Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/VaVDlPKkVeTSVh8eHnlnGdFTQEU.roa
File: VaVDlPKkVeTSVh8eHnlnGdFTQEU.roa (raw, json)
Hash identifier: xljcMARRinT+tjd5vy9HjCIs8d+LKa/JJlTbNn3PtC0=
Subject key identifier: 55:A5:43:94:F2:A4:55:E4:D2:56:1F:1E:1E:79:67:19:D1:53:40:45
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 01856F14CD7862D686F0F300370D1C893EF8
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/VaVDlPKkVeTSVh8eHnlnGdFTQEU.roa
Signing time: Sun 01 Jan 2023 20:45:12 +0000
ROA not before: Sun 01 Jan 2023 20:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31390
IP address blocks: 185.100.219.0/24 maxlen: 24
185.100.218.0/24 maxlen: 24
185.100.217.0/24 maxlen: 24
185.100.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:cd:78:62:d6:86:f0:f3:00:37:0d:1c:89:3e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Jan 1 20:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55a54394f2a455e4d2561f1e1e796719d1534045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:fa:dc:f1:ff:06:8c:98:28:42:3a:2e:02:
05:42:a2:b1:bc:b9:0e:2e:0f:f3:cf:b6:c8:f9:5c:
41:4c:e5:15:da:10:52:98:96:f5:a4:1f:65:3c:35:
67:ab:33:94:0a:b1:ab:bc:d7:aa:a3:d7:b2:ba:95:
37:23:a5:d4:1a:f6:e8:b9:1c:e0:3b:b4:6b:98:7a:
9e:e6:f9:6a:35:9f:49:07:ef:74:6c:74:4e:05:46:
42:17:6a:02:02:c2:fe:85:ba:13:3f:a4:c9:4d:8b:
f5:ee:f5:c0:2c:cd:91:f8:bd:d4:01:76:9b:21:50:
7f:ff:84:54:0a:54:ba:86:19:86:2d:25:b0:f4:ce:
fa:ef:88:31:be:55:4c:ae:c7:a3:d2:89:50:31:ed:
34:80:fd:97:b5:09:1a:dc:05:88:c2:93:0d:aa:99:
1d:63:84:be:62:75:db:fb:36:1d:4d:e4:44:0f:dd:
36:2c:78:bd:a6:01:8a:c9:bf:f6:52:fe:2c:a6:ef:
83:95:be:61:86:e7:51:dc:9f:f6:35:0c:87:91:33:
ec:70:60:cb:94:06:b9:8e:99:e6:d8:e1:c4:39:69:
db:dd:6d:d2:a4:20:af:a9:16:88:95:af:00:f8:94:
48:21:89:d4:c3:1a:6b:81:9c:d9:f5:80:a6:4e:37:
15:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A5:43:94:F2:A4:55:E4:D2:56:1F:1E:1E:79:67:19:D1:53:40:45
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/VaVDlPKkVeTSVh8eHnlnGdFTQEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.216.0/22
Signature Algorithm: sha256WithRSAEncryption
30:5d:46:da:a0:ae:59:29:40:b3:db:14:54:e8:b4:22:95:d4:
fe:92:8b:3a:4f:2d:0b:8d:ac:35:0d:b0:a0:cd:91:08:fe:76:
2c:b1:bc:6e:a0:31:e1:13:53:96:d8:13:0a:a8:b8:1e:06:d7:
07:11:dd:d5:bd:6a:32:29:5c:ce:f1:32:10:6e:0f:64:8e:ab:
6f:03:d5:5b:c5:54:a5:3a:0b:a5:a6:57:73:81:12:35:91:35:
ec:51:f4:63:ae:d7:e6:75:bb:45:b3:a0:e5:c8:2f:36:99:97:
74:98:69:00:17:35:fd:16:a4:4c:5e:bd:88:a2:d0:e4:74:ce:
a7:a9:cc:83:70:80:07:6e:ad:60:2a:a9:81:17:5a:4e:1c:dc:
07:35:68:36:0c:e0:21:29:78:a1:5e:f9:28:7d:d7:ca:ee:45:
b2:4f:ae:00:2e:c2:89:81:23:38:40:69:b7:a2:49:b3:b2:11:
ef:da:56:f4:f0:c8:77:56:76:e7:18:9a:9f:47:be:36:80:a1:
88:a7:74:80:a1:72:34:e5:73:58:a9:91:e5:9c:56:a9:73:01:
b8:42:6c:5d:8d:e5:6c:ef:87:1d:6c:bb:a6:58:ca:c4:c6:89:
02:85:a8:d2:e7:6f:03:16:56:62:fe:15:d0:dd:5d:cc:18:62:
5b:85:e1:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFM14YtaG8PMANw0ciT74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjMwMTAxMjA0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE1NDM5NGYyYTQ1NWU0ZDI1NjFmMWUxZTc5NjcxOWQxNTM0MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZj63PH/BoyYKEI6LgIFQqKxvLkO
Lg/zz7bI+VxBTOUV2hBSmJb1pB9lPDVnqzOUCrGrvNeqo9eyupU3I6XUGvbouRzg
O7RrmHqe5vlqNZ9JB+90bHROBUZCF2oCAsL+hboTP6TJTYv17vXALM2R+L3UAXab
IVB//4RUClS6hhmGLSWw9M7674gxvlVMrsej0olQMe00gP2XtQka3AWIwpMNqpkd
Y4S+YnXb+zYdTeRED902LHi9pgGKyb/2Uv4spu+Dlb5hhudR3J/2NQyHkTPscGDL
lAa5jpnm2OHEOWnb3W3SpCCvqRaIla8A+JRIIYnUwxprgZzZ9YCmTjcVnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFWlQ5TypFXk0lYfHh55ZxnRU0BFMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvVmFWRGxQS2tWZVRTVmg4ZUhubG5HZEZUUUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWTYMA0G
CSqGSIb3DQEBCwUAA4IBAQAwXUbaoK5ZKUCz2xRU6LQildT+kos6Ty0Ljaw1DbCg
zZEI/nYssbxuoDHhE1OW2BMKqLgeBtcHEd3VvWoyKVzO8TIQbg9kjqtvA9VbxVSl
OgulpldzgRI1kTXsUfRjrtfmdbtFs6DlyC82mZd0mGkAFzX9FqRMXr2IotDkdM6n
qcyDcIAHbq1gKqmBF1pOHNwHNWg2DOAhKXihXvkofdfK7kWyT64ALsKJgSM4QGm3
okmzshHv2lb08Mh3VnbnGJqfR742gKGIp3SAoXI05XNYqZHlnFapcwG4QmxdjeVs
74cdbLumWMrExokChajS528DFlZi/hXQ3V3MGGJbheFb
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:35:51 2024 by rpki-client on console-fra.rpki-client.org