Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/S5wwoBqomPSoptvlWiO7f0dFff0.roa
File: S5wwoBqomPSoptvlWiO7f0dFff0.roa (raw, json)
Hash identifier: wh+hneL4Z27okcWuUZ0qvSh1CUDqbqh8wPepmJ8u44w=
Subject key identifier: 4B:9C:30:A0:1A:A8:98:F4:A8:A6:DB:E5:5A:23:BB:7F:47:45:7D:FD
Certificate issuer: /CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Certificate serial: 01856FC28D01F82B1EBEE547B225837885A1
Authority key identifier: 9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/S5wwoBqomPSoptvlWiO7f0dFff0.roa
Signing time: Sun 01 Jan 2023 23:54:59 +0000
ROA not before: Sun 01 Jan 2023 23:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 185.126.34.0/24 maxlen: 24
185.28.37.0/24 maxlen: 24
185.28.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:8d:01:f8:2b:1e:be:e5:47:b2:25:83:78:85:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Validity
Not Before: Jan 1 23:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b9c30a01aa898f4a8a6dbe55a23bb7f47457dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:be:90:97:4b:64:a9:e6:3d:0a:ba:c1:e6:06:
b9:95:cb:9d:4d:a6:ea:01:61:f8:d4:71:47:33:81:
82:7b:02:d2:37:b4:b5:fa:23:31:e5:3b:bd:d1:32:
d6:ab:07:b1:11:a5:01:a3:b6:08:b8:2d:17:25:a7:
11:7c:aa:d8:b0:c7:f4:42:ea:a5:fd:19:1c:f6:52:
9e:7e:4f:74:89:f8:0e:9d:d3:e9:7d:f2:6b:89:3a:
8d:3c:30:bf:1e:9b:1a:e9:02:07:78:37:9c:f8:b8:
67:04:fd:fe:49:f8:e0:f1:85:97:f2:86:48:13:23:
64:e4:84:58:be:db:14:7f:58:5b:1c:91:25:95:48:
d8:76:85:dd:05:81:f1:c2:16:0a:21:5e:3c:0e:a9:
0f:a4:b1:33:32:e7:46:9c:57:67:31:74:9b:3f:17:
57:63:b2:2e:d8:78:82:d8:8e:63:15:87:e9:35:df:
dd:a9:2d:0a:68:fb:e9:c7:7f:5d:d4:fd:f4:0f:40:
69:b8:6e:02:c7:86:6b:57:81:74:bc:46:d6:88:a5:
47:82:5c:94:57:c8:ed:85:38:2f:db:7f:fd:ad:2e:
47:43:dc:d8:a3:28:d2:d3:ff:14:45:80:ad:77:e9:
e4:88:11:88:e6:8e:84:d4:f6:66:ff:f2:7b:29:63:
36:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9C:30:A0:1A:A8:98:F4:A8:A6:DB:E5:5A:23:BB:7F:47:45:7D:FD
X509v3 Authority Key Identifier:
keyid:9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/S5wwoBqomPSoptvlWiO7f0dFff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.37.0/24
185.28.39.0/24
185.126.34.0/24
Signature Algorithm: sha256WithRSAEncryption
20:66:1e:c1:05:5f:f1:14:7a:36:7d:48:70:8f:1a:a0:20:af:
c5:df:a9:0e:d5:98:93:93:ab:ab:dd:4f:18:c3:89:8b:93:5b:
bb:68:59:c4:ca:4c:61:3d:aa:7f:db:37:fa:7b:71:36:c0:00:
ad:4c:67:74:ca:ea:e4:f3:2a:43:1f:83:59:6f:7d:66:98:98:
de:ef:81:45:c4:88:e7:6b:06:84:97:d2:c9:8a:7b:15:3d:a0:
3d:7a:2b:ce:91:6e:7c:f2:32:ff:f0:9c:33:f0:58:28:18:28:
af:b0:1b:b9:54:ba:11:13:8c:05:9d:1c:5c:06:c2:d3:96:af:
28:a4:69:40:a0:35:2c:ad:d8:ce:70:29:52:7d:36:37:d4:46:
cf:60:ca:fc:22:81:5c:b7:95:8c:b2:1d:ae:06:35:d7:24:8e:
35:9b:38:c6:96:c9:cf:04:3d:82:bc:83:6f:fa:f2:e4:49:cc:
bf:4b:b7:12:78:51:62:72:77:96:68:a7:c0:0f:88:7f:0d:ed:
28:22:d3:ca:27:6d:cf:0d:e7:c9:bb:c8:bf:08:3a:db:e8:21:
00:16:58:cd:38:d3:03:ef:9a:5e:4d:d9:79:32:1f:19:3b:16:
e7:6d:94:04:0d:00:8c:b8:71:a0:19:54:66:e5:86:87:44:c3:
c7:c6:37:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvwo0B+CsevuVHsiWDeIWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTdjMjJkMGIzMzhhOGE0NWFhMTM0NWIwOTE3YmEwZGM5
NzMzOTAwHhcNMjMwMTAxMjM1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjljMzBhMDFhYTg5OGY0YThhNmRiZTU1YTIzYmI3ZjQ3NDU3ZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b6Ql0tkqeY9CrrB5ga5lcudTabq
AWH41HFHM4GCewLSN7S1+iMx5Tu90TLWqwexEaUBo7YIuC0XJacRfKrYsMf0Quql
/Rkc9lKefk90ifgOndPpffJriTqNPDC/Hpsa6QIHeDec+LhnBP3+Sfjg8YWX8oZI
EyNk5IRYvtsUf1hbHJEllUjYdoXdBYHxwhYKIV48DqkPpLEzMudGnFdnMXSbPxdX
Y7Iu2HiC2I5jFYfpNd/dqS0KaPvpx39d1P30D0BpuG4Cx4ZrV4F0vEbWiKVHglyU
V8jthTgv23/9rS5HQ9zYoyjS0/8URYCtd+nkiBGI5o6E1PZm//J7KWM2jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEucMKAaqJj0qKbb5Voju39HRX39MB8GA1UdIwQY
MBaAFJuXwi0LM4qKRaoTRbCRe6DclzOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMt
YWU5OTllZDdjNWQ0LzEvUzV3d29CcW9tUFNvcHR2bFdpTzdmMGRGZmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMtYWU5OTllZDdjNWQ0
LzEvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuRwlAwQA
uRwnAwQAuX4iMA0GCSqGSIb3DQEBCwUAA4IBAQAgZh7BBV/xFHo2fUhwjxqgIK/F
36kO1ZiTk6ur3U8Yw4mLk1u7aFnEykxhPap/2zf6e3E2wACtTGd0yurk8ypDH4NZ
b31mmJje74FFxIjnawaEl9LJinsVPaA9eivOkW588jL/8Jwz8FgoGCivsBu5VLoR
E4wFnRxcBsLTlq8opGlAoDUsrdjOcClSfTY31EbPYMr8IoFct5WMsh2uBjXXJI41
mzjGlsnPBD2CvINv+vLkScy/S7cSeFFicneWaKfAD4h/De0oItPKJ23PDefJu8i/
CDrb6CEAFljNONMD75peTdl5Mh8ZOxbnbZQEDQCMuHGgGVRm5YaHRMPHxjd7
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:02 2024 by rpki-client on console-ams.rpki-client.org