Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/dJGYK-OF_xdxbHsAtBWQRY1pdZY.roa
File: dJGYK-OF_xdxbHsAtBWQRY1pdZY.roa (raw, json)
Hash identifier: 3Ae/+xV40bBO73tHNjUK0OK77HCG6oVc7Q8a20eaVn4=
Subject key identifier: 74:91:98:2B:E3:85:FF:17:71:6C:7B:00:B4:15:90:45:8D:69:75:96
Certificate issuer: /CN=b53d9f1bc3f0d90b6dcd1e9f6fd1e506188ea7c2
Certificate serial: 0188AE59F9A24159EF5D5333FFA242F865F0
Authority key identifier: B5:3D:9F:1B:C3:F0:D9:0B:6D:CD:1E:9F:6F:D1:E5:06:18:8E:A7:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tT2fG8Pw2QttzR6fb9HlBhiOp8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/dJGYK-OF_xdxbHsAtBWQRY1pdZY.roa
Signing time: Mon 12 Jun 2023 06:45:12 +0000
ROA not before: Mon 12 Jun 2023 06:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199560
IP address blocks: 185.95.210.0/23 maxlen: 23
185.95.208.0/22 maxlen: 24
2a05:fc00::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:59:f9:a2:41:59:ef:5d:53:33:ff:a2:42:f8:65:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53d9f1bc3f0d90b6dcd1e9f6fd1e506188ea7c2
Validity
Not Before: Jun 12 06:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7491982be385ff17716c7b00b41590458d697596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b7:23:02:88:90:f8:a8:ad:2e:ed:34:db:2f:
ff:2e:ab:6a:b8:9d:0f:7d:57:23:18:37:98:04:60:
2d:a5:cf:5e:a2:69:29:32:52:50:8c:78:83:14:a2:
3a:1b:a3:6a:31:69:e4:0e:35:37:9d:91:2b:bb:f5:
e6:19:ba:10:8d:fb:38:4f:de:56:58:f2:2c:9a:4e:
10:b2:b2:16:c6:02:89:86:b9:41:74:69:1c:75:78:
2d:4d:23:50:7b:b7:a6:a8:8f:c1:8c:b1:71:5d:71:
c5:29:e6:b1:68:dd:70:8f:4d:b2:9b:6b:bb:dc:40:
c9:cd:dd:95:49:c1:02:02:a8:3a:6d:35:65:99:1a:
81:36:a4:8c:da:00:ec:8e:80:8f:75:68:af:42:a8:
b7:f7:1f:6f:f8:99:38:e7:0d:9f:c8:af:45:6d:60:
3d:e1:7c:50:8b:cb:5b:17:54:2b:e0:76:b5:78:69:
bc:bb:ea:0b:c8:1b:2f:a9:df:dd:ab:86:04:6c:a0:
d7:e4:28:69:29:45:1c:97:c4:89:95:44:10:3f:6c:
e3:d6:73:d3:07:09:3f:fd:02:a1:ba:50:ce:f8:f5:
73:fb:40:fb:19:fb:45:21:18:24:68:3d:01:fe:97:
a1:1c:dc:73:fe:6c:ec:f4:2b:a8:59:9d:00:2f:f6:
bb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:91:98:2B:E3:85:FF:17:71:6C:7B:00:B4:15:90:45:8D:69:75:96
X509v3 Authority Key Identifier:
keyid:B5:3D:9F:1B:C3:F0:D9:0B:6D:CD:1E:9F:6F:D1:E5:06:18:8E:A7:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tT2fG8Pw2QttzR6fb9HlBhiOp8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/dJGYK-OF_xdxbHsAtBWQRY1pdZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/tT2fG8Pw2QttzR6fb9HlBhiOp8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.208.0/22
IPv6:
2a05:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
44:f1:04:1b:8d:39:17:70:86:8e:30:cb:6f:25:e6:c9:71:ef:
3a:95:14:27:69:61:4f:d1:b9:a7:c3:f2:5f:59:b5:46:82:43:
dd:e3:0d:37:fa:98:0d:ef:4f:b1:76:25:d0:f9:1d:9c:8c:93:
92:b5:f1:89:bc:4f:b9:32:78:de:6b:78:84:83:bf:8a:6a:85:
65:e1:8e:9d:75:ea:1e:fd:64:59:e4:a7:8c:ea:12:bc:a1:6d:
0b:43:0d:b7:b4:c5:db:07:ba:6e:11:03:78:8c:f3:2c:ca:a1:
00:c9:58:c7:24:67:25:b7:f9:27:73:5a:a8:ce:7c:e9:fb:ab:
27:df:5b:01:66:de:1f:d4:18:11:6d:61:46:97:4e:82:12:76:
a2:9d:ab:5a:8e:65:f4:09:c0:b4:5b:53:0a:47:ff:44:3c:18:
52:cc:c6:66:81:34:c0:03:71:82:55:1d:a2:50:91:90:51:f1:
bb:c6:1a:15:c2:01:b9:e6:79:c1:8c:1b:af:7d:c4:f0:d3:c0:
1c:d2:32:c8:29:35:ab:48:41:ca:ad:a1:e4:d7:96:ee:ad:3b:
20:ef:11:8d:f4:31:91:39:1b:b2:95:9b:90:d1:4c:ea:59:f1:
80:70:f0:dd:09:22:4d:0e:04:f7:bd:44:94:84:70:46:35:da:
10:6e:a4:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYiuWfmiQVnvXVMz/6JC+GXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2Q5ZjFiYzNmMGQ5MGI2ZGNkMWU5ZjZmZDFlNTA2MTg4
ZWE3YzIwHhcNMjMwNjEyMDY0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDkxOTgyYmUzODVmZjE3NzE2YzdiMDBiNDE1OTA0NThkNjk3NTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrcjAoiQ+KitLu002y//LqtquJ0P
fVcjGDeYBGAtpc9eomkpMlJQjHiDFKI6G6NqMWnkDjU3nZEru/XmGboQjfs4T95W
WPIsmk4QsrIWxgKJhrlBdGkcdXgtTSNQe7emqI/BjLFxXXHFKeaxaN1wj02ym2u7
3EDJzd2VScECAqg6bTVlmRqBNqSM2gDsjoCPdWivQqi39x9v+Jk45w2fyK9FbWA9
4XxQi8tbF1Qr4Ha1eGm8u+oLyBsvqd/dq4YEbKDX5ChpKUUcl8SJlUQQP2zj1nPT
Bwk//QKhulDO+PVz+0D7GftFIRgkaD0B/pehHNxz/mzs9CuoWZ0AL/a7KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHSRmCvjhf8XcWx7ALQVkEWNaXWWMB8GA1UdIwQY
MBaAFLU9nxvD8NkLbc0en2/R5QYYjqfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFQyZkc4UHcyUXR0elI2ZmI5SGxCaGlPcDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wZTNkNjQtZjI5MC00ODkzLTlhNDAt
YzllMTQxMzMzZDU4LzEvZEpHWUstT0ZfeGR4YkhzQXRCV1FSWTFwZFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wZTNkNjQtZjI5MC00ODkzLTlhNDAtYzllMTQxMzMzZDU4
LzEvdFQyZkc4UHcyUXR0elI2ZmI5SGxCaGlPcDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV/QMA0E
AgACMAcDBQMqBfwAMA0GCSqGSIb3DQEBCwUAA4IBAQBE8QQbjTkXcIaOMMtvJebJ
ce86lRQnaWFP0bmnw/JfWbVGgkPd4w03+pgN70+xdiXQ+R2cjJOStfGJvE+5Mnje
a3iEg7+KaoVl4Y6ddeoe/WRZ5KeM6hK8oW0LQw23tMXbB7puEQN4jPMsyqEAyVjH
JGclt/knc1qoznzp+6sn31sBZt4f1BgRbWFGl06CEnainatajmX0CcC0W1MKR/9E
PBhSzMZmgTTAA3GCVR2iUJGQUfG7xhoVwgG55nnBjBuvfcTw08Ac0jLIKTWrSEHK
raHk15burTsg7xGN9DGRORuylZuQ0UzqWfGAcPDdCSJNDgT3vUSUhHBGNdoQbqT4
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:50 2024 by rpki-client on console-ams.rpki-client.org