Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/O-GezxgdhO0bKcPzvlfVVzo7vLM.roa
File: O-GezxgdhO0bKcPzvlfVVzo7vLM.roa (raw, json)
Hash identifier: IU49RbvHbmbBnvSTgAQF895gMdBX2e09zPULXKMgS6w=
Subject key identifier: 3B:E1:9E:CF:18:1D:84:ED:1B:29:C3:F3:BE:57:D5:57:3A:3B:BC:B3
Certificate issuer: /CN=1a001d77025f052af7d0e62e1701016b9e22e002
Certificate serial: 01856E6FBF4299C2C00DACE9AE192B29E050
Authority key identifier: 1A:00:1D:77:02:5F:05:2A:F7:D0:E6:2E:17:01:01:6B:9E:22:E0:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgAddwJfBSr30OYuFwEBa54i4AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/O-GezxgdhO0bKcPzvlfVVzo7vLM.roa
Signing time: Sun 01 Jan 2023 17:44:55 +0000
ROA not before: Sun 01 Jan 2023 17:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205451
IP address blocks: 185.218.44.0/22 maxlen: 22
2a0c:8b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:bf:42:99:c2:c0:0d:ac:e9:ae:19:2b:29:e0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a001d77025f052af7d0e62e1701016b9e22e002
Validity
Not Before: Jan 1 17:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3be19ecf181d84ed1b29c3f3be57d5573a3bbcb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4f:55:35:97:75:3e:bb:99:c3:e2:c3:1f:e8:
5b:3a:bc:e8:63:08:7c:19:f0:f0:f0:7f:40:27:12:
f2:7d:02:89:8d:09:7e:a1:9e:18:5e:2a:0d:ab:07:
b7:04:20:35:35:5f:fa:9b:d4:a7:3b:c3:59:7a:9a:
6f:c4:29:5f:25:90:76:70:f6:03:97:b9:27:a0:50:
b1:08:54:84:f1:0a:7b:76:0e:dc:76:ce:5f:65:85:
d7:03:aa:1b:e6:21:03:97:c0:d9:a6:73:de:4c:f8:
6c:89:63:16:b3:b5:4f:e1:95:79:aa:c1:3e:5e:4d:
47:2f:ac:76:f8:f5:1f:3a:fc:32:2c:37:08:46:a1:
a9:93:fd:c0:57:5e:6b:ac:2e:b4:d1:6e:8d:7c:4b:
e2:1b:83:f4:f7:d8:c4:39:06:78:46:e4:59:0d:10:
b7:31:96:81:77:4f:9e:05:6d:33:fe:d0:14:e5:0e:
8d:8d:94:e3:cd:b5:93:ad:a0:f2:f7:dc:a8:b2:e5:
fe:ff:fe:b8:03:10:50:d3:bc:09:24:e5:65:9f:fe:
3f:ac:02:b4:a1:73:c1:95:a0:d0:98:7e:d0:fc:4a:
84:62:52:eb:98:61:73:41:8a:4d:19:e0:36:54:b3:
da:19:25:b6:80:36:ef:be:f4:83:8c:fa:da:43:c9:
cb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E1:9E:CF:18:1D:84:ED:1B:29:C3:F3:BE:57:D5:57:3A:3B:BC:B3
X509v3 Authority Key Identifier:
keyid:1A:00:1D:77:02:5F:05:2A:F7:D0:E6:2E:17:01:01:6B:9E:22:E0:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgAddwJfBSr30OYuFwEBa54i4AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/O-GezxgdhO0bKcPzvlfVVzo7vLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/GgAddwJfBSr30OYuFwEBa54i4AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.44.0/22
IPv6:
2a0c:8b00::/32
Signature Algorithm: sha256WithRSAEncryption
7f:ad:63:9e:20:e3:44:3b:82:b1:0f:e6:c3:c3:d7:6c:44:40:
00:4a:eb:eb:18:ce:2e:10:40:29:1d:ed:b7:f5:61:fa:13:0c:
c3:7c:4e:ea:91:0b:5d:30:42:e5:e3:6d:ca:28:ea:57:b2:c5:
03:a5:5e:03:2b:09:a2:dd:14:71:c1:f0:a3:15:8e:ff:e9:02:
bc:22:bb:2d:51:89:30:17:4b:c3:6e:3e:70:ab:d0:3e:c9:b5:
10:f3:69:f9:06:5e:b1:2d:b2:5e:5c:96:3f:bc:0d:29:fb:be:
92:38:1a:34:9c:6b:bd:6c:1a:9f:e8:83:5a:c1:74:0c:e6:38:
30:da:e7:6a:bf:2f:09:9b:7c:c8:d7:b0:0e:04:fd:e9:c5:d0:
ee:75:4b:1d:67:d1:61:29:0e:63:0f:90:8c:10:20:fe:7d:97:
99:5a:09:36:51:e2:ed:b6:ee:04:8e:f0:d8:fb:da:b9:e8:c2:
fa:12:16:69:fe:2c:82:55:03:d2:44:3f:69:a4:80:09:50:a0:
8c:4f:f8:6d:4e:d7:42:8b:fd:45:8a:e3:8e:2d:3a:75:2e:64:
1c:c2:a3:ee:01:dc:36:4f:72:9b:bb:6c:35:31:7b:13:31:38:
db:99:62:bb:f3:3f:50:b7:7f:2a:6f:2a:66:52:58:cd:d7:07:
90:7b:4f:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVub79CmcLADazprhkrKeBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMDAxZDc3MDI1ZjA1MmFmN2QwZTYyZTE3MDEwMTZiOWUy
MmUwMDIwHhcNMjMwMTAxMTc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUxOWVjZjE4MWQ4NGVkMWIyOWMzZjNiZTU3ZDU1NzNhM2JiY2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr09VNZd1PruZw+LDH+hbOrzoYwh8
GfDw8H9AJxLyfQKJjQl+oZ4YXioNqwe3BCA1NV/6m9SnO8NZeppvxClfJZB2cPYD
l7knoFCxCFSE8Qp7dg7cds5fZYXXA6ob5iEDl8DZpnPeTPhsiWMWs7VP4ZV5qsE+
Xk1HL6x2+PUfOvwyLDcIRqGpk/3AV15rrC600W6NfEviG4P099jEOQZ4RuRZDRC3
MZaBd0+eBW0z/tAU5Q6NjZTjzbWTraDy99yosuX+//64AxBQ07wJJOVln/4/rAK0
oXPBlaDQmH7Q/EqEYlLrmGFzQYpNGeA2VLPaGSW2gDbvvvSDjPraQ8nLaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDvhns8YHYTtGynD875X1Vc6O7yzMB8GA1UdIwQY
MBaAFBoAHXcCXwUq99DmLhcBAWueIuACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2dBZGR3SmZCU3IzME9ZdUZ3RUJhNTRpNEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8xZjljZWQtNmJjMi00ODZiLWE0YjYt
MDliZGViNmFmYWJkLzEvTy1HZXp4Z2RoTzBiS2NQenZsZlZWem83dkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8xZjljZWQtNmJjMi00ODZiLWE0YjYtMDliZGViNmFmYWJk
LzEvR2dBZGR3SmZCU3IzME9ZdUZ3RUJhNTRpNEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudosMA0E
AgACMAcDBQAqDIsAMA0GCSqGSIb3DQEBCwUAA4IBAQB/rWOeIONEO4KxD+bDw9ds
REAASuvrGM4uEEApHe239WH6EwzDfE7qkQtdMELl423KKOpXssUDpV4DKwmi3RRx
wfCjFY7/6QK8IrstUYkwF0vDbj5wq9A+ybUQ82n5Bl6xLbJeXJY/vA0p+76SOBo0
nGu9bBqf6INawXQM5jgw2udqvy8Jm3zI17AOBP3pxdDudUsdZ9FhKQ5jD5CMECD+
fZeZWgk2UeLttu4EjvDY+9q56ML6EhZp/iyCVQPSRD9ppIAJUKCMT/htTtdCi/1F
iuOOLTp1LmQcwqPuAdw2T3Kbu2w1MXsTMTjbmWK78z9Qt38qbypmUljN1weQe0/9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:07 2024 by rpki-client on console-ams.rpki-client.org