Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/_wZy01bHPaDdXiynZSXo5M2xLvk.roa
File: _wZy01bHPaDdXiynZSXo5M2xLvk.roa (raw, json)
Hash identifier: TnKanQzt4hwpJDAfH98FVKdfAgXJUBCcIXH30/mjMUc=
Subject key identifier: FF:06:72:D3:56:C7:3D:A0:DD:5E:2C:A7:65:25:E8:E4:CD:B1:2E:F9
Certificate issuer: /CN=23e45164c572edde5df253917cc12a2dfd398b97
Certificate serial: 018B28B8B5E4EB30BAB2AAF870E1339AFBEE
Authority key identifier: 23:E4:51:64:C5:72:ED:DE:5D:F2:53:91:7C:C1:2A:2D:FD:39:8B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-RRZMVy7d5d8lORfMEqLf05i5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/_wZy01bHPaDdXiynZSXo5M2xLvk.roa
Signing time: Fri 13 Oct 2023 11:07:55 +0000
ROA not before: Fri 13 Oct 2023 11:07:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35826
IP address blocks: 185.113.204.0/22 maxlen: 22
2a0d:c600::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 13 Oct 2023 14:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:b8:b5:e4:eb:30:ba:b2:aa:f8:70:e1:33:9a:fb:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e45164c572edde5df253917cc12a2dfd398b97
Validity
Not Before: Oct 13 11:07:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff0672d356c73da0dd5e2ca76525e8e4cdb12ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:c4:2e:be:6c:8d:d4:d9:e5:7d:9f:0c:77:
ba:f9:35:c3:74:42:7c:90:88:f4:b1:1f:b0:af:3f:
00:60:9a:f6:f0:23:06:76:30:c0:45:f3:1a:5c:90:
66:e5:8c:11:1b:72:f8:68:d1:0b:43:30:b5:e2:13:
4e:a7:b9:d5:47:f1:e7:b8:cb:a2:16:24:61:8b:00:
84:bb:2c:95:f2:5d:d0:bf:7b:ab:1d:bc:ad:d2:8f:
de:24:e9:5a:96:67:5a:71:2c:a7:76:18:fb:42:58:
2f:9a:c5:6e:1f:ff:fd:b6:b9:08:a1:d3:a9:6f:76:
2e:24:99:5e:bc:62:88:ec:61:2a:e9:e9:80:3a:72:
cd:23:24:c9:fd:80:7b:1c:ff:14:1a:b9:9e:3e:28:
3b:8a:ac:dd:99:50:1b:c2:5d:c2:68:09:2f:83:2e:
ee:d0:91:86:08:af:ab:4e:c7:5a:bb:0b:4a:95:ca:
4f:00:06:c7:01:55:9a:fe:70:8b:cd:5f:cb:e3:df:
28:fe:ee:8a:00:79:c5:40:92:99:6d:0b:6f:f5:cc:
e0:c9:e7:c6:e3:32:0b:ee:b6:45:1a:2c:8b:6c:d9:
d4:fd:4e:a6:7e:25:f1:3a:c9:f3:ff:16:fc:e6:10:
6e:f4:ae:b8:f5:fd:f9:2b:16:a5:d8:1e:a2:3c:d0:
e7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:06:72:D3:56:C7:3D:A0:DD:5E:2C:A7:65:25:E8:E4:CD:B1:2E:F9
X509v3 Authority Key Identifier:
keyid:23:E4:51:64:C5:72:ED:DE:5D:F2:53:91:7C:C1:2A:2D:FD:39:8B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-RRZMVy7d5d8lORfMEqLf05i5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/_wZy01bHPaDdXiynZSXo5M2xLvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/68a4b2-5894-47c5-be01-66aa2a23239e/1/I-RRZMVy7d5d8lORfMEqLf05i5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.204.0/22
IPv6:
2a0d:c600::/29
Signature Algorithm: sha256WithRSAEncryption
93:0d:47:57:2f:54:bb:48:51:66:64:3b:66:8a:5d:e6:cb:5a:
71:6e:88:d2:d0:63:af:01:cd:d2:1c:a0:ef:d9:31:53:44:ff:
b8:e0:9e:f6:00:89:42:73:8e:0a:cc:eb:b2:88:2e:ba:a1:de:
f2:ea:73:c2:49:2c:28:2b:3e:75:c5:5c:93:a9:e4:cb:37:9d:
aa:85:be:b5:9f:22:ff:88:f0:ad:96:4e:ab:51:75:8f:64:69:
b3:ed:f0:8a:6a:3c:4a:1a:ab:66:86:e6:a3:b6:aa:f8:fc:b0:
ff:cd:13:93:08:a1:a1:b8:e6:1c:b8:94:51:39:bc:e9:d6:29:
87:b6:d1:9a:7e:43:aa:d5:7c:aa:54:c6:dc:d9:1e:41:a2:1a:
6a:3e:b8:b7:1f:f7:ce:66:1a:be:97:a8:da:5c:56:68:f2:1a:
2f:a1:c4:53:c4:4f:cb:50:4c:7e:9b:47:14:7f:c1:44:28:06:
c6:21:4b:9e:0c:95:a1:32:f5:51:f9:e9:ca:18:15:fa:37:19:
59:5e:8c:8b:05:c2:55:91:51:72:4b:1a:31:53:60:45:ae:90:
8b:3c:bf:a0:21:b6:c9:ee:91:3f:e7:6c:6b:a0:63:7a:40:8c:
97:da:f0:97:d8:79:49:19:df:5d:dd:de:a5:3e:5f:3f:01:47:
d1:3b:db:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsouLXk6zC6sqr4cOEzmvvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTQ1MTY0YzU3MmVkZGU1ZGYyNTM5MTdjYzEyYTJkZmQz
OThiOTcwHhcNMjMxMDEzMTEwNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA2NzJkMzU2YzczZGEwZGQ1ZTJjYTc2NTI1ZThlNGNkYjEyZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2zELr5sjdTZ5X2fDHe6+TXDdEJ8
kIj0sR+wrz8AYJr28CMGdjDARfMaXJBm5YwRG3L4aNELQzC14hNOp7nVR/HnuMui
FiRhiwCEuyyV8l3Qv3urHbyt0o/eJOlalmdacSyndhj7QlgvmsVuH//9trkIodOp
b3YuJJlevGKI7GEq6emAOnLNIyTJ/YB7HP8UGrmePig7iqzdmVAbwl3CaAkvgy7u
0JGGCK+rTsdauwtKlcpPAAbHAVWa/nCLzV/L498o/u6KAHnFQJKZbQtv9czgyefG
4zIL7rZFGiyLbNnU/U6mfiXxOsnz/xb85hBu9K649f35Kxal2B6iPNDn3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP8GctNWxz2g3V4sp2Ul6OTNsS75MB8GA1UdIwQY
MBaAFCPkUWTFcu3eXfJTkXzBKi39OYuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1SUlpNVnk3ZDVkOGxPUmZNRXFMZjA1aTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi82OGE0YjItNTg5NC00N2M1LWJlMDEt
NjZhYTJhMjMyMzllLzEvX3daeTAxYkhQYURkWGl5blpTWG81TTJ4THZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi82OGE0YjItNTg5NC00N2M1LWJlMDEtNjZhYTJhMjMyMzll
LzEvSS1SUlpNVnk3ZDVkOGxPUmZNRXFMZjA1aTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXHMMA0E
AgACMAcDBQMqDcYAMA0GCSqGSIb3DQEBCwUAA4IBAQCTDUdXL1S7SFFmZDtmil3m
y1pxbojS0GOvAc3SHKDv2TFTRP+44J72AIlCc44KzOuyiC66od7y6nPCSSwoKz51
xVyTqeTLN52qhb61nyL/iPCtlk6rUXWPZGmz7fCKajxKGqtmhuajtqr4/LD/zROT
CKGhuOYcuJRRObzp1imHttGafkOq1XyqVMbc2R5BohpqPri3H/fOZhq+l6jaXFZo
8hovocRTxE/LUEx+m0cUf8FEKAbGIUueDJWhMvVR+enKGBX6NxlZXoyLBcJVkVFy
SxoxU2BFrpCLPL+gIbbJ7pE/52xroGN6QIyX2vCX2HlJGd9d3d6lPl8/AUfRO9s/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:41 2024 by rpki-client on console-fra.rpki-client.org