Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/29ac84-4365-4eba-9873-391bce71fea1/1/ln0iE9baJ-qfUxzcqf1Eqgjg0qM.roa
File: ln0iE9baJ-qfUxzcqf1Eqgjg0qM.roa (raw, json)
Hash identifier: pGLovYvIDdOcKm5/i2BSxpBJaCesB+frXG2M3Putpa8=
Subject key identifier: 96:7D:22:13:D6:DA:27:EA:9F:53:1C:DC:A9:FD:44:AA:08:E0:D2:A3
Certificate issuer: /CN=267d9ecb9964825d44dd266bbd32aa0804bc10f7
Certificate serial: 01856DE66AD624B7A25130F47B2DAFE6056B
Authority key identifier: 26:7D:9E:CB:99:64:82:5D:44:DD:26:6B:BD:32:AA:08:04:BC:10:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jn2ey5lkgl1E3SZrvTKqCAS8EPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/29ac84-4365-4eba-9873-391bce71fea1/1/ln0iE9baJ-qfUxzcqf1Eqgjg0qM.roa
Signing time: Sun 01 Jan 2023 15:14:55 +0000
ROA not before: Sun 01 Jan 2023 15:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205996
IP address blocks: 185.199.164.0/22 maxlen: 24
2a0d:4900::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:6a:d6:24:b7:a2:51:30:f4:7b:2d:af:e6:05:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=267d9ecb9964825d44dd266bbd32aa0804bc10f7
Validity
Not Before: Jan 1 15:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=967d2213d6da27ea9f531cdca9fd44aa08e0d2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:78:8e:f1:87:77:1d:ab:9f:8c:be:2c:0a:d0:
5e:ca:76:36:b9:06:7e:a7:22:e2:51:dd:5e:3d:8f:
bb:f9:08:e4:53:09:aa:a4:26:70:b1:51:84:5f:fa:
7d:b3:63:b3:d5:4e:91:15:c0:43:94:f0:48:5e:9d:
00:ec:bb:34:27:c6:14:63:d2:09:1a:b6:7b:a0:31:
a1:8d:a8:9c:13:33:6e:0f:e2:f4:91:18:fe:40:fe:
f1:e7:a9:9f:e7:c5:3b:ff:a5:7c:90:19:e5:cb:c0:
4a:2b:a9:5b:86:d3:6a:9c:e2:62:70:07:8a:24:3b:
6f:25:e5:67:09:e3:b5:db:ca:d6:ec:5e:b5:69:3f:
b4:f0:45:fe:83:8b:dd:1f:db:e7:00:23:ec:ae:71:
e7:cd:0a:32:2b:12:27:4c:8d:85:57:a5:b1:58:c2:
c5:aa:86:b6:41:02:87:fd:7b:43:4e:c0:61:68:aa:
23:e3:58:dc:c6:e6:7d:8f:39:98:91:d0:98:f0:b7:
fe:bd:fb:5b:94:11:ce:13:ad:15:57:8e:ac:a7:13:
c4:5a:2f:4b:e0:e1:92:13:5d:34:5d:44:46:ec:c2:
92:4c:f7:fa:0c:37:de:00:b0:9c:47:f9:4e:84:f4:
28:e3:c9:66:b7:a3:d8:d9:21:ca:b3:30:23:3a:9d:
94:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7D:22:13:D6:DA:27:EA:9F:53:1C:DC:A9:FD:44:AA:08:E0:D2:A3
X509v3 Authority Key Identifier:
keyid:26:7D:9E:CB:99:64:82:5D:44:DD:26:6B:BD:32:AA:08:04:BC:10:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jn2ey5lkgl1E3SZrvTKqCAS8EPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/29ac84-4365-4eba-9873-391bce71fea1/1/ln0iE9baJ-qfUxzcqf1Eqgjg0qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/29ac84-4365-4eba-9873-391bce71fea1/1/Jn2ey5lkgl1E3SZrvTKqCAS8EPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.164.0/22
IPv6:
2a0d:4900::/32
Signature Algorithm: sha256WithRSAEncryption
b8:fb:d6:d4:3a:c6:8c:a8:fe:5d:38:2b:e4:a6:cb:93:04:eb:
2a:b1:2b:6b:92:5f:88:c5:b2:f1:a9:9f:94:7d:02:d9:31:e7:
ac:9a:95:52:90:97:0f:b8:fb:f4:69:77:42:42:17:c4:0b:39:
1d:a4:86:1e:02:e3:1b:7e:e1:90:dd:b8:b6:96:65:62:42:d1:
ed:ff:05:19:b7:e7:c4:d2:e8:56:47:d0:23:a4:22:41:ae:77:
21:12:96:b0:c8:b3:4f:4e:df:1c:e4:05:8f:5f:99:86:8a:7b:
1e:c5:7f:4b:01:46:60:53:9c:49:12:aa:9c:e8:91:0d:62:39:
5a:9e:7c:13:e6:01:30:33:44:96:d9:6e:dd:92:41:8d:0d:61:
d7:b3:9f:5a:e2:0c:f4:52:d7:1e:de:15:69:59:16:6e:aa:7c:
53:bf:29:73:70:81:2f:e0:3b:d5:d4:5a:bf:0c:86:68:3e:13:
bb:02:ad:bc:88:b9:3b:13:71:63:58:b7:51:f0:b3:33:4e:84:
4d:07:32:68:a7:0a:0f:01:05:52:4b:16:10:d3:f0:fc:42:84:
8b:5c:1a:07:79:0e:5b:70:eb:b5:3d:05:c6:ea:dd:47:36:3c:
2b:b3:ee:db:45:b3:15:f0:d0:81:83:83:46:6a:97:97:5d:76:
70:ca:d1:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt5mrWJLeiUTD0ey2v5gVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2N2Q5ZWNiOTk2NDgyNWQ0NGRkMjY2YmJkMzJhYTA4MDRi
YzEwZjcwHhcNMjMwMTAxMTUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjdkMjIxM2Q2ZGEyN2VhOWY1MzFjZGNhOWZkNDRhYTA4ZTBkMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwniO8Yd3HaufjL4sCtBeynY2uQZ+
pyLiUd1ePY+7+QjkUwmqpCZwsVGEX/p9s2Oz1U6RFcBDlPBIXp0A7Ls0J8YUY9IJ
GrZ7oDGhjaicEzNuD+L0kRj+QP7x56mf58U7/6V8kBnly8BKK6lbhtNqnOJicAeK
JDtvJeVnCeO128rW7F61aT+08EX+g4vdH9vnACPsrnHnzQoyKxInTI2FV6WxWMLF
qoa2QQKH/XtDTsBhaKoj41jcxuZ9jzmYkdCY8Lf+vftblBHOE60VV46spxPEWi9L
4OGSE100XURG7MKSTPf6DDfeALCcR/lOhPQo48lmt6PY2SHKszAjOp2UMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJZ9IhPW2ifqn1Mc3Kn9RKoI4NKjMB8GA1UdIwQY
MBaAFCZ9nsuZZIJdRN0ma70yqggEvBD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm4yZXk1bGtnbDFFM1NacnZUS3FDQVM4RVBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yOWFjODQtNDM2NS00ZWJhLTk4NzMt
MzkxYmNlNzFmZWExLzEvbG4waUU5YmFKLXFmVXh6Y3FmMUVxZ2pnMHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yOWFjODQtNDM2NS00ZWJhLTk4NzMtMzkxYmNlNzFmZWEx
LzEvSm4yZXk1bGtnbDFFM1NacnZUS3FDQVM4RVBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucekMA0E
AgACMAcDBQAqDUkAMA0GCSqGSIb3DQEBCwUAA4IBAQC4+9bUOsaMqP5dOCvkpsuT
BOsqsStrkl+IxbLxqZ+UfQLZMeesmpVSkJcPuPv0aXdCQhfECzkdpIYeAuMbfuGQ
3bi2lmViQtHt/wUZt+fE0uhWR9AjpCJBrnchEpawyLNPTt8c5AWPX5mGinsexX9L
AUZgU5xJEqqc6JENYjlannwT5gEwM0SW2W7dkkGNDWHXs59a4gz0Utce3hVpWRZu
qnxTvylzcIEv4DvV1Fq/DIZoPhO7Aq28iLk7E3FjWLdR8LMzToRNBzJopwoPAQVS
SxYQ0/D8QoSLXBoHeQ5bcOu1PQXG6t1HNjwrs+7bRbMV8NCBg4NGapeXXXZwytEi
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:49 2024 by rpki-client on console-ams.rpki-client.org