Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/ION9ykBJJ5gq2EPVIlgNJZlw374.roa
File: ION9ykBJJ5gq2EPVIlgNJZlw374.roa (raw, json)
Hash identifier: OTq1RnJb9VuLqEkiW+1CoDTUB0AV6MmYqUezFzkkkEk=
Subject key identifier: 20:E3:7D:CA:40:49:27:98:2A:D8:43:D5:22:58:0D:25:99:70:DF:BE
Certificate issuer: /CN=f8035ec9de2570c1e7a7db40e272e45548c9202b
Certificate serial: 0186CBC50F399B38E6E82517476EC5802B07
Authority key identifier: F8:03:5E:C9:DE:25:70:C1:E7:A7:DB:40:E2:72:E4:55:48:C9:20:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ANeyd4lcMHnp9tA4nLkVUjJICs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/ION9ykBJJ5gq2EPVIlgNJZlw374.roa
Signing time: Fri 10 Mar 2023 13:45:34 +0000
ROA not before: Fri 10 Mar 2023 13:45:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210806
IP address blocks: 185.37.11.0/24 maxlen: 24
2a11:da80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:c5:0f:39:9b:38:e6:e8:25:17:47:6e:c5:80:2b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8035ec9de2570c1e7a7db40e272e45548c9202b
Validity
Not Before: Mar 10 13:45:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20e37dca404927982ad843d522580d259970dfbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3c:28:12:0e:80:d2:42:90:eb:82:4c:ba:70:
bf:9a:f2:01:b8:16:48:b3:6f:6a:c3:c4:8b:39:f1:
a4:f8:36:86:68:f7:23:d9:d8:df:9b:dd:9b:ee:59:
66:4e:6c:bf:a4:23:f5:b4:19:60:51:72:57:de:ed:
f6:11:34:45:cb:22:7b:f9:3b:a5:6b:94:77:2c:81:
27:65:b4:76:49:13:22:d7:36:c6:f3:65:3c:ce:a1:
47:c7:58:9b:ab:a3:6d:90:ae:61:1d:6a:c5:5e:52:
e3:1f:bc:99:86:8c:be:fe:9e:ce:e8:8f:9e:39:0c:
f4:0f:4b:7d:e6:af:db:d8:2a:7d:43:fa:2a:96:04:
71:f1:00:6d:a9:f0:10:ab:99:cd:0d:ad:e2:d0:30:
51:5b:d3:b8:6c:98:2d:36:18:f9:b6:c1:29:57:18:
7f:e3:5b:73:b5:f8:a8:a1:2c:08:e3:dc:12:0d:14:
50:4f:d8:37:ae:30:3c:79:a0:ee:a1:25:4a:79:08:
09:7d:25:9d:22:be:92:a2:d7:8d:86:da:6e:67:d4:
03:c7:a0:86:27:d7:4f:91:1e:b6:76:5d:b7:aa:90:
27:06:5c:8c:e0:f5:71:b8:55:7d:69:c0:7e:c4:d0:
fa:a6:b5:11:97:bb:65:a6:e3:7c:ec:6c:3e:d5:84:
c8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E3:7D:CA:40:49:27:98:2A:D8:43:D5:22:58:0D:25:99:70:DF:BE
X509v3 Authority Key Identifier:
keyid:F8:03:5E:C9:DE:25:70:C1:E7:A7:DB:40:E2:72:E4:55:48:C9:20:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ANeyd4lcMHnp9tA4nLkVUjJICs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/ION9ykBJJ5gq2EPVIlgNJZlw374.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/1-ANeyd4lcMHnp9tA4nLkVUjJICs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.11.0/24
IPv6:
2a11:da80::/29
Signature Algorithm: sha256WithRSAEncryption
32:1f:8f:61:b4:f0:56:c4:b4:3d:7b:91:d4:51:77:44:75:4a:
e7:74:06:c1:bb:f8:7a:28:1c:34:38:e2:49:87:6f:b4:a5:46:
6f:a1:72:12:86:3e:e6:63:25:80:25:46:17:03:98:40:c3:35:
00:dc:03:0c:50:33:d7:8e:f8:40:06:c0:bc:87:d4:e2:d3:97:
67:b6:d3:69:86:9b:27:43:0f:0d:bd:13:42:e3:b4:66:59:13:
87:b4:ea:11:ac:f1:3d:68:d7:4e:43:8a:a1:ce:39:8b:1d:26:
cb:0c:8b:95:e4:bd:3f:16:dd:72:db:fd:1a:e2:9b:92:61:0e:
44:f1:7d:f2:ab:bf:6e:7c:79:df:56:0e:d4:30:0b:2c:bd:d6:
6a:b8:bc:b0:34:ea:3e:5b:b5:1a:12:41:8e:1c:67:1a:3e:83:
00:38:8a:c9:36:a3:3b:c7:8e:cc:5b:53:58:f1:5f:59:dc:d4:
a8:12:5b:fe:6b:5f:a8:2c:36:95:01:8e:c6:f3:2b:a9:eb:3d:
3d:61:73:d8:18:9b:8c:42:5a:0d:90:11:2d:cc:af:6f:31:a4:
23:27:c5:c2:57:6e:0c:10:6a:38:20:b8:6b:24:72:4c:7f:6c:
2a:66:a4:3c:35:1d:b8:a3:1e:10:78:57:6c:0a:b5:ce:b4:cc:
2b:21:69:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbLxQ85mzjm6CUXR27FgCsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MDM1ZWM5ZGUyNTcwYzFlN2E3ZGI0MGUyNzJlNDU1NDhj
OTIwMmIwHhcNMjMwMzEwMTM0NTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGUzN2RjYTQwNDkyNzk4MmFkODQzZDUyMjU4MGQyNTk5NzBkZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTwoEg6A0kKQ64JMunC/mvIBuBZI
s29qw8SLOfGk+DaGaPcj2djfm92b7llmTmy/pCP1tBlgUXJX3u32ETRFyyJ7+Tul
a5R3LIEnZbR2SRMi1zbG82U8zqFHx1ibq6NtkK5hHWrFXlLjH7yZhoy+/p7O6I+e
OQz0D0t95q/b2Cp9Q/oqlgRx8QBtqfAQq5nNDa3i0DBRW9O4bJgtNhj5tsEpVxh/
41tztfiooSwI49wSDRRQT9g3rjA8eaDuoSVKeQgJfSWdIr6SoteNhtpuZ9QDx6CG
J9dPkR62dl23qpAnBlyM4PVxuFV9acB+xND6prURl7tlpuN87Gw+1YTImQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCDjfcpASSeYKthD1SJYDSWZcN++MB8GA1UdIwQY
MBaAFPgDXsneJXDB56fbQOJy5FVIySArMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BTmV5ZDRsY01IbnA5dEE0bkxrVlVqSklDcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvMTAxMTI2LTFkMzItNDJhNi04N2Zl
LTkyMjM4NDZmZjMwYi8xL0lPTjl5a0JKSjVncTJFUFZJbGdOSlpsdzM3NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvMTAxMTI2LTFkMzItNDJhNi04N2ZlLTkyMjM4NDZmZjMw
Yi8xLzEtQU5leWQ0bGNNSG5wOXRBNG5Ma1ZVakpJQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAC5JQsw
DQQCAAIwBwMFAyoR2oAwDQYJKoZIhvcNAQELBQADggEBADIfj2G08FbEtD17kdRR
d0R1Sud0BsG7+HooHDQ44kmHb7SlRm+hchKGPuZjJYAlRhcDmEDDNQDcAwxQM9eO
+EAGwLyH1OLTl2e202mGmydDDw29E0LjtGZZE4e06hGs8T1o105DiqHOOYsdJssM
i5XkvT8W3XLb/Rrim5JhDkTxffKrv258ed9WDtQwCyy91mq4vLA06j5btRoSQY4c
Zxo+gwA4isk2ozvHjsxbU1jxX1nc1KgSW/5rX6gsNpUBjsbzK6nrPT1hc9gYm4xC
Wg2QES3Mr28xpCMnxcJXbgwQajgguGskckx/bCpmpDw1HbijHhB4V2wKtc60zCsh
aVk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:25 2024 by rpki-client on console-ams.rpki-client.org