Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/8wjB7ZZS80eZXrqghHOchAnG8qs.roa
File: 8wjB7ZZS80eZXrqghHOchAnG8qs.roa (raw, json)
Hash identifier: VZQ2CR9mH3X49a3BjoywsAXTNCeTGBkYszo1V6DV/KU=
Subject key identifier: F3:08:C1:ED:96:52:F3:47:99:5E:BA:A0:84:73:9C:84:09:C6:F2:AB
Certificate issuer: /CN=a2893a4b284acb5d8a4164289045492109511688
Certificate serial: 01856CE632D0D7262785274B6A5620EA1DFC
Authority key identifier: A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/8wjB7ZZS80eZXrqghHOchAnG8qs.roa
Signing time: Sun 01 Jan 2023 10:35:03 +0000
ROA not before: Sun 01 Jan 2023 10:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397451
IP address blocks: 185.25.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:32:d0:d7:26:27:85:27:4b:6a:56:20:ea:1d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2893a4b284acb5d8a4164289045492109511688
Validity
Not Before: Jan 1 10:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f308c1ed9652f347995ebaa084739c8409c6f2ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:15:e0:bd:81:86:88:99:20:56:d5:f8:82:4d:
52:18:cf:5e:2a:b1:7b:62:f7:96:65:35:b7:ae:72:
d4:5f:87:d8:0d:1e:2e:89:ab:91:9f:4c:7f:00:67:
69:2c:91:1d:7e:e1:cf:47:17:48:24:12:c1:a3:bf:
4e:b6:46:12:08:54:d5:4f:b4:f5:94:49:d0:e2:fe:
7d:3d:86:58:89:cf:99:de:02:56:53:76:0c:e8:c4:
87:7c:f4:d2:a8:b6:5a:01:1e:8a:9a:6e:cb:90:0b:
67:89:d2:3b:ad:72:aa:96:9c:12:f7:70:72:1b:4b:
f4:1b:a1:ad:7c:b7:7e:a0:a0:aa:bf:9f:27:ab:28:
7c:c9:46:43:ee:cb:a2:c7:5e:79:12:e1:44:56:1c:
66:fb:dc:1a:ec:77:68:7b:8d:62:4d:80:bc:ae:3c:
79:cc:46:05:94:f2:20:4f:8d:3e:59:6c:0f:24:ff:
ac:e7:74:cd:ee:19:b2:4c:64:dc:b2:33:cb:c4:51:
5f:e5:ed:24:e1:92:54:da:f6:f5:31:f3:13:ee:be:
c8:d5:12:9b:7e:8c:66:7e:36:1a:c0:1e:d3:95:70:
e7:88:7c:3c:e1:e9:ac:eb:10:cd:4a:ff:39:9f:3a:
34:74:06:db:2c:99:00:f4:e9:d9:49:09:60:2a:c9:
57:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:08:C1:ED:96:52:F3:47:99:5E:BA:A0:84:73:9C:84:09:C6:F2:AB
X509v3 Authority Key Identifier:
keyid:A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/8wjB7ZZS80eZXrqghHOchAnG8qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.156.0/24
Signature Algorithm: sha256WithRSAEncryption
21:01:6d:7d:ce:c2:9e:2f:b5:6d:58:c1:05:f5:ad:07:f1:87:
f3:12:8b:05:50:12:e7:41:6c:80:7f:15:76:b3:4a:3c:81:5b:
b1:10:65:aa:28:9c:ae:ad:a9:04:38:9a:b8:dd:4b:17:e4:fb:
12:e5:d4:18:a0:0a:fe:c6:d0:33:92:2f:e0:bf:fe:25:e9:32:
39:d0:be:6f:34:8a:ac:ac:b1:4d:2b:81:79:cc:51:d4:42:70:
0b:26:36:2c:d9:b3:a1:f2:a3:ba:e0:73:e1:6e:fa:1a:7b:0e:
16:ba:8c:91:b1:15:c7:76:83:08:cc:75:0e:c9:0d:5a:ff:c5:
8f:90:f7:97:b0:01:3a:64:59:5e:09:d7:09:c7:52:38:3a:5e:
0d:ce:c0:dd:7d:90:ad:b9:68:b6:c1:7e:7e:5d:84:6d:99:55:
af:f1:1c:f7:f4:59:6a:c9:60:c2:3e:20:fd:3e:17:21:fc:7c:
c3:f9:f0:2a:1d:ff:0d:8b:44:d7:c6:5c:c0:65:06:d6:43:75:
12:54:e0:d4:20:5e:61:01:21:96:18:75:7a:0b:02:3d:56:02:
3e:2f:9a:7a:e1:b7:3f:cb:43:48:9d:fa:8c:de:04:33:8c:b0:
ff:51:ae:63:98:2d:1c:c6:3e:b3:a9:0e:9b:28:70:a1:5f:60:
15:60:80:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5jLQ1yYnhSdLalYg6h38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODkzYTRiMjg0YWNiNWQ4YTQxNjQyODkwNDU0OTIxMDk1
MTE2ODgwHhcNMjMwMTAxMTAzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzA4YzFlZDk2NTJmMzQ3OTk1ZWJhYTA4NDczOWM4NDA5YzZmMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BXgvYGGiJkgVtX4gk1SGM9eKrF7
YveWZTW3rnLUX4fYDR4uiauRn0x/AGdpLJEdfuHPRxdIJBLBo79OtkYSCFTVT7T1
lEnQ4v59PYZYic+Z3gJWU3YM6MSHfPTSqLZaAR6Kmm7LkAtnidI7rXKqlpwS93By
G0v0G6GtfLd+oKCqv58nqyh8yUZD7suix155EuFEVhxm+9wa7Hdoe41iTYC8rjx5
zEYFlPIgT40+WWwPJP+s53TN7hmyTGTcsjPLxFFf5e0k4ZJU2vb1MfMT7r7I1RKb
foxmfjYawB7TlXDniHw84ems6xDNSv85nzo0dAbbLJkA9OnZSQlgKslX0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMIwe2WUvNHmV66oIRznIQJxvKrMB8GA1UdIwQY
MBaAFKKJOksoSstdikFkKJBFSSEJURaIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgt
YTVkM2NiOTE4MjA2LzEvOHdqQjdaWlM4MGVaWHJxZ2hIT2NoQW5HOHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgtYTVkM2NiOTE4MjA2
LzEvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRmcMA0G
CSqGSIb3DQEBCwUAA4IBAQAhAW19zsKeL7VtWMEF9a0H8YfzEosFUBLnQWyAfxV2
s0o8gVuxEGWqKJyurakEOJq43UsX5PsS5dQYoAr+xtAzki/gv/4l6TI50L5vNIqs
rLFNK4F5zFHUQnALJjYs2bOh8qO64HPhbvoaew4WuoyRsRXHdoMIzHUOyQ1a/8WP
kPeXsAE6ZFleCdcJx1I4Ol4NzsDdfZCtuWi2wX5+XYRtmVWv8Rz39FlqyWDCPiD9
Phch/HzD+fAqHf8Ni0TXxlzAZQbWQ3USVODUIF5hASGWGHV6CwI9VgI+L5p64bc/
y0NInfqM3gQzjLD/Ua5jmC0cxj6zqQ6bKHChX2AVYIAB
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:10 2024 by rpki-client on console-ams.rpki-client.org