Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bd9e02-c424-4e14-aab7-39461aaa5be7/1/x9zl3vMkE9ihDjAa5q4EM4aaVZg.roa
File: x9zl3vMkE9ihDjAa5q4EM4aaVZg.roa (raw, json)
Hash identifier: b+/U2/1nugmClG2RH91KzcwWDUI2bMgV6Mjtkb9KPJo=
Subject key identifier: C7:DC:E5:DE:F3:24:13:D8:A1:0E:30:1A:E6:AE:04:33:86:9A:55:98
Certificate issuer: /CN=9d4303a0a999d8118bbc7e96ad38efbb14496ea2
Certificate serial: 0189BA0CA487D55D4D1F598B1573CC2EDC50
Authority key identifier: 9D:43:03:A0:A9:99:D8:11:8B:BC:7E:96:AD:38:EF:BB:14:49:6E:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nUMDoKmZ2BGLvH6WrTjvuxRJbqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bd9e02-c424-4e14-aab7-39461aaa5be7/1/x9zl3vMkE9ihDjAa5q4EM4aaVZg.roa
Signing time: Thu 03 Aug 2023 06:18:57 +0000
ROA not before: Thu 03 Aug 2023 06:18:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212401
IP address blocks: 185.209.241.0/24 maxlen: 24
2a10:ee00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:0c:a4:87:d5:5d:4d:1f:59:8b:15:73:cc:2e:dc:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d4303a0a999d8118bbc7e96ad38efbb14496ea2
Validity
Not Before: Aug 3 06:18:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7dce5def32413d8a10e301ae6ae0433869a5598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d2:db:cf:61:a7:22:91:1f:db:30:43:fc:ff:
d7:f8:6e:07:23:4b:50:28:9b:92:6f:c4:78:73:7d:
76:b4:1b:56:50:db:7f:e4:2a:c1:cd:ab:e9:46:f1:
9f:2a:ff:b4:27:7d:3a:01:79:bb:c3:53:cf:a6:de:
8c:c5:a7:83:59:76:c6:d5:a9:a1:83:c6:e4:ab:7d:
2d:e1:a4:5c:73:8e:57:01:fc:31:d7:7b:c4:1c:13:
5c:23:6c:64:d4:19:f4:51:21:c7:aa:c7:6a:b5:c1:
c0:08:34:ce:be:ba:fc:27:75:67:51:c8:6b:c9:d7:
a3:c4:01:50:1d:73:d1:f3:49:d7:f6:6f:84:89:8a:
d9:ec:22:cc:80:07:28:4e:21:d7:7b:81:ca:34:51:
b2:72:77:52:62:7b:66:c0:e3:d5:cf:04:0f:56:3b:
54:a5:b6:a0:b4:47:30:29:47:79:c2:80:c9:ad:6b:
56:19:d4:4b:cc:50:e4:d9:42:e8:0f:d0:e8:8d:e4:
c6:05:3d:3f:02:9b:64:19:6a:86:4d:a4:ba:ba:f2:
c8:e2:4a:94:7c:ec:22:66:c2:b6:4d:2f:d3:f6:9c:
2d:8f:8f:6e:75:73:f5:98:58:c1:63:5e:3a:b5:19:
47:02:91:30:63:22:36:e8:e5:ff:08:c8:c9:6a:99:
8d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DC:E5:DE:F3:24:13:D8:A1:0E:30:1A:E6:AE:04:33:86:9A:55:98
X509v3 Authority Key Identifier:
keyid:9D:43:03:A0:A9:99:D8:11:8B:BC:7E:96:AD:38:EF:BB:14:49:6E:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nUMDoKmZ2BGLvH6WrTjvuxRJbqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bd9e02-c424-4e14-aab7-39461aaa5be7/1/x9zl3vMkE9ihDjAa5q4EM4aaVZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bd9e02-c424-4e14-aab7-39461aaa5be7/1/nUMDoKmZ2BGLvH6WrTjvuxRJbqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.241.0/24
IPv6:
2a10:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
b4:42:f3:99:f5:aa:dd:33:26:58:34:93:64:e0:5b:8d:0b:bb:
53:9b:d1:7d:42:1d:39:20:5f:5b:9d:2a:cf:a6:9d:94:ec:0f:
17:c0:e3:aa:fa:78:dc:c2:62:32:73:e1:f9:8a:6c:5f:59:47:
54:32:5b:65:0b:db:89:a3:3a:bb:65:9c:85:75:45:1e:62:26:
f5:75:3c:10:6d:31:c2:19:8c:98:91:a1:07:0b:92:bf:03:08:
83:37:a1:b5:e6:8d:07:56:d5:a3:f7:c2:18:8a:29:92:ff:9a:
6d:93:bf:cc:72:d9:fd:9c:45:f9:b7:35:7d:e6:78:f0:5a:75:
d5:d2:76:db:da:45:97:c5:4e:e8:c2:00:a7:03:9c:a2:5f:57:
4c:9e:b2:63:6f:3f:f5:e6:73:b8:50:91:98:4e:cd:d5:56:f8:
a5:8c:00:9b:4a:4c:32:31:fc:81:7f:5d:29:2f:d8:d7:dd:7f:
6c:68:6a:9a:2f:ca:cd:e9:ea:21:9d:b8:dd:06:9b:8f:25:aa:
07:80:e5:f5:5b:31:a5:e2:5a:94:63:74:41:f7:68:4c:02:0d:
4f:b1:12:c8:ef:4c:84:5d:2d:04:a0:18:93:dd:4b:2b:de:ee:
a4:47:79:28:bc:80:9b:d4:ab:76:9e:2f:65:0a:bf:85:4c:4f:
c5:13:db:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYm6DKSH1V1NH1mLFXPMLtxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNDMwM2EwYTk5OWQ4MTE4YmJjN2U5NmFkMzhlZmJiMTQ0
OTZlYTIwHhcNMjMwODAzMDYxODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RjZTVkZWYzMjQxM2Q4YTEwZTMwMWFlNmFlMDQzMzg2OWE1NTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtLbz2GnIpEf2zBD/P/X+G4HI0tQ
KJuSb8R4c312tBtWUNt/5CrBzavpRvGfKv+0J306AXm7w1PPpt6MxaeDWXbG1amh
g8bkq30t4aRcc45XAfwx13vEHBNcI2xk1Bn0USHHqsdqtcHACDTOvrr8J3VnUchr
ydejxAFQHXPR80nX9m+EiYrZ7CLMgAcoTiHXe4HKNFGycndSYntmwOPVzwQPVjtU
pbagtEcwKUd5woDJrWtWGdRLzFDk2ULoD9DojeTGBT0/AptkGWqGTaS6uvLI4kqU
fOwiZsK2TS/T9pwtj49udXP1mFjBY146tRlHApEwYyI26OX/CMjJapmN7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMfc5d7zJBPYoQ4wGuauBDOGmlWYMB8GA1UdIwQY
MBaAFJ1DA6CpmdgRi7x+lq0477sUSW6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblVNRG9LbVoyQkdMdkg2V3JUanZ1eFJKYnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iZDllMDItYzQyNC00ZTE0LWFhYjct
Mzk0NjFhYWE1YmU3LzEveDl6bDN2TWtFOWloRGpBYTVxNEVNNGFhVlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iZDllMDItYzQyNC00ZTE0LWFhYjctMzk0NjFhYWE1YmU3
LzEvblVNRG9LbVoyQkdMdkg2V3JUanZ1eFJKYnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudHxMA0E
AgACMAcDBQAqEO4AMA0GCSqGSIb3DQEBCwUAA4IBAQC0QvOZ9ardMyZYNJNk4FuN
C7tTm9F9Qh05IF9bnSrPpp2U7A8XwOOq+njcwmIyc+H5imxfWUdUMltlC9uJozq7
ZZyFdUUeYib1dTwQbTHCGYyYkaEHC5K/AwiDN6G15o0HVtWj98IYiimS/5ptk7/M
ctn9nEX5tzV95njwWnXV0nbb2kWXxU7owgCnA5yiX1dMnrJjbz/15nO4UJGYTs3V
VviljACbSkwyMfyBf10pL9jX3X9saGqaL8rN6eohnbjdBpuPJaoHgOX1WzGl4lqU
Y3RB92hMAg1PsRLI70yEXS0EoBiT3Usr3u6kR3kovICb1Kt2ni9lCr+FTE/FE9tQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:29 2024 by rpki-client on console-ams.rpki-client.org