Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AUr-rL6ZEVzifMBq_li4LP4oqX0.roa
File: AUr-rL6ZEVzifMBq_li4LP4oqX0.roa (raw, json)
Hash identifier: z+moFUK+l3VUQJxnDs3JXwrsNNQY59OaBanyHi5S0X8=
Subject key identifier: 01:4A:FE:AC:BE:99:11:5C:E2:7C:C0:6A:FE:58:B8:2C:FE:28:A9:7D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BF0FDB88D3DE5A990FE6EB990E6ADB847
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AUr-rL6ZEVzifMBq_li4LP4oqX0.roa
Signing time: Tue 21 Nov 2023 08:27:21 +0000
ROA not before: Tue 21 Nov 2023 08:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200019
IP address blocks: 185.216.68.0/24 maxlen: 24
2a00:1728:3f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:fd:b8:8d:3d:e5:a9:90:fe:6e:b9:90:e6:ad:b8:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 21 08:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=014afeacbe99115ce27cc06afe58b82cfe28a97d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:90:ca:d0:27:47:f1:26:a4:99:c7:ba:0f:3e:
45:36:fe:67:06:8f:df:4c:6f:b5:d0:f9:6d:40:e6:
bd:93:bf:57:09:32:9b:b6:aa:f4:54:11:28:cf:c8:
c3:d1:af:8e:b8:fe:b7:f6:e9:cd:3c:28:53:40:52:
1c:07:77:a5:5c:73:83:55:0a:74:94:1f:06:fa:74:
8b:02:a5:ec:56:05:2c:18:21:f3:fb:80:ea:75:d4:
e2:f7:ed:c8:cd:f4:b6:b4:94:0c:0d:af:b0:f4:69:
de:d6:12:96:36:ce:64:ee:3b:ef:ad:0b:23:92:ae:
fa:20:93:c0:dc:f3:b4:00:9d:12:b2:13:83:da:dc:
a6:39:cc:8e:b1:a2:9d:bd:5a:30:17:8b:35:e4:2d:
3b:67:21:cf:ca:d0:2e:bc:aa:8c:6b:fb:26:b6:92:
78:34:1e:ad:c5:40:48:06:30:8f:5e:2e:d1:af:e8:
9b:74:34:95:5e:e6:80:f3:2c:12:10:86:c0:e6:3d:
a3:0d:4f:81:1d:1d:4e:53:a1:c7:25:2a:a4:3d:a3:
83:60:12:fe:52:20:66:7e:7f:dc:b1:71:3f:eb:28:
60:cb:32:c6:f2:6b:d5:ea:59:bb:bc:35:3d:a3:a6:
30:d6:3f:9d:ef:96:58:ce:3b:c8:8f:ba:41:ed:27:
ce:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:4A:FE:AC:BE:99:11:5C:E2:7C:C0:6A:FE:58:B8:2C:FE:28:A9:7D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AUr-rL6ZEVzifMBq_li4LP4oqX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.68.0/24
IPv6:
2a00:1728:3f::/48
Signature Algorithm: sha256WithRSAEncryption
3d:90:23:bc:22:99:92:73:a4:44:93:ea:cd:f2:79:58:3d:52:
33:2a:46:bf:08:3b:1c:fc:c0:cf:4d:b0:7e:15:8a:fe:cd:95:
9b:5f:44:f2:e1:23:a4:7a:ac:aa:6f:06:5d:48:38:bc:b5:8c:
30:ce:a9:58:69:30:67:28:28:a4:48:8c:92:56:2c:e8:4f:35:
e9:f7:c2:b3:06:24:4b:8b:a5:c9:cd:bd:d2:1e:a4:74:5c:a7:
b0:bb:0c:56:53:6f:71:97:00:41:8f:17:4c:3b:ef:63:d2:b2:
07:1f:a3:30:ee:b5:90:3f:b3:a1:29:4d:ef:e7:e9:d8:ca:ba:
32:02:cd:9f:12:49:db:0e:9a:ca:fd:fa:08:ed:82:39:11:34:
0e:24:09:4d:28:af:e2:35:9f:00:6e:8f:8e:d2:89:a6:09:19:
ca:17:aa:c1:c9:5b:76:fa:45:68:f4:3d:53:4b:97:6d:ac:71:
36:98:3d:bc:e3:d6:d5:2d:f1:13:ee:50:b3:c6:40:bb:9b:82:
02:ed:fb:d7:66:a4:5b:73:96:4e:26:df:13:f8:1a:0a:01:a7:
8a:f0:1f:8b:b4:3a:70:fa:39:3f:12:84:b5:be:b7:4d:fa:64:
de:4c:09:f1:cb:cf:bb:91:37:8c:87:a7:fa:83:72:3e:0c:b6:
62:0d:4e:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvw/biNPeWpkP5uuZDmrbhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIxMDgyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTRhZmVhY2JlOTkxMTVjZTI3Y2MwNmFmZTU4YjgyY2ZlMjhhOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZDK0CdH8Sakmce6Dz5FNv5nBo/f
TG+10PltQOa9k79XCTKbtqr0VBEoz8jD0a+OuP639unNPChTQFIcB3elXHODVQp0
lB8G+nSLAqXsVgUsGCHz+4DqddTi9+3IzfS2tJQMDa+w9Gne1hKWNs5k7jvvrQsj
kq76IJPA3PO0AJ0SshOD2tymOcyOsaKdvVowF4s15C07ZyHPytAuvKqMa/smtpJ4
NB6txUBIBjCPXi7Rr+ibdDSVXuaA8ywSEIbA5j2jDU+BHR1OU6HHJSqkPaODYBL+
UiBmfn/csXE/6yhgyzLG8mvV6lm7vDU9o6Yw1j+d75ZYzjvIj7pB7SfO4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAFK/qy+mRFc4nzAav5YuCz+KKl9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQVVyLXJMNlpFVnppZk1CcV9saTRMUDRvcVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAudhEMA8E
AgACMAkDBwAqABcoAD8wDQYJKoZIhvcNAQELBQADggEBAD2QI7wimZJzpEST6s3y
eVg9UjMqRr8IOxz8wM9NsH4Viv7NlZtfRPLhI6R6rKpvBl1IOLy1jDDOqVhpMGco
KKRIjJJWLOhPNen3wrMGJEuLpcnNvdIepHRcp7C7DFZTb3GXAEGPF0w772PSsgcf
ozDutZA/s6EpTe/n6djKujICzZ8SSdsOmsr9+gjtgjkRNA4kCU0or+I1nwBuj47S
iaYJGcoXqsHJW3b6RWj0PVNLl22scTaYPbzj1tUt8RPuULPGQLubggLt+9dmpFtz
lk4m3xP4GgoBp4rwH4u0OnD6OT8ShLW+t036ZN5MCfHLz7uRN4yHp/qDcj4MtmIN
TvM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:09 2024 by rpki-client on console-ams.rpki-client.org