Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/CbB1Zbw6KYuG5hGTF-IjfC44eW8.roa
File: CbB1Zbw6KYuG5hGTF-IjfC44eW8.roa (raw, json)
Hash identifier: u5Phy5aiuPJ6KOAX4AI6+26wJUsXr3FdDh9XK1E34+o=
Subject key identifier: 09:B0:75:65:BC:3A:29:8B:86:E6:11:93:17:E2:23:7C:2E:38:79:6F
Certificate issuer: /CN=db186422279d9d8b4e68e69b1296e532d4da0c3f
Certificate serial: 01856E78CE7659CAC3B47D99DE6EB6A7E8AE
Authority key identifier: DB:18:64:22:27:9D:9D:8B:4E:68:E6:9B:12:96:E5:32:D4:DA:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xhkIiednYtOaOabEpblMtTaDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/CbB1Zbw6KYuG5hGTF-IjfC44eW8.roa
Signing time: Sun 01 Jan 2023 17:54:48 +0000
ROA not before: Sun 01 Jan 2023 17:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203441
IP address blocks: 185.132.224.0/22 maxlen: 22
193.105.103.0/24 maxlen: 24
2a03:a660::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ce:76:59:ca:c3:b4:7d:99:de:6e:b6:a7:e8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db186422279d9d8b4e68e69b1296e532d4da0c3f
Validity
Not Before: Jan 1 17:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09b07565bc3a298b86e6119317e2237c2e38796f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2c:4b:9a:74:41:16:5f:a7:d7:b3:66:8f:07:
29:67:6c:3d:a0:02:57:7a:b2:03:bb:c6:40:8b:c2:
db:68:35:7b:da:cf:ca:37:74:46:1c:61:e0:df:5a:
22:b2:64:54:6a:ba:82:60:99:a0:e0:c4:7a:00:d7:
f5:fc:a4:1e:d9:18:52:23:95:f6:aa:3a:7d:57:c9:
9a:99:57:b0:83:3f:da:1d:fb:14:53:93:34:60:a4:
a2:6b:a7:ec:5d:69:5e:32:3c:fc:65:f7:a6:b7:9f:
b3:67:95:3b:4c:31:00:37:ba:8a:4a:14:3e:85:76:
40:8c:08:8c:0d:38:b9:8c:fb:74:c9:b2:1f:24:74:
0d:97:96:b4:40:6c:98:d2:29:7e:fb:88:5d:41:ef:
39:8c:0c:ea:0b:85:9a:d9:a3:63:a6:54:d6:a0:4f:
90:09:53:79:03:02:58:6a:c5:a8:6b:26:55:a7:4a:
84:73:85:51:46:70:18:36:a0:72:cc:8c:22:22:e6:
ec:ad:51:75:16:01:7d:91:95:e6:26:fa:a7:40:5a:
45:6c:45:7b:74:5e:4d:ab:11:18:51:d2:a9:e9:f0:
70:e2:ee:8f:f3:0c:dc:30:00:d2:19:69:53:b5:97:
91:fb:bc:79:24:23:55:c1:51:ea:76:b9:01:39:83:
67:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B0:75:65:BC:3A:29:8B:86:E6:11:93:17:E2:23:7C:2E:38:79:6F
X509v3 Authority Key Identifier:
keyid:DB:18:64:22:27:9D:9D:8B:4E:68:E6:9B:12:96:E5:32:D4:DA:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xhkIiednYtOaOabEpblMtTaDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/CbB1Zbw6KYuG5hGTF-IjfC44eW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/2xhkIiednYtOaOabEpblMtTaDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.224.0/22
193.105.103.0/24
IPv6:
2a03:a660::/32
Signature Algorithm: sha256WithRSAEncryption
20:c1:a6:59:f6:85:76:07:e5:72:6a:d0:39:8c:dc:42:d9:32:
4b:59:f1:e6:e7:c2:c4:39:b2:3d:09:e9:ea:d6:20:d5:44:fa:
80:3f:fc:9d:8a:9d:1a:5d:55:91:75:2d:3e:4b:b9:25:9b:9d:
2a:2f:5a:54:4b:fa:ac:d9:b5:2f:c4:93:f7:a3:e3:46:ac:da:
be:5a:88:b7:72:f0:86:1f:12:4f:91:13:3f:65:2b:81:ef:2e:
bd:81:25:d0:64:c8:7a:0d:ab:1e:ec:d8:b2:27:84:7b:4b:3f:
e9:d7:ca:e3:2d:75:c1:74:3f:20:1a:da:e3:88:3f:d0:1f:f7:
32:60:e3:02:f2:79:bc:83:07:02:75:8d:27:91:ee:58:51:2d:
9a:48:89:fd:e7:57:b7:68:46:21:72:a7:b4:dd:07:41:02:d3:
c8:f7:35:f5:02:a0:75:23:2f:8f:57:ca:65:c1:c6:2a:81:10:
40:08:66:f9:67:a9:73:6f:cf:3b:bc:db:f1:6f:d6:35:38:3a:
24:5e:1c:73:09:ea:da:13:b5:f7:73:4e:fa:fd:71:76:a0:68:
34:2b:66:54:65:3d:71:80:00:26:49:22:53:3e:80:1f:15:63:
ff:73:0a:12:59:ae:be:8b:b6:bf:c1:1e:bb:fc:26:c6:de:e1:
b5:df:70:74
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVueM52WcrDtH2Z3m62p+iuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTg2NDIyMjc5ZDlkOGI0ZTY4ZTY5YjEyOTZlNTMyZDRk
YTBjM2YwHhcNMjMwMTAxMTc1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWIwNzU2NWJjM2EyOThiODZlNjExOTMxN2UyMjM3YzJlMzg3OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyxLmnRBFl+n17NmjwcpZ2w9oAJX
erIDu8ZAi8LbaDV72s/KN3RGHGHg31oismRUarqCYJmg4MR6ANf1/KQe2RhSI5X2
qjp9V8mamVewgz/aHfsUU5M0YKSia6fsXWleMjz8Zfemt5+zZ5U7TDEAN7qKShQ+
hXZAjAiMDTi5jPt0ybIfJHQNl5a0QGyY0il++4hdQe85jAzqC4Wa2aNjplTWoE+Q
CVN5AwJYasWoayZVp0qEc4VRRnAYNqByzIwiIubsrVF1FgF9kZXmJvqnQFpFbEV7
dF5NqxEYUdKp6fBw4u6P8wzcMADSGWlTtZeR+7x5JCNVwVHqdrkBOYNnowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAmwdWW8OimLhuYRkxfiI3wuOHlvMB8GA1UdIwQY
MBaAFNsYZCInnZ2LTmjmmxKW5TLU2gw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhoa0lpZWRuWXRPYU9hYkVwYmxNdFRhREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8wYzAxYzUtMTU3ZC00MGE3LThmY2Mt
NWM3NzIzNDYwMjIzLzEvQ2JCMVpidzZLWXVHNWhHVEYtSWpmQzQ0ZVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8wYzAxYzUtMTU3ZC00MGE3LThmY2MtNWM3NzIzNDYwMjIz
LzEvMnhoa0lpZWRuWXRPYU9hYkVwYmxNdFRhREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYTgAwQA
wWlnMA0EAgACMAcDBQAqA6ZgMA0GCSqGSIb3DQEBCwUAA4IBAQAgwaZZ9oV2B+Vy
atA5jNxC2TJLWfHm58LEObI9Cenq1iDVRPqAP/ydip0aXVWRdS0+S7klm50qL1pU
S/qs2bUvxJP3o+NGrNq+Woi3cvCGHxJPkRM/ZSuB7y69gSXQZMh6Dase7NiyJ4R7
Sz/p18rjLXXBdD8gGtrjiD/QH/cyYOMC8nm8gwcCdY0nke5YUS2aSIn951e3aEYh
cqe03QdBAtPI9zX1AqB1Iy+PV8plwcYqgRBACGb5Z6lzb887vNvxb9Y1ODokXhxz
CeraE7X3c076/XF2oGg0K2ZUZT1xgAAmSSJTPoAfFWP/cwoSWa6+i7a/wR67/CbG
3uG133B0
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:03 2024 by rpki-client on console.sobornost.net