Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/s2AKuiEE_VDAcxj6Bm0SjjpwWUI.roa
File: s2AKuiEE_VDAcxj6Bm0SjjpwWUI.roa (raw, json)
Hash identifier: /mOFhoYIxAclNS2ylCvEwo8PX6qA2rN4whKd4864UjE=
Subject key identifier: B3:60:0A:BA:21:04:FD:50:C0:73:18:FA:06:6D:12:8E:3A:70:59:42
Certificate issuer: /CN=bfd09a87743817c56f8088007a5746eb69ff2e30
Certificate serial: 01856F2FD4F6209DC1A2F227799F26168E1D
Authority key identifier: BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/s2AKuiEE_VDAcxj6Bm0SjjpwWUI.roa
Signing time: Sun 01 Jan 2023 21:14:43 +0000
ROA not before: Sun 01 Jan 2023 21:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3302
IP address blocks: 185.82.224.0/22 maxlen: 22
2a05:9540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:d4:f6:20:9d:c1:a2:f2:27:79:9f:26:16:8e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd09a87743817c56f8088007a5746eb69ff2e30
Validity
Not Before: Jan 1 21:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3600aba2104fd50c07318fa066d128e3a705942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a2:e6:0b:b1:e9:16:76:52:bb:35:c1:61:e8:
c5:89:44:55:76:f4:c8:59:25:14:a9:0b:7b:7c:53:
76:b5:76:31:30:06:99:69:c2:c7:62:1b:c7:3a:1a:
c1:ee:59:04:e5:73:79:ed:12:4e:41:57:e5:f9:fe:
75:18:b6:49:af:e6:4e:0d:54:91:e8:e2:1c:13:4f:
fc:d1:ba:2a:b0:93:28:11:63:05:bf:45:f6:fe:e4:
ea:e7:51:7b:b0:06:60:d5:9f:fa:bd:03:7e:1c:fe:
97:d1:b4:f7:b8:06:41:9c:58:a1:d4:41:6f:77:70:
b5:d5:f2:1d:a4:dd:93:eb:5f:13:f3:eb:da:b8:6a:
5b:16:73:c2:c2:6e:33:1e:b7:1b:f9:53:0d:76:3d:
ca:55:c9:2f:f1:dc:7a:65:fc:c6:87:1d:86:5f:cf:
ce:6f:46:dd:f2:59:64:1a:07:e6:9b:70:c2:1b:57:
59:fa:17:03:67:2a:b4:0d:f0:7e:b9:0b:93:91:e3:
ef:9a:26:d3:f8:f9:96:38:e1:13:7f:70:8e:ea:74:
16:51:08:47:c1:8e:d3:8f:a9:31:4e:c4:2d:b7:5a:
c1:77:ec:61:85:3b:ee:00:5c:ee:9b:53:25:1f:5c:
25:10:15:84:ec:25:da:a0:e0:d9:86:35:ff:b9:4a:
0f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:60:0A:BA:21:04:FD:50:C0:73:18:FA:06:6D:12:8E:3A:70:59:42
X509v3 Authority Key Identifier:
keyid:BF:D0:9A:87:74:38:17:C5:6F:80:88:00:7A:57:46:EB:69:FF:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9Cah3Q4F8VvgIgAeldG62n_LjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/s2AKuiEE_VDAcxj6Bm0SjjpwWUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/092570-512a-44fa-a4fe-dbca8c31ebc8/1/v9Cah3Q4F8VvgIgAeldG62n_LjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.224.0/22
IPv6:
2a05:9540::/29
Signature Algorithm: sha256WithRSAEncryption
65:d5:3d:e6:c7:4e:aa:2f:78:af:72:4f:91:18:4f:c6:dc:67:
98:99:35:54:cb:43:55:cf:c0:75:3d:68:63:44:07:ab:87:5d:
5c:34:c4:73:05:4c:8e:a9:27:5c:07:03:a0:e9:e1:09:b5:2b:
c8:4e:71:15:0b:90:39:67:9f:ef:60:8a:bf:52:f6:4a:13:09:
1a:7c:1c:d7:13:49:0e:f4:1b:1d:7d:44:15:00:d1:f3:cf:b3:
fc:12:b6:69:cd:65:e7:f7:55:ed:a1:10:1f:a3:f8:31:c9:fc:
7f:25:c4:20:c6:0e:f2:7a:48:ab:17:ef:98:aa:83:a1:cf:01:
68:94:4c:f9:32:dd:eb:b7:31:ae:99:55:10:41:2b:51:1a:3b:
47:5c:11:10:1e:a5:5a:be:d5:e6:a6:f8:e6:81:f9:33:42:4c:
d2:6f:1f:df:ab:df:e4:97:3c:94:c0:ad:d9:ae:fb:0d:27:b7:
92:62:36:75:cc:b5:e1:7c:6b:70:8e:27:72:56:04:4f:53:1b:
01:98:78:52:63:7a:0a:e3:d5:81:73:fe:e4:38:52:57:a1:81:
ed:38:ce:7d:ae:0d:f6:f1:3a:28:b2:b8:7b:62:04:d1:9f:53:
d6:a5:f0:08:c5:70:46:bd:5f:dc:86:af:e4:c2:30:e1:5f:d8:
07:38:71:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvL9T2IJ3BovIneZ8mFo4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDA5YTg3NzQzODE3YzU2ZjgwODgwMDdhNTc0NmViNjlm
ZjJlMzAwHhcNMjMwMTAxMjExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzYwMGFiYTIxMDRmZDUwYzA3MzE4ZmEwNjZkMTI4ZTNhNzA1OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKLmC7HpFnZSuzXBYejFiURVdvTI
WSUUqQt7fFN2tXYxMAaZacLHYhvHOhrB7lkE5XN57RJOQVfl+f51GLZJr+ZODVSR
6OIcE0/80boqsJMoEWMFv0X2/uTq51F7sAZg1Z/6vQN+HP6X0bT3uAZBnFih1EFv
d3C11fIdpN2T618T8+vauGpbFnPCwm4zHrcb+VMNdj3KVckv8dx6ZfzGhx2GX8/O
b0bd8llkGgfmm3DCG1dZ+hcDZyq0DfB+uQuTkePvmibT+PmWOOETf3CO6nQWUQhH
wY7Tj6kxTsQtt1rBd+xhhTvuAFzum1MlH1wlEBWE7CXaoODZhjX/uUoP0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLNgCrohBP1QwHMY+gZtEo46cFlCMB8GA1UdIwQY
MBaAFL/Qmod0OBfFb4CIAHpXRutp/y4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjlDYWgzUTRGOFZ2Z0lnQWVsZEc2Mm5fTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wOTI1NzAtNTEyYS00NGZhLWE0ZmUt
ZGJjYThjMzFlYmM4LzEvczJBS3VpRUVfVkRBY3hqNkJtMFNqanB3V1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wOTI1NzAtNTEyYS00NGZhLWE0ZmUtZGJjYThjMzFlYmM4
LzEvdjlDYWgzUTRGOFZ2Z0lnQWVsZEc2Mm5fTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVLgMA0E
AgACMAcDBQMqBZVAMA0GCSqGSIb3DQEBCwUAA4IBAQBl1T3mx06qL3ivck+RGE/G
3GeYmTVUy0NVz8B1PWhjRAerh11cNMRzBUyOqSdcBwOg6eEJtSvITnEVC5A5Z5/v
YIq/UvZKEwkafBzXE0kO9BsdfUQVANHzz7P8ErZpzWXn91XtoRAfo/gxyfx/JcQg
xg7yekirF++YqoOhzwFolEz5Mt3rtzGumVUQQStRGjtHXBEQHqVavtXmpvjmgfkz
QkzSbx/fq9/klzyUwK3ZrvsNJ7eSYjZ1zLXhfGtwjidyVgRPUxsBmHhSY3oK49WB
c/7kOFJXoYHtOM59rg328Toosrh7YgTRn1PWpfAIxXBGvV/chq/kwjDhX9gHOHFu
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:55 2024 by rpki-client on console-ams.rpki-client.org