Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7d7744-f367-42cc-a926-f086e6f96cbb/1/IFQlMjZwsL0ZsS3HqDzhqX9CRtE.roa
File: IFQlMjZwsL0ZsS3HqDzhqX9CRtE.roa (raw, json)
Hash identifier: J+MVKfTslCpPrBWz4Jc+o7p+c4au2WB2A7jVwRzE7+s=
Subject key identifier: 20:54:25:32:36:70:B0:BD:19:B1:2D:C7:A8:3C:E1:A9:7F:42:46:D1
Certificate issuer: /CN=4527f21d40621e5813e4a069211947e24d00e797
Certificate serial: 0185714C48C31144672A6CDDB87A68E90F08
Authority key identifier: 45:27:F2:1D:40:62:1E:58:13:E4:A0:69:21:19:47:E2:4D:00:E7:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RSfyHUBiHlgT5KBpIRlH4k0A55c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/7d7744-f367-42cc-a926-f086e6f96cbb/1/IFQlMjZwsL0ZsS3HqDzhqX9CRtE.roa
Signing time: Mon 02 Jan 2023 07:05:02 +0000
ROA not before: Mon 02 Jan 2023 07:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204136
IP address blocks: 185.242.213.0/24 maxlen: 24
185.242.212.0/24 maxlen: 24
185.242.215.0/24 maxlen: 24
185.242.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:48:c3:11:44:67:2a:6c:dd:b8:7a:68:e9:0f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4527f21d40621e5813e4a069211947e24d00e797
Validity
Not Before: Jan 2 07:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=205425323670b0bd19b12dc7a83ce1a97f4246d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b5:d8:03:f8:88:7e:f7:8d:b2:82:90:e7:f9:
b3:f8:e6:95:6c:ab:c4:7c:c4:11:c0:35:68:77:fe:
61:4c:1b:9a:8c:e2:7e:c5:7b:13:c3:45:58:27:41:
7d:54:44:aa:23:5e:bd:a0:78:52:f9:5b:a0:75:de:
24:73:ee:9b:02:8b:ee:6c:9b:6f:77:11:7b:59:77:
a2:cb:cd:4c:01:eb:1c:d7:72:53:5c:db:24:79:d2:
35:78:1d:e6:8d:f7:8d:23:c7:2d:4f:be:d7:e9:9d:
cf:ae:b1:3c:b3:ff:32:32:59:51:cb:2f:34:d0:a8:
50:94:82:25:cd:8a:38:fe:c8:da:59:15:a7:c5:58:
fc:89:c5:63:35:ba:92:b3:55:ec:01:40:a3:72:8c:
09:97:13:40:94:1b:7a:fc:47:4e:9e:89:70:9e:55:
8c:78:ef:bf:ef:14:19:ba:61:67:23:de:ce:db:47:
da:33:d3:b3:e0:d7:6e:95:f5:8e:12:5c:0b:12:15:
66:b2:43:34:a4:8e:f1:55:bb:be:2a:fb:b2:70:c6:
84:cc:92:49:f2:97:59:8f:a9:ef:75:7a:b0:4b:9b:
ad:67:45:de:5a:a1:e6:f1:3c:a2:47:a7:d1:d9:c1:
87:0f:59:11:8e:34:fd:09:26:b5:29:34:d3:bc:27:
e9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:54:25:32:36:70:B0:BD:19:B1:2D:C7:A8:3C:E1:A9:7F:42:46:D1
X509v3 Authority Key Identifier:
keyid:45:27:F2:1D:40:62:1E:58:13:E4:A0:69:21:19:47:E2:4D:00:E7:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RSfyHUBiHlgT5KBpIRlH4k0A55c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7d7744-f367-42cc-a926-f086e6f96cbb/1/IFQlMjZwsL0ZsS3HqDzhqX9CRtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7d7744-f367-42cc-a926-f086e6f96cbb/1/RSfyHUBiHlgT5KBpIRlH4k0A55c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.212.0/22
Signature Algorithm: sha256WithRSAEncryption
48:43:6f:2b:30:53:fb:8d:da:b4:75:6a:50:98:77:15:25:5c:
ca:b9:2c:40:28:09:ca:e5:16:7d:40:4e:19:e2:60:13:a1:e8:
14:5d:4f:fe:1c:34:4e:5b:6c:33:d5:7a:e6:ba:03:e9:e4:b4:
42:3f:b1:53:b2:e8:5d:fe:20:20:1f:3f:ba:75:5f:ff:03:ee:
6f:44:e5:33:fe:70:e9:4a:4f:aa:e1:e7:62:77:1f:ad:0c:bd:
fa:7e:5a:c2:87:82:f2:b4:2b:db:3a:09:02:7d:31:35:e0:e2:
be:53:78:9e:8d:b3:f0:bd:23:7e:15:94:cb:39:f1:bb:ff:91:
4c:b9:d9:d5:81:ac:72:3d:bc:2a:a1:7f:d0:ac:d8:95:97:89:
84:34:b3:c5:5b:63:8c:a7:7a:6b:6f:fc:bd:e7:4b:4a:f4:37:
35:55:f0:b4:04:bc:03:42:5a:6c:f9:c0:75:65:22:6d:77:36:
34:1a:9e:5c:5f:6e:56:eb:b1:cc:6d:76:b0:0d:49:6e:b2:e7:
c3:65:ce:0f:cd:ae:f0:a7:9a:9b:b3:0c:33:60:e1:49:e8:fd:
06:6a:ac:b0:c1:08:2a:23:00:02:e3:a5:8a:35:f0:a2:35:99:
8f:1d:28:f3:80:fd:14:9d:9a:27:0f:45:cd:8f:fd:c3:6c:d3:
f6:cb:a1:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxTEjDEURnKmzduHpo6Q8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MjdmMjFkNDA2MjFlNTgxM2U0YTA2OTIxMTk0N2UyNGQw
MGU3OTcwHhcNMjMwMTAyMDcwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDU0MjUzMjM2NzBiMGJkMTliMTJkYzdhODNjZTFhOTdmNDI0NmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLXYA/iIfveNsoKQ5/mz+OaVbKvE
fMQRwDVod/5hTBuajOJ+xXsTw0VYJ0F9VESqI169oHhS+Vugdd4kc+6bAovubJtv
dxF7WXeiy81MAesc13JTXNskedI1eB3mjfeNI8ctT77X6Z3PrrE8s/8yMllRyy80
0KhQlIIlzYo4/sjaWRWnxVj8icVjNbqSs1XsAUCjcowJlxNAlBt6/EdOnolwnlWM
eO+/7xQZumFnI97O20faM9Oz4NdulfWOElwLEhVmskM0pI7xVbu+KvuycMaEzJJJ
8pdZj6nvdXqwS5utZ0XeWqHm8TyiR6fR2cGHD1kRjjT9CSa1KTTTvCfpGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBUJTI2cLC9GbEtx6g84al/QkbRMB8GA1UdIwQY
MBaAFEUn8h1AYh5YE+SgaSEZR+JNAOeXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlNmeUhVQmlIbGdUNUtCcElSbEg0azBBNTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83ZDc3NDQtZjM2Ny00MmNjLWE5MjYt
ZjA4NmU2Zjk2Y2JiLzEvSUZRbE1qWndzTDBac1MzSHFEemhxWDlDUnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83ZDc3NDQtZjM2Ny00MmNjLWE5MjYtZjA4NmU2Zjk2Y2Ji
LzEvUlNmeUhVQmlIbGdUNUtCcElSbEg0azBBNTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufLUMA0G
CSqGSIb3DQEBCwUAA4IBAQBIQ28rMFP7jdq0dWpQmHcVJVzKuSxAKAnK5RZ9QE4Z
4mAToegUXU/+HDROW2wz1XrmugPp5LRCP7FTsuhd/iAgHz+6dV//A+5vROUz/nDp
Sk+q4edidx+tDL36flrCh4LytCvbOgkCfTE14OK+U3iejbPwvSN+FZTLOfG7/5FM
udnVgaxyPbwqoX/QrNiVl4mENLPFW2OMp3prb/y950tK9Dc1VfC0BLwDQlps+cB1
ZSJtdzY0Gp5cX25W67HMbXawDUlusufDZc4Pza7wp5qbswwzYOFJ6P0GaqywwQgq
IwAC46WKNfCiNZmPHSjzgP0UnZonD0XNj/3DbNP2y6Gl
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:47 2024 by rpki-client on console-ams.rpki-client.org