Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/Sf3DuIHYeZZ9_G9CeJCgeBoCd20.roa
File: Sf3DuIHYeZZ9_G9CeJCgeBoCd20.roa (raw, json)
Hash identifier: nH0iRulmleHB45Dv+3zcY4snIgcau41M1zJQ5H927aU=
Subject key identifier: 49:FD:C3:B8:81:D8:79:96:7D:FC:6F:42:78:90:A0:78:1A:02:77:6D
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 01856B258E826B6C5C884825B48E6842E5FB
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/Sf3DuIHYeZZ9_G9CeJCgeBoCd20.roa
Signing time: Sun 01 Jan 2023 02:25:01 +0000
ROA not before: Sun 01 Jan 2023 02:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203500
IP address blocks: 185.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:8e:82:6b:6c:5c:88:48:25:b4:8e:68:42:e5:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 1 02:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49fdc3b881d879967dfc6f427890a0781a02776d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b1:28:da:70:3b:2a:a1:51:5b:82:38:d8:9e:
7d:da:e8:b2:aa:5e:01:04:55:2e:67:c3:92:23:3f:
ac:33:1e:8c:6b:6d:eb:07:7e:5b:04:a2:10:40:9e:
77:4f:bf:0a:79:b0:e6:16:64:6c:f9:cc:41:4c:6b:
90:b2:fd:a2:f4:d7:6b:63:f3:ac:b0:92:c6:28:bf:
be:a8:29:64:3b:24:98:9c:20:8d:f2:9a:77:f9:12:
23:0e:2b:0b:6b:b8:c6:b4:99:49:82:5f:e3:0a:76:
5f:44:a7:62:4c:69:01:0f:a3:cc:a3:86:9e:a0:9c:
3a:5b:2a:91:80:74:f4:eb:8c:13:9e:4d:c5:97:4d:
b8:77:d7:6d:06:92:8c:83:a4:79:da:92:b9:f9:c5:
4e:82:15:49:21:29:91:c1:44:1b:5f:a6:02:f4:9f:
d7:82:2d:d9:06:0b:3c:f2:d1:fb:91:07:86:7d:29:
54:f6:f9:50:4f:2c:33:c2:9f:01:3b:02:9e:3a:35:
9b:09:18:fc:3f:46:f3:a2:9d:6f:5e:a5:ef:81:79:
1e:69:55:8b:a8:1e:b3:d8:66:a1:a5:8e:30:09:58:
a0:59:3c:1d:93:d7:7e:70:31:fc:7d:95:79:4e:c7:
4c:53:d0:8d:a8:1c:03:f4:4b:ac:3c:4f:42:6f:2c:
46:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FD:C3:B8:81:D8:79:96:7D:FC:6F:42:78:90:A0:78:1A:02:77:6D
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/Sf3DuIHYeZZ9_G9CeJCgeBoCd20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.130.0/24
Signature Algorithm: sha256WithRSAEncryption
54:23:ed:f2:16:4e:0f:5d:ed:21:ee:3c:a2:d1:8b:2d:9f:c6:
67:f3:fb:f5:a2:5b:4a:df:4f:7f:67:cb:b7:ef:99:80:ee:4b:
e6:72:fd:fc:36:9e:72:c6:f8:8d:60:e2:5c:67:c5:cb:69:a8:
f5:68:2f:32:18:a1:cf:32:c1:db:54:83:8e:ea:99:d0:d7:30:
29:ca:a0:37:c6:7f:95:57:70:cd:2f:d2:b1:99:58:6e:91:69:
71:0b:2c:e5:b4:67:e4:db:4e:83:9a:87:36:15:8c:2f:b1:b0:
39:7b:de:0d:cf:6d:39:0b:1d:ec:8f:d0:ec:1b:ff:84:ea:7c:
7d:36:ad:70:62:56:52:17:ec:b6:05:0c:e4:db:56:07:21:6d:
fd:a8:b4:9a:09:eb:d6:22:77:ba:3d:af:42:30:06:aa:a8:1c:
d1:3b:3e:07:42:8e:04:6e:d7:e8:23:99:a2:56:c7:37:bb:dd:
49:35:00:3b:95:a2:1e:6c:fe:e9:15:d4:35:33:8b:15:24:d5:
54:49:89:4a:fa:d3:4e:ae:85:b1:94:65:94:75:9f:75:52:c2:
a8:59:dc:08:8e:0b:7e:69:7b:43:c6:78:d0:70:d8:23:b6:da:
42:73:0e:84:3f:96:b6:98:3d:79:9a:4e:10:53:0c:b9:82:89:
4c:aa:4a:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrJY6Ca2xciEgltI5oQuX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjMwMTAxMDIyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZkYzNiODgxZDg3OTk2N2RmYzZmNDI3ODkwYTA3ODFhMDI3NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbEo2nA7KqFRW4I42J592uiyql4B
BFUuZ8OSIz+sMx6Ma23rB35bBKIQQJ53T78KebDmFmRs+cxBTGuQsv2i9NdrY/Os
sJLGKL++qClkOySYnCCN8pp3+RIjDisLa7jGtJlJgl/jCnZfRKdiTGkBD6PMo4ae
oJw6WyqRgHT064wTnk3Fl024d9dtBpKMg6R52pK5+cVOghVJISmRwUQbX6YC9J/X
gi3ZBgs88tH7kQeGfSlU9vlQTywzwp8BOwKeOjWbCRj8P0bzop1vXqXvgXkeaVWL
qB6z2GahpY4wCVigWTwdk9d+cDH8fZV5TsdMU9CNqBwD9EusPE9CbyxG8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEn9w7iB2HmWffxvQniQoHgaAndtMB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvU2YzRHVJSFllWlo5X0c5Q2VKQ2dlQm9DZDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRaCMA0G
CSqGSIb3DQEBCwUAA4IBAQBUI+3yFk4PXe0h7jyi0Ystn8Zn8/v1oltK309/Z8u3
75mA7kvmcv38Np5yxviNYOJcZ8XLaaj1aC8yGKHPMsHbVIOO6pnQ1zApyqA3xn+V
V3DNL9KxmVhukWlxCyzltGfk206Dmoc2FYwvsbA5e94Nz205Cx3sj9DsG/+E6nx9
Nq1wYlZSF+y2BQzk21YHIW39qLSaCevWIne6Pa9CMAaqqBzROz4HQo4EbtfoI5mi
Vsc3u91JNQA7laIebP7pFdQ1M4sVJNVUSYlK+tNOroWxlGWUdZ91UsKoWdwIjgt+
aXtDxnjQcNgjttpCcw6EP5a2mD15mk4QUwy5golMqkqB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:14 2024 by rpki-client on console-ams.rpki-client.org