Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/CnigbkroclsG4uOxTWyv9ITevNU.roa
File: CnigbkroclsG4uOxTWyv9ITevNU.roa (raw, json)
Hash identifier: jjz8j7ccJ+dSWk7FAtHol8FLQjSUkhSBzVghWYDdzww=
Subject key identifier: 0A:78:A0:6E:4A:E8:72:5B:06:E2:E3:B1:4D:6C:AF:F4:84:DE:BC:D5
Certificate issuer: /CN=d32277ea304b2844a78689b3aa0d9219e3366773
Certificate serial: 01856EC1FEC6E67037E715DBCFB28338CF8C
Authority key identifier: D3:22:77:EA:30:4B:28:44:A7:86:89:B3:AA:0D:92:19:E3:36:67:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0yJ36jBLKESnhomzqg2SGeM2Z3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/CnigbkroclsG4uOxTWyv9ITevNU.roa
Signing time: Sun 01 Jan 2023 19:14:45 +0000
ROA not before: Sun 01 Jan 2023 19:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205103
IP address blocks: 185.230.68.0/22 maxlen: 24
2a0c:500::/30 maxlen: 31
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:fe:c6:e6:70:37:e7:15:db:cf:b2:83:38:cf:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d32277ea304b2844a78689b3aa0d9219e3366773
Validity
Not Before: Jan 1 19:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a78a06e4ae8725b06e2e3b14d6caff484debcd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:24:80:c7:4a:ad:32:85:ed:87:5b:62:79:bd:
f2:ab:4a:55:31:42:6c:14:e4:a9:30:27:08:57:9a:
f2:09:9d:8f:23:6d:25:24:e6:d6:45:10:40:39:56:
c3:34:10:5f:d2:07:fc:38:7b:4d:ae:19:83:ae:1c:
3f:8f:62:b0:19:da:98:ba:0f:41:37:3e:b4:69:d9:
9d:28:f1:85:da:3b:a1:94:e5:cb:a1:9e:14:7f:c3:
1d:9b:d5:93:52:45:a8:03:bd:c6:e7:3a:a0:88:b8:
47:c8:d0:04:06:cc:67:c2:01:2c:a8:77:25:41:40:
95:80:21:61:be:43:3a:70:41:3f:90:16:cb:ba:da:
ec:4b:77:52:51:98:2d:01:2c:ae:dd:7d:71:95:7d:
36:b9:b9:6e:1a:1c:91:fa:a7:08:1a:4b:92:d0:d0:
5d:1b:5a:2b:09:3c:aa:ea:35:ba:f2:61:a6:e2:c1:
bd:26:40:00:7b:de:23:97:a6:5f:b1:9a:ac:7d:c6:
1a:b9:2b:14:59:ee:40:f8:76:84:7d:7f:12:f1:21:
f5:6e:7a:29:27:9b:63:ec:de:fe:f3:a7:90:c9:08:
bf:e1:6c:f3:1d:97:d8:c6:94:41:37:b3:bc:71:7d:
b3:b6:1b:bd:53:b0:10:f5:81:10:57:96:67:f6:67:
6c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:78:A0:6E:4A:E8:72:5B:06:E2:E3:B1:4D:6C:AF:F4:84:DE:BC:D5
X509v3 Authority Key Identifier:
keyid:D3:22:77:EA:30:4B:28:44:A7:86:89:B3:AA:0D:92:19:E3:36:67:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0yJ36jBLKESnhomzqg2SGeM2Z3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/CnigbkroclsG4uOxTWyv9ITevNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/0yJ36jBLKESnhomzqg2SGeM2Z3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.68.0/22
IPv6:
2a0c:500::/30
Signature Algorithm: sha256WithRSAEncryption
3a:cd:f9:5c:63:98:6c:a1:83:13:36:89:24:20:6b:e1:34:08:
6c:fd:05:d1:a4:d4:16:0d:5f:15:4e:ed:29:8d:18:2c:01:1a:
c7:03:31:ff:01:0a:f6:bc:37:82:d3:78:19:dd:c0:cd:bf:b8:
27:8f:23:a6:80:e0:a8:8b:e9:55:67:08:1b:2d:fa:af:1b:c7:
36:9a:d4:ed:2c:d3:35:e0:45:2d:cb:44:63:d7:f4:33:a4:3e:
df:bb:7a:f3:5e:3b:f8:07:a9:30:5b:30:d4:66:06:34:1f:7e:
34:dd:a9:9b:e6:0d:cc:d2:7e:28:f3:c5:be:02:9e:4f:33:02:
a7:c8:db:69:49:6c:13:6c:32:b0:a1:2c:cd:97:0d:4c:fe:05:
b2:a5:e5:27:06:70:ae:f4:58:cc:bb:8f:49:92:33:eb:9f:0f:
e0:54:e8:95:99:d8:f9:b1:e5:3b:14:62:06:36:e8:08:ab:c0:
55:77:da:5a:68:27:70:01:0b:7a:88:59:67:19:a3:08:fa:8f:
23:2b:cd:a3:53:2a:51:d4:5f:a7:a2:97:b6:6f:3d:93:ee:19:
96:63:89:79:79:43:eb:9d:2d:9c:2b:1d:a4:66:ec:86:ef:00:
fd:ba:aa:b3:35:20:59:a4:47:0f:74:4e:37:c9:2b:69:e2:4a:
fa:f5:fc:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuwf7G5nA35xXbz7KDOM+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMjI3N2VhMzA0YjI4NDRhNzg2ODliM2FhMGQ5MjE5ZTMz
NjY3NzMwHhcNMjMwMTAxMTkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTc4YTA2ZTRhZTg3MjViMDZlMmUzYjE0ZDZjYWZmNDg0ZGViY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSSAx0qtMoXth1tieb3yq0pVMUJs
FOSpMCcIV5ryCZ2PI20lJObWRRBAOVbDNBBf0gf8OHtNrhmDrhw/j2KwGdqYug9B
Nz60admdKPGF2juhlOXLoZ4Uf8Mdm9WTUkWoA73G5zqgiLhHyNAEBsxnwgEsqHcl
QUCVgCFhvkM6cEE/kBbLutrsS3dSUZgtASyu3X1xlX02ubluGhyR+qcIGkuS0NBd
G1orCTyq6jW68mGm4sG9JkAAe94jl6ZfsZqsfcYauSsUWe5A+HaEfX8S8SH1bnop
J5tj7N7+86eQyQi/4WzzHZfYxpRBN7O8cX2zthu9U7AQ9YEQV5Zn9mdsIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAp4oG5K6HJbBuLjsU1sr/SE3rzVMB8GA1UdIwQY
MBaAFNMid+owSyhEp4aJs6oNkhnjNmdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHlKMzZqQkxLRVNuaG9tenFnMlNHZU0yWjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84NTMzYzMtMjllMC00NTA2LWIwMGQt
MzZjODczOTY5MjNhLzEvQ25pZ2Jrcm9jbHNHNHVPeFRXeXY5SVRldk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84NTMzYzMtMjllMC00NTA2LWIwMGQtMzZjODczOTY5MjNh
LzEvMHlKMzZqQkxLRVNuaG9tenFnMlNHZU0yWjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueZEMA0E
AgACMAcDBQIqDAUAMA0GCSqGSIb3DQEBCwUAA4IBAQA6zflcY5hsoYMTNokkIGvh
NAhs/QXRpNQWDV8VTu0pjRgsARrHAzH/AQr2vDeC03gZ3cDNv7gnjyOmgOCoi+lV
ZwgbLfqvG8c2mtTtLNM14EUty0Rj1/QzpD7fu3rzXjv4B6kwWzDUZgY0H3403amb
5g3M0n4o88W+Ap5PMwKnyNtpSWwTbDKwoSzNlw1M/gWypeUnBnCu9FjMu49JkjPr
nw/gVOiVmdj5seU7FGIGNugIq8BVd9paaCdwAQt6iFlnGaMI+o8jK82jUypR1F+n
ope2bz2T7hmWY4l5eUPrnS2cKx2kZuyG7wD9uqqzNSBZpEcPdE43yStp4kr69fy1
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:47 2024 by rpki-client on console-fra.rpki-client.org