Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/d8b9f4-ad01-447c-a4de-0215aca1b909/1/CTiMf_BQAzks-t12lO54xm1i1cU.roa
File: CTiMf_BQAzks-t12lO54xm1i1cU.roa (raw, json)
Hash identifier: wVa/vsgjhYyvvPsSO6NjVrE3b/9VdRjtvIG/FdPrAus=
Subject key identifier: 09:38:8C:7F:F0:50:03:39:2C:FA:DD:76:94:EE:78:C6:6D:62:D5:C5
Certificate issuer: /CN=27d8af7e56c80d18dc968f4dbcec813f85ea30a4
Certificate serial: 01856EEFE93E7C3A5E80879B7F3508275F76
Authority key identifier: 27:D8:AF:7E:56:C8:0D:18:DC:96:8F:4D:BC:EC:81:3F:85:EA:30:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9ivflbIDRjclo9NvOyBP4XqMKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/d8b9f4-ad01-447c-a4de-0215aca1b909/1/CTiMf_BQAzks-t12lO54xm1i1cU.roa
Signing time: Sun 01 Jan 2023 20:04:54 +0000
ROA not before: Sun 01 Jan 2023 20:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209026
IP address blocks: 185.253.236.0/22 maxlen: 24
2a0c:42c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e9:3e:7c:3a:5e:80:87:9b:7f:35:08:27:5f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d8af7e56c80d18dc968f4dbcec813f85ea30a4
Validity
Not Before: Jan 1 20:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09388c7ff05003392cfadd7694ee78c66d62d5c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b2:c1:b3:f9:07:5b:f9:da:be:b5:d5:db:a2:
d0:cc:8e:77:8e:7d:ae:c4:2e:02:03:62:03:94:55:
dd:43:5b:d6:ca:c7:cd:51:6d:b5:46:72:0f:43:d8:
83:17:ad:35:7c:49:6a:07:36:f0:46:e0:cd:3b:d8:
d7:80:d7:b1:74:c1:79:6d:6d:03:5c:3d:d8:d5:40:
a3:7c:ff:35:b6:0b:fc:59:c2:19:ee:4e:86:8f:ce:
e0:ae:3f:b1:85:46:c7:e6:9c:0e:25:31:7e:2e:80:
b9:4a:fe:15:0d:a6:33:d1:18:bc:dd:45:c5:b0:aa:
ba:21:2a:31:f6:a8:cf:18:2f:6b:7c:6f:7a:37:48:
c5:3c:e4:13:e2:e7:cb:c9:8f:47:69:44:fd:aa:87:
09:9a:ce:e9:74:a3:b0:c3:70:1b:bb:a3:64:05:f0:
63:b8:62:d9:f0:aa:77:0f:43:72:13:aa:5b:d2:e0:
07:cc:5b:6b:a7:96:8a:71:a1:3b:27:0c:f7:1b:41:
33:64:54:0c:7a:13:ca:cc:1e:f5:cb:4a:e1:8a:69:
80:bb:c1:59:9d:87:c4:55:68:69:3b:32:34:9a:51:
e3:47:1f:b6:ea:9a:75:b5:4b:a7:01:a9:fb:01:3e:
70:20:f5:9d:8b:42:d4:f6:7b:ba:4e:c6:a2:84:25:
32:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:38:8C:7F:F0:50:03:39:2C:FA:DD:76:94:EE:78:C6:6D:62:D5:C5
X509v3 Authority Key Identifier:
keyid:27:D8:AF:7E:56:C8:0D:18:DC:96:8F:4D:BC:EC:81:3F:85:EA:30:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9ivflbIDRjclo9NvOyBP4XqMKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/d8b9f4-ad01-447c-a4de-0215aca1b909/1/CTiMf_BQAzks-t12lO54xm1i1cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/d8b9f4-ad01-447c-a4de-0215aca1b909/1/J9ivflbIDRjclo9NvOyBP4XqMKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.236.0/22
IPv6:
2a0c:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:27:b8:df:6c:42:11:79:3b:a5:63:1c:02:25:d9:d5:86:ec:
f1:11:3e:fa:c0:58:92:83:d7:1e:d9:f0:dd:35:5a:58:a8:f9:
31:98:99:b9:37:27:d2:e0:b2:2d:4f:5a:00:69:ae:69:a3:7b:
5f:be:e2:9a:5b:eb:53:53:87:a7:75:30:82:97:95:cc:67:32:
26:28:57:46:b9:7a:dc:2b:0f:fd:9e:bc:d1:58:7c:e1:3e:6b:
f0:cc:73:87:84:eb:5e:e9:e8:17:b0:6b:3f:57:74:96:fd:d1:
46:7a:98:07:19:70:93:09:81:7e:96:ad:97:f2:20:f8:0c:29:
c9:70:9a:76:86:68:1d:72:89:d0:6a:de:28:95:5e:8d:ab:ea:
32:58:62:98:6f:03:61:7c:bf:74:a2:41:aa:7c:5e:a9:37:06:
72:3f:36:7d:42:17:46:a0:c6:02:78:92:64:83:ba:68:5c:70:
55:54:00:92:2e:d3:51:65:ef:51:b2:31:0f:47:4a:9d:4a:0d:
ff:6a:77:21:0a:27:04:99:bb:f6:ce:36:a6:f7:59:49:57:cd:
88:a5:0f:05:de:49:a9:b5:bd:48:a3:c3:9c:12:e2:0b:e2:89:
c7:f1:b3:49:8c:0a:ed:e2:4e:f2:b1:7a:db:38:01:9b:66:da:
d3:cf:2d:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu7+k+fDpegIebfzUIJ192MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDhhZjdlNTZjODBkMThkYzk2OGY0ZGJjZWM4MTNmODVl
YTMwYTQwHhcNMjMwMTAxMjAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTM4OGM3ZmYwNTAwMzM5MmNmYWRkNzY5NGVlNzhjNjZkNjJkNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7LBs/kHW/navrXV26LQzI53jn2u
xC4CA2IDlFXdQ1vWysfNUW21RnIPQ9iDF601fElqBzbwRuDNO9jXgNexdMF5bW0D
XD3Y1UCjfP81tgv8WcIZ7k6Gj87grj+xhUbH5pwOJTF+LoC5Sv4VDaYz0Ri83UXF
sKq6ISox9qjPGC9rfG96N0jFPOQT4ufLyY9HaUT9qocJms7pdKOww3Abu6NkBfBj
uGLZ8Kp3D0NyE6pb0uAHzFtrp5aKcaE7Jwz3G0EzZFQMehPKzB71y0rhimmAu8FZ
nYfEVWhpOzI0mlHjRx+26pp1tUunAan7AT5wIPWdi0LU9nu6TsaihCUyeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAk4jH/wUAM5LPrddpTueMZtYtXFMB8GA1UdIwQY
MBaAFCfYr35WyA0Y3JaPTbzsgT+F6jCkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjlpdmZsYklEUmpjbG85TnZPeUJQNFhxTUtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9kOGI5ZjQtYWQwMS00NDdjLWE0ZGUt
MDIxNWFjYTFiOTA5LzEvQ1RpTWZfQlFBemtzLXQxMmxPNTR4bTFpMWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9kOGI5ZjQtYWQwMS00NDdjLWE0ZGUtMDIxNWFjYTFiOTA5
LzEvSjlpdmZsYklEUmpjbG85TnZPeUJQNFhxTUtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf3sMA0E
AgACMAcDBQMqDELAMA0GCSqGSIb3DQEBCwUAA4IBAQBLJ7jfbEIReTulYxwCJdnV
huzxET76wFiSg9ce2fDdNVpYqPkxmJm5NyfS4LItT1oAaa5po3tfvuKaW+tTU4en
dTCCl5XMZzImKFdGuXrcKw/9nrzRWHzhPmvwzHOHhOte6egXsGs/V3SW/dFGepgH
GXCTCYF+lq2X8iD4DCnJcJp2hmgdconQat4olV6Nq+oyWGKYbwNhfL90okGqfF6p
NwZyPzZ9QhdGoMYCeJJkg7poXHBVVACSLtNRZe9RsjEPR0qdSg3/anchCicEmbv2
zjam91lJV82IpQ8F3kmptb1Io8OcEuIL4onH8bNJjArt4k7ysXrbOAGbZtrTzy2/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:50 2024 by rpki-client on console-ams.rpki-client.org