Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/2RLyKdJSeyE2eWbvQEtQgZ9cSo4.roa
File: 2RLyKdJSeyE2eWbvQEtQgZ9cSo4.roa (raw, json)
Hash identifier: XJc5HcmIgdqchDujLwkCFta1jMcGC3z/QEZ2IwVrJj4=
Subject key identifier: D9:12:F2:29:D2:52:7B:21:36:79:66:EF:40:4B:50:81:9F:5C:4A:8E
Certificate issuer: /CN=7d4d1c8790a913e832c733dff778dee79129700a
Certificate serial: 01856D78A1F943FF5BFAC5B613A6FCAFE2A8
Authority key identifier: 7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/2RLyKdJSeyE2eWbvQEtQgZ9cSo4.roa
Signing time: Sun 01 Jan 2023 13:15:00 +0000
ROA not before: Sun 01 Jan 2023 13:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.54.240.0/22 maxlen: 22
2001:780::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:a1:f9:43:ff:5b:fa:c5:b6:13:a6:fc:af:e2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d4d1c8790a913e832c733dff778dee79129700a
Validity
Not Before: Jan 1 13:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d912f229d2527b21367966ef404b50819f5c4a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6a:fc:4f:d9:55:e5:54:c6:4d:36:a9:44:9a:
a1:d3:7a:a4:dc:eb:34:1e:2a:62:ec:85:06:98:0e:
29:c6:8d:dd:af:02:3e:5b:8f:33:aa:9a:bd:70:0e:
17:08:e2:1a:16:97:ed:37:86:f2:f2:f9:a4:f4:0f:
dd:70:dd:de:09:3c:9e:06:f3:5a:13:6c:ab:b0:23:
03:c1:4c:5a:7a:9c:6e:ff:0f:64:52:1a:f3:4d:dc:
04:9f:fb:9d:ae:81:7a:26:22:78:c4:bd:ce:08:27:
ac:a3:e0:cb:0e:d1:f5:ad:70:63:53:73:4e:9a:f0:
5e:79:6c:5c:b6:b4:fa:4c:1d:71:81:6d:7f:43:99:
e5:79:dc:38:59:3c:76:30:7e:f0:f4:6f:0b:a7:9d:
81:14:20:2d:5d:c7:a0:8f:05:c3:8a:58:aa:a2:64:
9c:36:a7:03:ea:28:e2:3e:4d:8d:2a:b6:b1:66:c1:
31:90:8e:59:f9:e4:f7:4f:52:16:ae:39:b7:34:7e:
c0:c3:c6:5b:a8:fc:22:c8:1c:49:a6:27:71:fb:90:
5f:69:34:c9:71:d8:9f:f6:5e:a6:18:1b:20:dc:2c:
31:c0:ff:0e:a7:81:c5:e9:da:b2:6c:56:ba:08:b6:
f1:80:5e:09:5c:8e:08:07:fa:db:a5:ed:a0:a4:e5:
41:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:12:F2:29:D2:52:7B:21:36:79:66:EF:40:4B:50:81:9F:5C:4A:8E
X509v3 Authority Key Identifier:
keyid:7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/2RLyKdJSeyE2eWbvQEtQgZ9cSo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.240.0/22
IPv6:
2001:780::/29
Signature Algorithm: sha256WithRSAEncryption
17:f9:c2:60:ff:9c:66:c1:84:97:33:2c:ce:67:06:f9:3b:eb:
8c:d5:d2:1a:ea:8c:d5:82:8a:77:5b:33:13:44:58:b1:aa:8b:
ba:b9:53:9f:96:38:f2:9f:7f:22:4b:75:00:af:96:23:6a:c6:
8c:24:f8:43:79:c1:18:18:3d:86:f5:cd:d5:bf:7f:84:ea:9b:
ac:74:e2:37:02:93:9d:33:47:2b:c1:ea:1d:fa:55:03:07:35:
29:ca:bc:e8:9c:8e:81:8a:e8:55:a3:6c:3b:a5:1c:c0:fe:5e:
a5:6d:ce:3f:b7:3e:b8:cc:75:c9:cc:88:6d:4b:b8:b5:35:4e:
a6:3e:47:a4:fe:1e:5c:c0:54:bc:34:b4:c3:d9:70:69:45:b0:
fb:07:2d:99:25:fd:60:77:84:63:4e:56:46:83:08:bd:0f:e2:
d7:ae:9c:2e:81:ed:77:d1:3e:42:aa:09:75:5e:ef:23:72:18:
68:30:9c:c1:ab:b8:1d:7c:cc:8c:d9:8f:98:9b:25:96:08:1a:
14:db:bd:49:07:21:fd:ce:a2:27:72:4f:b3:fe:36:0e:6f:49:
e5:4f:62:ee:ff:80:8d:52:28:cb:1a:5a:56:1a:a6:d1:d0:f3:
68:c1:79:4b:c2:b0:6c:a9:18:98:0b:89:af:e2:a3:f6:ee:e5:
b3:3f:b3:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVteKH5Q/9b+sW2E6b8r+KoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNGQxYzg3OTBhOTEzZTgzMmM3MzNkZmY3NzhkZWU3OTEy
OTcwMGEwHhcNMjMwMTAxMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTEyZjIyOWQyNTI3YjIxMzY3OTY2ZWY0MDRiNTA4MTlmNWM0YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmr8T9lV5VTGTTapRJqh03qk3Os0
Hipi7IUGmA4pxo3drwI+W48zqpq9cA4XCOIaFpftN4by8vmk9A/dcN3eCTyeBvNa
E2yrsCMDwUxaepxu/w9kUhrzTdwEn/udroF6JiJ4xL3OCCeso+DLDtH1rXBjU3NO
mvBeeWxctrT6TB1xgW1/Q5nledw4WTx2MH7w9G8Lp52BFCAtXcegjwXDiliqomSc
NqcD6ijiPk2NKraxZsExkI5Z+eT3T1IWrjm3NH7Aw8ZbqPwiyBxJpidx+5BfaTTJ
cdif9l6mGBsg3CwxwP8Op4HF6dqybFa6CLbxgF4JXI4IB/rbpe2gpOVBRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNkS8inSUnshNnlm70BLUIGfXEqOMB8GA1UdIwQY
MBaAFH1NHIeQqRPoMscz3/d43ueRKXAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlUwY2g1Q3BFLWd5eHpQZjkzamU1NUVwY0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xYzYxODAtOTk1MC00Y2U4LTgxMWUt
ZjhkNjYyYjk2ZGFiLzEvMlJMeUtkSlNleUUyZVdidlFFdFFnWjljU280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xYzYxODAtOTk1MC00Y2U4LTgxMWUtZjhkNjYyYjk2ZGFi
LzEvZlUwY2g1Q3BFLWd5eHpQZjkzamU1NUVwY0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTbwMA0E
AgACMAcDBQMgAQeAMA0GCSqGSIb3DQEBCwUAA4IBAQAX+cJg/5xmwYSXMyzOZwb5
O+uM1dIa6ozVgop3WzMTRFixqou6uVOfljjyn38iS3UAr5YjasaMJPhDecEYGD2G
9c3Vv3+E6pusdOI3ApOdM0crweod+lUDBzUpyrzonI6BiuhVo2w7pRzA/l6lbc4/
tz64zHXJzIhtS7i1NU6mPkek/h5cwFS8NLTD2XBpRbD7By2ZJf1gd4RjTlZGgwi9
D+LXrpwuge130T5Cqgl1Xu8jchhoMJzBq7gdfMyM2Y+YmyWWCBoU271JByH9zqIn
ck+z/jYOb0nlT2Lu/4CNUijLGlpWGqbR0PNowXlLwrBsqRiYC4mv4qP27uWzP7Mv
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:27 2024 by rpki-client on console-ams.rpki-client.org