Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/IBKtQtvlssjadkN-zXo_05evJTA.roa
File: IBKtQtvlssjadkN-zXo_05evJTA.roa (raw, json)
Hash identifier: 2jd0ei3ILq5/rv1VWqLTWSpHsvjzHtYdOHbVY/wbSgA=
Subject key identifier: 20:12:AD:42:DB:E5:B2:C8:DA:76:43:7E:CD:7A:3F:D3:97:AF:25:30
Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial: 01857039673CE1ACE6F3E8341C77C9B22C08
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/IBKtQtvlssjadkN-zXo_05evJTA.roa
Signing time: Mon 02 Jan 2023 02:04:48 +0000
ROA not before: Mon 02 Jan 2023 02:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 185.114.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:67:3c:e1:ac:e6:f3:e8:34:1c:77:c9:b2:2c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Validity
Not Before: Jan 2 02:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2012ad42dbe5b2c8da76437ecd7a3fd397af2530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:91:85:4d:8e:fc:de:6c:83:6a:8b:52:cc:7b:
a8:a7:00:71:bc:5e:62:ae:39:ba:ec:e6:25:fd:32:
6a:75:3b:41:43:32:eb:fc:8b:99:54:35:11:fb:00:
fd:2b:4f:27:a9:ca:db:76:da:81:33:86:57:58:0d:
9f:a5:1e:60:9e:49:16:3d:1e:54:f1:1a:49:d5:24:
67:c0:64:90:47:97:76:c2:f9:eb:03:4d:c2:e2:d3:
db:67:cd:36:e3:77:a6:1a:0e:4c:3a:ac:41:6a:d9:
f2:9b:f1:fd:95:19:42:36:6e:09:09:1f:31:96:b5:
5d:5a:14:c7:31:6e:43:e2:92:32:71:fc:fe:96:97:
7c:cd:be:dc:87:6c:b3:e3:95:ed:d5:6a:ef:28:54:
d0:76:fe:e1:bc:ce:73:41:a9:e1:09:e4:8a:a8:06:
ce:e1:dc:45:3f:1f:c0:7e:2e:47:09:ab:c5:f2:f5:
db:63:b8:ef:99:88:87:2a:68:73:1f:2c:3f:1a:57:
49:85:4a:fa:95:f9:a7:1d:24:da:a8:61:c1:96:49:
56:81:aa:4a:54:2a:75:a0:ae:12:80:34:fa:6f:78:
04:59:88:01:95:bc:af:09:e2:7e:93:47:ee:51:16:
21:5a:d8:b5:36:49:ed:02:d1:5c:09:53:20:d7:d6:
c9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:12:AD:42:DB:E5:B2:C8:DA:76:43:7E:CD:7A:3F:D3:97:AF:25:30
X509v3 Authority Key Identifier:
keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/IBKtQtvlssjadkN-zXo_05evJTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.34.0/24
Signature Algorithm: sha256WithRSAEncryption
44:b0:1d:17:d1:f6:94:4f:d5:b2:de:2f:36:33:5d:fa:18:3b:
24:df:c8:d4:b2:9e:3d:9b:17:39:b8:10:88:89:f9:51:3c:ea:
7d:19:3b:c8:3e:51:1e:9e:b9:0e:5c:09:7a:a8:27:44:e9:60:
bd:2b:48:38:9b:da:d3:c5:0b:0f:76:e0:2a:3e:00:2e:ef:42:
de:62:96:c5:aa:1d:f7:dd:db:38:38:ab:97:fe:e9:34:c0:fd:
19:a1:57:dc:0d:08:82:f5:23:cf:d7:37:0b:57:c6:90:5b:90:
1f:77:aa:55:68:3f:34:c3:63:1b:4e:70:5c:de:7d:d5:4e:73:
62:e3:40:1d:7a:88:a4:67:36:64:7c:0a:90:14:61:b7:44:ec:
17:f2:9d:dd:49:dd:70:ca:2a:80:2d:6f:be:1c:89:98:65:56:
97:1c:5d:09:b9:b7:62:0b:9c:8a:75:c0:6b:98:73:69:30:c6:
8e:27:4d:d8:65:7b:27:fe:21:3a:d2:aa:98:7f:c1:a1:d0:47:
7f:26:fc:0c:82:ed:73:6b:d7:9d:10:bd:14:f2:95:da:fa:c7:
74:fb:a0:ce:9e:14:4f:f7:28:5e:a0:4d:86:b8:54:d2:45:9e:
7d:a2:95:99:26:a2:97:6f:a1:c0:18:46:88:32:8f:97:87:d3:
d8:01:32:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOWc84azm8+g0HHfJsiwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjMwMTAyMDIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDEyYWQ0MmRiZTViMmM4ZGE3NjQzN2VjZDdhM2ZkMzk3YWYyNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJGFTY783myDaotSzHuopwBxvF5i
rjm67OYl/TJqdTtBQzLr/IuZVDUR+wD9K08nqcrbdtqBM4ZXWA2fpR5gnkkWPR5U
8RpJ1SRnwGSQR5d2wvnrA03C4tPbZ80243emGg5MOqxBatnym/H9lRlCNm4JCR8x
lrVdWhTHMW5D4pIycfz+lpd8zb7ch2yz45Xt1WrvKFTQdv7hvM5zQanhCeSKqAbO
4dxFPx/Afi5HCavF8vXbY7jvmYiHKmhzHyw/GldJhUr6lfmnHSTaqGHBlklWgapK
VCp1oK4SgDT6b3gEWYgBlbyvCeJ+k0fuURYhWti1NkntAtFcCVMg19bJxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCASrULb5bLI2nZDfs16P9OXryUwMB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvSUJLdFF0dmxzc2phZGtOLXpYb18wNWV2SlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXIiMA0G
CSqGSIb3DQEBCwUAA4IBAQBEsB0X0faUT9Wy3i82M136GDsk38jUsp49mxc5uBCI
iflRPOp9GTvIPlEenrkOXAl6qCdE6WC9K0g4m9rTxQsPduAqPgAu70LeYpbFqh33
3ds4OKuX/uk0wP0ZoVfcDQiC9SPP1zcLV8aQW5Afd6pVaD80w2MbTnBc3n3VTnNi
40AdeoikZzZkfAqQFGG3ROwX8p3dSd1wyiqALW++HImYZVaXHF0JubdiC5yKdcBr
mHNpMMaOJ03YZXsn/iE60qqYf8Gh0Ed/JvwMgu1za9edEL0U8pXa+sd0+6DOnhRP
9yheoE2GuFTSRZ59opWZJqKXb6HAGEaIMo+Xh9PYATLL
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:46 2024 by rpki-client on console-ams.rpki-client.org