Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/R66KNKveO59_U4vNySlImNPouTg.roa
File: R66KNKveO59_U4vNySlImNPouTg.roa (raw, json)
Hash identifier: nms2H2V1nvsgH++63I3UobjhHIhzpA6klNeTTGAf7ek=
Subject key identifier: 47:AE:8A:34:AB:DE:3B:9F:7F:53:8B:CD:C9:29:48:98:D3:E8:B9:38
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 018D834DE040314B7B8D9E349E073A0116AB
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/R66KNKveO59_U4vNySlImNPouTg.roa
Signing time: Wed 07 Feb 2024 11:22:15 +0000
ROA not before: Wed 07 Feb 2024 11:22:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 185.128.43.0/24 maxlen: 24
2a11:b687::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Mar 2024 10:44:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:4d:e0:40:31:4b:7b:8d:9e:34:9e:07:3a:01:16:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Feb 7 11:22:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47ae8a34abde3b9f7f538bcdc9294898d3e8b938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b1:66:ea:6e:21:7e:c9:5b:a1:6c:56:d0:93:
93:d9:d2:9b:26:3e:01:20:ba:f0:39:43:1b:ba:95:
f1:83:a8:9c:ee:ea:f5:e0:32:90:a3:7e:75:ef:43:
43:60:f9:d5:b4:8d:00:2f:03:b7:d9:42:b4:bd:59:
dc:02:5c:f8:7f:8a:60:9c:b8:75:50:e2:2d:60:82:
08:0d:79:a0:07:ee:28:f8:b5:1e:36:49:6f:bf:2f:
24:fe:0b:34:7c:6d:24:5c:24:0c:df:dc:d9:8d:db:
89:fd:dc:bb:9c:f0:c2:b8:a8:41:74:e3:61:d3:bb:
05:54:d2:b2:76:da:3c:56:55:d9:8e:df:59:cb:f7:
e8:23:10:54:e0:e4:83:01:3b:04:5b:c9:cb:b5:03:
f0:54:e4:91:59:1f:0a:4e:c1:e2:8f:e7:79:b8:6d:
40:70:4b:d3:68:5a:0c:60:82:8e:39:b0:2a:b4:42:
02:14:cd:0c:aa:48:e4:ed:9e:2a:91:b8:0a:d3:59:
c9:71:bc:ab:2c:77:66:b3:a6:18:0a:66:ef:c8:6d:
2c:57:de:54:fa:1d:b1:8f:8b:d1:e4:a4:e8:c7:28:
dd:a7:92:33:39:7b:ab:ac:3e:d9:1b:9f:0b:d1:c7:
67:61:8c:5c:be:10:a1:71:87:98:23:c7:af:41:94:
7a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AE:8A:34:AB:DE:3B:9F:7F:53:8B:CD:C9:29:48:98:D3:E8:B9:38
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/R66KNKveO59_U4vNySlImNPouTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.43.0/24
IPv6:
2a11:b687::/32
Signature Algorithm: sha256WithRSAEncryption
34:b0:46:95:f1:6f:aa:91:96:1f:3e:9c:7e:3d:31:76:6a:c9:
ca:1d:9e:71:22:5a:dd:cc:74:91:04:12:05:ea:83:e1:be:8a:
35:0d:f9:a6:5c:19:3f:54:78:68:ea:b3:3f:e6:7c:fc:d9:22:
56:7f:c8:49:8b:59:65:d5:a8:d9:46:95:65:e8:64:d3:41:10:
89:f4:ce:e0:ab:08:17:85:36:39:15:55:8c:e0:df:d0:fa:64:
60:5c:1f:8d:e1:ac:fc:e0:fa:9a:97:7f:57:bb:d9:e9:e9:1e:
bd:a6:81:01:f2:e3:da:47:0e:7f:e4:9e:4e:f4:7f:c9:98:2e:
ed:7c:9a:fd:ee:27:cd:0f:63:13:b3:ad:30:63:3b:f2:cc:0e:
f3:9d:89:6d:73:7e:f2:8a:92:dc:34:7e:8e:8c:b5:0c:ab:6a:
c9:0f:80:f6:95:ae:0c:8c:fe:83:f3:83:6a:37:eb:27:24:41:
88:7f:39:0c:f3:89:9c:0f:4f:1b:e4:d4:42:49:8f:0b:25:67:
23:f5:74:70:52:8d:01:e4:ed:4d:93:6b:08:43:dd:60:d4:2c:
68:ce:c3:e9:1b:1b:10:e1:3f:92:45:7e:aa:79:7b:b1:3a:08:
84:77:29:c6:2f:ba:1a:6a:b8:1a:1c:af:07:db:fa:11:ff:c7:
b1:b5:b7:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2DTeBAMUt7jZ40ngc6ARarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQwMjA3MTEyMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FlOGEzNGFiZGUzYjlmN2Y1MzhiY2RjOTI5NDg5OGQzZThiOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bFm6m4hfslboWxW0JOT2dKbJj4B
ILrwOUMbupXxg6ic7ur14DKQo35170NDYPnVtI0ALwO32UK0vVncAlz4f4pgnLh1
UOItYIIIDXmgB+4o+LUeNklvvy8k/gs0fG0kXCQM39zZjduJ/dy7nPDCuKhBdONh
07sFVNKydto8VlXZjt9Zy/foIxBU4OSDATsEW8nLtQPwVOSRWR8KTsHij+d5uG1A
cEvTaFoMYIKOObAqtEICFM0Mqkjk7Z4qkbgK01nJcbyrLHdms6YYCmbvyG0sV95U
+h2xj4vR5KToxyjdp5IzOXurrD7ZG58L0cdnYYxcvhChcYeYI8evQZR66QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEeuijSr3juff1OLzckpSJjT6Lk4MB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvUjY2S05LdmVPNTlfVTR2TnlTbEltTlBvdVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYArMA0E
AgACMAcDBQAqEbaHMA0GCSqGSIb3DQEBCwUAA4IBAQA0sEaV8W+qkZYfPpx+PTF2
asnKHZ5xIlrdzHSRBBIF6oPhvoo1DfmmXBk/VHho6rM/5nz82SJWf8hJi1ll1ajZ
RpVl6GTTQRCJ9M7gqwgXhTY5FVWM4N/Q+mRgXB+N4az84Pqal39Xu9np6R69poEB
8uPaRw5/5J5O9H/JmC7tfJr97ifND2MTs60wYzvyzA7znYltc37yipLcNH6OjLUM
q2rJD4D2la4MjP6D84NqN+snJEGIfzkM84mcD08b5NRCSY8LJWcj9XRwUo0B5O1N
k2sIQ91g1CxozsPpGxsQ4T+SRX6qeXuxOgiEdynGL7oaargaHK8H2/oR/8extbeT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org