Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/dV44ot90UOR9D13TK3rPGkHcD2Y.roa
File: dV44ot90UOR9D13TK3rPGkHcD2Y.roa (raw, json)
Hash identifier: fmjETr404e9cEHYnkl3obv0ZF/bA8YE0HNW75CJK6nw=
Subject key identifier: 75:5E:38:A2:DF:74:50:E4:7D:0F:5D:D3:2B:7A:CF:1A:41:DC:0F:66
Certificate issuer: /CN=c7eda6e52f877960a9e0fbc93e683fe6484a6b04
Certificate serial: 01856B0A160B626D81C2ADD78A0BB72A70C4
Authority key identifier: C7:ED:A6:E5:2F:87:79:60:A9:E0:FB:C9:3E:68:3F:E6:48:4A:6B:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-2m5S-HeWCp4PvJPmg_5khKawQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/dV44ot90UOR9D13TK3rPGkHcD2Y.roa
Signing time: Sun 01 Jan 2023 01:55:01 +0000
ROA not before: Sun 01 Jan 2023 01:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24956
IP address blocks: 194.45.135.0/24 maxlen: 24
185.220.200.0/22 maxlen: 22
217.13.64.0/20 maxlen: 20
2a00:1030::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:16:0b:62:6d:81:c2:ad:d7:8a:0b:b7:2a:70:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7eda6e52f877960a9e0fbc93e683fe6484a6b04
Validity
Not Before: Jan 1 01:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=755e38a2df7450e47d0f5dd32b7acf1a41dc0f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a6:4c:e4:5e:e4:5f:88:2f:96:f2:15:ce:f4:
1d:97:81:28:be:b6:64:d9:1a:b1:27:70:57:da:1a:
aa:25:26:3e:9b:61:c0:37:7e:42:54:8f:df:da:bb:
42:0a:70:99:2b:8d:cc:8d:77:fe:c1:f5:15:a1:37:
33:74:4f:b3:be:b2:ed:3a:f4:e2:f2:e8:37:f6:22:
8e:da:29:73:e7:5f:20:9f:b1:81:d2:5c:1b:b5:64:
65:f2:4d:b7:b1:7a:66:7f:fe:b1:80:d4:65:76:80:
c2:a7:95:13:0b:f2:89:1e:14:46:5e:23:bb:ec:f9:
95:1a:76:b1:05:91:b6:7e:a9:24:51:b5:4a:b7:08:
c5:9f:62:68:26:a6:2d:96:c4:cc:ad:56:ce:2d:73:
03:03:21:c5:00:be:dd:b7:c8:b0:f1:92:a9:66:a8:
c9:23:a9:58:14:c9:17:ed:c9:42:fc:32:40:bb:0a:
bb:ab:47:17:3a:7b:76:a8:c2:95:5d:32:6b:6a:89:
11:f7:c7:97:83:14:92:7e:79:4e:12:20:5c:61:98:
51:5c:c5:6d:69:04:c8:17:79:8e:2c:d6:3e:fd:4e:
1e:d9:45:ed:91:b0:0c:fe:f1:b5:4f:ba:a8:5a:a9:
5e:2c:38:24:f3:56:db:66:cd:77:82:d7:62:50:ef:
07:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:5E:38:A2:DF:74:50:E4:7D:0F:5D:D3:2B:7A:CF:1A:41:DC:0F:66
X509v3 Authority Key Identifier:
keyid:C7:ED:A6:E5:2F:87:79:60:A9:E0:FB:C9:3E:68:3F:E6:48:4A:6B:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-2m5S-HeWCp4PvJPmg_5khKawQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/dV44ot90UOR9D13TK3rPGkHcD2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/x-2m5S-HeWCp4PvJPmg_5khKawQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.200.0/22
194.45.135.0/24
217.13.64.0/20
IPv6:
2a00:1030::/32
Signature Algorithm: sha256WithRSAEncryption
40:c0:59:06:2a:ff:bc:68:ce:71:a8:5b:a7:30:a5:ed:75:45:
28:2c:4a:6e:3d:26:e2:1d:29:a8:d3:51:d7:42:65:40:78:aa:
94:71:98:b3:3c:1a:03:a3:52:1f:54:88:1a:da:97:61:6e:b4:
c4:b0:2b:7f:a8:10:dd:73:15:ff:e4:e6:2c:88:5c:69:5c:e7:
70:d6:28:7f:55:2c:82:06:e3:f3:4e:42:d0:bb:37:b4:27:c9:
b4:dd:7a:ba:46:4b:51:73:f5:bb:e5:9f:f3:68:3b:44:c3:62:
bd:c4:1c:88:37:6f:09:8e:e0:78:52:a9:84:a8:f1:f9:c7:96:
37:16:32:46:01:d5:c2:dc:2b:99:7e:28:f9:8d:20:d1:02:6c:
de:f7:3d:d2:d2:d7:bf:90:8a:f2:5a:ca:7e:4e:d4:7d:53:c0:
2a:88:e9:b5:43:80:b4:ef:0e:df:ac:e8:c5:e4:1f:a8:f3:ce:
c6:a9:42:b7:ff:48:c9:15:de:9b:ee:eb:44:b6:50:c9:0e:03:
e0:7b:b2:db:55:f5:11:6a:43:02:95:46:e2:24:8c:08:e9:96:
00:73:c4:5f:e2:37:06:cd:10:b0:43:e2:8a:2a:e0:33:bf:85:
50:13:9e:b7:c7:fc:24:5e:6f:6d:50:50:c5:51:81:49:7c:14:
f7:66:13:db
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrChYLYm2Bwq3Xigu3KnDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZWRhNmU1MmY4Nzc5NjBhOWUwZmJjOTNlNjgzZmU2NDg0
YTZiMDQwHhcNMjMwMTAxMDE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTVlMzhhMmRmNzQ1MGU0N2QwZjVkZDMyYjdhY2YxYTQxZGMwZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6ZM5F7kX4gvlvIVzvQdl4EovrZk
2RqxJ3BX2hqqJSY+m2HAN35CVI/f2rtCCnCZK43MjXf+wfUVoTczdE+zvrLtOvTi
8ug39iKO2ilz518gn7GB0lwbtWRl8k23sXpmf/6xgNRldoDCp5UTC/KJHhRGXiO7
7PmVGnaxBZG2fqkkUbVKtwjFn2JoJqYtlsTMrVbOLXMDAyHFAL7dt8iw8ZKpZqjJ
I6lYFMkX7clC/DJAuwq7q0cXOnt2qMKVXTJraokR98eXgxSSfnlOEiBcYZhRXMVt
aQTIF3mOLNY+/U4e2UXtkbAM/vG1T7qoWqleLDgk81bbZs13gtdiUO8HawIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHVeOKLfdFDkfQ9d0yt6zxpB3A9mMB8GA1UdIwQY
MBaAFMftpuUvh3lgqeD7yT5oP+ZISmsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC0ybTVTLUhlV0NwNFB2SlBtZ181a2hLYXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iNmRiMzYtY2Y4Ni00MTcyLThkZDIt
ZTVmZDkxZDEzOTUwLzEvZFY0NG90OTBVT1I5RDEzVEszclBHa0hjRDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iNmRiMzYtY2Y4Ni00MTcyLThkZDItZTVmZDkxZDEzOTUw
LzEveC0ybTVTLUhlV0NwNFB2SlBtZ181a2hLYXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCudzIAwQA
wi2HAwQE2Q1AMA0EAgACMAcDBQAqABAwMA0GCSqGSIb3DQEBCwUAA4IBAQBAwFkG
Kv+8aM5xqFunMKXtdUUoLEpuPSbiHSmo01HXQmVAeKqUcZizPBoDo1IfVIga2pdh
brTEsCt/qBDdcxX/5OYsiFxpXOdw1ih/VSyCBuPzTkLQuze0J8m03Xq6RktRc/W7
5Z/zaDtEw2K9xByIN28JjuB4UqmEqPH5x5Y3FjJGAdXC3CuZfij5jSDRAmze9z3S
0te/kIryWsp+TtR9U8AqiOm1Q4C07w7frOjF5B+o887GqUK3/0jJFd6b7utEtlDJ
DgPge7LbVfURakMClUbiJIwI6ZYAc8Rf4jcGzRCwQ+KKKuAzv4VQE563x/wkXm9t
UFDFUYFJfBT3ZhPb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:53 2024 by rpki-client on console-ams.rpki-client.org