Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/H9M3NKDonsJ14-1fsxrqnKvw7l8.roa
File: H9M3NKDonsJ14-1fsxrqnKvw7l8.roa (raw, json)
Hash identifier: W1mdI6YiSbHQ0ZY2R76FB9GU052gc/mlaHCHe4iXups=
Subject key identifier: 1F:D3:37:34:A0:E8:9E:C2:75:E3:ED:5F:B3:1A:EA:9C:AB:F0:EE:5F
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 0187C7B29191C10A110BC4C942FCFBB5E7CE
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/H9M3NKDonsJ14-1fsxrqnKvw7l8.roa
Signing time: Fri 28 Apr 2023 11:49:41 +0000
ROA not before: Fri 28 Apr 2023 11:49:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209369
IP address blocks: 185.22.96.0/22 maxlen: 22
2a13:5280::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:32:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:b2:91:91:c1:0a:11:0b:c4:c9:42:fc:fb:b5:e7:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Apr 28 11:49:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fd33734a0e89ec275e3ed5fb31aea9cabf0ee5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:59:74:48:53:9f:30:99:ef:08:b2:8a:9f:fe:
b0:f1:ba:75:e0:ba:c6:d4:22:eb:bf:66:4e:5e:ca:
d8:e6:26:d4:3e:40:80:50:44:e3:d1:06:13:00:52:
c5:a0:5a:26:bf:af:00:e9:3d:fa:57:44:4a:6f:a3:
3d:dd:87:00:c5:65:23:b9:72:3e:04:4e:8d:5a:5e:
99:89:d7:50:08:82:19:4c:d3:66:63:3b:5f:b1:ef:
08:20:1f:8a:1a:17:7e:6f:5e:13:57:d2:e6:68:e8:
45:51:c4:ed:af:2b:d8:fa:3e:87:f7:75:8f:4d:01:
cc:e9:9e:bd:c0:f6:b2:dc:5f:68:c1:e9:d2:70:71:
81:ed:41:85:e9:c0:0b:bc:f3:8e:6a:92:1d:c2:f8:
e9:9c:5b:78:52:ae:1e:bb:04:5e:99:ed:cf:9a:a9:
ac:13:4b:b0:fc:6d:d8:8d:30:e0:4d:0d:01:2d:20:
b5:b7:25:29:2b:ca:8d:81:f8:a3:86:3d:f9:67:15:
51:00:ea:5c:24:51:9d:a9:76:8a:d1:6f:c9:d2:b8:
22:94:dd:a7:a1:80:fd:16:e9:01:27:aa:8b:bd:a8:
7e:7e:28:96:5b:80:c3:6d:8d:31:a1:b0:72:2a:53:
51:f3:26:18:88:8a:50:8d:88:f3:e9:c5:6e:5b:40:
03:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D3:37:34:A0:E8:9E:C2:75:E3:ED:5F:B3:1A:EA:9C:AB:F0:EE:5F
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/H9M3NKDonsJ14-1fsxrqnKvw7l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.96.0/22
IPv6:
2a13:5280::/29
Signature Algorithm: sha256WithRSAEncryption
1b:82:47:d2:a7:cb:98:76:d3:57:47:2c:8d:b9:9c:46:7e:cc:
b3:6a:25:1a:73:cd:a7:3d:0a:46:2d:74:bb:ac:a0:af:6d:b4:
6e:10:8c:9f:de:dc:b5:0c:ba:95:16:c9:17:b7:7c:20:c1:b7:
8f:3a:a1:69:db:07:e7:a1:9f:15:34:41:fc:ab:c3:c1:27:7a:
32:51:8f:26:f4:62:0f:cb:3f:bf:42:3e:a6:53:92:cb:ef:ef:
1b:7c:ec:43:6a:cd:c4:a8:4d:4b:02:f6:b7:c3:3f:b0:51:f6:
02:75:c3:bd:98:c3:7c:e9:33:3e:fc:0d:11:19:c1:67:61:83:
4c:a2:95:82:12:17:ea:37:9f:36:e7:a0:73:d0:7b:c0:ef:ea:
eb:61:a6:88:1b:2f:87:28:02:79:90:d1:fa:14:6c:72:22:08:
ff:09:f9:28:76:94:69:91:42:ca:06:61:64:9e:a9:7f:9a:68:
b7:16:c6:77:0d:7a:ed:ae:3e:23:4f:92:c7:f6:c6:ba:96:89:
ae:b2:8e:26:3d:8f:47:a6:06:8f:d4:91:59:60:37:a7:5b:e9:
e1:88:4e:a2:e1:b0:fd:2c:a8:6b:af:7e:c3:97:97:77:c8:59:
24:74:9e:75:1a:dc:95:f5:ce:b8:20:d9:ed:ac:21:cd:4b:f6:
d2:52:53:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfHspGRwQoRC8TJQvz7tefOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjMwNDI4MTE0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQzMzczNGEwZTg5ZWMyNzVlM2VkNWZiMzFhZWE5Y2FiZjBlZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFl0SFOfMJnvCLKKn/6w8bp14LrG
1CLrv2ZOXsrY5ibUPkCAUETj0QYTAFLFoFomv68A6T36V0RKb6M93YcAxWUjuXI+
BE6NWl6ZiddQCIIZTNNmYztfse8IIB+KGhd+b14TV9LmaOhFUcTtryvY+j6H93WP
TQHM6Z69wPay3F9owenScHGB7UGF6cALvPOOapIdwvjpnFt4Uq4euwReme3Pmqms
E0uw/G3YjTDgTQ0BLSC1tyUpK8qNgfijhj35ZxVRAOpcJFGdqXaK0W/J0rgilN2n
oYD9FukBJ6qLvah+fiiWW4DDbY0xobByKlNR8yYYiIpQjYjz6cVuW0ADJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB/TNzSg6J7CdePtX7Ma6pyr8O5fMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvSDlNM05LRG9uc0oxNC0xZnN4cnFuS3Z3N2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRZgMA0E
AgACMAcDBQMqE1KAMA0GCSqGSIb3DQEBCwUAA4IBAQAbgkfSp8uYdtNXRyyNuZxG
fsyzaiUac82nPQpGLXS7rKCvbbRuEIyf3ty1DLqVFskXt3wgwbePOqFp2wfnoZ8V
NEH8q8PBJ3oyUY8m9GIPyz+/Qj6mU5LL7+8bfOxDas3EqE1LAva3wz+wUfYCdcO9
mMN86TM+/A0RGcFnYYNMopWCEhfqN58256Bz0HvA7+rrYaaIGy+HKAJ5kNH6FGxy
Igj/CfkodpRpkULKBmFknql/mmi3FsZ3DXrtrj4jT5LH9sa6lomuso4mPY9HpgaP
1JFZYDenW+nhiE6i4bD9LKhrr37Dl5d3yFkkdJ51GtyV9c64INntrCHNS/bSUlPW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:11 2024 by rpki-client on console-fra.rpki-client.org