Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/s67o-HGHGsMr9di0ATGyOsv4BD0.roa
File: s67o-HGHGsMr9di0ATGyOsv4BD0.roa (raw, json)
Hash identifier: ZXYCZJW8BlmNnZTFsQZRPvsZI2jrIZmSZC1nHSzwr/g=
Subject key identifier: B3:AE:E8:F8:71:87:1A:C3:2B:F5:D8:B4:01:31:B2:3A:CB:F8:04:3D
Certificate issuer: /CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Certificate serial: 01856D017821A2B8007D607DE2323DF620BB
Authority key identifier: AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/s67o-HGHGsMr9di0ATGyOsv4BD0.roa
Signing time: Sun 01 Jan 2023 11:04:50 +0000
ROA not before: Sun 01 Jan 2023 11:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20647
IP address blocks: 185.27.156.0/22 maxlen: 22
194.29.224.0/19 maxlen: 19
91.102.8.0/21 maxlen: 21
2a02:f28::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:78:21:a2:b8:00:7d:60:7d:e2:32:3d:f6:20:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Validity
Not Before: Jan 1 11:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3aee8f871871ac32bf5d8b40131b23acbf8043d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a8:d0:7d:b9:02:1f:f6:08:e7:ea:9b:78:54:
ae:20:0e:db:11:a0:45:a3:be:64:81:ad:da:74:66:
28:e1:b0:b9:0e:c0:72:61:a2:fb:25:ff:39:df:57:
a6:23:fa:95:98:29:5c:a7:9a:ca:36:7d:c9:fd:ec:
ff:1b:d7:2d:d2:8b:31:da:45:30:13:20:14:10:da:
17:f7:e1:f5:89:51:f2:62:f6:a1:28:ec:62:87:ad:
a5:c5:7f:4e:73:fb:54:ca:80:95:8c:3a:f1:a6:7b:
ef:02:3b:0c:61:8c:17:4d:df:ba:37:8b:8e:33:a1:
49:41:22:bb:d4:2c:8e:7f:cb:99:67:96:b4:d3:9c:
48:10:30:43:b4:48:03:9f:e0:5f:d4:25:99:12:e8:
68:b9:99:82:eb:e0:a4:05:07:4f:ec:e7:4b:80:63:
b4:56:7e:8a:35:d5:82:20:27:89:bd:ce:e2:00:0b:
b3:06:ca:c9:d0:26:02:3e:d9:bc:68:b9:7b:76:33:
17:56:3d:25:ea:42:32:c1:d9:71:e5:99:d2:78:c7:
2b:dc:89:e4:47:00:a0:96:c2:9c:38:67:36:43:da:
e7:b8:89:e3:4f:f0:04:4e:09:8b:65:f8:ed:06:49:
1b:17:42:98:2f:a0:74:ab:01:5b:69:05:11:06:49:
0b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AE:E8:F8:71:87:1A:C3:2B:F5:D8:B4:01:31:B2:3A:CB:F8:04:3D
X509v3 Authority Key Identifier:
keyid:AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/s67o-HGHGsMr9di0ATGyOsv4BD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.8.0/21
185.27.156.0/22
194.29.224.0/19
IPv6:
2a02:f28::/32
Signature Algorithm: sha256WithRSAEncryption
8f:05:36:b8:44:27:da:9c:5c:e1:51:0d:a0:17:1e:5e:e1:cc:
47:f8:c4:d7:00:db:4d:56:36:e9:7c:c9:56:cc:8f:6c:17:4b:
cc:68:ec:60:71:aa:57:c4:0e:67:ac:43:b3:d1:72:f2:bf:ca:
82:95:97:55:d4:49:21:d6:11:b9:85:51:15:ea:70:57:dd:7d:
ee:9d:64:67:2a:9d:24:42:d2:b6:a4:cb:22:64:5d:87:c1:25:
ff:e3:3d:20:6a:67:a6:9b:61:2a:d3:f6:0e:3e:f2:e1:c1:30:
ba:20:13:76:43:22:8f:22:c7:19:a8:93:3b:5f:b2:94:43:7a:
7e:51:24:fb:da:38:37:0c:9a:77:54:6e:46:4a:c5:a2:f4:33:
7d:d4:6d:6f:0d:f0:eb:1b:c3:2b:bd:27:93:45:48:ee:ce:32:
e6:ee:02:5b:3c:bf:f7:3d:76:e4:dc:c3:c1:31:fa:22:7b:5c:
59:80:0c:4e:ac:0e:15:02:3c:b0:75:b4:a6:e1:23:5c:08:2a:
fd:50:56:e2:a3:6a:7f:f3:b8:7b:fc:06:98:92:d9:08:7d:f3:
7f:05:7f:f1:15:b6:a1:64:ca:83:e6:98:bc:a0:da:fa:4a:bf:
e3:7d:d0:6f:1d:2e:7f:cc:0d:f1:f8:d8:cd:60:79:50:4a:a6:
6f:fe:c5:9c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtAXghorgAfWB94jI99iC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMzVmOTA3ZWM3ZGJmOWM2NWI4MTVhYTNkNzIwMmI2ZGZh
ZTMxNDgwHhcNMjMwMTAxMTEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FlZThmODcxODcxYWMzMmJmNWQ4YjQwMTMxYjIzYWNiZjgwNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6jQfbkCH/YI5+qbeFSuIA7bEaBF
o75kga3adGYo4bC5DsByYaL7Jf8531emI/qVmClcp5rKNn3J/ez/G9ct0osx2kUw
EyAUENoX9+H1iVHyYvahKOxih62lxX9Oc/tUyoCVjDrxpnvvAjsMYYwXTd+6N4uO
M6FJQSK71CyOf8uZZ5a005xIEDBDtEgDn+Bf1CWZEuhouZmC6+CkBQdP7OdLgGO0
Vn6KNdWCICeJvc7iAAuzBsrJ0CYCPtm8aLl7djMXVj0l6kIywdlx5ZnSeMcr3Ink
RwCglsKcOGc2Q9rnuInjT/AETgmLZfjtBkkbF0KYL6B0qwFbaQURBkkLbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLOu6PhxhxrDK/XYtAExsjrL+AQ9MB8GA1UdIwQY
MBaAFKo1+Qfsfb+cZbgVqj1yArbfrjFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpYNUIteDl2NXhsdUJXcVBYSUN0dC11TVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMWM1MGUtYWYyNy00YTYyLWFlMjMt
YjZmMWNmYWE2OTg1LzEvczY3by1IR0hHc01yOWRpMEFUR3lPc3Y0QkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMWM1MGUtYWYyNy00YTYyLWFlMjMtYjZmMWNmYWE2OTg1
LzEvcWpYNUIteDl2NXhsdUJXcVBYSUN0dC11TVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDW2YIAwQC
uRucAwQFwh3gMA0EAgACMAcDBQAqAg8oMA0GCSqGSIb3DQEBCwUAA4IBAQCPBTa4
RCfanFzhUQ2gFx5e4cxH+MTXANtNVjbpfMlWzI9sF0vMaOxgcapXxA5nrEOz0XLy
v8qClZdV1Ekh1hG5hVEV6nBX3X3unWRnKp0kQtK2pMsiZF2HwSX/4z0gamemm2Eq
0/YOPvLhwTC6IBN2QyKPIscZqJM7X7KUQ3p+UST72jg3DJp3VG5GSsWi9DN91G1v
DfDrG8MrvSeTRUjuzjLm7gJbPL/3PXbk3MPBMfoie1xZgAxOrA4VAjywdbSm4SNc
CCr9UFbio2p/87h7/AaYktkIffN/BX/xFbahZMqD5pi8oNr6Sr/jfdBvHS5/zA3x
+NjNYHlQSqZv/sWc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:06 2024 by rpki-client on console-fra.rpki-client.org