Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/AA3BhtdsGUrpNfMCrMY3I-tB0_s.roa
File: AA3BhtdsGUrpNfMCrMY3I-tB0_s.roa (raw, json)
Hash identifier: AZM27CJmoYDqIkQu3gqJ7GIc9ccYqyjexc35EUfvFFM=
Subject key identifier: 00:0D:C1:86:D7:6C:19:4A:E9:35:F3:02:AC:C6:37:23:EB:41:D3:FB
Certificate issuer: /CN=db2d75c6d547750642241b0749cfa052c8c17f34
Certificate serial: 01856F94C448C60269BE8D1A6687F2F3ABFF
Authority key identifier: DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/AA3BhtdsGUrpNfMCrMY3I-tB0_s.roa
Signing time: Sun 01 Jan 2023 23:04:58 +0000
ROA not before: Sun 01 Jan 2023 23:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206366
IP address blocks: 185.188.148.0/22 maxlen: 24
45.142.68.0/22 maxlen: 24
193.37.60.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c4:48:c6:02:69:be:8d:1a:66:87:f2:f3:ab:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db2d75c6d547750642241b0749cfa052c8c17f34
Validity
Not Before: Jan 1 23:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=000dc186d76c194ae935f302acc63723eb41d3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:52:7d:50:49:9e:28:f8:c3:4b:d4:19:99:ae:
ac:58:66:d8:f7:d1:08:1c:01:69:77:ff:bf:bb:df:
a2:90:e6:55:14:f2:64:2d:b9:a4:ad:c1:5a:d6:3e:
9d:de:af:88:c9:af:55:aa:98:12:a6:bd:04:a2:5e:
10:f2:5f:22:be:3a:61:7c:04:37:1c:0a:33:b7:4a:
f6:31:bc:f8:9a:3d:8c:62:da:b4:26:5b:0b:56:ca:
40:81:49:70:e6:9c:79:b1:32:5f:0d:3d:a5:10:03:
32:f2:25:fa:4c:e9:86:a2:c8:98:e3:0c:a7:20:05:
b5:5f:43:33:98:5c:c8:cf:32:e6:62:28:e3:0d:f9:
64:3f:ce:e2:13:92:0c:e4:e0:b1:14:c2:74:cf:cf:
67:b1:ae:db:e4:06:04:6d:b4:7d:fc:91:d6:1d:8a:
0e:dc:a9:a8:96:38:fa:cd:c6:4b:f3:95:48:88:26:
7f:1d:70:18:73:02:02:b5:41:df:90:d9:10:23:37:
f9:4f:7a:9b:1e:92:1e:35:54:01:cf:eb:ae:d2:6b:
c2:7e:3e:b4:1d:16:a8:88:27:63:a3:4e:2e:f8:b3:
bc:1c:eb:53:06:d6:92:7f:a5:7d:5b:0c:9c:ad:01:
41:22:92:5f:1f:c3:e9:10:91:f8:61:a1:27:5f:61:
a3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0D:C1:86:D7:6C:19:4A:E9:35:F3:02:AC:C6:37:23:EB:41:D3:FB
X509v3 Authority Key Identifier:
keyid:DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/AA3BhtdsGUrpNfMCrMY3I-tB0_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.68.0/22
185.188.148.0/22
193.37.60.0/22
Signature Algorithm: sha256WithRSAEncryption
67:49:6f:71:95:3a:98:02:ae:bb:32:d7:54:f0:00:58:13:bb:
20:a5:1a:7e:68:ac:42:4c:cc:d1:09:87:ab:65:fb:48:7a:08:
ae:bf:f8:63:2b:5f:85:c5:70:e8:ff:72:07:fd:fb:3f:5e:4d:
1a:41:0b:bb:ab:9c:e5:c2:33:05:09:14:6c:2c:fa:40:fc:0f:
75:21:98:14:a4:13:2f:b7:98:23:bb:e8:1c:53:a0:74:74:0d:
0e:25:2c:f5:8b:d0:17:4b:ca:02:fe:25:62:30:85:66:e4:d0:
56:15:f5:ea:31:8b:c6:ae:f3:97:ae:86:36:53:a2:7b:3a:55:
2c:a3:54:a7:96:49:57:d4:1e:f4:a2:22:21:1e:68:15:e6:0f:
ec:88:7b:8e:aa:35:07:a7:3e:b5:7a:b1:fb:79:85:b5:98:31:
9b:b8:5f:47:7e:bc:48:9a:2b:c0:46:bc:63:ca:8e:08:bb:3e:
4c:7b:6e:f6:d6:e3:22:6f:7d:a0:71:38:e4:c9:99:2e:9d:ff:
bc:06:b5:5f:4d:b3:6e:1d:24:e4:3d:1f:62:44:da:a6:b9:8b:
f8:6f:b7:d6:30:a8:7d:2e:fa:25:4c:53:81:a5:24:50:6c:3e:
34:1b:92:9d:63:d4:3d:a8:d8:0e:7a:91:d5:02:18:7d:ec:5d:
a7:fa:20:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvlMRIxgJpvo0aZofy86v/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMmQ3NWM2ZDU0Nzc1MDY0MjI0MWIwNzQ5Y2ZhMDUyYzhj
MTdmMzQwHhcNMjMwMTAxMjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBkYzE4NmQ3NmMxOTRhZTkzNWYzMDJhY2M2MzcyM2ViNDFkM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFJ9UEmeKPjDS9QZma6sWGbY99EI
HAFpd/+/u9+ikOZVFPJkLbmkrcFa1j6d3q+Iya9VqpgSpr0Eol4Q8l8ivjphfAQ3
HAozt0r2Mbz4mj2MYtq0JlsLVspAgUlw5px5sTJfDT2lEAMy8iX6TOmGosiY4wyn
IAW1X0MzmFzIzzLmYijjDflkP87iE5IM5OCxFMJ0z89nsa7b5AYEbbR9/JHWHYoO
3Kmoljj6zcZL85VIiCZ/HXAYcwICtUHfkNkQIzf5T3qbHpIeNVQBz+uu0mvCfj60
HRaoiCdjo04u+LO8HOtTBtaSf6V9WwycrQFBIpJfH8PpEJH4YaEnX2Gj7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAANwYbXbBlK6TXzAqzGNyPrQdP7MB8GA1UdIwQY
MBaAFNstdcbVR3UGQiQbB0nPoFLIwX80MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgt
YTkwMWUwMzRhZmU1LzEvQUEzQmh0ZHNHVXJwTmZNQ3JNWTNJLXRCMF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgtYTkwMWUwMzRhZmU1
LzEvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY5EAwQC
ubyUAwQCwSU8MA0GCSqGSIb3DQEBCwUAA4IBAQBnSW9xlTqYAq67MtdU8ABYE7sg
pRp+aKxCTMzRCYerZftIegiuv/hjK1+FxXDo/3IH/fs/Xk0aQQu7q5zlwjMFCRRs
LPpA/A91IZgUpBMvt5gju+gcU6B0dA0OJSz1i9AXS8oC/iViMIVm5NBWFfXqMYvG
rvOXroY2U6J7OlUso1SnlklX1B70oiIhHmgV5g/siHuOqjUHpz61erH7eYW1mDGb
uF9HfrxImivARrxjyo4Iuz5Me2721uMib32gcTjkyZkunf+8BrVfTbNuHSTkPR9i
RNqmuYv4b7fWMKh9LvolTFOBpSRQbD40G5KdY9Q9qNgOepHVAhh97F2n+iC2
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:38:00 2024 by rpki-client on console-fra.rpki-client.org