Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/adX6J-vfse7lrywSYbwBT28h5Gs.roa
File: adX6J-vfse7lrywSYbwBT28h5Gs.roa (raw, json)
Hash identifier: wpCfWQHiHC+2iDgvSjRkkJU8eSIsWZj5wFF1rfJpC7I=
Subject key identifier: 69:D5:FA:27:EB:DF:B1:EE:E5:AF:2C:12:61:BC:01:4F:6F:21:E4:6B
Certificate issuer: /CN=e97656f22015589ff7cc66056867f605d81449bc
Certificate serial: 01856FCB98A4F455784A497CBB44A6327C5C
Authority key identifier: E9:76:56:F2:20:15:58:9F:F7:CC:66:05:68:67:F6:05:D8:14:49:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/adX6J-vfse7lrywSYbwBT28h5Gs.roa
Signing time: Mon 02 Jan 2023 00:04:51 +0000
ROA not before: Mon 02 Jan 2023 00:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204249
IP address blocks: 185.54.164.0/24 maxlen: 24
185.54.165.0/24 maxlen: 24
185.54.166.0/24 maxlen: 24
185.54.167.0/24 maxlen: 24
185.37.162.0/24 maxlen: 24
2a00:f7a0:100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:98:a4:f4:55:78:4a:49:7c:bb:44:a6:32:7c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e97656f22015589ff7cc66056867f605d81449bc
Validity
Not Before: Jan 2 00:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69d5fa27ebdfb1eee5af2c1261bc014f6f21e46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:32:ad:0f:75:05:11:63:34:f3:6a:55:09:7d:
49:12:6e:45:94:43:5d:6f:e1:36:1d:ef:a3:f4:83:
f7:7d:b1:2d:45:95:8a:83:52:0d:6c:2e:9d:7d:00:
32:3d:b2:28:95:5f:50:c2:7c:24:f5:6e:2e:20:6a:
05:5e:7f:5a:42:ac:d2:23:ea:bf:f3:5a:83:e5:97:
db:76:b8:61:2a:5e:a3:b8:43:04:0a:2a:a0:78:08:
47:7f:9c:19:a4:b4:66:30:96:59:2a:b4:9d:4e:73:
db:cc:ad:f4:3d:e8:8e:91:d3:7c:4c:5e:cd:19:a0:
2b:c0:7e:86:f6:a3:d6:cb:a1:54:68:c5:ec:31:3e:
86:f4:aa:e9:7b:7c:bf:34:a7:28:f0:8f:3d:fc:e2:
d5:12:38:e2:49:d6:14:8f:84:8f:03:a8:76:3d:d3:
b8:ca:56:a1:68:3b:ab:98:eb:18:2f:53:02:03:6d:
81:01:ba:d3:2a:23:31:11:bd:99:3a:f0:28:e3:ec:
61:3d:b1:b8:7a:82:1c:9b:6b:17:7b:0c:b7:78:b5:
a4:45:9f:c6:ac:3f:4c:92:59:ef:f5:71:b0:e2:ff:
65:46:b6:17:62:93:cc:dc:00:6b:4a:e3:77:e5:d3:
6c:aa:c0:0e:9a:fd:cd:6b:0a:05:33:31:af:ce:f9:
8c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D5:FA:27:EB:DF:B1:EE:E5:AF:2C:12:61:BC:01:4F:6F:21:E4:6B
X509v3 Authority Key Identifier:
keyid:E9:76:56:F2:20:15:58:9F:F7:CC:66:05:68:67:F6:05:D8:14:49:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/adX6J-vfse7lrywSYbwBT28h5Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.162.0/24
185.54.164.0/22
IPv6:
2a00:f7a0:100::/48
Signature Algorithm: sha256WithRSAEncryption
46:95:42:42:28:00:2b:68:df:88:b7:87:58:59:19:0c:de:2c:
cf:95:ef:b7:07:8b:c2:c2:9c:97:cc:92:49:c3:d4:de:4f:78:
3f:4b:41:5c:33:55:3b:92:11:84:ff:b6:01:f9:22:28:e8:61:
31:7a:a2:2d:58:05:eb:5c:70:0e:dc:cd:ec:d4:51:27:89:3d:
ee:ed:50:cf:60:26:3c:d7:0d:85:21:88:df:81:d9:08:46:4e:
59:16:ba:c2:65:52:75:23:cf:d4:c3:9b:32:c2:eb:50:86:22:
e8:29:77:74:dd:e7:5a:a1:6d:0c:2d:96:c6:58:1d:8f:99:32:
12:21:4c:7d:1a:bd:e9:f4:5f:20:fa:f2:6a:c8:ef:53:82:46:
be:77:8a:77:0a:b2:48:03:95:f6:a5:74:4a:49:2e:49:8d:5b:
1f:8e:f1:82:bb:8f:3e:eb:9c:17:d0:0a:87:ab:9e:63:1a:c8:
87:f9:47:8a:64:db:1e:a4:22:ae:ce:97:cb:78:e8:b2:94:6a:
64:17:5a:78:9f:50:70:64:3b:19:cc:a2:95:af:2f:3a:fa:78:
f5:3b:72:c0:48:d2:df:aa:d7:c8:d3:50:61:c6:dd:1a:69:88:
da:76:86:09:80:cc:64:2d:10:ce:45:8f:35:c4:4e:d9:b5:fa:
e3:3d:63:35
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvy5ik9FV4Skl8u0SmMnxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzY1NmYyMjAxNTU4OWZmN2NjNjYwNTY4NjdmNjA1ZDgx
NDQ5YmMwHhcNMjMwMTAyMDAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQ1ZmEyN2ViZGZiMWVlZTVhZjJjMTI2MWJjMDE0ZjZmMjFlNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DKtD3UFEWM082pVCX1JEm5FlENd
b+E2He+j9IP3fbEtRZWKg1INbC6dfQAyPbIolV9Qwnwk9W4uIGoFXn9aQqzSI+q/
81qD5ZfbdrhhKl6juEMECiqgeAhHf5wZpLRmMJZZKrSdTnPbzK30PeiOkdN8TF7N
GaArwH6G9qPWy6FUaMXsMT6G9Krpe3y/NKco8I89/OLVEjjiSdYUj4SPA6h2PdO4
ylahaDurmOsYL1MCA22BAbrTKiMxEb2ZOvAo4+xhPbG4eoIcm2sXewy3eLWkRZ/G
rD9Mklnv9XGw4v9lRrYXYpPM3ABrSuN35dNsqsAOmv3NawoFMzGvzvmM4wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGnV+ifr37Hu5a8sEmG8AU9vIeRrMB8GA1UdIwQY
MBaAFOl2VvIgFVif98xmBWhn9gXYFEm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhaVzhpQVZXSl8zekdZRmFHZjJCZGdVU2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZmEwNTEtNDM1Ny00ZDMxLTg1Mzct
NjgxMmJhYmM1YThiLzEvYWRYNkotdmZzZTdscnl3U1lid0JUMjhoNUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZmEwNTEtNDM1Ny00ZDMxLTg1MzctNjgxMmJhYmM1YThi
LzEvNlhaVzhpQVZXSl8zekdZRmFHZjJCZGdVU2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuSWiAwQC
uTakMA8EAgACMAkDBwAqAPegAQAwDQYJKoZIhvcNAQELBQADggEBAEaVQkIoACto
34i3h1hZGQzeLM+V77cHi8LCnJfMkknD1N5PeD9LQVwzVTuSEYT/tgH5IijoYTF6
oi1YBetccA7czezUUSeJPe7tUM9gJjzXDYUhiN+B2QhGTlkWusJlUnUjz9TDmzLC
61CGIugpd3Td51qhbQwtlsZYHY+ZMhIhTH0aven0XyD68mrI71OCRr53incKskgD
lfaldEpJLkmNWx+O8YK7jz7rnBfQCoernmMayIf5R4pk2x6kIq7Ol8t46LKUamQX
WnifUHBkOxnMopWvLzr6ePU7csBI0t+q18jTUGHG3RppiNp2hgmAzGQtEM5FjzXE
Ttm1+uM9YzU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:00 2024 by rpki-client on console-ams.rpki-client.org