Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d5cc4a-d266-40e6-88f9-d91484eb0c38/1/3cu_N_xKOt8b_srs_YwmZpe3iDA.roa
File: 3cu_N_xKOt8b_srs_YwmZpe3iDA.roa (raw, json)
Hash identifier: fOtj1QI+YckE6G1oUuKvOmhgQXQ1DIHllWC+49NxIm0=
Subject key identifier: DD:CB:BF:37:FC:4A:3A:DF:1B:FE:CA:EC:FD:8C:26:66:97:B7:88:30
Certificate issuer: /CN=6a6fdd2fd42fabf872720952468d29634c68c9dc
Certificate serial: 018693A2CCFF950A6AD6DBC211FC84EF5258
Authority key identifier: 6A:6F:DD:2F:D4:2F:AB:F8:72:72:09:52:46:8D:29:63:4C:68:C9:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/am_dL9Qvq_hycglSRo0pY0xoydw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d5cc4a-d266-40e6-88f9-d91484eb0c38/1/3cu_N_xKOt8b_srs_YwmZpe3iDA.roa
Signing time: Mon 27 Feb 2023 16:09:25 +0000
ROA not before: Mon 27 Feb 2023 16:09:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205886
IP address blocks: 185.85.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:a2:cc:ff:95:0a:6a:d6:db:c2:11:fc:84:ef:52:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a6fdd2fd42fabf872720952468d29634c68c9dc
Validity
Not Before: Feb 27 16:09:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddcbbf37fc4a3adf1bfecaecfd8c266697b78830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:38:4e:53:e1:c9:84:f4:aa:4b:ca:f8:a1:23:
93:b5:68:ed:17:54:4c:c0:be:b1:d8:1b:d9:16:9c:
75:c4:32:5c:01:5b:f2:fc:65:21:58:67:77:d1:c6:
79:3c:ac:49:8c:3b:83:2f:88:eb:10:2e:67:3d:28:
8d:6e:9a:24:fa:6d:8f:a4:5f:93:45:67:d9:74:1f:
07:5f:02:67:ae:bf:15:b2:df:dd:d8:41:06:8f:d5:
28:35:21:db:d6:8e:a6:d4:df:ed:77:0b:8a:83:c2:
16:70:97:a3:fd:c2:af:da:2d:6a:98:f3:e8:86:83:
ca:a1:21:38:3e:52:ea:9c:d8:32:4d:c5:2e:4f:4e:
cb:a0:06:45:ba:c0:5b:0f:ac:7e:97:1f:90:06:3b:
b8:65:f9:83:be:1c:5b:ab:e1:b6:06:49:f9:92:2d:
f9:c1:94:cc:6b:76:11:f4:28:35:3d:c0:e3:f7:74:
35:63:a9:35:83:b9:de:7f:98:14:bb:b7:4e:46:03:
c1:91:b3:66:79:2b:b3:54:9f:9d:89:9c:c9:4e:bd:
2f:d9:71:1e:4a:d0:25:70:a2:38:fa:2e:94:53:1c:
91:77:2b:80:a3:91:c3:69:52:7a:f8:d5:18:14:ab:
06:da:69:34:43:89:c4:f3:f3:ee:3e:b6:a7:f0:ca:
89:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CB:BF:37:FC:4A:3A:DF:1B:FE:CA:EC:FD:8C:26:66:97:B7:88:30
X509v3 Authority Key Identifier:
keyid:6A:6F:DD:2F:D4:2F:AB:F8:72:72:09:52:46:8D:29:63:4C:68:C9:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/am_dL9Qvq_hycglSRo0pY0xoydw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d5cc4a-d266-40e6-88f9-d91484eb0c38/1/3cu_N_xKOt8b_srs_YwmZpe3iDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d5cc4a-d266-40e6-88f9-d91484eb0c38/1/am_dL9Qvq_hycglSRo0pY0xoydw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.123.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ad:e0:a8:88:2c:8c:ba:0b:cc:10:e8:ab:eb:e4:95:1b:6f:
26:32:a6:3d:b6:b7:5d:dd:27:fd:34:4e:04:dd:c4:77:5a:a5:
3f:e9:e4:50:53:94:75:89:ce:b4:7e:79:31:dd:54:70:79:9c:
c9:f0:67:aa:a4:ce:b3:30:99:d5:f3:2a:e2:68:73:5b:6a:63:
d6:f6:06:51:ad:1e:90:dc:74:48:1f:f1:6a:de:83:12:d3:2e:
88:aa:a2:89:a8:12:aa:b7:ec:c5:6f:79:87:6d:de:ca:7f:0e:
28:ba:c1:b7:2d:9d:44:e7:34:64:ea:c8:cf:c0:c5:e7:b4:db:
67:6d:cb:89:40:fc:79:9d:5b:1b:64:8d:b9:fd:fc:32:1d:9f:
d9:fe:49:5f:f1:54:53:52:ed:67:4f:ea:3e:53:1f:80:53:b2:
9f:15:5e:4e:64:0d:da:42:70:f3:02:26:c6:d1:a4:ce:04:08:
76:91:81:22:f0:42:fe:71:07:62:e0:a1:86:c4:41:d0:a3:1f:
41:43:07:91:08:89:21:15:b3:31:ac:72:5d:88:0c:1a:d2:d9:
98:b0:1c:ac:8b:e3:d2:6c:33:ed:69:d3:f7:f6:1f:e5:16:21:
15:74:46:c6:64:2b:3b:d1:cb:27:c0:f8:1f:f7:d8:24:f5:10:
64:c6:6e:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaTosz/lQpq1tvCEfyE71JYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNmZkZDJmZDQyZmFiZjg3MjcyMDk1MjQ2OGQyOTYzNGM2
OGM5ZGMwHhcNMjMwMjI3MTYwOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGNiYmYzN2ZjNGEzYWRmMWJmZWNhZWNmZDhjMjY2Njk3Yjc4ODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvThOU+HJhPSqS8r4oSOTtWjtF1RM
wL6x2BvZFpx1xDJcAVvy/GUhWGd30cZ5PKxJjDuDL4jrEC5nPSiNbpok+m2PpF+T
RWfZdB8HXwJnrr8Vst/d2EEGj9UoNSHb1o6m1N/tdwuKg8IWcJej/cKv2i1qmPPo
hoPKoSE4PlLqnNgyTcUuT07LoAZFusBbD6x+lx+QBju4ZfmDvhxbq+G2Bkn5ki35
wZTMa3YR9Cg1PcDj93Q1Y6k1g7nef5gUu7dORgPBkbNmeSuzVJ+diZzJTr0v2XEe
StAlcKI4+i6UUxyRdyuAo5HDaVJ6+NUYFKsG2mk0Q4nE8/PuPran8MqJKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3Lvzf8SjrfG/7K7P2MJmaXt4gwMB8GA1UdIwQY
MBaAFGpv3S/UL6v4cnIJUkaNKWNMaMncMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW1fZEw5UXZxX2h5Y2dsU1JvMHBZMHhveWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNWNjNGEtZDI2Ni00MGU2LTg4Zjkt
ZDkxNDg0ZWIwYzM4LzEvM2N1X05feEtPdDhiX3Nyc19Zd21acGUzaURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNWNjNGEtZDI2Ni00MGU2LTg4ZjktZDkxNDg0ZWIwYzM4
LzEvYW1fZEw5UXZxX2h5Y2dsU1JvMHBZMHhveWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVV7MA0G
CSqGSIb3DQEBCwUAA4IBAQBIreCoiCyMugvMEOir6+SVG28mMqY9trdd3Sf9NE4E
3cR3WqU/6eRQU5R1ic60fnkx3VRweZzJ8GeqpM6zMJnV8yriaHNbamPW9gZRrR6Q
3HRIH/Fq3oMS0y6IqqKJqBKqt+zFb3mHbd7Kfw4ousG3LZ1E5zRk6sjPwMXntNtn
bcuJQPx5nVsbZI25/fwyHZ/Z/klf8VRTUu1nT+o+Ux+AU7KfFV5OZA3aQnDzAibG
0aTOBAh2kYEi8EL+cQdi4KGGxEHQox9BQweRCIkhFbMxrHJdiAwa0tmYsBysi+PS
bDPtadP39h/lFiEVdEbGZCs70csnwPgf99gk9RBkxm72
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:43 2024 by rpki-client on console-ams.rpki-client.org