Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/T70n_xnqvUZE4pDImUwJSqM9iME.roa
File: T70n_xnqvUZE4pDImUwJSqM9iME.roa (raw, json)
Hash identifier: JqCTPopqidNfNsR9TGCFrf/pZwGWBXT/CV3AmQE+JMw=
Subject key identifier: 4F:BD:27:FF:19:EA:BD:46:44:E2:90:C8:99:4C:09:4A:A3:3D:88:C1
Certificate issuer: /CN=98e2f4aba0bc9b3e3ab1856497a40071971b704a
Certificate serial: 018570D54F3E157AEC26CADFF67B2F27029D
Authority key identifier: 98:E2:F4:AB:A0:BC:9B:3E:3A:B1:85:64:97:A4:00:71:97:1B:70:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOL0q6C8mz46sYVkl6QAcZcbcEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/T70n_xnqvUZE4pDImUwJSqM9iME.roa
Signing time: Mon 02 Jan 2023 04:55:05 +0000
ROA not before: Mon 02 Jan 2023 04:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44716
IP address blocks: 185.219.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:4f:3e:15:7a:ec:26:ca:df:f6:7b:2f:27:02:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98e2f4aba0bc9b3e3ab1856497a40071971b704a
Validity
Not Before: Jan 2 04:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fbd27ff19eabd4644e290c8994c094aa33d88c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a6:8f:52:24:3e:9e:07:a2:b4:e7:7c:0d:55:
e4:2a:12:6d:4b:5b:7a:36:ff:b0:2b:4c:1a:c0:c5:
a6:31:90:69:cc:33:76:7f:ca:49:bf:95:f2:cc:69:
85:10:6b:5d:18:9c:d5:69:e7:d7:3d:88:bf:1b:ce:
db:56:a1:3f:a7:11:3f:a1:b6:5d:b2:0e:85:50:32:
3c:1d:1e:fe:52:e3:0e:1e:b2:0d:82:ad:06:33:7a:
54:ea:cc:04:0c:60:49:ce:b2:57:7c:8e:1f:25:32:
b4:94:2b:55:96:ee:a2:6c:1f:6f:a7:fc:09:51:47:
4f:8b:ec:b0:e1:a2:f6:49:f5:1f:f5:14:1e:04:3f:
3b:d3:74:61:42:fe:c9:12:d0:5f:5c:08:5a:ef:f1:
6c:fe:3a:b3:06:e2:36:33:06:a7:f1:71:ca:2a:19:
9c:d6:6b:12:02:f3:35:47:17:96:ab:01:5b:67:22:
0d:78:4f:83:36:4b:d4:2d:73:66:73:39:53:16:6c:
26:a3:0a:15:f4:7e:42:f7:4e:46:51:c9:ae:1d:d1:
b1:b8:5d:ca:0e:97:f9:89:e1:78:04:a1:d7:08:4b:
7f:58:f8:c1:19:70:58:5f:40:5d:bf:db:1d:45:66:
f0:54:09:11:d9:c3:ac:6c:47:f6:65:3d:a3:3e:75:
32:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BD:27:FF:19:EA:BD:46:44:E2:90:C8:99:4C:09:4A:A3:3D:88:C1
X509v3 Authority Key Identifier:
keyid:98:E2:F4:AB:A0:BC:9B:3E:3A:B1:85:64:97:A4:00:71:97:1B:70:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOL0q6C8mz46sYVkl6QAcZcbcEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/T70n_xnqvUZE4pDImUwJSqM9iME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/mOL0q6C8mz46sYVkl6QAcZcbcEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:33:b1:eb:b1:31:6f:c6:31:af:72:98:27:df:15:51:57:ce:
35:be:6e:92:f9:cd:16:88:8d:c0:31:da:b3:dc:53:99:18:e7:
83:37:2f:f8:24:b5:f2:9c:42:03:15:87:07:08:f3:ff:3e:b0:
48:cc:9f:a6:b9:fe:3a:11:f5:15:41:86:21:33:17:a6:b7:12:
15:e8:ab:2b:eb:d5:6a:d3:2c:f9:b2:02:8b:bb:e1:76:eb:d1:
88:f2:ba:01:37:ec:20:99:48:6d:6b:09:dc:1d:d8:79:3e:27:
8a:7f:60:0b:74:66:dc:f4:6c:d9:a4:7b:a2:af:7e:b9:c9:b6:
11:b4:12:25:61:f9:0e:9f:06:9c:6d:78:cc:83:47:66:9a:be:
4a:e0:32:40:3c:63:fc:9f:7d:26:ac:57:57:d8:d5:ec:3b:0d:
e2:30:b2:73:0e:35:74:87:7b:50:f0:3a:03:7d:20:19:07:be:
e1:2d:cf:b4:ff:90:b6:bb:9c:f5:19:46:67:47:f2:89:17:97:
ea:33:0c:2b:68:e5:b5:53:96:44:aa:e8:b3:1c:e4:97:eb:83:
3a:61:e2:08:5c:b8:7c:f7:f0:ab:38:b5:ad:c7:ad:bc:2f:95:
1d:57:3e:fe:0a:59:f0:1f:8c:c3:c6:ed:ff:df:07:c5:36:0c:
c0:d1:66:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1U8+FXrsJsrf9nsvJwKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZTJmNGFiYTBiYzliM2UzYWIxODU2NDk3YTQwMDcxOTcx
YjcwNGEwHhcNMjMwMTAyMDQ1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmJkMjdmZjE5ZWFiZDQ2NDRlMjkwYzg5OTRjMDk0YWEzM2Q4OGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaaPUiQ+ngeitOd8DVXkKhJtS1t6
Nv+wK0wawMWmMZBpzDN2f8pJv5XyzGmFEGtdGJzVaefXPYi/G87bVqE/pxE/obZd
sg6FUDI8HR7+UuMOHrINgq0GM3pU6swEDGBJzrJXfI4fJTK0lCtVlu6ibB9vp/wJ
UUdPi+yw4aL2SfUf9RQeBD8703RhQv7JEtBfXAha7/Fs/jqzBuI2Mwan8XHKKhmc
1msSAvM1RxeWqwFbZyINeE+DNkvULXNmczlTFmwmowoV9H5C905GUcmuHdGxuF3K
Dpf5ieF4BKHXCEt/WPjBGXBYX0Bdv9sdRWbwVAkR2cOsbEf2ZT2jPnUy0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+9J/8Z6r1GROKQyJlMCUqjPYjBMB8GA1UdIwQY
MBaAFJji9KugvJs+OrGFZJekAHGXG3BKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9MMHE2QzhtejQ2c1lWa2w2UUFjWmNiY0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS85MmQ1NjQtNWQwOS00MjhlLWFmODAt
ODg4MjE5OWJjY2I0LzEvVDcwbl94bnF2VVpFNHBESW1Vd0pTcU05aU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS85MmQ1NjQtNWQwOS00MjhlLWFmODAtODg4MjE5OWJjY2I0
LzEvbU9MMHE2QzhtejQ2c1lWa2w2UUFjWmNiY0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuduYMA0G
CSqGSIb3DQEBCwUAA4IBAQA9M7HrsTFvxjGvcpgn3xVRV841vm6S+c0WiI3AMdqz
3FOZGOeDNy/4JLXynEIDFYcHCPP/PrBIzJ+muf46EfUVQYYhMxemtxIV6Ksr69Vq
0yz5sgKLu+F269GI8roBN+wgmUhtawncHdh5PieKf2ALdGbc9GzZpHuir365ybYR
tBIlYfkOnwacbXjMg0dmmr5K4DJAPGP8n30mrFdX2NXsOw3iMLJzDjV0h3tQ8DoD
fSAZB77hLc+0/5C2u5z1GUZnR/KJF5fqMwwraOW1U5ZEquizHOSX64M6YeIIXLh8
9/CrOLWtx628L5UdVz7+ClnwH4zDxu3/3wfFNgzA0WYy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:52 2024 by rpki-client on console-fra.rpki-client.org