Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/dgWMIosaAVTays36dIHcXgN0gwM.roa
File: dgWMIosaAVTays36dIHcXgN0gwM.roa (raw, json)
Hash identifier: V1R66KHHqQIDomo7xZZ/ft9yTEIbwU8JCOqov5dssqs=
Subject key identifier: 76:05:8C:22:8B:1A:01:54:DA:CA:CD:FA:74:81:DC:5E:03:74:83:03
Certificate issuer: /CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351
Certificate serial: 018871F1CD660F0FF2964E48E920CB4B76E1
Authority key identifier: 3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/dgWMIosaAVTays36dIHcXgN0gwM.roa
Signing time: Wed 31 May 2023 13:14:12 +0000
ROA not before: Wed 31 May 2023 13:14:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211657
IP address blocks: 185.116.220.0/22 maxlen: 23
2a0d:fe80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:f1:cd:66:0f:0f:f2:96:4e:48:e9:20:cb:4b:76:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351
Validity
Not Before: May 31 13:14:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76058c228b1a0154dacacdfa7481dc5e03748303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d4:2b:b1:9f:38:c7:98:1e:d8:e2:63:13:dc:
8b:db:0f:f9:d3:10:1b:e7:d1:23:7c:8e:07:f5:2a:
eb:ac:54:2f:73:29:d7:be:2f:fb:6e:0f:99:11:45:
d5:37:54:b4:7b:a9:a8:78:29:18:ce:8e:29:e8:81:
78:06:f3:ca:cb:1d:fe:48:ae:5d:b5:ad:fb:d3:19:
55:48:2c:c3:6d:91:24:80:f1:a8:93:1b:7a:83:9f:
47:99:3a:69:19:63:17:2e:0d:c4:61:12:43:a9:68:
30:49:eb:5a:c4:11:ab:0a:a0:af:03:f5:a4:97:48:
36:67:26:4e:66:65:ca:a8:d9:2d:85:e0:c1:44:6d:
95:d8:50:55:68:7a:cb:47:e1:0b:2c:96:c9:da:64:
4c:6c:1e:f2:7f:20:24:b7:b0:dd:06:0c:4c:61:69:
5b:88:0a:bf:ed:d6:5d:64:a1:b2:25:92:83:f7:f8:
8a:0b:f9:66:35:18:d0:e4:7e:68:6f:d0:5d:2e:b8:
96:ec:b3:3c:8e:b6:d1:da:cc:f8:09:4a:c5:d8:4b:
c1:f6:de:29:db:0f:13:ad:04:01:a4:b4:c3:d7:3c:
18:7e:71:61:6c:20:07:be:35:67:fa:46:14:b0:1e:
2c:1a:65:9d:12:39:6a:4b:d5:36:84:d8:3b:99:4b:
81:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:05:8C:22:8B:1A:01:54:DA:CA:CD:FA:74:81:DC:5E:03:74:83:03
X509v3 Authority Key Identifier:
keyid:3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/dgWMIosaAVTays36dIHcXgN0gwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.220.0/22
IPv6:
2a0d:fe80::/32
Signature Algorithm: sha256WithRSAEncryption
1c:2b:04:48:5a:63:ab:b4:06:5b:87:e8:97:28:6c:5b:c0:e2:
bf:89:a8:a7:0c:ea:66:d9:ac:a8:85:ef:2d:01:de:41:f7:d8:
4d:98:d7:79:9a:b4:18:0f:2b:5c:eb:06:c0:b5:97:40:a1:b2:
df:78:72:b6:46:59:a7:3d:aa:1d:f5:a0:71:8c:27:71:9d:50:
b6:a8:e9:4e:bc:db:7d:b1:1f:50:51:31:1c:1e:ae:43:4e:d0:
f9:eb:84:71:f4:60:10:47:29:7c:4c:bb:67:ce:01:10:d7:76:
90:b3:9d:f4:17:2d:89:57:0f:a1:2e:31:2e:82:9c:7c:75:80:
3e:6d:6b:f0:45:c5:b8:9c:f2:18:74:d2:7a:0c:7b:2b:d9:a1:
87:6a:15:51:81:0b:2e:f9:1e:e8:89:d2:6f:f2:91:8f:cf:ba:
e2:9b:cf:d3:a3:5b:9e:9b:16:97:ba:d1:2d:0e:7e:d1:c6:ae:
53:8f:4d:91:55:09:9d:e1:d1:d3:fb:5b:76:4b:b4:43:08:22:
40:fd:f4:37:2d:b5:61:d8:da:bc:e8:ea:41:73:96:3a:44:4d:
77:fb:d5:f1:f9:09:78:33:b1:81:c5:7f:ff:20:3f:2c:6a:60:
7e:92:93:d8:73:c7:9b:f7:bf:33:bb:c6:d1:43:38:1b:15:55:
0b:be:cc:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhx8c1mDw/ylk5I6SDLS3bhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODRkZmVmM2Q1MTA3Yjg0ZmM3N2M1NmRjZjc5ZTA1ZmU5
YzczNTEwHhcNMjMwNTMxMTMxNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjA1OGMyMjhiMWEwMTU0ZGFjYWNkZmE3NDgxZGM1ZTAzNzQ4MzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tQrsZ84x5ge2OJjE9yL2w/50xAb
59EjfI4H9SrrrFQvcynXvi/7bg+ZEUXVN1S0e6moeCkYzo4p6IF4BvPKyx3+SK5d
ta370xlVSCzDbZEkgPGokxt6g59HmTppGWMXLg3EYRJDqWgwSetaxBGrCqCvA/Wk
l0g2ZyZOZmXKqNktheDBRG2V2FBVaHrLR+ELLJbJ2mRMbB7yfyAkt7DdBgxMYWlb
iAq/7dZdZKGyJZKD9/iKC/lmNRjQ5H5ob9BdLriW7LM8jrbR2sz4CUrF2EvB9t4p
2w8TrQQBpLTD1zwYfnFhbCAHvjVn+kYUsB4sGmWdEjlqS9U2hNg7mUuBXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHYFjCKLGgFU2srN+nSB3F4DdIMDMB8GA1UdIwQY
MBaAFDqE3+89UQe4T8d8Vtz3ngX+nHNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2It
NWU4ZGVkYWM5Y2I3LzEvZGdXTUlvc2FBVlRheXMzNmRJSGNYZ04wZ3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2ItNWU4ZGVkYWM5Y2I3
LzEvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXTcMA0E
AgACMAcDBQAqDf6AMA0GCSqGSIb3DQEBCwUAA4IBAQAcKwRIWmOrtAZbh+iXKGxb
wOK/iainDOpm2ayohe8tAd5B99hNmNd5mrQYDytc6wbAtZdAobLfeHK2RlmnPaod
9aBxjCdxnVC2qOlOvNt9sR9QUTEcHq5DTtD564Rx9GAQRyl8TLtnzgEQ13aQs530
Fy2JVw+hLjEugpx8dYA+bWvwRcW4nPIYdNJ6DHsr2aGHahVRgQsu+R7oidJv8pGP
z7rim8/To1uemxaXutEtDn7Rxq5Tj02RVQmd4dHT+1t2S7RDCCJA/fQ3LbVh2Nq8
6OpBc5Y6RE13+9Xx+Ql4M7GBxX//ID8samB+kpPYc8eb978zu8bRQzgbFVULvsyQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org