Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/G_g1Qb28o6Uzx-T_BsPz5wrIETM.roa
File: G_g1Qb28o6Uzx-T_BsPz5wrIETM.roa (raw, json)
Hash identifier: OK6Jt7L0cQArK/WENhISMwWcCiv1ZU8WhK11hzS3Xow=
Subject key identifier: 1B:F8:35:41:BD:BC:A3:A5:33:C7:E4:FF:06:C3:F3:E7:0A:C8:11:33
Certificate issuer: /CN=279669579b3ce61ee8ee7d6af7e314b0f726361f
Certificate serial: 01856EEFE94E630DE2520773AF01E49DDBF2
Authority key identifier: 27:96:69:57:9B:3C:E6:1E:E8:EE:7D:6A:F7:E3:14:B0:F7:26:36:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5ZpV5s85h7o7n1q9-MUsPcmNh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/G_g1Qb28o6Uzx-T_BsPz5wrIETM.roa
Signing time: Sun 01 Jan 2023 20:04:54 +0000
ROA not before: Sun 01 Jan 2023 20:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59253
IP address blocks: 185.129.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e9:4e:63:0d:e2:52:07:73:af:01:e4:9d:db:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279669579b3ce61ee8ee7d6af7e314b0f726361f
Validity
Not Before: Jan 1 20:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bf83541bdbca3a533c7e4ff06c3f3e70ac81133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cf:74:46:b6:d8:d5:33:ca:20:0a:9b:1e:44:
10:83:58:e7:15:8d:a1:4d:3a:62:3a:d3:0d:44:98:
1a:a1:0b:ef:02:f7:1d:10:1e:4e:eb:b6:2f:09:73:
67:59:b3:d3:f9:ce:b7:6b:64:6f:7a:25:71:8b:17:
bc:40:b0:fb:52:01:47:e9:da:d8:4c:7e:6e:d6:64:
51:55:56:99:22:27:a4:5e:2f:a3:e0:af:9e:d1:61:
c3:47:4f:66:06:a5:77:74:31:04:4b:d5:4b:29:dd:
13:4d:2e:2c:6b:d9:34:b0:81:9a:08:f2:5a:e7:e3:
ed:3c:f2:52:b4:d0:5e:fe:29:dc:81:ba:78:09:43:
71:30:3b:31:63:11:0d:72:47:84:ac:80:da:a6:c2:
48:55:26:0b:00:df:cf:13:78:fa:6e:63:fc:2e:ba:
50:e1:47:43:5c:4c:dc:43:17:3c:62:6a:32:97:9d:
c6:10:9d:70:51:fb:18:45:ec:0f:8a:80:70:fe:fb:
81:59:c8:08:26:cc:39:01:46:f5:9b:6a:25:05:03:
7a:d7:5c:13:db:12:87:4c:16:1c:43:05:0b:dd:87:
da:cc:a5:63:86:48:00:e6:23:cf:e5:93:79:8d:76:
0f:ec:b9:27:f6:04:b3:db:a2:52:1a:a2:a1:8a:f2:
98:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F8:35:41:BD:BC:A3:A5:33:C7:E4:FF:06:C3:F3:E7:0A:C8:11:33
X509v3 Authority Key Identifier:
keyid:27:96:69:57:9B:3C:E6:1E:E8:EE:7D:6A:F7:E3:14:B0:F7:26:36:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5ZpV5s85h7o7n1q9-MUsPcmNh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/G_g1Qb28o6Uzx-T_BsPz5wrIETM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/J5ZpV5s85h7o7n1q9-MUsPcmNh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.122.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:54:90:a5:39:68:4f:4a:fa:a6:9d:da:09:1d:44:10:2d:89:
55:62:7c:97:35:35:30:8c:c1:69:11:03:8a:68:49:88:35:90:
44:05:92:ef:d0:a0:19:97:97:b2:d8:80:be:27:9b:6d:03:79:
f9:39:79:9f:04:9a:45:4c:58:87:6b:3e:f9:ab:bc:18:ed:98:
67:f7:58:af:86:e6:52:a6:81:32:54:26:20:b6:0d:5f:16:07:
e6:ab:63:6f:1d:1d:fa:0c:01:34:01:4e:37:8c:75:b3:ce:ba:
6e:44:4f:9e:cf:c8:76:24:89:06:35:58:c4:a7:66:5d:45:52:
10:bb:40:63:4b:fe:9e:d9:ea:5e:71:ee:95:77:0b:0a:aa:7b:
15:4e:da:1e:73:05:26:39:7d:90:c4:bd:b9:f5:c1:e5:af:33:
2e:6f:de:b3:bb:fd:d3:b7:ea:68:4a:f2:70:08:0f:b2:bc:ad:
59:64:f7:b6:52:51:33:71:80:01:28:eb:39:15:23:13:5e:5e:
2d:65:9d:e1:cf:02:24:4b:b4:5a:1b:97:ea:40:9b:11:1a:63:
68:7f:15:25:54:21:a8:33:58:bf:9e:8c:7e:a4:d7:e4:b9:b2:
08:1c:95:8a:16:8a:51:58:30:b9:7c:b0:21:d5:ae:e1:81:0c:
f5:14:2b:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu7+lOYw3iUgdzrwHkndvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTY2OTU3OWIzY2U2MWVlOGVlN2Q2YWY3ZTMxNGIwZjcy
NjM2MWYwHhcNMjMwMTAxMjAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmY4MzU0MWJkYmNhM2E1MzNjN2U0ZmYwNmMzZjNlNzBhYzgxMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr890RrbY1TPKIAqbHkQQg1jnFY2h
TTpiOtMNRJgaoQvvAvcdEB5O67YvCXNnWbPT+c63a2RveiVxixe8QLD7UgFH6drY
TH5u1mRRVVaZIiekXi+j4K+e0WHDR09mBqV3dDEES9VLKd0TTS4sa9k0sIGaCPJa
5+PtPPJStNBe/incgbp4CUNxMDsxYxENckeErIDapsJIVSYLAN/PE3j6bmP8LrpQ
4UdDXEzcQxc8Ymoyl53GEJ1wUfsYRewPioBw/vuBWcgIJsw5AUb1m2olBQN611wT
2xKHTBYcQwUL3YfazKVjhkgA5iPP5ZN5jXYP7Lkn9gSz26JSGqKhivKY0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBv4NUG9vKOlM8fk/wbD8+cKyBEzMB8GA1UdIwQY
MBaAFCeWaVebPOYe6O59avfjFLD3JjYfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVacFY1czg1aDdvN24xcTktTVVzUGNtTmg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xMTg0MTMtYjdhYS00NTljLTk5ZmEt
NGRlMWI1MjBhNTk0LzEvR19nMVFiMjhvNlV6eC1UX0JzUHo1d3JJRVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xMTg0MTMtYjdhYS00NTljLTk5ZmEtNGRlMWI1MjBhNTk0
LzEvSjVacFY1czg1aDdvN24xcTktTVVzUGNtTmg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYF6MA0G
CSqGSIb3DQEBCwUAA4IBAQBaVJClOWhPSvqmndoJHUQQLYlVYnyXNTUwjMFpEQOK
aEmINZBEBZLv0KAZl5ey2IC+J5ttA3n5OXmfBJpFTFiHaz75q7wY7Zhn91ivhuZS
poEyVCYgtg1fFgfmq2NvHR36DAE0AU43jHWzzrpuRE+ez8h2JIkGNVjEp2ZdRVIQ
u0BjS/6e2epece6VdwsKqnsVTtoecwUmOX2QxL259cHlrzMub96zu/3Tt+poSvJw
CA+yvK1ZZPe2UlEzcYABKOs5FSMTXl4tZZ3hzwIkS7RaG5fqQJsRGmNofxUlVCGo
M1i/nox+pNfkubIIHJWKFopRWDC5fLAh1a7hgQz1FCuy
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:11 2024 by rpki-client on console-fra.rpki-client.org