Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/IxdaXe6UVN3ifp55gRFBotxBfrs.roa
File: IxdaXe6UVN3ifp55gRFBotxBfrs.roa (raw, json)
Hash identifier: go3bi2s8tNLpgF1TynQR/i3XoG1+Uk6fhYZOvDEC0Vg=
Subject key identifier: 23:17:5A:5D:EE:94:54:DD:E2:7E:9E:79:81:11:41:A2:DC:41:7E:BB
Certificate issuer: /CN=14db04f9c92317ecc7a2aaff2ca4d7098d1bd26a
Certificate serial: 0185720340A05076E58803097DFA432E1775
Authority key identifier: 14:DB:04:F9:C9:23:17:EC:C7:A2:AA:FF:2C:A4:D7:09:8D:1B:D2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNsE-ckjF-zHoqr_LKTXCY0b0mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/IxdaXe6UVN3ifp55gRFBotxBfrs.roa
Signing time: Mon 02 Jan 2023 10:24:53 +0000
ROA not before: Mon 02 Jan 2023 10:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 185.72.124.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:40:a0:50:76:e5:88:03:09:7d:fa:43:2e:17:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14db04f9c92317ecc7a2aaff2ca4d7098d1bd26a
Validity
Not Before: Jan 2 10:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23175a5dee9454dde27e9e79811141a2dc417ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1e:14:27:37:1a:0c:1e:0f:dc:17:b9:6e:2b:
1c:93:5b:3a:a5:45:5c:60:f0:b1:f1:84:47:f7:60:
3b:c5:71:cb:ae:f3:a5:92:ba:49:ee:43:ef:22:3a:
2a:49:09:e1:48:98:9e:18:f9:bc:83:95:08:6b:52:
dc:3e:4e:fc:b6:ce:84:30:40:59:cf:96:db:24:fc:
6d:96:64:2c:1f:e7:c4:1b:1e:41:f2:84:b6:af:26:
30:c5:d2:a9:36:70:26:7d:81:9e:1b:c9:14:f8:d4:
1d:ff:61:14:3f:8f:3c:e9:eb:c4:e7:68:ef:a2:d8:
4e:7b:ae:d9:ce:9b:ca:52:2f:a9:82:a2:66:fd:fa:
38:a0:ed:26:3c:ae:9f:63:41:9c:20:5a:0a:62:d0:
4f:84:8a:52:6a:fe:8d:de:37:e0:2b:30:81:50:d1:
28:a9:a1:5a:02:f0:7e:69:dc:00:dd:24:82:13:68:
7f:a2:13:89:eb:88:a6:c2:71:af:b3:ea:04:85:95:
b3:39:d6:43:21:f1:4e:72:29:5d:81:9e:bc:c0:14:
14:f1:61:50:84:95:70:7b:b8:91:1b:26:7f:3b:fe:
b8:a4:ae:b3:2a:0f:2f:db:82:72:49:df:8e:c9:71:
c5:29:02:8a:1e:bc:c4:3f:7d:41:e1:8c:b2:70:90:
96:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:17:5A:5D:EE:94:54:DD:E2:7E:9E:79:81:11:41:A2:DC:41:7E:BB
X509v3 Authority Key Identifier:
keyid:14:DB:04:F9:C9:23:17:EC:C7:A2:AA:FF:2C:A4:D7:09:8D:1B:D2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNsE-ckjF-zHoqr_LKTXCY0b0mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/IxdaXe6UVN3ifp55gRFBotxBfrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/FNsE-ckjF-zHoqr_LKTXCY0b0mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.124.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:a4:b0:a4:7b:59:20:bb:6e:76:e8:b8:61:17:0b:81:5d:d3:
bb:70:a9:db:b8:27:3e:5b:89:47:b5:38:e6:3f:58:14:60:19:
e5:45:3e:0f:72:7d:79:f7:c3:d1:2b:7c:0e:9a:6c:ee:2d:9e:
20:04:04:e1:fc:b0:a9:b2:74:b4:ce:82:dd:3b:4e:13:79:0a:
4d:79:f2:63:97:1d:5c:2f:4c:07:60:a9:84:9c:01:27:d4:55:
91:83:38:09:f0:a2:93:48:7e:42:26:9d:92:29:61:81:ff:8d:
bf:16:27:b4:f9:5d:74:9d:62:a5:7d:61:b5:4a:6e:97:85:7c:
c7:cb:c1:e7:fa:c5:f9:6f:e0:8d:48:f5:8e:12:d7:26:6a:9a:
c8:74:2c:7e:27:b3:5a:ff:05:81:e2:aa:42:3e:68:c3:b9:83:
27:75:56:8f:19:e5:94:b1:d9:5d:28:2d:ff:bb:e0:8a:94:94:
74:f5:b4:67:1b:72:1a:38:7f:46:89:db:34:a4:27:69:ac:ce:
f3:e2:68:f1:a1:57:ea:5b:1c:3d:38:6b:3a:95:b8:38:2b:43:
05:1e:eb:4f:9e:a0:86:89:cd:ab:26:bf:4a:d9:fd:8a:cc:71:
f8:bd:f6:1e:06:c9:6b:51:ba:20:66:ce:b2:8f:b0:46:6c:e8:
31:11:dc:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA0CgUHbliAMJffpDLhd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZGIwNGY5YzkyMzE3ZWNjN2EyYWFmZjJjYTRkNzA5OGQx
YmQyNmEwHhcNMjMwMTAyMTAyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzE3NWE1ZGVlOTQ1NGRkZTI3ZTllNzk4MTExNDFhMmRjNDE3ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR4UJzcaDB4P3Be5bisck1s6pUVc
YPCx8YRH92A7xXHLrvOlkrpJ7kPvIjoqSQnhSJieGPm8g5UIa1LcPk78ts6EMEBZ
z5bbJPxtlmQsH+fEGx5B8oS2ryYwxdKpNnAmfYGeG8kU+NQd/2EUP4886evE52jv
othOe67ZzpvKUi+pgqJm/fo4oO0mPK6fY0GcIFoKYtBPhIpSav6N3jfgKzCBUNEo
qaFaAvB+adwA3SSCE2h/ohOJ64imwnGvs+oEhZWzOdZDIfFOcildgZ68wBQU8WFQ
hJVwe7iRGyZ/O/64pK6zKg8v24JySd+OyXHFKQKKHrzEP31B4YyycJCWPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMXWl3ulFTd4n6eeYERQaLcQX67MB8GA1UdIwQY
MBaAFBTbBPnJIxfsx6Kq/yyk1wmNG9JqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk5zRS1ja2pGLXpIb3FyX0xLVFhDWTBiMG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy81OTFhNDYtMWUyMS00NTkwLTg3NGMt
NThjN2JmY2RjZmRmLzEvSXhkYVhlNlVWTjNpZnA1NWdSRkJvdHhCZnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy81OTFhNDYtMWUyMS00NTkwLTg3NGMtNThjN2JmY2RjZmRm
LzEvRk5zRS1ja2pGLXpIb3FyX0xLVFhDWTBiMG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUh8MA0G
CSqGSIb3DQEBCwUAA4IBAQC1pLCke1kgu2526LhhFwuBXdO7cKnbuCc+W4lHtTjm
P1gUYBnlRT4Pcn1598PRK3wOmmzuLZ4gBATh/LCpsnS0zoLdO04TeQpNefJjlx1c
L0wHYKmEnAEn1FWRgzgJ8KKTSH5CJp2SKWGB/42/Fie0+V10nWKlfWG1Sm6XhXzH
y8Hn+sX5b+CNSPWOEtcmaprIdCx+J7Na/wWB4qpCPmjDuYMndVaPGeWUsdldKC3/
u+CKlJR09bRnG3IaOH9Gids0pCdprM7z4mjxoVfqWxw9OGs6lbg4K0MFHutPnqCG
ic2rJr9K2f2KzHH4vfYeBslrUbogZs6yj7BGbOgxEdz2
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:43 2024 by rpki-client on console-fra.rpki-client.org