Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7d8a42-7e82-4d18-8a3c-f543b9185932/1/itvlsTfZur7p1v1xRT9FBA3PEWU.roa
File: itvlsTfZur7p1v1xRT9FBA3PEWU.roa (raw, json)
Hash identifier: I4HCzALw8lsPTnS240wTyhOsVUPtS9DRvzxkpFnT0yk=
Subject key identifier: 8A:DB:E5:B1:37:D9:BA:BE:E9:D6:FD:71:45:3F:45:04:0D:CF:11:65
Certificate issuer: /CN=1f0c8d80c3a34275f03e28ed79864cee26948dc7
Certificate serial: 01856F14DBE55EBCF57C683B55B45350DA3B
Authority key identifier: 1F:0C:8D:80:C3:A3:42:75:F0:3E:28:ED:79:86:4C:EE:26:94:8D:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwyNgMOjQnXwPijteYZM7iaUjcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/7d8a42-7e82-4d18-8a3c-f543b9185932/1/itvlsTfZur7p1v1xRT9FBA3PEWU.roa
Signing time: Sun 01 Jan 2023 20:45:16 +0000
ROA not before: Sun 01 Jan 2023 20:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207367
IP address blocks: 185.65.142.0/24 maxlen: 24
2a10:300::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:db:e5:5e:bc:f5:7c:68:3b:55:b4:53:50:da:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f0c8d80c3a34275f03e28ed79864cee26948dc7
Validity
Not Before: Jan 1 20:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8adbe5b137d9babee9d6fd71453f45040dcf1165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d0:a2:ad:46:77:9e:63:14:d9:af:ba:74:31:
2d:53:06:36:1e:47:af:a7:10:df:67:07:6c:98:43:
68:cb:5d:72:16:47:82:9c:81:cc:90:32:90:0b:07:
eb:07:75:41:58:72:05:ee:23:13:60:10:ac:9e:bc:
ff:8b:33:17:3d:02:cc:c9:b9:7e:c3:42:4e:61:13:
27:b2:af:55:e1:07:ff:07:93:a3:aa:f3:63:4f:cc:
a0:ad:2b:e5:d4:3d:32:ba:43:2c:20:19:f2:c1:58:
07:95:eb:99:ab:4b:33:06:fd:ce:ac:e5:13:bd:11:
82:66:d7:74:a1:54:29:28:33:0b:96:3b:c8:e2:83:
19:de:f2:ff:3c:76:5e:da:f0:0a:51:32:f1:6b:be:
9e:75:2d:2d:30:5d:8e:09:44:2b:39:f4:4b:3d:1c:
f4:29:a9:2e:7a:99:b5:c2:2f:6d:a8:4f:ca:96:73:
51:bc:01:0e:9e:a7:c2:27:8a:55:d9:b4:fc:43:e7:
a3:3c:5e:a4:fe:b9:56:4f:a4:e2:c7:58:29:b1:ee:
38:7e:5d:22:40:93:32:14:89:c9:79:3e:29:81:b1:
8f:e2:93:fc:2a:92:0e:f0:49:7f:a4:d5:23:23:02:
a0:76:b6:66:5f:dc:d1:8e:3d:68:f3:1c:b5:0a:ec:
43:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:DB:E5:B1:37:D9:BA:BE:E9:D6:FD:71:45:3F:45:04:0D:CF:11:65
X509v3 Authority Key Identifier:
keyid:1F:0C:8D:80:C3:A3:42:75:F0:3E:28:ED:79:86:4C:EE:26:94:8D:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwyNgMOjQnXwPijteYZM7iaUjcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7d8a42-7e82-4d18-8a3c-f543b9185932/1/itvlsTfZur7p1v1xRT9FBA3PEWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7d8a42-7e82-4d18-8a3c-f543b9185932/1/HwyNgMOjQnXwPijteYZM7iaUjcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.142.0/24
IPv6:
2a10:300::/29
Signature Algorithm: sha256WithRSAEncryption
b1:3a:da:6e:c4:41:2a:a8:9a:4e:7c:cd:d8:65:61:f6:1e:54:
61:8c:53:fc:5f:36:a3:c3:74:27:d3:d2:30:59:0c:94:c8:e1:
ca:e5:82:ce:2b:01:c0:8d:6b:16:5d:c2:41:79:ae:b1:53:9c:
e5:6c:2f:f9:ee:f1:aa:f1:f9:17:52:30:26:47:9c:1f:1b:9f:
f2:a4:43:eb:86:99:61:54:f6:84:2a:69:d3:64:dc:38:fb:10:
3c:2b:3c:f8:58:f8:88:bd:5f:d3:fd:47:54:e3:ce:39:df:57:
44:4b:42:ec:89:f4:ad:9e:1a:49:35:a6:e3:be:57:56:c6:cd:
82:a6:5c:eb:fe:e4:e6:41:99:a7:be:7c:b9:6b:ad:b2:50:ee:
49:84:26:7c:ab:19:ec:fc:b9:e3:61:45:85:87:f2:9b:1f:c4:
64:5d:2e:be:bb:8d:70:8f:d7:b5:6e:45:30:61:78:a3:bb:b5:
15:1a:ea:d5:08:90:83:e1:97:94:12:c9:c5:5c:db:e9:a6:6c:
f2:91:87:50:06:18:21:71:bd:0d:b1:57:77:90:37:db:97:56:
58:82:ca:e3:2a:e4:01:03:c5:18:4e:a2:06:04:73:fd:c2:30:
0e:80:61:b5:dc:f8:2c:48:20:4f:d1:50:1a:c7:8c:58:c7:96:
c2:1d:50:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFNvlXrz1fGg7VbRTUNo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMGM4ZDgwYzNhMzQyNzVmMDNlMjhlZDc5ODY0Y2VlMjY5
NDhkYzcwHhcNMjMwMTAxMjA0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWRiZTViMTM3ZDliYWJlZTlkNmZkNzE0NTNmNDUwNDBkY2YxMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dCirUZ3nmMU2a+6dDEtUwY2Hkev
pxDfZwdsmENoy11yFkeCnIHMkDKQCwfrB3VBWHIF7iMTYBCsnrz/izMXPQLMybl+
w0JOYRMnsq9V4Qf/B5OjqvNjT8ygrSvl1D0yukMsIBnywVgHleuZq0szBv3OrOUT
vRGCZtd0oVQpKDMLljvI4oMZ3vL/PHZe2vAKUTLxa76edS0tMF2OCUQrOfRLPRz0
Kakuepm1wi9tqE/KlnNRvAEOnqfCJ4pV2bT8Q+ejPF6k/rlWT6Tix1gpse44fl0i
QJMyFInJeT4pgbGP4pP8KpIO8El/pNUjIwKgdrZmX9zRjj1o8xy1CuxDkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIrb5bE32bq+6db9cUU/RQQNzxFlMB8GA1UdIwQY
MBaAFB8MjYDDo0J18D4o7XmGTO4mlI3HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHd5TmdNT2pRblh3UGlqdGVZWk03aWFVamNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83ZDhhNDItN2U4Mi00ZDE4LThhM2Mt
ZjU0M2I5MTg1OTMyLzEvaXR2bHNUZlp1cjdwMXYxeFJUOUZCQTNQRVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83ZDhhNDItN2U4Mi00ZDE4LThhM2MtZjU0M2I5MTg1OTMy
LzEvSHd5TmdNT2pRblh3UGlqdGVZWk03aWFVamNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUGOMA0E
AgACMAcDBQMqEAMAMA0GCSqGSIb3DQEBCwUAA4IBAQCxOtpuxEEqqJpOfM3YZWH2
HlRhjFP8Xzajw3Qn09IwWQyUyOHK5YLOKwHAjWsWXcJBea6xU5zlbC/57vGq8fkX
UjAmR5wfG5/ypEPrhplhVPaEKmnTZNw4+xA8Kzz4WPiIvV/T/UdU484531dES0Ls
ifStnhpJNabjvldWxs2Cplzr/uTmQZmnvny5a62yUO5JhCZ8qxns/LnjYUWFh/Kb
H8RkXS6+u41wj9e1bkUwYXiju7UVGurVCJCD4ZeUEsnFXNvppmzykYdQBhghcb0N
sVd3kDfbl1ZYgsrjKuQBA8UYTqIGBHP9wjAOgGG13PgsSCBP0VAax4xYx5bCHVCi
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:00 2024 by rpki-client on console-fra.rpki-client.org