:f0:a4:43:e0:eb:
f8:b9:31:a5:a7:d5:f0:a1:32:b9:c5:cf:67:32:7b:3d:38:4e:
55:d8:f9:75:4c:9a:e7:d1:86:3a:4a:e0:74:16:db:6d:01:ea:
e7:09:01:bd:c9:6e:c7:0b:aa:d5:40:9b:88:ed:e4:d4:a3:66:
ba:3c:5a:fd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVxTCqcpbmgRHdMS8gR9cYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZjY4NDE0ZmNhY2EwN2M4MTM1NTVlNTM2OTFkYmE4NGUz
OTg4YzgwHhcNMjMwMTAyMDcwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdhYzY0ZWU0ZDM1NWUyMGYyNjFmMWFjODY3MjcyZGVlYWYzOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzQS3hvaXEtoP5FrT1Qj1iT0BuLp
l20kKJ+jXVsIYxlEy759i8mHS02m8bfo3LUJLcLOmi+FyjHfRmRvVXAvSXrEM4as
maR1BhMcr2Pa9RZ8JFS6tKcQJCg9jJolmv1xhz576tY+B4Ktsdpcr+3KVrFEAeVt
tvNgNYpPZYSaXttmhGxLGQ+WI37KKRuHVYPXkP7HpQrpsJsztbXUVyr3OO0+qFxY
UeV35EMU2m+MtFWXUPEhjzf9aWgmDjYyaWOh8ra1UchOBpBriea+Zc720QwK45/V
PSW+xARPtZg/iV6MWRqGb/tnsw/4uGEZngOnqSLWVcaLvDqObMzGN/J8FQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLl6xk7k01XiDyYfGshnJy3urznkMB8GA1UdIwQY
MBaAFOL2hBT8rKB8gTVV5TaR26hOOYjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHZhRUZQeXNvSHlCTlZYbE5wSGJxRTQ1aU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yNzM0ODctODg5YS00M2ZlLWE1NmUt
NGI0OGY1OWVjMTU1LzEvdVhyR1R1VFRWZUlQSmg4YXlHY25MZTZ2T2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yNzM0ODctODg5YS00M2ZlLWE1NmUtNGI0OGY1OWVjMTU1
LzEvNHZhRUZQeXNvSHlCTlZYbE5wSGJxRTQ1aU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuYngAwQC
uf+4MBQEAgACMA4DBQMqBweAAwUDKgy8wDANBgkqhkiG9w0BAQsFAAOCAQEAi1la
LD4CfjNUdTgOiqD/y+eUhuzbWL/nwn4trKJuFf/FpTYzNCexAayZ8l5hGbhYWjnR
yY/cTCUuy28OPQGcbQtFi11TwiwC3rxiI2obv8i+a+UD2h13PKBZZxc8yn0Hf5YD
zxOXputVwR+dmZbv9dt6shwd53sRQlukeRoDL8UVBbXe59vkNkmqLCXSaoOah8N7
zCyLgkLSNrAZi61PapQJXGktHBavytgr6vFq5HIyX1cedc/k5mlxhsIsjBR6EPCk
Q+Dr+LkxpafV8KEyucXPZzJ7PThOVdj5dUya59GGOkrgdBbbbQHq5wkBvcluxwuq
1UCbiO3k1KNmujxa/Q==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:39 2024 by rpki-client on console-ams.rpki-client.org