Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/riOpK7AFAIAJsNtCf18h3D1PtsE.roa
File: riOpK7AFAIAJsNtCf18h3D1PtsE.roa (raw, json)
Hash identifier: Bjd46mGzZ5pOPZbKs5Dx4+T4IzKD25OU7AyvcgF5hY8=
Subject key identifier: AE:23:A9:2B:B0:05:00:80:09:B0:DB:42:7F:5F:21:DC:3D:4F:B6:C1
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 018570FBA1898F9C2E8AABC388F2C2232CA2
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/riOpK7AFAIAJsNtCf18h3D1PtsE.roa
Signing time: Mon 02 Jan 2023 05:36:57 +0000
ROA not before: Mon 02 Jan 2023 05:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.195.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:a1:89:8f:9c:2e:8a:ab:c3:88:f2:c2:23:2c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Jan 2 05:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae23a92bb005008009b0db427f5f21dc3d4fb6c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:b9:fe:81:d9:30:c0:49:69:ba:72:33:72:
9d:54:24:cd:0c:ea:d1:bf:ab:3b:34:32:ae:4b:b4:
ac:8c:5f:5f:fc:b0:96:59:b7:b6:50:ad:04:56:41:
98:5f:b6:f8:9a:12:38:54:c3:d1:90:7c:06:8b:d1:
c1:45:e4:6a:09:e9:31:03:41:84:02:46:48:be:36:
b5:e4:a8:64:aa:92:fe:38:27:07:5d:f1:e6:ac:8d:
aa:d6:0d:27:43:8b:23:a0:c5:31:83:e0:0c:9d:0c:
60:02:22:aa:37:61:43:78:bf:0a:f3:01:8f:94:66:
f6:aa:27:91:ac:56:07:25:4a:5c:dc:b8:b7:82:3e:
b3:ce:51:de:d4:be:03:55:88:87:59:55:f0:52:41:
7a:a2:74:64:d8:7a:12:99:38:b5:8f:a0:35:e7:6d:
9e:a5:c2:9b:c0:f3:a8:6e:5e:dd:54:4e:10:6e:9f:
95:5c:27:a9:0b:cf:c3:c9:f8:5a:5f:63:e0:4e:a7:
7d:26:72:d5:76:f5:a6:85:b0:6a:aa:28:b2:14:15:
63:a2:09:2e:ba:5e:ae:fc:2e:2a:39:8c:97:76:7e:
4a:15:93:b3:5c:60:8f:dd:cf:21:01:3b:6b:bf:b8:
91:05:31:fb:af:7b:6b:59:71:4b:bd:65:da:7d:da:
58:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:23:A9:2B:B0:05:00:80:09:B0:DB:42:7F:5F:21:DC:3D:4F:B6:C1
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/riOpK7AFAIAJsNtCf18h3D1PtsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:6e:36:a9:19:7d:25:29:4b:7f:b6:74:6d:b6:14:be:ef:b0:
54:ac:62:25:36:23:c3:1a:02:7b:06:2e:51:9c:c6:8f:b1:c1:
fb:74:fe:47:1a:17:4f:18:ee:d3:be:61:3d:25:fd:36:ca:de:
4a:e4:b6:d7:87:8f:30:38:e2:b9:f5:fa:7b:39:46:d3:8a:a8:
40:95:dd:b6:24:67:eb:b2:6d:3c:97:3b:d2:ac:96:20:fa:ba:
3e:68:1f:e9:fb:f3:cf:84:93:50:9b:e7:36:1e:cb:67:fe:96:
b6:75:5a:19:44:cc:cc:53:6d:d8:70:82:d6:0e:24:fb:56:9a:
69:1a:45:51:f6:10:b9:7b:88:55:0c:81:79:7e:fb:fa:98:4e:
49:d0:7f:53:57:fa:e9:b2:e6:2f:a5:97:58:20:47:be:bc:c7:
b2:17:b8:79:d9:3b:54:79:03:8e:63:5f:2d:bb:7e:89:22:ff:
37:3e:e7:d0:cc:a6:49:08:77:6e:52:c3:2e:15:37:8c:f3:e5:
8b:13:c5:af:37:2a:1b:58:9e:07:a7:1c:68:95:27:76:c6:6b:
a1:80:cb:84:88:fb:bd:ec:00:21:d7:8f:06:c6:0e:07:7f:43:
e4:dc:aa:5e:f8:a5:cb:32:74:8c:54:24:03:21:a0:2b:e3:fd:
24:fb:ae:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+6GJj5wuiqvDiPLCIyyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjMwMTAyMDUzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTIzYTkyYmIwMDUwMDgwMDliMGRiNDI3ZjVmMjFkYzNkNGZiNmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoO5/oHZMMBJabpyM3KdVCTNDOrR
v6s7NDKuS7SsjF9f/LCWWbe2UK0EVkGYX7b4mhI4VMPRkHwGi9HBReRqCekxA0GE
AkZIvja15KhkqpL+OCcHXfHmrI2q1g0nQ4sjoMUxg+AMnQxgAiKqN2FDeL8K8wGP
lGb2qieRrFYHJUpc3Li3gj6zzlHe1L4DVYiHWVXwUkF6onRk2HoSmTi1j6A1522e
pcKbwPOobl7dVE4Qbp+VXCepC8/DyfhaX2PgTqd9JnLVdvWmhbBqqiiyFBVjogku
ul6u/C4qOYyXdn5KFZOzXGCP3c8hATtrv7iRBTH7r3trWXFLvWXafdpY4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4jqSuwBQCACbDbQn9fIdw9T7bBMB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvcmlPcEs3QUZBSUFKc050Q2YxOGgzRDFQdHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucMAMA0G
CSqGSIb3DQEBCwUAA4IBAQCpbjapGX0lKUt/tnRtthS+77BUrGIlNiPDGgJ7Bi5R
nMaPscH7dP5HGhdPGO7TvmE9Jf02yt5K5LbXh48wOOK59fp7OUbTiqhAld22JGfr
sm08lzvSrJYg+ro+aB/p+/PPhJNQm+c2Hstn/pa2dVoZRMzMU23YcILWDiT7Vppp
GkVR9hC5e4hVDIF5fvv6mE5J0H9TV/rpsuYvpZdYIEe+vMeyF7h52TtUeQOOY18t
u36JIv83PufQzKZJCHduUsMuFTeM8+WLE8WvNyobWJ4HpxxolSd2xmuhgMuEiPu9
7AAh148Gxg4Hf0Pk3Kpe+KXLMnSMVCQDIaAr4/0k+66J
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:44 2024 by rpki-client on console-ams.rpki-client.org