Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/1-9sLR3UB9BuFyQNwYCBOjg4AvEI.roa
File: 1-9sLR3UB9BuFyQNwYCBOjg4AvEI.roa (raw, json)
Hash identifier: A811TyynPU6YedGn/4gdhbdAJqWQVtjyG3fIqQ8n8ic=
Subject key identifier: FB:DB:0B:47:75:01:F4:1B:85:C9:03:70:60:20:4E:8E:0E:00:BC:42
Certificate issuer: /CN=9bd6c860342cc799c28074f699768a8ecbdaa52e
Certificate serial: 01856F14A29E441197BC2C11FA4C4C2130D1
Authority key identifier: 9B:D6:C8:60:34:2C:C7:99:C2:80:74:F6:99:76:8A:8E:CB:DA:A5:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9bIYDQsx5nCgHT2mXaKjsvapS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/1-9sLR3UB9BuFyQNwYCBOjg4AvEI.roa
Signing time: Sun 01 Jan 2023 20:45:01 +0000
ROA not before: Sun 01 Jan 2023 20:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56642
IP address blocks: 92.118.152.0/23 maxlen: 23
92.118.154.0/23 maxlen: 23
185.155.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a2:9e:44:11:97:bc:2c:11:fa:4c:4c:21:30:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd6c860342cc799c28074f699768a8ecbdaa52e
Validity
Not Before: Jan 1 20:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbdb0b477501f41b85c9037060204e8e0e00bc42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e0:3e:c8:24:52:e5:ae:33:07:96:b5:61:8b:
66:8e:5a:60:6c:57:f7:93:25:cc:5f:8b:72:ba:6b:
a5:66:ae:f4:41:3d:4b:c0:d8:af:93:8d:91:58:ea:
1a:b1:a9:e2:a7:a5:b0:35:e0:d7:41:de:db:ff:77:
12:31:fc:f9:95:64:70:c7:51:1f:f8:46:60:c0:2f:
95:82:d2:a8:fa:6c:4f:fd:e9:46:34:db:18:83:b0:
89:59:47:03:ca:1f:0d:74:31:e2:18:09:0d:00:19:
1d:00:99:24:b5:95:40:e9:8a:2c:f1:ec:1a:31:09:
04:b5:7b:0f:fc:14:5e:c1:26:36:82:8b:d6:d6:6d:
93:12:3f:22:0e:c5:ea:51:70:99:d3:86:cb:38:91:
03:d5:8c:69:73:fb:d6:17:42:57:48:b1:f4:25:52:
6b:43:ef:df:eb:15:ad:25:45:0f:26:c8:af:76:3f:
e3:e8:02:f3:40:d9:42:07:fb:fb:6a:ad:bf:f2:67:
c6:ab:e9:42:96:59:78:9a:22:c1:4e:04:63:63:4d:
02:a0:bd:39:df:4f:0a:9f:ca:48:12:9d:d4:c7:e6:
66:81:1d:8b:b6:81:dc:fa:1e:49:ec:76:5a:47:0f:
c4:23:20:cf:f8:a9:bd:59:8f:9b:71:bf:48:b0:18:
44:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DB:0B:47:75:01:F4:1B:85:C9:03:70:60:20:4E:8E:0E:00:BC:42
X509v3 Authority Key Identifier:
keyid:9B:D6:C8:60:34:2C:C7:99:C2:80:74:F6:99:76:8A:8E:CB:DA:A5:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9bIYDQsx5nCgHT2mXaKjsvapS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/1-9sLR3UB9BuFyQNwYCBOjg4AvEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/m9bIYDQsx5nCgHT2mXaKjsvapS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.152.0/22
185.155.248.0/22
Signature Algorithm: sha256WithRSAEncryption
21:87:8b:46:44:db:4d:45:eb:9a:23:91:fe:ab:8f:8f:67:72:
6f:f9:ce:d0:1f:9a:48:d9:4c:11:97:a1:1f:0c:9d:7f:b2:5d:
9a:4a:5d:38:45:26:72:31:fb:c3:7d:ef:45:ee:04:ca:50:55:
55:6d:36:b0:55:28:82:26:e4:c8:b3:b3:98:55:56:22:3c:97:
3d:84:6e:52:7c:ea:c5:1e:18:49:27:0d:77:14:4e:51:17:17:
ee:50:24:e6:47:1c:75:30:1f:3d:5a:8d:74:f9:bb:4c:ae:dd:
f5:9f:fa:4e:5b:46:b3:ee:66:93:66:27:ec:2a:a3:99:4c:68:
d4:76:8b:fb:bb:ad:90:3b:ed:2f:88:59:1b:2b:af:38:89:0e:
94:aa:d0:9f:fb:7a:d3:55:7d:59:66:6a:12:84:3e:e6:a0:a6:
06:c8:60:f5:b3:8d:50:f5:d9:11:13:a1:31:cd:16:cb:c8:2b:
9b:b9:90:a5:c2:83:e4:0e:23:d0:9e:7c:68:ad:31:86:ed:a8:
e5:c9:b0:54:25:1e:ee:1c:14:c8:2e:07:b7:df:8d:b9:61:3d:
f9:3c:32:11:85:d1:bb:e2:ca:bf:29:9a:6c:d7:ff:be:bd:7f:
47:71:38:65:16:33:82:b3:0c:e4:be:37:ec:65:05:13:4c:64:
05:d1:4c:c5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVvFKKeRBGXvCwR+kxMITDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZDZjODYwMzQyY2M3OTljMjgwNzRmNjk5NzY4YThlY2Jk
YWE1MmUwHhcNMjMwMTAxMjA0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmRiMGI0Nzc1MDFmNDFiODVjOTAzNzA2MDIwNGU4ZTBlMDBiYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuA+yCRS5a4zB5a1YYtmjlpgbFf3
kyXMX4tyumulZq70QT1LwNivk42RWOoasanip6WwNeDXQd7b/3cSMfz5lWRwx1Ef
+EZgwC+VgtKo+mxP/elGNNsYg7CJWUcDyh8NdDHiGAkNABkdAJkktZVA6Yos8ewa
MQkEtXsP/BRewSY2govW1m2TEj8iDsXqUXCZ04bLOJED1Yxpc/vWF0JXSLH0JVJr
Q+/f6xWtJUUPJsivdj/j6ALzQNlCB/v7aq2/8mfGq+lClll4miLBTgRjY00CoL05
308Kn8pIEp3Ux+ZmgR2LtoHc+h5J7HZaRw/EIyDP+Km9WY+bcb9IsBhEgQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPvbC0d1AfQbhckDcGAgTo4OALxCMB8GA1UdIwQY
MBaAFJvWyGA0LMeZwoB09pl2io7L2qUuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTliSVlEUXN4NW5DZ0hUMm1YYUtqc3ZhcFM0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hZmE2OWQtZTE0My00YmY3LWI3NDMt
NDJlM2VmNGY4YjkxLzEvMS05c0xSM1VCOUJ1RnlRTndZQ0JPamc0QXZFSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWUvYWZhNjlkLWUxNDMtNGJmNy1iNzQzLTQyZTNlZjRmOGI5
MS8xL205YklZRFFzeDVuQ2dIVDJtWGFLanN2YXBTNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlx2mAME
Armb+DANBgkqhkiG9w0BAQsFAAOCAQEAIYeLRkTbTUXrmiOR/quPj2dyb/nO0B+a
SNlMEZehHwydf7JdmkpdOEUmcjH7w33vRe4EylBVVW02sFUogibkyLOzmFVWIjyX
PYRuUnzqxR4YSScNdxROURcX7lAk5kccdTAfPVqNdPm7TK7d9Z/6TltGs+5mk2Yn
7CqjmUxo1HaL+7utkDvtL4hZGyuvOIkOlKrQn/t601V9WWZqEoQ+5qCmBshg9bON
UPXZEROhMc0Wy8grm7mQpcKD5A4j0J58aK0xhu2o5cmwVCUe7hwUyC4Ht9+NuWE9
+TwyEYXRu+LKvymabNf/vr1/R3E4ZRYzgrMM5L437GUFE0xkBdFMxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:53 2024 by rpki-client on console-fra.rpki-client.org