Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/sDXxttOZLjNdwSJPheoszZ8PfUM.roa
File: sDXxttOZLjNdwSJPheoszZ8PfUM.roa (raw, json)
Hash identifier: 8YQ0CCPpwui6re68reVd1mhE5RKZZ1rTr+cWSXypDPk=
Subject key identifier: B0:35:F1:B6:D3:99:2E:33:5D:C1:22:4F:85:EA:2C:CD:9F:0F:7D:43
Certificate issuer: /CN=0dd441c3ffae829842249e944b03851081f4d9e0
Certificate serial: 0185E06B2C7693B055462EEA602550D529A4
Authority key identifier: 0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/sDXxttOZLjNdwSJPheoszZ8PfUM.roa
Signing time: Mon 23 Jan 2023 20:56:38 +0000
ROA not before: Mon 23 Jan 2023 20:56:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e0:6b:2c:76:93:b0:55:46:2e:ea:60:25:50:d5:29:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd441c3ffae829842249e944b03851081f4d9e0
Validity
Not Before: Jan 23 20:56:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b035f1b6d3992e335dc1224f85ea2ccd9f0f7d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:44:e6:71:19:93:31:5e:dc:e3:89:69:22:16:
f0:e2:32:d6:a9:bb:89:23:ad:13:0c:01:bc:70:f7:
9f:0f:63:bd:77:1d:23:d2:0d:64:63:8f:17:04:2c:
54:fd:0b:f6:5f:29:f6:f5:32:93:82:ef:04:97:a8:
b5:21:7d:13:d2:bf:5d:ae:1f:93:33:7f:20:1c:19:
3e:25:d6:a2:3c:df:0b:96:98:2d:98:f2:ca:bf:e0:
05:d8:a2:76:11:e1:35:41:80:d6:dc:b2:45:d6:9e:
8f:2e:e8:29:df:8e:f9:78:17:99:f6:c0:9e:95:ca:
39:8d:a5:19:51:6e:eb:22:d5:b7:3c:2a:1e:3f:af:
37:ed:26:f4:c6:51:29:d8:98:08:dc:d7:08:22:2e:
58:7a:35:f2:5b:f3:f2:f0:b6:fa:61:77:d4:00:7d:
1a:6a:d8:8a:fc:6d:06:6c:64:5a:e4:95:90:c0:b4:
5a:a9:d6:f8:89:08:dc:92:30:6f:b5:4d:4d:00:96:
d5:0b:b5:89:b1:81:e6:1a:34:99:79:dc:af:16:a9:
4c:f5:7d:ef:56:fb:b2:7a:de:66:f7:c1:c6:b6:e3:
b8:5c:81:3d:31:e7:be:9c:48:a4:aa:d7:99:1a:d5:
51:a8:d7:66:9b:17:17:9f:54:01:f2:59:69:4d:6b:
24:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:35:F1:B6:D3:99:2E:33:5D:C1:22:4F:85:EA:2C:CD:9F:0F:7D:43
X509v3 Authority Key Identifier:
keyid:0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/sDXxttOZLjNdwSJPheoszZ8PfUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.32.0/24
Signature Algorithm: sha256WithRSAEncryption
39:4b:bb:8c:04:8c:c1:9f:1e:25:57:d3:73:ff:6f:b2:9e:6b:
1d:33:39:d7:8a:70:1a:32:87:78:ee:d4:03:a5:8e:72:f1:88:
31:c7:8d:80:3a:4e:60:2e:10:86:fc:84:a5:d7:8e:e5:d4:75:
37:61:75:ea:8b:74:87:5d:93:ab:e9:d0:ec:3d:48:4e:02:55:
56:35:d6:29:db:a0:33:3e:d0:1c:df:4b:9b:65:cc:e6:db:e3:
92:c8:68:be:23:01:73:19:8c:e6:ba:86:ca:90:cd:d0:a6:c7:
5d:9b:7a:25:6d:a2:dc:62:ff:67:fb:41:75:00:83:64:e6:8c:
4b:14:0f:8e:a6:d5:1f:63:9d:3b:92:47:01:04:08:58:e2:64:
3b:db:1b:7d:7e:05:f9:a2:91:8f:7c:26:56:74:1d:2c:88:4b:
45:b8:b4:fe:ac:bb:c2:76:a4:61:1f:c7:81:9a:4c:5a:20:97:
1c:b8:54:97:b9:f5:60:b8:13:b3:bb:b8:e8:1d:78:2a:ac:c5:
c8:bf:cc:6a:3d:e5:02:11:62:cc:9c:43:91:dc:e2:ca:d8:79:
a3:b1:37:3c:57:d3:71:bc:dd:5e:86:4f:eb:0a:05:af:06:3e:
96:8d:96:14:a7:be:ea:43:b1:6d:3b:8c:b9:6c:46:42:71:93:
be:a4:c3:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXgayx2k7BVRi7qYCVQ1SmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDQ0MWMzZmZhZTgyOTg0MjI0OWU5NDRiMDM4NTEwODFm
NGQ5ZTAwHhcNMjMwMTIzMjA1NjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDM1ZjFiNmQzOTkyZTMzNWRjMTIyNGY4NWVhMmNjZDlmMGY3ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUTmcRmTMV7c44lpIhbw4jLWqbuJ
I60TDAG8cPefD2O9dx0j0g1kY48XBCxU/Qv2Xyn29TKTgu8El6i1IX0T0r9drh+T
M38gHBk+JdaiPN8LlpgtmPLKv+AF2KJ2EeE1QYDW3LJF1p6PLugp3475eBeZ9sCe
lco5jaUZUW7rItW3PCoeP6837Sb0xlEp2JgI3NcIIi5YejXyW/Py8Lb6YXfUAH0a
atiK/G0GbGRa5JWQwLRaqdb4iQjckjBvtU1NAJbVC7WJsYHmGjSZedyvFqlM9X3v
Vvuyet5m98HGtuO4XIE9Mee+nEikqteZGtVRqNdmmxcXn1QB8llpTWskGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLA18bbTmS4zXcEiT4XqLM2fD31DMB8GA1UdIwQY
MBaAFA3UQcP/roKYQiSelEsDhRCB9NngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMt
ZTljOTEzMjgzNmZmLzEvc0RYeHR0T1pMak5kd1NKUGhlb3N6WjhQZlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMtZTljOTEzMjgzNmZm
LzEvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQEgMA0G
CSqGSIb3DQEBCwUAA4IBAQA5S7uMBIzBnx4lV9Nz/2+ynmsdMznXinAaMod47tQD
pY5y8Ygxx42AOk5gLhCG/ISl147l1HU3YXXqi3SHXZOr6dDsPUhOAlVWNdYp26Az
PtAc30ubZczm2+OSyGi+IwFzGYzmuobKkM3Qpsddm3olbaLcYv9n+0F1AINk5oxL
FA+OptUfY507kkcBBAhY4mQ72xt9fgX5opGPfCZWdB0siEtFuLT+rLvCdqRhH8eB
mkxaIJccuFSXufVguBOzu7joHXgqrMXIv8xqPeUCEWLMnEOR3OLK2HmjsTc8V9Nx
vN1ehk/rCgWvBj6WjZYUp77qQ7FtO4y5bEZCcZO+pMNm
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:15:49 2024 by rpki-client on console-ams.rpki-client.org