Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/cbe7e5-dcc8-4265-8d7d-48ca33675a50/1/2sLY12CWiZ3OmxgExhvKtn4o-u8.roa
File: 2sLY12CWiZ3OmxgExhvKtn4o-u8.roa (raw, json)
Hash identifier: y0GISB7lBJhB9aMMDQy/W8oJ26G0dM/V3KBzh9ghAvo=
Subject key identifier: DA:C2:D8:D7:60:96:89:9D:CE:9B:18:04:C6:1B:CA:B6:7E:28:FA:EF
Certificate issuer: /CN=e673ff10d7a554fc51a7f99c1f61e1ceef9985bc
Certificate serial: 01856F7963703DA60EEBBDB28BF59A4B64EF
Authority key identifier: E6:73:FF:10:D7:A5:54:FC:51:A7:F9:9C:1F:61:E1:CE:EF:99:85:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5nP_ENelVPxRp_mcH2Hhzu-Zhbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/cbe7e5-dcc8-4265-8d7d-48ca33675a50/1/2sLY12CWiZ3OmxgExhvKtn4o-u8.roa
Signing time: Sun 01 Jan 2023 22:35:04 +0000
ROA not before: Sun 01 Jan 2023 22:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60631
IP address blocks: 185.7.212.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:63:70:3d:a6:0e:eb:bd:b2:8b:f5:9a:4b:64:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e673ff10d7a554fc51a7f99c1f61e1ceef9985bc
Validity
Not Before: Jan 1 22:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dac2d8d76096899dce9b1804c61bcab67e28faef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4c:0e:19:7a:e8:88:87:81:17:2a:24:58:25:
34:14:32:ea:a6:a5:95:4d:2e:dd:6f:7c:ef:5c:1f:
70:18:69:92:7a:bc:07:be:62:8e:1d:2d:ce:d8:4e:
08:16:da:a9:cc:af:67:3d:9a:8e:26:a6:81:6c:4a:
49:e5:a0:32:f8:2f:1c:1f:d7:e9:77:5c:87:a2:b1:
77:27:a6:bc:51:25:71:57:8d:06:ab:69:4e:a2:79:
e6:42:b0:29:35:ef:ce:10:89:01:37:51:20:cb:d3:
93:2f:9a:f5:6e:38:69:cd:31:d3:a0:20:36:32:59:
66:a4:72:22:86:ae:6c:65:18:31:99:92:69:8a:16:
15:67:b0:c3:5c:0a:7e:3c:52:1d:fc:2d:9d:ef:24:
87:ec:80:01:d0:a6:a7:88:4a:1b:11:ae:1a:96:84:
d9:11:e8:cf:e4:31:d7:3e:34:57:eb:48:ba:8b:b2:
cc:ac:94:54:92:2c:0d:71:2b:6b:44:b0:ad:be:15:
0e:a8:d4:c9:b4:c9:7d:c6:e2:a7:c9:61:f7:f5:f1:
1d:43:64:9d:3a:01:8e:b1:95:04:30:39:7e:93:16:
a2:fb:c1:4e:04:5b:32:15:23:5e:25:27:9c:26:98:
e2:86:00:6f:cc:c9:72:d3:20:13:5c:f4:2c:46:59:
cc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C2:D8:D7:60:96:89:9D:CE:9B:18:04:C6:1B:CA:B6:7E:28:FA:EF
X509v3 Authority Key Identifier:
keyid:E6:73:FF:10:D7:A5:54:FC:51:A7:F9:9C:1F:61:E1:CE:EF:99:85:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5nP_ENelVPxRp_mcH2Hhzu-Zhbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/cbe7e5-dcc8-4265-8d7d-48ca33675a50/1/2sLY12CWiZ3OmxgExhvKtn4o-u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/cbe7e5-dcc8-4265-8d7d-48ca33675a50/1/5nP_ENelVPxRp_mcH2Hhzu-Zhbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.212.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:b9:2b:b2:4e:ae:58:b2:d7:28:75:f8:24:38:17:4a:bf:2c:
83:74:01:b1:b7:43:1e:35:6e:30:6d:36:5d:51:67:04:9c:97:
88:a4:19:94:7e:bc:8a:eb:a1:72:92:1b:02:e4:bb:ee:e5:3a:
05:6d:a6:93:40:2c:bf:2d:59:db:53:5e:d9:86:cb:5c:23:39:
76:d4:81:8d:da:59:b4:5c:af:6b:21:a1:80:03:b0:99:57:84:
2c:c2:18:f8:31:4c:96:9d:ce:fa:ac:8b:12:92:b7:04:97:21:
67:07:b4:98:74:b3:ed:5a:4f:d4:79:35:aa:8a:59:35:4b:f0:
cb:b7:df:a1:04:bd:29:ab:a3:7e:b3:27:89:2e:8f:13:ce:bb:
75:cb:ef:a8:d5:75:39:b0:68:7f:72:93:d6:94:3b:ee:b4:87:
9e:25:a4:ee:71:35:65:6a:c5:d2:2e:dd:a2:52:18:8c:03:75:
4c:6d:3e:4b:1f:0e:f6:0d:40:51:21:f1:ae:64:f3:12:f4:e1:
38:94:e4:15:26:8b:4c:e4:03:84:35:01:8e:b1:8a:d3:80:6f:
9f:8a:1c:78:e9:a7:66:e5:ca:ad:c9:7c:97:67:07:8f:a6:40:
b7:36:de:10:a8:6e:9f:c0:27:50:56:23:4e:da:82:47:61:da:
9c:db:76:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveWNwPaYO672yi/WaS2TvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NzNmZjEwZDdhNTU0ZmM1MWE3Zjk5YzFmNjFlMWNlZWY5
OTg1YmMwHhcNMjMwMTAxMjIzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWMyZDhkNzYwOTY4OTlkY2U5YjE4MDRjNjFiY2FiNjdlMjhmYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkwOGXroiIeBFyokWCU0FDLqpqWV
TS7db3zvXB9wGGmSerwHvmKOHS3O2E4IFtqpzK9nPZqOJqaBbEpJ5aAy+C8cH9fp
d1yHorF3J6a8USVxV40Gq2lOonnmQrApNe/OEIkBN1Egy9OTL5r1bjhpzTHToCA2
MllmpHIihq5sZRgxmZJpihYVZ7DDXAp+PFId/C2d7ySH7IAB0KaniEobEa4aloTZ
EejP5DHXPjRX60i6i7LMrJRUkiwNcStrRLCtvhUOqNTJtMl9xuKnyWH39fEdQ2Sd
OgGOsZUEMDl+kxai+8FOBFsyFSNeJSecJpjihgBvzMly0yATXPQsRlnM9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrC2NdglomdzpsYBMYbyrZ+KPrvMB8GA1UdIwQY
MBaAFOZz/xDXpVT8Uaf5nB9h4c7vmYW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW5QX0VOZWxWUHhScF9tY0gySGh6dS1aaGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jYmU3ZTUtZGNjOC00MjY1LThkN2Qt
NDhjYTMzNjc1YTUwLzEvMnNMWTEyQ1dpWjNPbXhnRXhodkt0bjRvLXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jYmU3ZTUtZGNjOC00MjY1LThkN2QtNDhjYTMzNjc1YTUw
LzEvNW5QX0VOZWxWUHhScF9tY0gySGh6dS1aaGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQfUMA0G
CSqGSIb3DQEBCwUAA4IBAQB6uSuyTq5YstcodfgkOBdKvyyDdAGxt0MeNW4wbTZd
UWcEnJeIpBmUfryK66FykhsC5Lvu5ToFbaaTQCy/LVnbU17ZhstcIzl21IGN2lm0
XK9rIaGAA7CZV4Qswhj4MUyWnc76rIsSkrcElyFnB7SYdLPtWk/UeTWqilk1S/DL
t9+hBL0pq6N+syeJLo8Tzrt1y++o1XU5sGh/cpPWlDvutIeeJaTucTVlasXSLt2i
UhiMA3VMbT5LHw72DUBRIfGuZPMS9OE4lOQVJotM5AOENQGOsYrTgG+fihx46adm
5cqtyXyXZwePpkC3Nt4QqG6fwCdQViNO2oJHYdqc23Yx
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:34 2024 by rpki-client on console-ams.rpki-client.org