Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/dVkgYwW_dV46-0F2XGseoKUinj4.roa
File: dVkgYwW_dV46-0F2XGseoKUinj4.roa (raw, json)
Hash identifier: hVahJjgKyZzriIzAhe4m/OHJquX9+y1Jbpjy0Y+oUhI=
Subject key identifier: 75:59:20:63:05:BF:75:5E:3A:FB:41:76:5C:6B:1E:A0:A5:22:9E:3E
Certificate issuer: /CN=f53353f368dd801cd6102232dfa1cea69dd8cb6c
Certificate serial: 01856B4A4E31C2F0BF96113100CE94F8AB1C
Authority key identifier: F5:33:53:F3:68:DD:80:1C:D6:10:22:32:DF:A1:CE:A6:9D:D8:CB:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9TNT82jdgBzWECIy36HOpp3Yy2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/dVkgYwW_dV46-0F2XGseoKUinj4.roa
Signing time: Sun 01 Jan 2023 03:05:09 +0000
ROA not before: Sun 01 Jan 2023 03:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.71.219.0/24 maxlen: 24
185.71.216.0/24 maxlen: 24
185.71.217.0/24 maxlen: 24
185.71.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:4e:31:c2:f0:bf:96:11:31:00:ce:94:f8:ab:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f53353f368dd801cd6102232dfa1cea69dd8cb6c
Validity
Not Before: Jan 1 03:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7559206305bf755e3afb41765c6b1ea0a5229e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0d:85:95:85:d1:cb:8c:2b:20:b8:3e:09:77:
12:7f:06:5b:26:1f:a2:4f:92:a7:6c:25:ba:95:3a:
e8:b5:9d:0d:37:03:2c:f4:d4:97:fb:b1:15:ef:40:
bc:f1:94:33:b6:ac:fd:35:3b:a1:6e:65:3b:b8:7f:
76:0e:b7:fb:19:ab:db:e8:8c:38:2f:73:9f:bf:27:
25:5a:3c:06:d0:98:1e:cf:c4:6a:7c:d7:e5:12:0e:
38:21:79:66:c8:7c:9e:ab:c3:03:77:3b:42:ba:46:
ae:f7:b1:3f:c7:f7:28:84:51:4f:6e:3d:68:6b:9f:
96:bd:16:58:38:cd:fd:4e:d9:c4:9e:c6:37:50:35:
db:20:38:f3:64:7f:2d:db:62:7d:6d:33:c1:9f:c6:
ee:30:02:12:dd:a1:8f:f6:7e:be:15:c8:5a:e0:4a:
ca:bc:82:19:07:da:dd:df:e1:eb:56:b6:80:05:24:
ce:fb:9e:b8:80:79:c0:06:dd:d0:8f:9d:e0:bb:64:
63:b8:cb:e3:56:ce:7b:90:a4:5f:91:3f:cc:30:85:
1f:4d:29:09:28:fb:6e:cc:01:b5:10:b4:1d:20:4c:
ae:4d:f1:14:17:29:12:6c:34:9b:7b:57:5e:6e:82:
8c:f7:0b:48:24:53:c0:a7:71:bc:04:57:c8:99:89:
dc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:59:20:63:05:BF:75:5E:3A:FB:41:76:5C:6B:1E:A0:A5:22:9E:3E
X509v3 Authority Key Identifier:
keyid:F5:33:53:F3:68:DD:80:1C:D6:10:22:32:DF:A1:CE:A6:9D:D8:CB:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9TNT82jdgBzWECIy36HOpp3Yy2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/dVkgYwW_dV46-0F2XGseoKUinj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/9TNT82jdgBzWECIy36HOpp3Yy2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.216.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:84:57:0d:52:81:8e:67:92:06:ef:fd:4f:0c:e4:72:0b:2d:
ee:98:99:fb:69:d5:95:01:2c:5a:05:05:a4:e0:5d:59:f3:40:
7a:7d:8f:4f:e1:a9:ab:70:1c:2b:f6:d9:c5:8a:cf:ae:97:76:
b8:61:76:2d:1f:72:a1:1b:d2:e3:49:51:6f:39:64:71:2e:ba:
f0:0a:7f:8c:93:ea:aa:6c:b3:c7:36:17:e0:7b:8b:ad:9e:28:
d9:f2:60:85:76:fa:ca:bb:fe:9e:ce:6e:9d:de:55:86:1f:f4:
5a:81:59:05:8c:f5:7f:c1:04:1e:bb:49:7d:5f:22:61:bd:80:
74:db:1c:0e:1b:5f:6e:2b:93:fe:31:20:d6:98:d4:94:87:8a:
60:2a:34:83:68:cf:57:b0:25:90:9a:70:2b:4a:05:9e:68:dc:
ec:c8:a4:a6:64:af:54:60:3a:69:24:5a:39:22:dc:40:d6:2e:
dd:a3:5a:0c:d6:02:df:8d:6a:f0:42:27:f2:78:12:9b:41:93:
ec:c0:e8:7a:4a:dd:7b:3e:d7:48:a0:4f:25:aa:f3:e5:c5:4c:
af:ce:5c:6b:50:60:0d:0f:d1:2c:ef:3a:eb:67:90:95:ae:1f:
c5:e1:73:02:62:cc:4c:39:92:c9:3e:2d:32:1e:6c:e0:29:c9:
13:d9:08:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSk4xwvC/lhExAM6U+KscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MzM1M2YzNjhkZDgwMWNkNjEwMjIzMmRmYTFjZWE2OWRk
OGNiNmMwHhcNMjMwMTAxMDMwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTU5MjA2MzA1YmY3NTVlM2FmYjQxNzY1YzZiMWVhMGE1MjI5ZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA2FlYXRy4wrILg+CXcSfwZbJh+i
T5KnbCW6lTrotZ0NNwMs9NSX+7EV70C88ZQztqz9NTuhbmU7uH92Drf7Gavb6Iw4
L3OfvyclWjwG0Jgez8RqfNflEg44IXlmyHyeq8MDdztCukau97E/x/cohFFPbj1o
a5+WvRZYOM39TtnEnsY3UDXbIDjzZH8t22J9bTPBn8buMAIS3aGP9n6+Fcha4ErK
vIIZB9rd3+HrVraABSTO+564gHnABt3Qj53gu2RjuMvjVs57kKRfkT/MMIUfTSkJ
KPtuzAG1ELQdIEyuTfEUFykSbDSbe1deboKM9wtIJFPAp3G8BFfImYnciQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHVZIGMFv3VeOvtBdlxrHqClIp4+MB8GA1UdIwQY
MBaAFPUzU/No3YAc1hAiMt+hzqad2MtsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVROVDgyamRnQnpXRUNJeTM2SE9wcDNZeTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iODA5N2EtNGVlZC00NjNiLWI2NWEt
MGVjN2VjYjI1MDMwLzEvZFZrZ1l3V19kVjQ2LTBGMlhHc2VvS1Vpbmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iODA5N2EtNGVlZC00NjNiLWI2NWEtMGVjN2VjYjI1MDMw
LzEvOVROVDgyamRnQnpXRUNJeTM2SE9wcDNZeTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUfYMA0G
CSqGSIb3DQEBCwUAA4IBAQCqhFcNUoGOZ5IG7/1PDORyCy3umJn7adWVASxaBQWk
4F1Z80B6fY9P4amrcBwr9tnFis+ul3a4YXYtH3KhG9LjSVFvOWRxLrrwCn+Mk+qq
bLPHNhfge4utnijZ8mCFdvrKu/6ezm6d3lWGH/RagVkFjPV/wQQeu0l9XyJhvYB0
2xwOG19uK5P+MSDWmNSUh4pgKjSDaM9XsCWQmnArSgWeaNzsyKSmZK9UYDppJFo5
ItxA1i7do1oM1gLfjWrwQifyeBKbQZPswOh6St17PtdIoE8lqvPlxUyvzlxrUGAN
D9Es7zrrZ5CVrh/F4XMCYsxMOZLJPi0yHmzgKckT2QjC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:00 2024 by rpki-client on console-ams.rpki-client.org