Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5e1871-2af1-47d3-b262-08f433daea15/1/cIWrFeu5zH0ZPlthpXj-7SH8FpY.roa
File: cIWrFeu5zH0ZPlthpXj-7SH8FpY.roa (raw, json)
Hash identifier: PFb0dY1b+6Dq5k4ftRXrt3Rtwq7XwHnwSJOYJ+0sn98=
Subject key identifier: 70:85:AB:15:EB:B9:CC:7D:19:3E:5B:61:A5:78:FE:ED:21:FC:16:96
Certificate issuer: /CN=2cee2998e86fa7488e6b64f8edbc032ce15d1bcc
Certificate serial: 01856C9CCE590FEC88CD8CD3CAB075EC4E30
Authority key identifier: 2C:EE:29:98:E8:6F:A7:48:8E:6B:64:F8:ED:BC:03:2C:E1:5D:1B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LO4pmOhvp0iOa2T47bwDLOFdG8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/5e1871-2af1-47d3-b262-08f433daea15/1/cIWrFeu5zH0ZPlthpXj-7SH8FpY.roa
Signing time: Sun 01 Jan 2023 09:14:53 +0000
ROA not before: Sun 01 Jan 2023 09:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205564
IP address blocks: 185.213.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ce:59:0f:ec:88:cd:8c:d3:ca:b0:75:ec:4e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cee2998e86fa7488e6b64f8edbc032ce15d1bcc
Validity
Not Before: Jan 1 09:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7085ab15ebb9cc7d193e5b61a578feed21fc1696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:72:f1:36:b6:10:99:63:f4:52:6d:88:6b:7a:
89:87:a2:83:a7:ce:4c:01:54:4f:7f:f7:6d:64:75:
1b:bb:47:e3:85:f1:ca:8a:e8:bd:1b:75:c1:d8:ef:
8b:d0:74:1d:16:bb:ad:cb:53:d8:b6:4c:9a:ce:e7:
3f:d9:8d:d8:c0:6e:1c:1b:87:0f:d1:24:26:5c:56:
e7:7a:9a:a3:ec:9f:89:8e:21:a6:c3:f2:2f:31:db:
35:9b:8a:80:56:e7:33:6d:aa:c4:e0:5e:0f:18:b2:
61:6e:a5:f9:4d:34:d1:89:29:0e:7d:bc:ad:0e:7d:
c2:d3:06:3d:a6:05:34:7e:4f:c7:3d:41:ce:e9:2c:
ab:a5:4f:cb:07:84:f7:ef:32:34:18:e7:e4:36:01:
ff:89:c5:16:32:cc:9a:8f:77:a8:92:7f:ec:e1:bc:
d4:30:f5:1f:cf:5f:3f:f7:71:2a:43:66:74:72:35:
c7:55:5e:3f:85:00:74:e7:6a:9f:ae:49:c7:6d:ac:
27:17:46:96:6f:f5:cb:7e:38:24:30:20:96:b3:bb:
2d:43:e2:66:26:55:4f:57:38:f1:b0:a0:40:b5:34:
fa:80:b6:26:47:04:ae:fa:8c:e2:1c:28:cb:fb:f3:
61:df:7c:0d:ee:dc:58:b6:43:1d:78:ac:f8:0f:a5:
f5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:85:AB:15:EB:B9:CC:7D:19:3E:5B:61:A5:78:FE:ED:21:FC:16:96
X509v3 Authority Key Identifier:
keyid:2C:EE:29:98:E8:6F:A7:48:8E:6B:64:F8:ED:BC:03:2C:E1:5D:1B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LO4pmOhvp0iOa2T47bwDLOFdG8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5e1871-2af1-47d3-b262-08f433daea15/1/cIWrFeu5zH0ZPlthpXj-7SH8FpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5e1871-2af1-47d3-b262-08f433daea15/1/LO4pmOhvp0iOa2T47bwDLOFdG8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.252.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:8a:bc:1c:0c:3c:7a:9a:ba:28:e3:09:76:1f:15:2a:f9:7c:
18:f4:72:f7:95:dc:01:28:6a:44:79:55:93:df:e1:ac:05:b6:
16:d7:4f:48:f9:ec:c0:b6:76:0d:62:11:e8:96:36:11:a6:38:
73:60:95:2d:8f:08:75:89:7e:5a:d5:4c:38:fb:a3:03:8e:20:
35:6f:14:99:16:e3:e5:cf:4e:4c:77:c3:d0:25:7e:db:80:cf:
dc:b1:3e:c7:6c:1b:eb:0e:df:0c:9c:9b:7f:0e:c1:7c:30:d3:
40:9a:cc:7a:be:6d:b9:70:1c:7f:ff:04:19:b4:68:f5:35:49:
99:fd:0b:6d:cc:95:a0:f9:3f:60:f5:0a:da:ba:7e:a5:37:1a:
4d:28:af:93:b6:2a:0c:66:a6:17:36:df:d4:5a:51:c5:2b:da:
61:9d:a9:57:5b:70:ae:ab:a9:30:8b:44:41:4a:88:80:fa:b1:
0e:b8:2e:bc:98:df:b3:7a:4f:cb:19:f7:47:30:17:d1:58:b6:
2e:2c:02:29:fb:b4:e7:78:13:35:37:8c:58:06:77:4b:16:a2:
fd:29:9a:2c:e7:83:be:65:05:4f:3d:b5:96:da:1f:b5:82:d4:
f4:bc:20:68:67:ce:c4:f5:3b:c3:02:d1:ed:df:e3:08:de:ae:
b6:46:5e:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnM5ZD+yIzYzTyrB17E4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWUyOTk4ZTg2ZmE3NDg4ZTZiNjRmOGVkYmMwMzJjZTE1
ZDFiY2MwHhcNMjMwMTAxMDkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg1YWIxNWViYjljYzdkMTkzZTViNjFhNTc4ZmVlZDIxZmMxNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3LxNrYQmWP0Um2Ia3qJh6KDp85M
AVRPf/dtZHUbu0fjhfHKiui9G3XB2O+L0HQdFruty1PYtkyazuc/2Y3YwG4cG4cP
0SQmXFbnepqj7J+JjiGmw/IvMds1m4qAVuczbarE4F4PGLJhbqX5TTTRiSkOfbyt
Dn3C0wY9pgU0fk/HPUHO6SyrpU/LB4T37zI0GOfkNgH/icUWMsyaj3eokn/s4bzU
MPUfz18/93EqQ2Z0cjXHVV4/hQB052qfrknHbawnF0aWb/XLfjgkMCCWs7stQ+Jm
JlVPVzjxsKBAtTT6gLYmRwSu+oziHCjL+/Nh33wN7txYtkMdeKz4D6X1BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCFqxXrucx9GT5bYaV4/u0h/BaWMB8GA1UdIwQY
MBaAFCzuKZjob6dIjmtk+O28AyzhXRvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE80cG1PaHZwMGlPYTJUNDdid0RMT0ZkRzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ZTE4NzEtMmFmMS00N2QzLWIyNjIt
MDhmNDMzZGFlYTE1LzEvY0lXckZldTV6SDBaUGx0aHBYai03U0g4RnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ZTE4NzEtMmFmMS00N2QzLWIyNjItMDhmNDMzZGFlYTE1
LzEvTE80cG1PaHZwMGlPYTJUNDdid0RMT0ZkRzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudX8MA0G
CSqGSIb3DQEBCwUAA4IBAQAuirwcDDx6mroo4wl2HxUq+XwY9HL3ldwBKGpEeVWT
3+GsBbYW109I+ezAtnYNYhHoljYRpjhzYJUtjwh1iX5a1Uw4+6MDjiA1bxSZFuPl
z05Md8PQJX7bgM/csT7HbBvrDt8MnJt/DsF8MNNAmsx6vm25cBx//wQZtGj1NUmZ
/QttzJWg+T9g9Qraun6lNxpNKK+TtioMZqYXNt/UWlHFK9phnalXW3Cuq6kwi0RB
SoiA+rEOuC68mN+zek/LGfdHMBfRWLYuLAIp+7TneBM1N4xYBndLFqL9KZos54O+
ZQVPPbWW2h+1gtT0vCBoZ87E9TvDAtHt3+MI3q62Rl7U
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:23 2024 by rpki-client on console-ams.rpki-client.org