Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/xslBC8jEGjHKhDozCRVBCtysdZo.roa
File: xslBC8jEGjHKhDozCRVBCtysdZo.roa (raw, json)
Hash identifier: f9Y6a/z785wgydH1aYZOHzCxt64C2+A0DaFfnSg6oXg=
Subject key identifier: C6:C9:41:0B:C8:C4:1A:31:CA:84:3A:33:09:15:41:0A:DC:AC:75:9A
Certificate issuer: /CN=88a780738b853acffbabdb23914c50e36421f773
Certificate serial: 01856F9DD523984FBD8E844F7561FCA5A5BE
Authority key identifier: 88:A7:80:73:8B:85:3A:CF:FB:AB:DB:23:91:4C:50:E3:64:21:F7:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/xslBC8jEGjHKhDozCRVBCtysdZo.roa
Signing time: Sun 01 Jan 2023 23:14:52 +0000
ROA not before: Sun 01 Jan 2023 23:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39392
IP address blocks: 185.247.28.0/22 maxlen: 32
185.247.30.0/23 maxlen: 32
2a0d:b880::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d5:23:98:4f:bd:8e:84:4f:75:61:fc:a5:a5:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a780738b853acffbabdb23914c50e36421f773
Validity
Not Before: Jan 1 23:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6c9410bc8c41a31ca843a330915410adcac759a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3f:6d:38:be:40:e9:39:a5:6d:86:d4:18:d6:
9e:74:f4:ae:98:78:2e:33:91:2d:c2:a8:6c:7d:dc:
f1:19:96:89:53:18:e9:62:a2:7f:bf:9f:91:66:77:
dd:d9:c2:d1:dc:0d:ec:08:42:42:b1:d0:83:21:83:
00:40:64:31:ae:bc:2c:6a:75:f7:37:85:29:17:2e:
ce:ec:07:94:09:45:34:18:fc:94:a3:9d:f4:b5:ed:
85:a0:89:ba:66:3b:fe:14:9e:91:05:9f:d7:af:96:
71:da:ca:86:e7:e8:88:05:6a:ae:cb:c4:c4:e1:e9:
27:7b:ed:e7:8e:fb:e4:00:89:02:19:66:04:be:40:
c2:af:2f:88:cb:7c:02:25:fc:26:d0:60:c4:38:e9:
fb:16:1e:e2:b7:9e:62:e9:b1:a7:0a:2b:88:22:fb:
69:f0:d2:30:22:79:d7:08:4c:81:05:83:47:81:99:
79:b1:98:95:51:19:79:8b:65:e4:86:b1:85:15:a7:
0c:22:7a:ab:50:22:7c:ad:b1:6d:40:3e:74:dc:9d:
96:ca:62:96:84:ee:11:fb:2e:31:25:03:25:78:a5:
be:04:e3:0e:70:4c:ce:90:32:f7:98:67:58:6c:7e:
75:cc:15:04:c3:bf:95:cb:50:33:8a:3d:3d:75:ea:
e4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C9:41:0B:C8:C4:1A:31:CA:84:3A:33:09:15:41:0A:DC:AC:75:9A
X509v3 Authority Key Identifier:
keyid:88:A7:80:73:8B:85:3A:CF:FB:AB:DB:23:91:4C:50:E3:64:21:F7:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/xslBC8jEGjHKhDozCRVBCtysdZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.28.0/22
IPv6:
2a0d:b880::/29
Signature Algorithm: sha256WithRSAEncryption
6f:72:d8:52:23:8c:1c:58:97:4b:91:31:e7:ce:89:71:2b:d4:
27:33:41:bc:56:37:fe:06:5f:f7:ab:6c:c7:42:c5:ea:40:f9:
42:52:71:e9:d8:a7:8f:82:95:7a:a4:09:a1:f6:2a:47:a6:98:
fd:e8:d6:8d:55:93:52:e8:2c:6e:c7:ed:a3:3b:f4:9f:41:01:
a8:c1:e3:c1:e2:a7:04:97:8f:5e:cf:d7:66:89:53:43:68:44:
1e:48:9c:1b:31:e0:e7:90:4d:bb:b3:3a:08:9b:f4:c2:4d:a1:
b7:dd:40:16:4a:f7:f6:45:d1:db:0a:70:e2:89:bb:8e:17:b6:
69:90:86:ad:85:ab:1e:48:ad:c0:87:7e:37:5b:03:f0:15:71:
fa:2f:d0:6c:77:d6:8e:18:13:31:75:03:fb:2f:ae:10:0a:af:
e5:bf:4b:ef:d1:3d:d5:87:48:ee:25:ac:03:e4:bb:31:98:28:
4e:c8:db:0b:b0:f4:a2:2c:05:8f:a3:fd:30:e1:4d:08:1d:ac:
2f:e6:56:60:f3:40:14:13:db:fd:36:c1:14:6f:65:3e:13:c1:
71:48:4b:64:e0:d1:8a:3f:18:a8:9f:c4:40:b8:c4:da:ae:13:
3d:fe:b6:98:6e:2b:29:52:cf:ed:26:e4:b1:16:fb:53:7d:b9:
4e:43:49:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvndUjmE+9joRPdWH8paW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTc4MDczOGI4NTNhY2ZmYmFiZGIyMzkxNGM1MGUzNjQy
MWY3NzMwHhcNMjMwMTAxMjMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmM5NDEwYmM4YzQxYTMxY2E4NDNhMzMwOTE1NDEwYWRjYWM3NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD9tOL5A6TmlbYbUGNaedPSumHgu
M5EtwqhsfdzxGZaJUxjpYqJ/v5+RZnfd2cLR3A3sCEJCsdCDIYMAQGQxrrwsanX3
N4UpFy7O7AeUCUU0GPyUo530te2FoIm6Zjv+FJ6RBZ/Xr5Zx2sqG5+iIBWquy8TE
4ekne+3njvvkAIkCGWYEvkDCry+Iy3wCJfwm0GDEOOn7Fh7it55i6bGnCiuIIvtp
8NIwInnXCEyBBYNHgZl5sZiVURl5i2XkhrGFFacMInqrUCJ8rbFtQD503J2WymKW
hO4R+y4xJQMleKW+BOMOcEzOkDL3mGdYbH51zBUEw7+Vy1Azij09derkdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMbJQQvIxBoxyoQ6MwkVQQrcrHWaMB8GA1UdIwQY
MBaAFIingHOLhTrP+6vbI5FMUONkIfdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtlQWM0dUZPc183cTlzamtVeFE0MlFoOTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iODk3MDQtNGZkMi00ZTA3LWEwMzkt
NjZmNTZlZjljZTI2LzEveHNsQkM4akVHakhLaERvekNSVkJDdHlzZFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iODk3MDQtNGZkMi00ZTA3LWEwMzktNjZmNTZlZjljZTI2
LzEvaUtlQWM0dUZPc183cTlzamtVeFE0MlFoOTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufccMA0E
AgACMAcDBQMqDbiAMA0GCSqGSIb3DQEBCwUAA4IBAQBvcthSI4wcWJdLkTHnzolx
K9QnM0G8Vjf+Bl/3q2zHQsXqQPlCUnHp2KePgpV6pAmh9ipHppj96NaNVZNS6Cxu
x+2jO/SfQQGowePB4qcEl49ez9dmiVNDaEQeSJwbMeDnkE27szoIm/TCTaG33UAW
Svf2RdHbCnDiibuOF7ZpkIathaseSK3Ah343WwPwFXH6L9Bsd9aOGBMxdQP7L64Q
Cq/lv0vv0T3Vh0juJawD5LsxmChOyNsLsPSiLAWPo/0w4U0IHawv5lZg80AUE9v9
NsEUb2U+E8FxSEtk4NGKPxion8RAuMTarhM9/raYbispUs/tJuSxFvtTfblOQ0lv
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:27 2024 by rpki-client on console-ams.rpki-client.org