Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/K5Xoqaz3dhA4xdwnaD3kXPpGE98.roa
File: K5Xoqaz3dhA4xdwnaD3kXPpGE98.roa (raw, json)
Hash identifier: pTRuJGzMmNpgqBoI9ZAf0PsIMZdoNvDgYo0BDQuIoAY=
Subject key identifier: 2B:95:E8:A9:AC:F7:76:10:38:C5:DC:27:68:3D:E4:5C:FA:46:13:DF
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 01856EC1FA8FDD4C0AF03D0CEB3736CBA31E
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/K5Xoqaz3dhA4xdwnaD3kXPpGE98.roa
Signing time: Sun 01 Jan 2023 19:14:44 +0000
ROA not before: Sun 01 Jan 2023 19:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199450
IP address blocks: 185.12.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:fa:8f:dd:4c:0a:f0:3d:0c:eb:37:36:cb:a3:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jan 1 19:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b95e8a9acf7761038c5dc27683de45cfa4613df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:e8:cc:48:cd:bc:7c:75:84:d4:b9:8a:ec:
60:0d:67:e7:8c:3a:f1:6a:b4:a0:35:fa:20:e4:f8:
e2:c1:9f:22:12:15:7f:06:c4:58:e9:15:5c:da:83:
2d:ab:db:c8:97:1a:19:55:81:de:dc:da:b0:05:9a:
56:5e:10:d1:eb:ba:3d:6c:23:ff:52:d4:f5:c5:a6:
3d:0f:94:db:d0:e2:2d:1c:51:98:55:41:6c:90:9e:
b5:ec:94:1d:54:62:72:6a:27:44:f7:29:f1:53:37:
1d:be:0a:ce:8c:51:f7:1a:2a:31:13:59:7d:5d:06:
91:8b:7d:a2:3f:7c:db:4b:48:67:26:4f:bb:93:f5:
ce:68:3b:86:2f:fc:d1:ea:5b:1c:6a:b8:42:d0:a2:
09:b4:f3:80:0a:fc:0f:c8:48:7e:59:14:9b:1f:a9:
5c:68:e3:b8:d1:02:7f:31:53:37:0b:81:ee:3f:5c:
71:97:65:4a:91:ba:2f:a9:50:ae:03:2b:03:64:28:
85:61:fb:ba:05:1c:d0:c6:3e:06:af:8c:29:f3:db:
38:ad:ef:7f:1a:d8:3d:37:7c:ed:45:1a:47:f2:f9:
22:b8:df:fe:01:77:77:88:88:12:92:f3:12:f0:1c:
d4:64:e0:e9:6f:c6:8c:db:4d:98:15:51:34:43:fe:
4f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:95:E8:A9:AC:F7:76:10:38:C5:DC:27:68:3D:E4:5C:FA:46:13:DF
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/K5Xoqaz3dhA4xdwnaD3kXPpGE98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.10.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:2d:53:95:b5:e0:49:59:9c:6a:39:d2:d4:3a:75:55:97:ec:
62:96:d5:0a:47:6d:fc:6a:6a:89:f8:28:b4:0f:56:af:a5:87:
e3:f2:58:1b:7a:bf:fe:bf:10:fb:d9:19:4b:de:19:0f:6c:21:
1b:db:ae:85:83:52:f6:82:27:e4:73:28:95:93:28:a2:91:14:
d1:44:79:9f:10:e2:12:e4:9a:16:02:ec:c2:5c:b6:b6:d3:5e:
23:10:28:61:34:69:ab:38:13:fa:d3:5e:2f:08:15:d1:68:09:
a2:29:cd:2e:1d:c2:8f:b9:e6:6e:37:41:19:f3:f4:ba:2f:5b:
0d:7c:fa:64:bb:ac:0c:df:11:3c:10:af:fd:ed:2c:d5:06:a2:
63:e0:25:dc:07:c6:1f:c0:8a:24:59:ca:04:e7:e7:90:8e:4f:
b4:cc:38:d1:a2:7f:05:9a:b9:18:a4:d3:41:b9:85:30:a2:39:
2e:cc:85:7c:1f:50:18:63:0e:64:e3:02:c3:44:8c:72:f4:8f:
ba:9b:3d:27:13:44:49:27:6a:7e:c2:3b:99:57:0b:22:17:71:
f9:e7:1e:30:62:dd:e0:26:f3:99:b9:96:af:aa:7c:3f:d2:91:
5c:e7:fa:b7:93:ff:f3:82:4a:f5:f8:85:a0:74:a9:a2:91:78:
76:f3:85:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwfqP3UwK8D0M6zc2y6MeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjMwMTAxMTkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk1ZThhOWFjZjc3NjEwMzhjNWRjMjc2ODNkZTQ1Y2ZhNDYxM2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBvozEjNvHx1hNS5iuxgDWfnjDrx
arSgNfog5PjiwZ8iEhV/BsRY6RVc2oMtq9vIlxoZVYHe3NqwBZpWXhDR67o9bCP/
UtT1xaY9D5Tb0OItHFGYVUFskJ617JQdVGJyaidE9ynxUzcdvgrOjFH3GioxE1l9
XQaRi32iP3zbS0hnJk+7k/XOaDuGL/zR6lscarhC0KIJtPOACvwPyEh+WRSbH6lc
aOO40QJ/MVM3C4HuP1xxl2VKkbovqVCuAysDZCiFYfu6BRzQxj4Gr4wp89s4re9/
Gtg9N3ztRRpH8vkiuN/+AXd3iIgSkvMS8BzUZODpb8aM202YFVE0Q/5PVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCuV6Kms93YQOMXcJ2g95Fz6RhPfMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvSzVYb3FhejNkaEE0eGR3bmFEM2tYUHBHRTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQwKMA0G
CSqGSIb3DQEBCwUAA4IBAQBqLVOVteBJWZxqOdLUOnVVl+xiltUKR238amqJ+Ci0
D1avpYfj8lgber/+vxD72RlL3hkPbCEb266Fg1L2gifkcyiVkyiikRTRRHmfEOIS
5JoWAuzCXLa2014jEChhNGmrOBP6014vCBXRaAmiKc0uHcKPueZuN0EZ8/S6L1sN
fPpku6wM3xE8EK/97SzVBqJj4CXcB8YfwIokWcoE5+eQjk+0zDjRon8FmrkYpNNB
uYUwojkuzIV8H1AYYw5k4wLDRIxy9I+6mz0nE0RJJ2p+wjuZVwsiF3H55x4wYt3g
JvOZuZavqnw/0pFc5/q3k//zgkr1+IWgdKmikXh284VV
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:03 2024 by rpki-client on console-fra.rpki-client.org