Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/L9X6Il3kvW5x_DVpJv5qaI8zAoY.roa
File: L9X6Il3kvW5x_DVpJv5qaI8zAoY.roa (raw, json)
Hash identifier: fMWCWgPvszwwRavyFjISr8GBoixDdutUS/eLUjv0sM4=
Subject key identifier: 2F:D5:FA:22:5D:E4:BD:6E:71:FC:35:69:26:FE:6A:68:8F:33:02:86
Certificate issuer: /CN=34921598b6a261aa4c3e67144ac876033253e0aa
Certificate serial: 01856CC16F00F8BDC6FBD561CD7312166656
Authority key identifier: 34:92:15:98:B6:A2:61:AA:4C:3E:67:14:4A:C8:76:03:32:53:E0:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJIVmLaiYapMPmcUSsh2AzJT4Ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/L9X6Il3kvW5x_DVpJv5qaI8zAoY.roa
Signing time: Sun 01 Jan 2023 09:54:54 +0000
ROA not before: Sun 01 Jan 2023 09:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39605
IP address blocks: 185.28.232.0/22 maxlen: 24
2a00:a320::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:6f:00:f8:bd:c6:fb:d5:61:cd:73:12:16:66:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34921598b6a261aa4c3e67144ac876033253e0aa
Validity
Not Before: Jan 1 09:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fd5fa225de4bd6e71fc356926fe6a688f330286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:76:ae:6a:fb:a2:ba:94:f1:e1:d7:e2:f3:0d:
e5:25:86:ef:6a:50:a4:a5:56:82:19:e4:e9:36:4c:
e4:00:4a:dc:22:9c:9c:7f:eb:13:a1:75:b3:df:16:
c7:c9:05:f8:d5:6f:42:a6:80:c0:85:ea:68:d1:99:
45:3d:6f:c5:23:f8:ba:fc:b1:fa:73:83:0d:36:1c:
69:ee:2c:04:6c:c7:d8:c8:e1:ed:80:aa:ca:bc:85:
09:b4:f7:e2:be:87:f2:70:14:05:1e:9e:04:e1:f2:
c3:4d:92:4b:99:aa:ca:1f:10:f5:e0:c6:b1:22:22:
50:9e:32:3d:db:5b:b4:4e:90:13:c8:44:e7:b2:8c:
8a:15:0f:ef:44:f9:23:3c:e3:14:7b:7c:6d:d6:4d:
3c:7c:28:4f:3e:a3:6b:52:2e:67:74:cb:7b:59:9c:
cb:9b:ae:8c:c6:70:da:24:46:2d:dc:13:c9:aa:f6:
0b:66:ae:d5:b6:4b:22:3a:93:b4:5b:2f:f1:65:d2:
e7:c3:2b:29:54:5f:b8:f8:4e:9b:b9:d1:35:08:28:
bf:bd:65:63:d1:d0:0b:36:de:12:2d:11:39:8e:48:
76:66:90:f1:5a:b5:f2:e9:da:d8:49:69:ed:9a:35:
99:74:31:b0:ef:63:49:c0:7d:de:80:25:40:18:d8:
03:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D5:FA:22:5D:E4:BD:6E:71:FC:35:69:26:FE:6A:68:8F:33:02:86
X509v3 Authority Key Identifier:
keyid:34:92:15:98:B6:A2:61:AA:4C:3E:67:14:4A:C8:76:03:32:53:E0:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJIVmLaiYapMPmcUSsh2AzJT4Ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/L9X6Il3kvW5x_DVpJv5qaI8zAoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/NJIVmLaiYapMPmcUSsh2AzJT4Ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.232.0/22
IPv6:
2a00:a320::/32
Signature Algorithm: sha256WithRSAEncryption
78:b5:98:48:e1:28:96:5d:57:99:75:f8:65:de:89:d4:2c:47:
00:c4:7b:00:6e:fc:77:55:6e:38:d3:28:4a:98:3c:12:86:49:
38:f5:aa:1e:8f:9c:b1:29:42:a4:e8:49:88:fe:95:51:a8:bf:
4b:5d:99:e3:ca:23:9d:e4:5e:cd:c4:a1:ed:d4:fb:6b:51:7a:
8a:32:98:06:89:8a:20:46:bc:ec:8a:b4:ca:f9:99:06:0b:0e:
59:ad:4a:fa:fb:16:97:7d:36:33:9b:a8:48:08:9e:d3:78:58:
04:2f:0b:97:fe:4b:77:cb:81:ab:a0:35:f6:1e:51:cc:2d:6c:
80:38:90:de:ff:f4:06:5b:54:6b:b7:99:e6:a2:4d:20:41:d7:
72:6b:45:26:e9:b4:31:79:a2:49:8e:b2:00:6b:0e:ed:d7:81:
a2:12:7e:99:43:28:ec:7c:c5:20:ab:08:17:6c:89:2a:64:a6:
3c:61:9f:85:09:8d:3c:3a:db:4b:94:4d:cb:82:59:62:f3:51:
77:3d:8c:4e:2f:76:36:d0:6e:d6:76:49:a3:ec:fa:18:1f:e8:
34:78:db:46:ff:d0:aa:79:89:91:fc:d8:e1:0d:44:36:11:9e:
f1:46:13:02:c9:e0:51:b9:3f:59:76:c6:69:04:70:14:91:00:
07:5a:bb:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswW8A+L3G+9VhzXMSFmZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTIxNTk4YjZhMjYxYWE0YzNlNjcxNDRhYzg3NjAzMzI1
M2UwYWEwHhcNMjMwMTAxMDk1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQ1ZmEyMjVkZTRiZDZlNzFmYzM1NjkyNmZlNmE2ODhmMzMwMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XauavuiupTx4dfi8w3lJYbvalCk
pVaCGeTpNkzkAErcIpycf+sToXWz3xbHyQX41W9CpoDAhepo0ZlFPW/FI/i6/LH6
c4MNNhxp7iwEbMfYyOHtgKrKvIUJtPfivofycBQFHp4E4fLDTZJLmarKHxD14Max
IiJQnjI921u0TpATyETnsoyKFQ/vRPkjPOMUe3xt1k08fChPPqNrUi5ndMt7WZzL
m66MxnDaJEYt3BPJqvYLZq7VtksiOpO0Wy/xZdLnwyspVF+4+E6budE1CCi/vWVj
0dALNt4SLRE5jkh2ZpDxWrXy6drYSWntmjWZdDGw72NJwH3egCVAGNgDMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC/V+iJd5L1ucfw1aSb+amiPMwKGMB8GA1UdIwQY
MBaAFDSSFZi2omGqTD5nFErIdgMyU+CqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpJVm1MYWlZYXBNUG1jVVNzaDJBekpUNEtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iMDAwZTItNjdjMy00NmY3LTg4MjAt
NDJlMDAyZGFkOWFlLzEvTDlYNklsM2t2VzV4X0RWcEp2NXFhSTh6QW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iMDAwZTItNjdjMy00NmY3LTg4MjAtNDJlMDAyZGFkOWFl
LzEvTkpJVm1MYWlZYXBNUG1jVVNzaDJBekpUNEtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRzoMA0E
AgACMAcDBQAqAKMgMA0GCSqGSIb3DQEBCwUAA4IBAQB4tZhI4SiWXVeZdfhl3onU
LEcAxHsAbvx3VW440yhKmDwShkk49aoej5yxKUKk6EmI/pVRqL9LXZnjyiOd5F7N
xKHt1PtrUXqKMpgGiYogRrzsirTK+ZkGCw5ZrUr6+xaXfTYzm6hICJ7TeFgELwuX
/kt3y4GroDX2HlHMLWyAOJDe//QGW1Rrt5nmok0gQddya0Um6bQxeaJJjrIAaw7t
14GiEn6ZQyjsfMUgqwgXbIkqZKY8YZ+FCY08OttLlE3Lglli81F3PYxOL3Y20G7W
dkmj7PoYH+g0eNtG/9CqeYmR/NjhDUQ2EZ7xRhMCyeBRuT9ZdsZpBHAUkQAHWruk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:58 2024 by rpki-client on console-ams.rpki-client.org