Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/drloOkRALL-PU4bREZ1LzfdcmuY.roa
File: drloOkRALL-PU4bREZ1LzfdcmuY.roa (raw, json)
Hash identifier: Ez2+JKPW+MqHnHqiRElUkmJIiM1cRnHGpCT2Wij/0uo=
Subject key identifier: 76:B9:68:3A:44:40:2C:BF:8F:53:86:D1:11:9D:4B:CD:F7:5C:9A:E6
Certificate issuer: /CN=26d38293f669db48b6d0bd1036adfdef6bd3d375
Certificate serial: 01856F94AFE25E52DD4C2BF9EF88D76461A1
Authority key identifier: 26:D3:82:93:F6:69:DB:48:B6:D0:BD:10:36:AD:FD:EF:6B:D3:D3:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JtOCk_Zp20i20L0QNq3972vT03U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/drloOkRALL-PU4bREZ1LzfdcmuY.roa
Signing time: Sun 01 Jan 2023 23:04:53 +0000
ROA not before: Sun 01 Jan 2023 23:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49956
IP address blocks: 185.163.8.0/22 maxlen: 22
185.114.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:af:e2:5e:52:dd:4c:2b:f9:ef:88:d7:64:61:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26d38293f669db48b6d0bd1036adfdef6bd3d375
Validity
Not Before: Jan 1 23:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76b9683a44402cbf8f5386d1119d4bcdf75c9ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:23:e4:85:55:4a:d5:18:ba:e0:87:00:36:30:
93:13:ff:dc:d6:2b:eb:fc:4b:46:2c:c7:20:aa:b0:
14:53:3f:5d:3f:3e:25:8c:b5:b3:e0:92:ec:28:46:
0b:7d:ff:a0:cf:b0:2e:b5:83:47:f5:91:84:a0:4a:
19:20:1b:dd:89:2a:ab:c5:f1:0e:ac:60:6c:09:1b:
4e:6b:f9:aa:29:4d:95:97:9b:bf:1d:40:60:a6:b0:
93:66:76:75:3c:71:67:25:18:e4:d4:a7:5a:ba:45:
cb:99:79:0e:69:4c:95:4d:74:52:40:72:2e:80:e3:
5b:e5:8c:b0:b0:ea:45:11:f2:18:27:1a:ff:a8:fb:
6b:87:97:7a:46:a7:05:84:2b:5c:4e:26:02:30:ca:
3e:61:9b:b7:f8:64:27:70:c7:db:0d:f7:f6:c0:78:
49:c2:da:15:f8:21:42:50:ce:ce:78:7f:fa:ab:cf:
51:95:09:76:32:fa:5b:2a:8f:48:15:83:db:25:d5:
47:bb:f2:3d:ba:6c:5e:51:14:3b:e6:3b:ba:5d:85:
cb:e2:64:7c:1b:6e:49:18:65:00:1b:8b:fe:a2:3f:
f3:c6:15:27:57:94:5e:6b:8f:7e:6a:30:3d:79:fd:
47:56:4b:53:ba:1a:b7:1a:dd:4c:c6:33:4c:1a:3c:
f7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B9:68:3A:44:40:2C:BF:8F:53:86:D1:11:9D:4B:CD:F7:5C:9A:E6
X509v3 Authority Key Identifier:
keyid:26:D3:82:93:F6:69:DB:48:B6:D0:BD:10:36:AD:FD:EF:6B:D3:D3:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JtOCk_Zp20i20L0QNq3972vT03U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/drloOkRALL-PU4bREZ1LzfdcmuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07cc25-8597-430b-bc52-448b9b95b09e/1/JtOCk_Zp20i20L0QNq3972vT03U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.168.0/22
185.163.8.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:84:c8:1b:51:ed:94:ae:71:45:8c:50:9a:2e:8f:62:3a:0b:
7d:58:40:a4:95:97:a2:5b:9d:7c:34:cf:fa:bb:46:a0:94:2c:
45:ca:e1:58:74:dc:6a:b1:32:b7:e0:0c:e8:87:61:e2:09:4f:
a2:51:16:ed:37:75:6c:58:19:ab:34:d6:58:ff:c5:dc:fd:7f:
12:42:1f:4c:ed:2d:ec:bc:3e:44:6a:2f:62:5c:ce:a2:35:7f:
31:a5:c7:3b:2a:ff:95:4e:9d:0b:ad:fe:3e:f1:ea:42:69:76:
8b:47:44:4f:5e:53:c2:6f:13:e7:33:2a:b4:44:70:2b:9d:8e:
68:2c:50:5a:cb:13:e9:56:d8:43:b1:6e:22:69:b7:b4:ab:b6:
15:81:01:11:05:3a:3d:31:47:12:2b:ce:c9:8d:aa:e7:27:27:
6a:67:ff:75:be:9c:6b:ca:00:cd:39:5d:47:00:f8:e0:8b:09:
43:ae:94:5d:cc:61:6b:6d:79:5e:ce:86:73:8c:7e:b1:28:73:
43:62:d1:21:0a:ec:28:fe:5d:2e:2e:6a:97:60:87:ef:d4:05:
78:ec:14:1c:08:58:be:ab:c3:50:c5:1e:b3:84:21:97:a0:83:
b3:fc:ee:de:ba:cb:d7:ef:a5:6c:a9:40:34:e7:3d:39:3d:34:
3c:81:28:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvlK/iXlLdTCv574jXZGGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZDM4MjkzZjY2OWRiNDhiNmQwYmQxMDM2YWRmZGVmNmJk
M2QzNzUwHhcNMjMwMTAxMjMwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI5NjgzYTQ0NDAyY2JmOGY1Mzg2ZDExMTlkNGJjZGY3NWM5YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriPkhVVK1Ri64IcANjCTE//c1ivr
/EtGLMcgqrAUUz9dPz4ljLWz4JLsKEYLff+gz7AutYNH9ZGEoEoZIBvdiSqrxfEO
rGBsCRtOa/mqKU2Vl5u/HUBgprCTZnZ1PHFnJRjk1KdaukXLmXkOaUyVTXRSQHIu
gONb5YywsOpFEfIYJxr/qPtrh5d6RqcFhCtcTiYCMMo+YZu3+GQncMfbDff2wHhJ
wtoV+CFCUM7OeH/6q89RlQl2MvpbKo9IFYPbJdVHu/I9umxeURQ75ju6XYXL4mR8
G25JGGUAG4v+oj/zxhUnV5Rea49+ajA9ef1HVktTuhq3Gt1MxjNMGjz3UQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHa5aDpEQCy/j1OG0RGdS833XJrmMB8GA1UdIwQY
MBaAFCbTgpP2adtIttC9EDat/e9r09N1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnRPQ2tfWnAyMGkyMEwwUU5xMzk3MnZUMDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wN2NjMjUtODU5Ny00MzBiLWJjNTIt
NDQ4YjliOTViMDllLzEvZHJsb09rUkFMTC1QVTRiUkVaMUx6ZmRjbXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wN2NjMjUtODU5Ny00MzBiLWJjNTItNDQ4YjliOTViMDll
LzEvSnRPQ2tfWnAyMGkyMEwwUU5xMzk3MnZUMDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXKoAwQC
uaMIMA0GCSqGSIb3DQEBCwUAA4IBAQB7hMgbUe2UrnFFjFCaLo9iOgt9WECklZei
W518NM/6u0aglCxFyuFYdNxqsTK34Azoh2HiCU+iURbtN3VsWBmrNNZY/8Xc/X8S
Qh9M7S3svD5Eai9iXM6iNX8xpcc7Kv+VTp0Lrf4+8epCaXaLR0RPXlPCbxPnMyq0
RHArnY5oLFBayxPpVthDsW4iabe0q7YVgQERBTo9MUcSK87JjarnJydqZ/91vpxr
ygDNOV1HAPjgiwlDrpRdzGFrbXlezoZzjH6xKHNDYtEhCuwo/l0uLmqXYIfv1AV4
7BQcCFi+q8NQxR6zhCGXoIOz/O7eusvX76VsqUA05z05PTQ8gSjH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:48 2024 by rpki-client on console-fra.rpki-client.org