Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/VOwOUHZnfaxdJGq0fZGJOSqTiBU.roa
File: VOwOUHZnfaxdJGq0fZGJOSqTiBU.roa (raw, json)
Hash identifier: aHUf/1FnAJN/Vd6z5KwnNy9hCnZBCQy7yoZ0xqcC4fE=
Subject key identifier: 54:EC:0E:50:76:67:7D:AC:5D:24:6A:B4:7D:91:89:39:2A:93:88:15
Certificate issuer: /CN=e22d7eae21d8baee9de6940d8ce6b29d92a9031e
Certificate serial: 018E38D854DAEFD27A0C11092F7F050C6871
Authority key identifier: E2:2D:7E:AE:21:D8:BA:EE:9D:E6:94:0D:8C:E6:B2:9D:92:A9:03:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4i1-riHYuu6d5pQNjOaynZKpAx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/VOwOUHZnfaxdJGq0fZGJOSqTiBU.roa
Signing time: Wed 13 Mar 2024 17:24:45 +0000
ROA not before: Wed 13 Mar 2024 17:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203327
IP address blocks: 185.138.144.0/22 maxlen: 24
185.138.146.0/24 maxlen: 24
2a07:ec0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 17:40:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:d8:54:da:ef:d2:7a:0c:11:09:2f:7f:05:0c:68:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e22d7eae21d8baee9de6940d8ce6b29d92a9031e
Validity
Not Before: Mar 13 17:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54ec0e5076677dac5d246ab47d9189392a938815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2e:cd:7a:08:83:ea:39:40:39:bf:88:1f:7a:
78:7f:51:fe:71:7f:ed:88:df:0c:d8:47:56:0b:27:
3b:9c:9f:b9:ee:d5:fe:72:18:2d:81:ef:af:5f:72:
45:3b:73:18:d1:f8:a6:9a:d6:35:fa:fa:39:5f:ce:
a6:a0:f6:0f:6e:3e:e2:1c:ac:f2:fb:ec:56:f8:98:
46:61:e1:28:30:e0:90:f5:65:3c:f2:a0:ec:47:3e:
17:6b:b9:3d:2f:ab:ac:db:9a:f2:82:97:fe:86:02:
fc:a8:cf:90:a0:5b:bc:bf:6d:0e:dc:27:3f:7f:e5:
45:e5:dd:ac:28:a2:ef:14:f6:b0:ca:82:66:23:ca:
a2:35:af:c1:ab:6d:1a:75:b0:60:9e:af:53:5c:1d:
05:4a:1e:da:e8:59:fb:70:64:11:d5:26:66:6f:e1:
8d:93:6b:c8:24:e2:c5:77:0e:7c:35:90:d6:01:d0:
b4:35:39:c7:a7:8b:f5:fc:e8:e0:bc:7a:9a:bf:7b:
c6:0c:87:65:fc:24:4a:bd:50:ed:c3:e5:ff:56:81:
f3:9b:24:d3:3f:47:80:fd:a5:1b:eb:a7:58:96:e0:
35:5b:cd:c7:33:9b:78:8e:e7:c6:95:1d:22:5d:22:
4d:ce:b5:43:1d:be:a4:56:f8:eb:83:de:23:0d:8b:
e5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:EC:0E:50:76:67:7D:AC:5D:24:6A:B4:7D:91:89:39:2A:93:88:15
X509v3 Authority Key Identifier:
keyid:E2:2D:7E:AE:21:D8:BA:EE:9D:E6:94:0D:8C:E6:B2:9D:92:A9:03:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4i1-riHYuu6d5pQNjOaynZKpAx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/VOwOUHZnfaxdJGq0fZGJOSqTiBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/4i1-riHYuu6d5pQNjOaynZKpAx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.144.0/22
IPv6:
2a07:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
15:ff:39:ad:4a:79:a1:d3:11:ea:fa:3f:ed:11:30:1f:9f:22:
dc:d5:d9:0b:08:18:00:0f:bf:10:9b:77:da:00:c1:0a:ee:f3:
b9:c3:09:bd:1d:5a:f6:b6:ae:dc:4f:8d:d1:97:51:10:26:46:
b6:ea:41:c4:1b:94:47:44:23:dc:68:40:51:13:bc:aa:5a:3e:
dd:e4:0a:72:7d:7d:f0:3e:94:73:a1:32:dc:ba:f9:8b:33:ac:
e1:08:26:7e:69:34:0b:f7:d3:db:04:5d:82:b9:86:34:c6:ff:
d9:52:e0:c3:84:7e:c3:60:fb:5c:ae:6b:3d:95:1f:02:bd:63:
4b:59:69:65:a3:77:19:44:09:53:ad:72:12:af:2a:86:fe:8e:
70:00:17:b3:e6:04:59:77:5d:94:d1:c6:a4:58:f3:3b:20:5c:
4d:f6:fa:b3:e2:95:c0:76:18:19:62:e5:3e:58:45:36:40:1f:
8b:9f:59:ea:43:43:68:ec:48:6a:f8:4c:23:a4:66:44:32:da:
4d:db:76:0b:bb:be:9e:91:a1:65:fb:cd:05:5a:d0:99:b2:22:
77:70:c4:4e:79:9a:e4:12:fc:37:65:6c:83:05:cd:72:72:74:
60:67:32:eb:be:a0:6e:cf:72:59:ae:7f:51:5f:3b:f8:df:ff:
7b:3b:81:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY442FTa79J6DBEJL38FDGhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMmQ3ZWFlMjFkOGJhZWU5ZGU2OTQwZDhjZTZiMjlkOTJh
OTAzMWUwHhcNMjQwMzEzMTcyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGVjMGU1MDc2Njc3ZGFjNWQyNDZhYjQ3ZDkxODkzOTJhOTM4ODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC7NegiD6jlAOb+IH3p4f1H+cX/t
iN8M2EdWCyc7nJ+57tX+chgtge+vX3JFO3MY0fimmtY1+vo5X86moPYPbj7iHKzy
++xW+JhGYeEoMOCQ9WU88qDsRz4Xa7k9L6us25rygpf+hgL8qM+QoFu8v20O3Cc/
f+VF5d2sKKLvFPawyoJmI8qiNa/Bq20adbBgnq9TXB0FSh7a6Fn7cGQR1SZmb+GN
k2vIJOLFdw58NZDWAdC0NTnHp4v1/OjgvHqav3vGDIdl/CRKvVDtw+X/VoHzmyTT
P0eA/aUb66dYluA1W83HM5t4jufGlR0iXSJNzrVDHb6kVvjrg94jDYvlFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFTsDlB2Z32sXSRqtH2RiTkqk4gVMB8GA1UdIwQY
MBaAFOItfq4h2LruneaUDYzmsp2SqQMeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGkxLXJpSFl1dTZkNXBRTmpPYXluWktwQXg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hYjgwNzAtNGY1OC00NjM0LTlhNDQt
Mzg3NTM2ZDAzYTcxLzEvVk93T1VIWm5mYXhkSkdxMGZaR0pPU3FUaUJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hYjgwNzAtNGY1OC00NjM0LTlhNDQtMzg3NTM2ZDAzYTcx
LzEvNGkxLXJpSFl1dTZkNXBRTmpPYXluWktwQXg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYqQMA0E
AgACMAcDBQMqBw7AMA0GCSqGSIb3DQEBCwUAA4IBAQAV/zmtSnmh0xHq+j/tETAf
nyLc1dkLCBgAD78Qm3faAMEK7vO5wwm9HVr2tq7cT43Rl1EQJka26kHEG5RHRCPc
aEBRE7yqWj7d5ApyfX3wPpRzoTLcuvmLM6zhCCZ+aTQL99PbBF2CuYY0xv/ZUuDD
hH7DYPtcrms9lR8CvWNLWWllo3cZRAlTrXISryqG/o5wABez5gRZd12U0cakWPM7
IFxN9vqz4pXAdhgZYuU+WEU2QB+Ln1nqQ0No7Ehq+EwjpGZEMtpN23YLu76ekaFl
+80FWtCZsiJ3cMROeZrkEvw3ZWyDBc1ycnRgZzLrvqBuz3JZrn9RXzv43/97O4Hl
-----END CERTIFICATE-----
Generated at Thu Mar 14 01:13:15 2024 by rpki-client on console.sobornost.net