Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/X2H9y7yN5BTJULHRmfLiHNM33UQ.roa
File: X2H9y7yN5BTJULHRmfLiHNM33UQ.roa (raw, json)
Hash identifier: 4zC1spWFmzKHVab8Y2iYMhKBiBfDaDs7gfPBzBa+IDU=
Subject key identifier: 5F:61:FD:CB:BC:8D:E4:14:C9:50:B1:D1:99:F2:E2:1C:D3:37:DD:44
Certificate issuer: /CN=bc063d650534aa9f06931fd8ed6e0bb276ebd3bf
Certificate serial: 01856F42B88F1B53884DCD87D1DDB8A30582
Authority key identifier: BC:06:3D:65:05:34:AA:9F:06:93:1F:D8:ED:6E:0B:B2:76:EB:D3:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/X2H9y7yN5BTJULHRmfLiHNM33UQ.roa
Signing time: Sun 01 Jan 2023 21:35:21 +0000
ROA not before: Sun 01 Jan 2023 21:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35349
IP address blocks: 185.239.248.0/22 maxlen: 22
2a0c:6780::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:b8:8f:1b:53:88:4d:cd:87:d1:dd:b8:a3:05:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc063d650534aa9f06931fd8ed6e0bb276ebd3bf
Validity
Not Before: Jan 1 21:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f61fdcbbc8de414c950b1d199f2e21cd337dd44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:38:1c:15:7f:5f:ea:cf:4f:ae:67:01:b2:dc:
ae:b3:fe:f7:6e:1a:a3:21:63:31:8c:01:ec:08:9d:
4a:e8:b1:bf:de:f6:fc:d1:3b:58:c6:d0:f4:c3:f6:
3c:37:7a:53:60:e7:e6:ca:f0:2a:88:83:25:c3:a2:
9c:35:b0:b7:f1:ed:58:23:12:d0:1b:c8:cf:27:18:
4d:a5:26:8e:3f:2b:c3:93:9e:39:6f:d6:9d:86:bf:
9a:88:43:bd:31:8b:3f:0b:64:44:58:29:ba:e2:2d:
3f:d6:19:73:cf:76:39:8a:ec:3a:d8:6d:40:0d:73:
dc:e3:e4:4f:05:8f:71:f0:b1:d6:82:70:49:cc:d6:
98:49:e5:8b:a3:a6:2c:5e:18:98:03:2f:94:3e:03:
14:6d:65:89:eb:1b:97:8f:16:1e:e6:5c:5c:64:d9:
1d:60:ea:28:37:ec:22:9f:09:ff:a6:85:98:ad:87:
5f:5a:91:cd:d2:ee:2d:24:ec:2b:a7:b1:88:09:b5:
98:fa:4d:e4:fa:68:14:8d:b2:51:9b:96:83:57:46:
c1:e0:de:b9:03:9a:a3:45:1e:82:e6:37:91:db:fb:
6f:b5:ac:1d:d5:00:17:8c:6d:9c:b6:26:3b:89:06:
11:3a:bb:52:ad:aa:a0:44:5e:7e:31:4e:1b:5b:f1:
eb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:61:FD:CB:BC:8D:E4:14:C9:50:B1:D1:99:F2:E2:1C:D3:37:DD:44
X509v3 Authority Key Identifier:
keyid:BC:06:3D:65:05:34:AA:9F:06:93:1F:D8:ED:6E:0B:B2:76:EB:D3:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/X2H9y7yN5BTJULHRmfLiHNM33UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1794e8-8998-4514-b7e1-216d289f1764/1/vAY9ZQU0qp8Gkx_Y7W4Lsnbr078.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.248.0/22
IPv6:
2a0c:6780::/29
Signature Algorithm: sha256WithRSAEncryption
ab:e2:72:13:22:6d:b9:ef:d8:29:1b:37:c6:24:e9:9a:66:ca:
00:2c:0b:c7:3e:d0:9f:4d:a0:00:d6:dd:ab:48:4a:0a:b9:86:
84:e3:7c:ac:e4:2b:97:ae:b9:6c:cd:aa:6d:91:6b:a5:a8:6c:
76:20:7e:2e:b3:3d:34:86:86:66:9d:7a:d8:44:ad:df:48:64:
17:c7:eb:34:47:4f:fb:80:8b:fa:fb:b8:fb:55:5b:4b:f7:66:
a2:4e:1c:91:52:cc:de:7c:b6:d0:ff:69:dd:df:9b:43:35:35:
3c:3b:ac:95:fc:6b:43:0d:e5:95:a5:05:38:fb:78:bb:6d:e9:
bb:ea:ad:1d:1d:31:35:2f:de:68:d8:31:1b:b1:36:f3:02:92:
29:7b:a4:0e:a3:fc:88:62:5b:f1:d9:f9:36:58:54:74:8d:84:
0f:73:a0:19:70:8c:83:d0:84:7c:2d:02:83:a5:e4:fd:61:b5:
26:70:6e:56:de:0b:17:42:9e:32:b3:36:4c:46:fb:52:4c:ed:
fc:be:6e:6c:86:a8:64:45:e3:4e:48:7d:67:61:96:ce:a9:0d:
9a:03:6b:81:44:8a:b2:da:2a:f6:0c:e6:0d:bc:ab:f9:c6:c6:
ec:47:0c:ac:03:3d:9b:f1:28:b1:01:30:f9:fb:03:a5:26:e9:
cf:9d:f0:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQriPG1OITc2H0d24owWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMDYzZDY1MDUzNGFhOWYwNjkzMWZkOGVkNmUwYmIyNzZl
YmQzYmYwHhcNMjMwMTAxMjEzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjYxZmRjYmJjOGRlNDE0Yzk1MGIxZDE5OWYyZTIxY2QzMzdkZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDgcFX9f6s9PrmcBstyus/73bhqj
IWMxjAHsCJ1K6LG/3vb80TtYxtD0w/Y8N3pTYOfmyvAqiIMlw6KcNbC38e1YIxLQ
G8jPJxhNpSaOPyvDk545b9adhr+aiEO9MYs/C2REWCm64i0/1hlzz3Y5iuw62G1A
DXPc4+RPBY9x8LHWgnBJzNaYSeWLo6YsXhiYAy+UPgMUbWWJ6xuXjxYe5lxcZNkd
YOooN+winwn/poWYrYdfWpHN0u4tJOwrp7GICbWY+k3k+mgUjbJRm5aDV0bB4N65
A5qjRR6C5jeR2/tvtawd1QAXjG2ctiY7iQYROrtSraqgRF5+MU4bW/HrYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF9h/cu8jeQUyVCx0Zny4hzTN91EMB8GA1UdIwQY
MBaAFLwGPWUFNKqfBpMf2O1uC7J269O/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkFZOVpRVTBxcDhHa3hfWTdXNExzbmJyMDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8xNzk0ZTgtODk5OC00NTE0LWI3ZTEt
MjE2ZDI4OWYxNzY0LzEvWDJIOXk3eU41QlRKVUxIUm1mTGlITk0zM1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8xNzk0ZTgtODk5OC00NTE0LWI3ZTEtMjE2ZDI4OWYxNzY0
LzEvdkFZOVpRVTBxcDhHa3hfWTdXNExzbmJyMDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue/4MA0E
AgACMAcDBQMqDGeAMA0GCSqGSIb3DQEBCwUAA4IBAQCr4nITIm2579gpGzfGJOma
ZsoALAvHPtCfTaAA1t2rSEoKuYaE43ys5CuXrrlszaptkWulqGx2IH4usz00hoZm
nXrYRK3fSGQXx+s0R0/7gIv6+7j7VVtL92aiThyRUszefLbQ/2nd35tDNTU8O6yV
/GtDDeWVpQU4+3i7bem76q0dHTE1L95o2DEbsTbzApIpe6QOo/yIYlvx2fk2WFR0
jYQPc6AZcIyD0IR8LQKDpeT9YbUmcG5W3gsXQp4yszZMRvtSTO38vm5shqhkReNO
SH1nYZbOqQ2aA2uBRIqy2ir2DOYNvKv5xsbsRwysAz2b8SixATD5+wOlJunPnfDa
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:01 2024 by rpki-client on console-fra.rpki-client.org