Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/a2kiPAVmywDmeorOarX_BLke-Ic.roa
File: a2kiPAVmywDmeorOarX_BLke-Ic.roa (raw, json)
Hash identifier: yOAi2RxzHuydbSMCJZvEnjT9A1ZeIzRu0ZszCTxhfNo=
Subject key identifier: 6B:69:22:3C:05:66:CB:00:E6:7A:8A:CE:6A:B5:FF:04:B9:1E:F8:87
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F024E64D87C23D0995D510A5C0FCA8B
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/a2kiPAVmywDmeorOarX_BLke-Ic.roa
Signing time: Sun 01 Jan 2023 20:25:00 +0000
ROA not before: Sun 01 Jan 2023 20:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201673
IP address blocks: 85.254.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4e:64:d8:7c:23:d0:99:5d:51:0a:5c:0f:ca:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b69223c0566cb00e67a8ace6ab5ff04b91ef887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:38:b4:79:e7:f5:d5:e9:ca:e7:1f:a1:72:1a:
87:41:05:76:55:36:79:c5:17:82:47:58:ca:42:1b:
b7:7c:a2:9e:c2:92:be:4c:ec:a7:a3:47:d8:d4:8e:
80:05:12:c4:7b:b5:16:ca:4e:88:27:09:e2:4f:3c:
55:46:9b:1d:1f:dc:9f:df:00:59:71:a1:33:cd:10:
9e:19:47:c0:bd:14:6a:5e:ae:1c:00:08:20:91:09:
7f:17:b2:0c:43:03:d4:33:d7:c7:59:57:a9:0b:cf:
2f:8a:9d:29:6c:81:55:3d:d7:80:de:49:43:33:d7:
cb:d5:d1:36:e4:26:a5:5b:2b:3f:a5:94:59:cc:b2:
12:c1:6b:9c:5f:72:45:d4:76:65:0f:32:18:a1:00:
05:9d:0b:f0:ed:1a:9c:b8:f5:e0:97:3f:9b:5e:cd:
f6:ce:2d:4c:d2:1b:a3:80:0b:ad:85:30:b4:c1:a8:
21:97:c0:30:26:c9:ae:70:96:86:57:85:83:3b:a9:
ee:5e:69:11:9d:e9:ca:27:92:49:7d:fc:38:be:5f:
1c:46:0a:ca:58:9c:a8:7f:3d:a1:1f:bd:32:64:09:
46:a2:35:27:29:9d:a7:82:44:64:57:06:78:e6:be:
f6:f3:b8:ed:cd:76:b5:ad:f3:d8:9f:be:40:d0:34:
1c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:69:22:3C:05:66:CB:00:E6:7A:8A:CE:6A:B5:FF:04:B9:1E:F8:87
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/a2kiPAVmywDmeorOarX_BLke-Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.148.0/24
Signature Algorithm: sha256WithRSAEncryption
21:59:6f:2b:a4:51:6c:49:3d:73:bb:52:17:23:36:15:34:e9:
cc:31:f5:5c:03:d7:01:57:18:b1:cc:e5:6f:d0:ee:47:73:e6:
0b:87:85:0d:93:39:71:ad:82:28:ad:8a:ff:8c:e3:f3:ff:b1:
d1:05:c5:ea:38:a1:ae:ca:82:f0:49:01:bf:21:1d:fb:f3:ab:
55:00:90:4d:cd:46:6f:50:e4:8e:52:4d:c9:e7:7b:fb:99:32:
e3:5a:d5:9d:26:15:31:99:d6:c2:9b:ad:44:10:ac:69:f8:6f:
37:14:fa:6a:9f:04:14:c9:b3:aa:50:5f:c2:09:25:62:15:9f:
e8:8c:4b:08:02:63:0b:12:0c:65:08:39:98:63:a0:c7:c5:34:
16:22:c9:ba:01:ac:76:8d:f2:1e:e1:9b:07:c0:f4:83:57:48:
eb:54:12:b4:71:4f:81:f4:e7:e9:98:52:c1:32:e0:d2:51:ab:
32:7c:76:19:4f:9d:bc:a5:3d:79:5a:aa:a6:30:e0:d7:62:94:
fb:8f:2c:b9:60:81:f4:54:ee:49:88:31:0d:35:b9:35:d3:ba:
fa:b7:31:8e:ec:3e:1a:3a:21:60:5e:9a:b6:61:c0:7c:bb:15:
03:00:6f:2a:24:ae:48:a5:68:74:fb:dd:1c:a3:6b:df:01:0f:
43:b4:f0:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAk5k2Hwj0JldUQpcD8qLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjY5MjIzYzA1NjZjYjAwZTY3YThhY2U2YWI1ZmYwNGI5MWVmODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDi0eef11enK5x+hchqHQQV2VTZ5
xReCR1jKQhu3fKKewpK+TOyno0fY1I6ABRLEe7UWyk6IJwniTzxVRpsdH9yf3wBZ
caEzzRCeGUfAvRRqXq4cAAggkQl/F7IMQwPUM9fHWVepC88vip0pbIFVPdeA3klD
M9fL1dE25CalWys/pZRZzLISwWucX3JF1HZlDzIYoQAFnQvw7RqcuPXglz+bXs32
zi1M0hujgAuthTC0waghl8AwJsmucJaGV4WDO6nuXmkRnenKJ5JJffw4vl8cRgrK
WJyofz2hH70yZAlGojUnKZ2ngkRkVwZ45r7287jtzXa1rfPYn75A0DQcfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtpIjwFZssA5nqKzmq1/wS5HviHMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvYTJraVBBVm15d0RtZW9yT2FyWF9CTGtlLUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf6UMA0G
CSqGSIb3DQEBCwUAA4IBAQAhWW8rpFFsST1zu1IXIzYVNOnMMfVcA9cBVxixzOVv
0O5Hc+YLh4UNkzlxrYIorYr/jOPz/7HRBcXqOKGuyoLwSQG/IR3786tVAJBNzUZv
UOSOUk3J53v7mTLjWtWdJhUxmdbCm61EEKxp+G83FPpqnwQUybOqUF/CCSViFZ/o
jEsIAmMLEgxlCDmYY6DHxTQWIsm6Aax2jfIe4ZsHwPSDV0jrVBK0cU+B9OfpmFLB
MuDSUasyfHYZT528pT15WqqmMODXYpT7jyy5YIH0VO5JiDENNbk107r6tzGO7D4a
OiFgXpq2YcB8uxUDAG8qJK5IpWh0+90co2vfAQ9DtPBi
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org