Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/s8i8CkM-Y65HQKMIqgPe0id7Qds.roa
File: s8i8CkM-Y65HQKMIqgPe0id7Qds.roa (raw, json)
Hash identifier: K4isLuTatL9oIE0w8qazLIw1D2J3s+/OW0Y2w+w/DCI=
Subject key identifier: B3:C8:BC:0A:43:3E:63:AE:47:40:A3:08:AA:03:DE:D2:27:7B:41:DB
Certificate issuer: /CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Certificate serial: 01856CEF21EAF7ADFB3D4CFA2F14A6A00876
Authority key identifier: 06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/s8i8CkM-Y65HQKMIqgPe0id7Qds.roa
Signing time: Sun 01 Jan 2023 10:44:49 +0000
ROA not before: Sun 01 Jan 2023 10:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29655
IP address blocks: 185.32.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:21:ea:f7:ad:fb:3d:4c:fa:2f:14:a6:a0:08:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Validity
Not Before: Jan 1 10:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3c8bc0a433e63ae4740a308aa03ded2277b41db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d2:4a:0c:3a:ed:68:b0:db:42:58:ca:a6:80:
63:ef:b6:22:a6:5f:aa:64:67:3e:2f:11:ec:eb:6c:
23:3f:66:9e:ae:50:4c:d3:f7:3a:5d:21:8d:ce:31:
d1:06:5c:ed:b2:6f:91:e1:a1:68:44:87:b2:46:c0:
3e:d9:91:99:a4:02:8e:86:71:fd:8d:c7:5c:fa:3c:
af:83:ac:18:f6:38:87:8e:9c:1f:eb:d4:44:ac:f2:
8f:75:06:8a:b0:d6:99:66:93:9a:b6:f3:5a:39:e9:
12:89:f0:4e:9d:3e:9c:92:82:cf:35:a5:a1:ea:9e:
67:4b:d1:47:c3:e0:7b:5f:59:d6:47:24:1a:02:79:
dc:e7:2f:57:71:7f:cc:76:7d:fc:55:46:15:56:52:
d9:c2:9f:95:0a:bf:d8:21:6e:ab:0e:7f:83:3c:cf:
22:77:66:91:07:40:02:30:81:74:7f:8a:0a:fd:9f:
85:90:9e:34:35:50:b7:f8:0b:ad:cd:a2:36:92:98:
71:d4:e6:9c:b3:9b:79:5c:fe:0b:97:97:85:73:29:
77:d1:1e:39:b4:92:76:aa:26:3a:ce:0d:47:ef:02:
4e:c2:50:ec:b5:30:dd:39:d1:d1:24:7b:4f:f2:3d:
a1:e4:42:c6:cb:8a:0a:53:9e:83:d3:31:2c:85:28:
54:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C8:BC:0A:43:3E:63:AE:47:40:A3:08:AA:03:DE:D2:27:7B:41:DB
X509v3 Authority Key Identifier:
keyid:06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/s8i8CkM-Y65HQKMIqgPe0id7Qds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.220.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:90:4a:47:97:98:fb:ea:2c:f4:20:0d:80:39:ff:60:cd:e7:
10:03:ac:db:ca:82:c3:a4:66:0d:da:4c:90:10:d2:3a:e3:0e:
36:8a:b1:10:2c:1a:d5:ad:fe:11:5f:4b:75:c2:93:26:4e:06:
a5:3e:34:05:5f:92:cd:78:79:e4:5b:f0:c9:78:04:e0:9f:49:
00:d0:47:16:68:e2:49:5e:62:ba:13:c7:0e:57:f5:ab:7a:b7:
ec:20:c2:33:c0:bd:a3:ed:c8:09:62:3a:a3:99:9d:5c:cf:96:
62:46:31:a0:8e:c0:cd:e4:85:2a:6d:b2:35:c7:c2:88:19:4f:
3a:5f:3f:a9:43:c4:3b:3a:34:40:29:80:f7:4a:ef:ec:d5:e4:
20:25:2e:43:de:d7:ed:9e:a9:38:67:95:3e:52:9e:0f:48:b6:
b8:9a:c8:32:df:cd:14:c9:86:92:8b:8b:85:ed:0a:9d:5c:cc:
42:ae:f8:5f:66:cf:70:7e:e3:1b:ae:56:76:e8:a6:d7:1b:73:
e5:cd:f3:26:1c:61:10:7d:32:84:7e:d0:c6:8c:28:94:c3:ea:
c7:75:99:4c:fa:7a:c2:78:85:6f:6a:a1:26:6b:53:ec:cc:91:
15:e0:3c:17:a2:92:de:04:c2:7c:e3:cd:25:f5:ca:98:85:3b:
5d:f5:54:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7yHq9637PUz6LxSmoAh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZGExYzZiMWE2NWY3YTNkOTdmOWJkNzVlN2NhYzMxMzUy
NDZmYTUwHhcNMjMwMTAxMTA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M4YmMwYTQzM2U2M2FlNDc0MGEzMDhhYTAzZGVkMjI3N2I0MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtJKDDrtaLDbQljKpoBj77Yipl+q
ZGc+LxHs62wjP2aerlBM0/c6XSGNzjHRBlztsm+R4aFoRIeyRsA+2ZGZpAKOhnH9
jcdc+jyvg6wY9jiHjpwf69RErPKPdQaKsNaZZpOatvNaOekSifBOnT6ckoLPNaWh
6p5nS9FHw+B7X1nWRyQaAnnc5y9XcX/Mdn38VUYVVlLZwp+VCr/YIW6rDn+DPM8i
d2aRB0ACMIF0f4oK/Z+FkJ40NVC3+AutzaI2kphx1Oacs5t5XP4Ll5eFcyl30R45
tJJ2qiY6zg1H7wJOwlDstTDdOdHRJHtP8j2h5ELGy4oKU56D0zEshShUeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPIvApDPmOuR0CjCKoD3tIne0HbMB8GA1UdIwQY
MBaAFAbaHGsaZfej2X+b1158rDE1JG+lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnRvY2F4cGw5NlBaZjV2WFhueXNNVFVrYjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82MmEzYjEtMTE3ZC00YjE3LTk2NjIt
NDVlYjczOGNiOWM4LzEvczhpOENrTS1ZNjVIUUtNSXFnUGUwaWQ3UWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82MmEzYjEtMTE3ZC00YjE3LTk2NjItNDVlYjczOGNiOWM4
LzEvQnRvY2F4cGw5NlBaZjV2WFhueXNNVFVrYjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSDcMA0G
CSqGSIb3DQEBCwUAA4IBAQAekEpHl5j76iz0IA2AOf9gzecQA6zbyoLDpGYN2kyQ
ENI64w42irEQLBrVrf4RX0t1wpMmTgalPjQFX5LNeHnkW/DJeATgn0kA0EcWaOJJ
XmK6E8cOV/WrerfsIMIzwL2j7cgJYjqjmZ1cz5ZiRjGgjsDN5IUqbbI1x8KIGU86
Xz+pQ8Q7OjRAKYD3Su/s1eQgJS5D3tftnqk4Z5U+Up4PSLa4msgy380UyYaSi4uF
7QqdXMxCrvhfZs9wfuMbrlZ26KbXG3PlzfMmHGEQfTKEftDGjCiUw+rHdZlM+nrC
eIVvaqEma1PszJEV4DwXopLeBMJ8480l9cqYhTtd9VRh
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:23 2024 by rpki-client on console-ams.rpki-client.org