Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/t4K7Wnz6KOsiFWcMvPzpW9TsySE.roa
File: t4K7Wnz6KOsiFWcMvPzpW9TsySE.roa (raw, json)
Hash identifier: b2/cFobCimKwIZ3f9haYVG2EMrSvZnlQud3L4mcx2KA=
Subject key identifier: B7:82:BB:5A:7C:FA:28:EB:22:15:67:0C:BC:FC:E9:5B:D4:EC:C9:21
Certificate issuer: /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Certificate serial: 0185728C9D9DF34C93E99748E8BB7E60F8E4
Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/t4K7Wnz6KOsiFWcMvPzpW9TsySE.roa
Signing time: Mon 02 Jan 2023 12:54:56 +0000
ROA not before: Mon 02 Jan 2023 12:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.214.23.0/24 maxlen: 24
185.214.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:9d:9d:f3:4c:93:e9:97:48:e8:bb:7e:60:f8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Validity
Not Before: Jan 2 12:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b782bb5a7cfa28eb2215670cbcfce95bd4ecc921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:40:cf:20:59:c2:56:8a:ad:a1:db:57:14:f6:
21:e9:dc:ba:ec:2f:14:b8:7c:74:12:f9:a4:67:34:
bb:59:71:7f:e8:f2:72:95:f5:29:6c:b0:64:62:d0:
11:60:dd:d6:f3:dd:69:0e:01:a8:70:e3:b3:9d:9c:
91:9b:fe:a2:f1:d7:95:ad:8f:09:11:e8:46:9f:20:
a6:f4:17:06:e1:d3:69:ea:fe:38:5b:f4:3d:7c:78:
63:b0:3c:6b:04:b4:41:ae:8b:b4:93:87:b6:9e:57:
8d:90:67:c0:f3:ba:bc:84:2c:19:0f:f8:ef:71:1e:
36:5b:46:fa:94:10:17:05:c1:d1:06:b2:52:ad:99:
d8:64:de:ef:52:36:0f:7c:cb:99:97:94:49:e4:59:
30:c8:6e:57:03:f4:33:75:15:31:96:d6:3a:69:7c:
d8:4c:1c:a3:fe:b5:e3:e4:f7:fd:90:f7:07:d2:98:
f6:5b:43:5b:f7:50:09:0e:e1:5d:e2:4c:1c:55:c2:
10:75:f4:35:4d:78:dd:ec:6f:92:e6:3e:32:32:33:
3d:43:06:8b:03:8e:ae:b7:ea:f5:0d:53:08:5d:35:
4f:6e:a2:37:78:aa:3c:5d:6a:bd:78:62:79:25:ae:
13:84:c0:23:b5:7c:23:b2:33:70:01:72:f1:41:11:
00:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:82:BB:5A:7C:FA:28:EB:22:15:67:0C:BC:FC:E9:5B:D4:EC:C9:21
X509v3 Authority Key Identifier:
keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/t4K7Wnz6KOsiFWcMvPzpW9TsySE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.22.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:f4:bc:bd:ee:6b:cc:b5:fd:ea:f5:8a:71:b0:e5:e8:04:a9:
6e:a2:9d:4c:e2:e9:32:20:2e:24:79:08:60:3a:88:cb:d8:8b:
4e:9a:c7:21:bc:bc:c1:a2:75:ea:7c:18:d6:51:72:af:9c:ee:
6c:c1:d3:92:a2:ce:fa:89:6c:27:57:fa:b3:44:21:95:76:67:
58:81:3c:af:ca:6d:69:a6:c4:28:23:da:cc:5d:aa:2e:50:cc:
ee:97:c8:91:f8:75:bf:21:2f:d9:48:bb:48:c3:84:62:74:ca:
72:73:ca:11:e0:15:c1:5d:ac:e0:fa:e2:42:bf:46:75:dd:14:
a8:f0:0d:45:30:94:7c:3a:00:b6:ca:2f:80:de:95:84:55:90:
79:35:d2:e5:1e:d1:1e:0b:f5:fd:8a:1b:58:e0:a0:8c:77:ff:
9f:61:58:da:2d:79:c8:1a:50:77:43:46:8e:0a:e4:a6:8e:d6:
20:55:d7:e1:a1:ce:2c:76:49:bf:18:91:ab:b7:73:1b:5f:1c:
f3:ad:74:cb:df:65:85:c4:3f:c3:20:67:18:d3:d9:df:ad:5f:
0f:cd:70:53:12:54:1f:db:2f:da:24:7c:02:2b:f3:8f:0b:d3:
e4:68:43:5d:78:f1:6d:1b:8b:70:67:48:db:79:39:d2:3c:4e:
fb:47:e7:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjJ2d80yT6ZdI6Lt+YPjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTU5NDRlODRkYzM3YmE2YTQyZDY4YmIxZTJiOWE0NDIx
ZTg0YTQwHhcNMjMwMTAyMTI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzgyYmI1YTdjZmEyOGViMjIxNTY3MGNiY2ZjZTk1YmQ0ZWNjOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40DPIFnCVoqtodtXFPYh6dy67C8U
uHx0EvmkZzS7WXF/6PJylfUpbLBkYtARYN3W891pDgGocOOznZyRm/6i8deVrY8J
EehGnyCm9BcG4dNp6v44W/Q9fHhjsDxrBLRBrou0k4e2nleNkGfA87q8hCwZD/jv
cR42W0b6lBAXBcHRBrJSrZnYZN7vUjYPfMuZl5RJ5FkwyG5XA/QzdRUxltY6aXzY
TByj/rXj5Pf9kPcH0pj2W0Nb91AJDuFd4kwcVcIQdfQ1TXjd7G+S5j4yMjM9QwaL
A46ut+r1DVMIXTVPbqI3eKo8XWq9eGJ5Ja4ThMAjtXwjsjNwAXLxQREA2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLeCu1p8+ijrIhVnDLz86VvU7MkhMB8GA1UdIwQY
MBaAFCmVlE6E3De6akLWi7HiuaRCHoSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmIt
MzM4YmRkNDM5ZWUxLzEvdDRLN1duejZLT3NpRldjTXZQenBXOVRzeVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmItMzM4YmRkNDM5ZWUx
LzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudYWMA0G
CSqGSIb3DQEBCwUAA4IBAQCN9Ly97mvMtf3q9YpxsOXoBKluop1M4ukyIC4keQhg
OojL2ItOmschvLzBonXqfBjWUXKvnO5swdOSos76iWwnV/qzRCGVdmdYgTyvym1p
psQoI9rMXaouUMzul8iR+HW/IS/ZSLtIw4RidMpyc8oR4BXBXazg+uJCv0Z13RSo
8A1FMJR8OgC2yi+A3pWEVZB5NdLlHtEeC/X9ihtY4KCMd/+fYVjaLXnIGlB3Q0aO
CuSmjtYgVdfhoc4sdkm/GJGrt3MbXxzzrXTL32WFxD/DIGcY09nfrV8PzXBTElQf
2y/aJHwCK/OPC9PkaENdePFtG4twZ0jbeTnSPE77R+dT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:34 2024 by rpki-client on console-fra.rpki-client.org