Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/riGy3L7lO25U8QUqwdIn61RzncA.roa
File: riGy3L7lO25U8QUqwdIn61RzncA.roa (raw, json)
Hash identifier: 8u5PcXCNXrNKNLr13KGoBlU2WajYuxzSO7Rn0cXdSfM=
Subject key identifier: AE:21:B2:DC:BE:E5:3B:6E:54:F1:05:2A:C1:D2:27:EB:54:73:9D:C0
Certificate issuer: /CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Certificate serial: 01856CEF236D1B9CA0C826526144070CE455
Authority key identifier: 06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/riGy3L7lO25U8QUqwdIn61RzncA.roa
Signing time: Sun 01 Jan 2023 10:44:49 +0000
ROA not before: Sun 01 Jan 2023 10:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56803
IP address blocks: 185.195.71.0/24 maxlen: 24
91.201.56.252/32 maxlen: 32
2a05:ad00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:23:6d:1b:9c:a0:c8:26:52:61:44:07:0c:e4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Validity
Not Before: Jan 1 10:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae21b2dcbee53b6e54f1052ac1d227eb54739dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:21:95:f4:4b:78:43:ff:0f:0c:11:93:21:c8:
28:c3:bd:1f:fc:b1:ea:6e:d6:01:04:08:46:bc:38:
fc:bb:15:f5:8b:be:52:fa:5d:6e:af:3c:31:97:c4:
29:fd:a3:b0:6e:8d:a7:18:a2:63:bf:df:9e:5e:80:
a9:48:52:3f:c6:d0:fa:6a:95:5d:9b:d1:b9:9b:c6:
23:02:3a:21:94:01:f7:c8:27:e0:00:4a:7a:11:7a:
55:8f:7b:e3:ac:b3:cc:58:a5:04:d7:99:31:f3:14:
1d:d0:4a:b7:a0:92:f8:fe:db:b2:32:22:9f:92:62:
ae:83:07:a7:a5:bd:68:06:95:b3:e1:4f:45:2a:02:
39:69:c0:f9:c5:d0:df:d0:94:46:b9:af:70:f0:7a:
5e:b7:95:f9:4c:14:e9:a6:31:79:09:53:c9:db:95:
c1:49:2f:0c:8d:80:95:4d:d4:8c:0f:6c:63:55:52:
d5:c9:85:fe:57:c5:47:d8:99:24:d4:5e:0a:f4:36:
0d:dc:9d:96:3b:d1:d2:99:52:3e:86:6a:6c:4d:6f:
22:39:57:2f:43:09:68:d5:f4:02:b9:f7:4a:e4:58:
82:60:53:06:56:0a:22:86:8f:c5:4a:20:e0:58:fd:
5e:f9:bb:79:01:00:2c:0a:3d:91:3c:58:cc:ca:52:
3f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:21:B2:DC:BE:E5:3B:6E:54:F1:05:2A:C1:D2:27:EB:54:73:9D:C0
X509v3 Authority Key Identifier:
keyid:06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/riGy3L7lO25U8QUqwdIn61RzncA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.56.252/32
185.195.71.0/24
IPv6:
2a05:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
1d:2b:76:f2:f1:fa:f0:80:ec:b1:9f:a7:5b:4e:b8:f7:39:3b:
aa:0b:82:52:4e:a6:22:55:4e:5f:63:d1:6d:38:ba:f0:88:83:
cd:1d:a8:06:44:bd:73:c5:6e:14:1d:aa:70:73:8a:6a:62:e8:
be:02:04:ae:b0:8e:3e:50:ab:cd:3a:7f:e3:15:c7:41:2d:69:
8d:ef:9f:15:28:51:be:86:ed:42:71:b2:bc:61:df:f1:3f:9c:
62:a2:3d:bd:9f:04:de:8b:d5:09:2f:9c:ba:bb:5b:fe:e6:62:
98:df:ba:ff:e3:c6:58:d9:71:5f:83:54:2f:c2:45:a0:64:23:
6e:6f:4d:2f:b9:37:77:5b:33:05:41:01:1b:6b:91:9e:a3:81:
30:1a:dd:92:36:96:02:54:a4:bb:c6:c1:ac:16:d7:e2:25:45:
dc:16:e0:33:60:89:07:75:49:8f:ba:86:71:c2:fc:09:d5:41:
41:a8:88:40:a9:a7:0c:3d:ad:a4:1a:35:3d:94:4e:e0:3f:64:
5a:60:cf:83:a1:da:ee:67:26:fa:78:22:a8:49:f8:4f:15:9e:
e0:1a:64:9b:40:d4:90:dc:6c:5e:bf:2f:7d:b1:23:07:2e:17:
17:e7:92:c9:97:c1:c4:b9:ea:86:ed:3b:e7:ca:f7:99:1a:85:
0b:50:d1:93
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVs7yNtG5ygyCZSYUQHDORVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZGExYzZiMWE2NWY3YTNkOTdmOWJkNzVlN2NhYzMxMzUy
NDZmYTUwHhcNMjMwMTAxMTA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTIxYjJkY2JlZTUzYjZlNTRmMTA1MmFjMWQyMjdlYjU0NzM5ZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSGV9Et4Q/8PDBGTIcgow70f/LHq
btYBBAhGvDj8uxX1i75S+l1urzwxl8Qp/aOwbo2nGKJjv9+eXoCpSFI/xtD6apVd
m9G5m8YjAjohlAH3yCfgAEp6EXpVj3vjrLPMWKUE15kx8xQd0Eq3oJL4/tuyMiKf
kmKugwenpb1oBpWz4U9FKgI5acD5xdDf0JRGua9w8Hpet5X5TBTppjF5CVPJ25XB
SS8MjYCVTdSMD2xjVVLVyYX+V8VH2Jkk1F4K9DYN3J2WO9HSmVI+hmpsTW8iOVcv
Qwlo1fQCufdK5FiCYFMGVgoiho/FSiDgWP1e+bt5AQAsCj2RPFjMylI/4QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFK4hsty+5TtuVPEFKsHSJ+tUc53AMB8GA1UdIwQY
MBaAFAbaHGsaZfej2X+b1158rDE1JG+lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnRvY2F4cGw5NlBaZjV2WFhueXNNVFVrYjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82MmEzYjEtMTE3ZC00YjE3LTk2NjIt
NDVlYjczOGNiOWM4LzEvcmlHeTNMN2xPMjVVOFFVcXdkSW42MVJ6bmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82MmEzYjEtMTE3ZC00YjE3LTk2NjItNDVlYjczOGNiOWM4
LzEvQnRvY2F4cGw5NlBaZjV2WFhueXNNVFVrYjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANAwUAW8k4/AME
ALnDRzANBAIAAjAHAwUDKgWtADANBgkqhkiG9w0BAQsFAAOCAQEAHSt28vH68IDs
sZ+nW0649zk7qguCUk6mIlVOX2PRbTi68IiDzR2oBkS9c8VuFB2qcHOKamLovgIE
rrCOPlCrzTp/4xXHQS1pje+fFShRvobtQnGyvGHf8T+cYqI9vZ8E3ovVCS+curtb
/uZimN+6/+PGWNlxX4NUL8JFoGQjbm9NL7k3d1szBUEBG2uRnqOBMBrdkjaWAlSk
u8bBrBbX4iVF3BbgM2CJB3VJj7qGccL8CdVBQaiIQKmnDD2tpBo1PZRO4D9kWmDP
g6Ha7mcm+ngiqEn4TxWe4Bpkm0DUkNxsXr8vfbEjBy4XF+eSyZfBxLnqhu0758r3
mRqFC1DRkw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org