Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o12YbNOw3-AkEknlIAAg0W4ueA8.roa
File: o12YbNOw3-AkEknlIAAg0W4ueA8.roa (raw, json)
Hash identifier: 4+jNWIpkbP9QUh6pOzkFqwokDKJe/uvWEcs0hA/QsMs=
Subject key identifier: A3:5D:98:6C:D3:B0:DF:E0:24:12:49:E5:20:00:20:D1:6E:2E:78:0F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B37D32699C5258B2377217D1DCB9DB6C4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o12YbNOw3-AkEknlIAAg0W4ueA8.roa
Signing time: Mon 16 Oct 2023 09:31:06 +0000
ROA not before: Mon 16 Oct 2023 09:31:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49217
IP address blocks: 178.215.237.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:d3:26:99:c5:25:8b:23:77:21:7d:1d:cb:9d:b6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 16 09:31:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a35d986cd3b0dfe0241249e5200020d16e2e780f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:f2:53:06:c5:97:d1:b3:55:04:3c:30:b0:
96:bd:66:44:8c:98:bc:93:c1:aa:92:0a:7e:98:98:
00:f0:bd:af:88:d4:36:a7:fc:23:17:11:c6:8b:a8:
c8:40:b4:c5:13:95:e7:de:a7:aa:3f:3d:04:b2:1a:
98:d0:9b:39:36:f9:4d:95:ba:b0:21:63:bd:11:84:
84:ae:7b:25:51:8c:45:e1:0e:40:30:0e:87:c5:76:
d2:41:5a:27:6d:f2:ba:4c:de:e3:bb:2f:d5:0e:56:
b2:a1:82:d3:7d:9a:f1:9b:74:79:ce:e6:5b:83:06:
a9:7c:87:dd:3a:3c:69:08:5a:3a:5f:ba:55:43:f4:
d5:24:cc:69:41:f9:07:7c:76:09:bc:cf:e5:29:ec:
c2:c0:39:5c:d7:1b:49:7e:2c:2b:64:40:44:3f:b7:
d2:c5:e7:6d:a1:a3:48:a4:63:f9:1b:7f:a1:1c:42:
2d:30:92:e4:e6:54:cb:71:da:bd:01:b1:0c:5f:a8:
02:a5:2c:bb:ae:21:b2:5a:c4:fd:7b:da:fe:69:45:
e3:69:1e:de:dc:aa:84:dc:a4:64:d1:bc:8b:e8:45:
9e:99:89:cf:cf:83:3c:01:23:27:1b:e5:f3:be:10:
1d:fb:b4:29:7f:43:a7:eb:31:2f:b8:33:1d:cc:f5:
04:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5D:98:6C:D3:B0:DF:E0:24:12:49:E5:20:00:20:D1:6E:2E:78:0F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o12YbNOw3-AkEknlIAAg0W4ueA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.215.237.0/24
185.226.173.0/24
Signature Algorithm: sha256WithRSAEncryption
40:89:38:bf:40:82:cc:d3:92:bc:31:46:0b:4a:fd:2d:f5:cd:
cb:cb:e4:06:67:ff:7c:04:4a:6c:8c:ec:b7:f0:d2:6c:01:3e:
e7:1e:e0:39:7e:14:81:83:88:61:5b:e2:90:4e:d3:0f:93:de:
11:5f:bd:f5:79:b7:8a:d9:0d:9f:6a:c2:7f:a5:2c:42:a2:7e:
88:5e:3e:23:5b:01:22:6a:35:1a:31:f0:8c:e3:78:63:49:0e:
77:b3:6d:b4:ec:41:c4:a2:d7:51:e4:8a:43:20:23:52:f9:48:
fb:7c:3a:f5:bf:f9:c3:5f:b5:b5:83:40:c7:1b:05:d5:63:ec:
99:51:2d:7f:97:78:a1:bc:49:91:9a:17:c0:0e:4f:ba:1b:55:
38:77:0c:1c:2a:10:92:73:89:6b:5f:e9:6a:94:5c:b0:43:ad:
ad:65:9c:2b:b1:9f:31:a1:d6:7b:c6:58:30:72:cb:6b:e7:b0:
fa:e7:50:79:91:c8:9d:2f:4c:c8:6f:a3:f5:4c:5a:67:d4:d1:
3f:a0:aa:cd:49:9b:8e:72:f5:21:a1:7f:76:5d:e7:28:d5:37:
e4:a6:74:41:ac:9d:11:ee:19:af:0f:08:54:2f:60:60:93:1f:
64:0d:1b:f0:80:d7:d2:60:37:dc:75:73:8d:2a:02:f3:d9:86:
b9:9c:4d:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs30yaZxSWLI3chfR3LnbbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDE2MDkzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVkOTg2Y2QzYjBkZmUwMjQxMjQ5ZTUyMDAwMjBkMTZlMmU3ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyvyUwbFl9GzVQQ8MLCWvWZEjJi8
k8Gqkgp+mJgA8L2viNQ2p/wjFxHGi6jIQLTFE5Xn3qeqPz0EshqY0Js5NvlNlbqw
IWO9EYSErnslUYxF4Q5AMA6HxXbSQVonbfK6TN7juy/VDlayoYLTfZrxm3R5zuZb
gwapfIfdOjxpCFo6X7pVQ/TVJMxpQfkHfHYJvM/lKezCwDlc1xtJfiwrZEBEP7fS
xedtoaNIpGP5G3+hHEItMJLk5lTLcdq9AbEMX6gCpSy7riGyWsT9e9r+aUXjaR7e
3KqE3KRk0byL6EWemYnPz4M8ASMnG+XzvhAd+7Qpf0On6zEvuDMdzPUEmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKNdmGzTsN/gJBJJ5SAAINFuLngPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbzEyWWJOT3czLUFrRWtubElBQWcwVzR1ZUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAstftAwQA
ueKtMA0GCSqGSIb3DQEBCwUAA4IBAQBAiTi/QILM05K8MUYLSv0t9c3Ly+QGZ/98
BEpsjOy38NJsAT7nHuA5fhSBg4hhW+KQTtMPk94RX731ebeK2Q2fasJ/pSxCon6I
Xj4jWwEiajUaMfCM43hjSQ53s2207EHEotdR5IpDICNS+Uj7fDr1v/nDX7W1g0DH
GwXVY+yZUS1/l3ihvEmRmhfADk+6G1U4dwwcKhCSc4lrX+lqlFywQ62tZZwrsZ8x
odZ7xlgwcstr57D651B5kcidL0zIb6P1TFpn1NE/oKrNSZuOcvUhoX92Xeco1Tfk
pnRBrJ0R7hmvDwhUL2Bgkx9kDRvwgNfSYDfcdXONKgLz2Ya5nE3n
-----END CERTIFICATE-----
Generated at Wed Nov 1 14:42:54 2023 by rpki-client on console-ams.rpki-client.org