Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/S6XaO3SqeYWS9I4Bh8_oaFdN7qs.roa
File: S6XaO3SqeYWS9I4Bh8_oaFdN7qs.roa (raw, json)
Hash identifier: F0hLT9R7sBznRLjGnr1qQFj2858fZcrFZSvuxOrUmvA=
Subject key identifier: 4B:A5:DA:3B:74:AA:79:85:92:F4:8E:01:87:CF:E8:68:57:4D:EE:AB
Certificate issuer: /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial: 018B7B60B06CE8A446BC43E70688C6209B61
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/S6XaO3SqeYWS9I4Bh8_oaFdN7qs.roa
Signing time: Sun 29 Oct 2023 12:20:16 +0000
ROA not before: Sun 29 Oct 2023 12:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47554
IP address blocks: 185.170.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Nov 2023 12:55:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7b:60:b0:6c:e8:a4:46:bc:43:e7:06:88:c6:20:9b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
Validity
Not Before: Oct 29 12:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ba5da3b74aa798592f48e0187cfe868574deeab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0d:c9:3a:ac:c8:f4:68:36:5e:18:75:e6:37:
ae:d2:b7:5e:02:26:c1:e1:ca:92:6e:f8:b0:d9:f2:
44:20:60:96:a3:2a:8e:d1:9a:63:2e:02:81:76:48:
04:5f:c1:ef:06:93:3e:82:da:61:6c:9e:f0:ed:44:
e1:70:fc:4b:3c:35:e2:4c:83:50:a1:12:d4:d8:3e:
78:48:41:91:14:9d:c8:ad:37:5d:9b:68:26:07:92:
b4:0a:d6:97:7f:8e:93:4c:37:b0:e9:4d:2d:0c:7a:
15:c5:32:60:a5:ce:e8:3e:6b:7d:cf:b0:57:34:6b:
b6:2c:8b:af:08:ed:98:76:05:1a:c5:ce:ce:3f:1c:
cd:1d:bd:11:db:00:82:02:6d:1e:07:7f:4a:bd:57:
40:46:d6:53:96:d7:93:b5:3a:6f:ed:6a:f2:e3:ca:
0a:16:db:11:f5:db:06:aa:fd:7b:18:0f:99:7e:ab:
1d:03:cb:39:df:a8:90:b4:9b:5d:17:93:dc:f4:e3:
92:a2:ea:d0:e4:10:59:7e:13:95:e4:f1:74:2e:18:
e0:b3:c3:a4:72:e7:a8:11:55:76:36:6a:23:e0:68:
d3:15:4b:00:d2:63:9d:ff:04:1e:a2:5c:62:70:e6:
9b:76:a2:3d:b9:24:56:bc:ba:c5:e9:25:33:fa:d6:
f0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A5:DA:3B:74:AA:79:85:92:F4:8E:01:87:CF:E8:68:57:4D:EE:AB
X509v3 Authority Key Identifier:
keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/S6XaO3SqeYWS9I4Bh8_oaFdN7qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.236.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:5f:ea:3b:49:03:ea:45:f9:14:f4:81:e0:fb:28:62:00:16:
42:8e:ef:44:11:d6:a1:cc:b0:50:02:72:5f:f4:4b:d0:e2:a0:
ed:8d:1a:ed:f1:13:30:f0:0b:92:60:f1:63:6c:2b:c8:e8:83:
20:d1:f3:d7:ad:71:fb:68:40:e4:1e:cd:95:0e:9f:88:c2:96:
86:d3:e2:c2:72:32:a4:91:5d:94:ac:19:bb:f7:5c:05:29:0a:
8e:4e:fe:31:16:1e:74:26:c4:14:c1:f5:60:6d:2a:76:d2:26:
5b:0a:7f:67:5e:c4:5b:86:29:45:a9:cf:d2:41:dc:4e:2b:67:
8e:cf:15:10:68:6b:b8:a6:57:04:8d:5f:fc:e9:95:b8:b1:0c:
f6:a8:da:dd:7f:ef:c5:aa:64:26:38:81:22:59:b9:8a:e9:a2:
a4:9d:72:29:39:0b:47:5c:1d:a1:23:e6:75:ba:43:46:16:d8:
9b:f2:9b:9b:0e:37:8a:d3:e0:b2:9d:68:45:90:71:5e:e9:33:
d5:0e:d0:b8:9e:cf:fe:70:33:84:94:24:6c:f3:4c:83:4f:fc:
78:4b:dd:d8:be:b9:ca:76:94:25:b1:d7:1b:62:1d:8e:9e:6c:
0f:f0:0e:07:d7:16:e1:37:ee:5f:da:ee:66:d4:05:ce:d8:ce:
e6:bb:5c:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt7YLBs6KRGvEPnBojGIJthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjMxMDI5MTIyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE1ZGEzYjc0YWE3OTg1OTJmNDhlMDE4N2NmZTg2ODU3NGRlZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ3JOqzI9Gg2Xhh15jeu0rdeAibB
4cqSbviw2fJEIGCWoyqO0ZpjLgKBdkgEX8HvBpM+gtphbJ7w7UThcPxLPDXiTINQ
oRLU2D54SEGRFJ3IrTddm2gmB5K0CtaXf46TTDew6U0tDHoVxTJgpc7oPmt9z7BX
NGu2LIuvCO2YdgUaxc7OPxzNHb0R2wCCAm0eB39KvVdARtZTlteTtTpv7Wry48oK
FtsR9dsGqv17GA+ZfqsdA8s536iQtJtdF5Pc9OOSourQ5BBZfhOV5PF0Lhjgs8Ok
cueoEVV2Nmoj4GjTFUsA0mOd/wQeolxicOabdqI9uSRWvLrF6SUz+tbw5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEul2jt0qnmFkvSOAYfP6GhXTe6rMB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvUzZYYU8zU3FlWVdTOUk0Qmg4X29hRmRON3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuarsMA0G
CSqGSIb3DQEBCwUAA4IBAQCyX+o7SQPqRfkU9IHg+yhiABZCju9EEdahzLBQAnJf
9EvQ4qDtjRrt8RMw8AuSYPFjbCvI6IMg0fPXrXH7aEDkHs2VDp+IwpaG0+LCcjKk
kV2UrBm791wFKQqOTv4xFh50JsQUwfVgbSp20iZbCn9nXsRbhilFqc/SQdxOK2eO
zxUQaGu4plcEjV/86ZW4sQz2qNrdf+/FqmQmOIEiWbmK6aKknXIpOQtHXB2hI+Z1
ukNGFtib8pubDjeK0+CynWhFkHFe6TPVDtC4ns/+cDOElCRs80yDT/x4S93YvrnK
dpQlsdcbYh2OnmwP8A4H1xbhN+5f2u5m1AXO2M7mu1yr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org