Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/r7307zf-yXiVdoK6lrIAqrgU4hA.roa
File: r7307zf-yXiVdoK6lrIAqrgU4hA.roa (raw, json)
Hash identifier: +D105je2ZXzlH1kFELjoB7clO09TSBYFlexyeitn8lY=
Subject key identifier: AF:BD:F4:EF:37:FE:C9:78:95:76:82:BA:96:B2:00:AA:B8:14:E2:10
Certificate issuer: /CN=9ad6bf12ad5a29327bc6f7b66026f054686cd959
Certificate serial: 01856F42C06D9EEFB7E11ECDD347B6CE59AE
Authority key identifier: 9A:D6:BF:12:AD:5A:29:32:7B:C6:F7:B6:60:26:F0:54:68:6C:D9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/r7307zf-yXiVdoK6lrIAqrgU4hA.roa
Signing time: Sun 01 Jan 2023 21:35:23 +0000
ROA not before: Sun 01 Jan 2023 21:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60533
IP address blocks: 185.29.156.0/23 maxlen: 23
185.29.156.0/22 maxlen: 24
185.29.158.0/23 maxlen: 23
2a00:a8a0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:c0:6d:9e:ef:b7:e1:1e:cd:d3:47:b6:ce:59:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ad6bf12ad5a29327bc6f7b66026f054686cd959
Validity
Not Before: Jan 1 21:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afbdf4ef37fec978957682ba96b200aab814e210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3e:7d:42:61:1c:d9:69:c5:5a:d0:b3:0c:70:
1d:6e:58:90:ef:95:fe:f1:35:80:bc:44:0f:4b:ed:
f8:37:47:ce:7a:58:4c:f1:b6:26:f5:8c:a9:d3:82:
84:99:b0:31:d0:54:d7:0e:f5:6e:9d:69:71:1c:5a:
c6:12:44:a2:ce:35:04:b3:0f:69:99:52:84:63:79:
ab:ee:8a:61:5d:53:f6:b8:92:c8:96:37:64:8b:21:
00:1c:c4:79:81:7f:3d:a8:4d:73:80:f9:8e:d3:02:
ba:15:ca:37:4d:2d:1d:71:88:b0:cf:1a:1b:69:82:
fb:42:f9:ed:d5:b4:40:8b:69:b6:c5:07:0f:c7:69:
b7:7f:d0:83:70:c1:b6:17:19:4e:e5:46:cb:2e:d5:
f7:10:87:1a:9e:c9:bc:76:4f:06:8f:01:99:f3:c1:
17:ed:b9:13:4f:43:e6:4c:63:ba:85:0d:d6:8d:d5:
28:bc:cf:a7:4b:65:ca:f7:af:a7:eb:ba:ed:85:26:
20:78:5e:af:4d:b0:20:3a:71:ad:52:44:fb:6e:50:
b3:06:6c:71:18:50:6e:ed:c2:5c:6a:44:48:8e:e2:
0c:f5:48:9d:b9:65:11:1c:22:71:76:84:0f:a2:26:
41:96:53:bf:fe:81:a0:9f:28:f7:ed:53:2a:36:77:
ff:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BD:F4:EF:37:FE:C9:78:95:76:82:BA:96:B2:00:AA:B8:14:E2:10
X509v3 Authority Key Identifier:
keyid:9A:D6:BF:12:AD:5A:29:32:7B:C6:F7:B6:60:26:F0:54:68:6C:D9:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/r7307zf-yXiVdoK6lrIAqrgU4hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.156.0/22
IPv6:
2a00:a8a0::/32
Signature Algorithm: sha256WithRSAEncryption
36:ef:f1:67:63:88:1c:f8:f6:17:8e:65:0e:b1:f8:88:74:74:
1d:e1:d4:91:dc:0d:d7:b6:df:cc:f2:82:df:2a:09:bb:c9:67:
fb:5b:12:34:6c:b0:c3:ac:b2:19:af:4d:40:29:36:00:f1:a9:
80:ac:64:bf:65:3f:f9:25:6f:e3:53:91:b1:34:ee:07:25:22:
5b:6c:c7:a0:97:6e:04:50:ff:52:69:e9:ae:d4:37:46:b8:2d:
67:e7:22:00:30:b9:95:2f:de:e2:c9:9d:d8:d0:cb:38:48:0d:
27:12:f7:dd:35:60:e9:01:65:fb:a1:94:f3:9b:fc:65:92:e6:
de:0d:cc:4d:68:0b:2d:81:95:db:c7:88:92:3f:0f:2e:46:35:
d0:5f:9d:93:c5:73:7e:5c:fd:11:71:8a:20:c9:ad:35:21:fa:
d6:ba:c6:69:8d:2e:69:f5:d9:c0:78:66:f0:f0:57:37:2e:bc:
89:dc:b7:02:3e:ba:18:c5:de:fc:44:03:f2:be:f0:17:18:e0:
bf:e5:6c:2a:da:5e:1d:e4:9c:2d:09:75:64:b0:0a:d8:f5:e9:
0e:95:68:b1:1f:8f:b9:b3:32:1c:88:0e:d1:cf:2e:1d:a7:c2:
f0:7c:df:d1:fb:f8:9d:4d:ed:15:cf:49:c8:f7:bf:67:38:c9:
7e:b6:69:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQsBtnu+34R7N00e2zlmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDZiZjEyYWQ1YTI5MzI3YmM2ZjdiNjYwMjZmMDU0Njg2
Y2Q5NTkwHhcNMjMwMTAxMjEzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJkZjRlZjM3ZmVjOTc4OTU3NjgyYmE5NmIyMDBhYWI4MTRlMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz59QmEc2WnFWtCzDHAdbliQ75X+
8TWAvEQPS+34N0fOelhM8bYm9Yyp04KEmbAx0FTXDvVunWlxHFrGEkSizjUEsw9p
mVKEY3mr7ophXVP2uJLIljdkiyEAHMR5gX89qE1zgPmO0wK6Fco3TS0dcYiwzxob
aYL7Qvnt1bRAi2m2xQcPx2m3f9CDcMG2FxlO5UbLLtX3EIcansm8dk8GjwGZ88EX
7bkTT0PmTGO6hQ3WjdUovM+nS2XK96+n67rthSYgeF6vTbAgOnGtUkT7blCzBmxx
GFBu7cJcakRIjuIM9UiduWURHCJxdoQPoiZBllO//oGgnyj37VMqNnf//wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+99O83/sl4lXaCupayAKq4FOIQMB8GA1UdIwQY
MBaAFJrWvxKtWikye8b3tmAm8FRobNlZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRhX0VxMWFLVEo3eHZlMllDYndWR2hzMlZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jMGVhODgtNzU5Mi00ZTg0LTlhOWEt
NDMzNTY3MGY2YjdlLzEvcjczMDd6Zi15WGlWZG9LNmxySUFxcmdVNGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jMGVhODgtNzU5Mi00ZTg0LTlhOWEtNDMzNTY3MGY2Yjdl
LzEvbXRhX0VxMWFLVEo3eHZlMllDYndWR2hzMlZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR2cMA0E
AgACMAcDBQAqAKigMA0GCSqGSIb3DQEBCwUAA4IBAQA27/FnY4gc+PYXjmUOsfiI
dHQd4dSR3A3Xtt/M8oLfKgm7yWf7WxI0bLDDrLIZr01AKTYA8amArGS/ZT/5JW/j
U5GxNO4HJSJbbMegl24EUP9Saemu1DdGuC1n5yIAMLmVL97iyZ3Y0Ms4SA0nEvfd
NWDpAWX7oZTzm/xlkubeDcxNaAstgZXbx4iSPw8uRjXQX52TxXN+XP0RcYogya01
IfrWusZpjS5p9dnAeGbw8Fc3LryJ3LcCProYxd78RAPyvvAXGOC/5Wwq2l4d5Jwt
CXVksArY9ekOlWixH4+5szIciA7Rzy4dp8LwfN/R+/idTe0Vz0nI979nOMl+tmnN
Generated at Mon Jan 1 17:26:45 2024 by rpki-client on console-fra.rpki-client.org