Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/35c805-f60c-442c-ac5d-0f01b560657c/1/wNwbvVtLP_jSzfT8vuGPqJlodMU.roa
File: wNwbvVtLP_jSzfT8vuGPqJlodMU.roa (raw, json)
Hash identifier: hDtZ9vTsQGy/GIp/zJG6+WMv6mIX9F6FexqEjmejZ0g=
Subject key identifier: C0:DC:1B:BD:5B:4B:3F:F8:D2:CD:F4:FC:BE:E1:8F:A8:99:68:74:C5
Certificate issuer: /CN=467b394cf8a4051c167d468bc7b892a71dee4d03
Certificate serial: 01859A818AD3720BF8A93C56A98CB6834037
Authority key identifier: 46:7B:39:4C:F8:A4:05:1C:16:7D:46:8B:C7:B8:92:A7:1D:EE:4D:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rns5TPikBRwWfUaLx7iSpx3uTQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/35c805-f60c-442c-ac5d-0f01b560657c/1/wNwbvVtLP_jSzfT8vuGPqJlodMU.roa
Signing time: Tue 10 Jan 2023 07:07:38 +0000
ROA not before: Tue 10 Jan 2023 07:07:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199635
IP address blocks: 185.8.216.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:81:8a:d3:72:0b:f8:a9:3c:56:a9:8c:b6:83:40:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=467b394cf8a4051c167d468bc7b892a71dee4d03
Validity
Not Before: Jan 10 07:07:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0dc1bbd5b4b3ff8d2cdf4fcbee18fa8996874c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:85:fb:be:4c:e0:61:32:6d:bc:c9:9a:19:2e:
db:a4:9a:94:2e:91:1d:15:b8:8a:e7:37:5c:d7:50:
4a:16:6b:a5:f1:9f:17:8f:78:82:52:24:86:a2:c4:
70:cd:02:e0:d9:eb:5c:20:a6:40:68:5e:e3:17:8f:
73:64:6b:fa:fe:32:5d:8a:ba:0f:a4:68:8a:d2:8e:
2d:13:e8:4c:9a:95:11:1a:9f:b6:44:0d:58:77:e1:
22:59:49:26:7b:db:16:62:70:93:bd:fc:49:0a:b8:
69:c7:ff:9a:91:ef:22:96:1e:0e:7d:79:98:4c:63:
2c:3d:2f:fc:2c:de:97:de:12:75:c5:d6:15:b7:5f:
37:fb:a8:75:e3:cc:73:82:b1:45:51:d2:70:68:ae:
0f:a3:c9:10:19:45:16:ea:1f:5e:38:5d:8f:2c:59:
90:70:db:97:f8:82:12:ba:13:14:21:0b:7a:59:e3:
1b:bf:64:2e:2d:d9:59:77:00:6c:6c:79:0e:58:98:
03:2a:f3:15:ad:3d:41:86:b5:c0:d5:d8:c0:23:ef:
99:82:5a:07:29:2b:81:90:23:a7:41:88:4a:8a:44:
40:4f:18:64:5e:71:65:97:dd:66:43:a5:eb:a6:62:
31:04:a0:af:20:5c:0c:e8:17:67:c5:58:96:13:28:
64:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:DC:1B:BD:5B:4B:3F:F8:D2:CD:F4:FC:BE:E1:8F:A8:99:68:74:C5
X509v3 Authority Key Identifier:
keyid:46:7B:39:4C:F8:A4:05:1C:16:7D:46:8B:C7:B8:92:A7:1D:EE:4D:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rns5TPikBRwWfUaLx7iSpx3uTQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/35c805-f60c-442c-ac5d-0f01b560657c/1/wNwbvVtLP_jSzfT8vuGPqJlodMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/35c805-f60c-442c-ac5d-0f01b560657c/1/Rns5TPikBRwWfUaLx7iSpx3uTQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.216.0/22
Signature Algorithm: sha256WithRSAEncryption
55:19:d5:f7:3c:27:ee:a1:81:30:71:97:ff:7c:bb:27:26:d2:
be:a1:0e:a6:e3:20:02:85:c8:3f:c9:a0:a7:17:74:99:ab:23:
37:b7:40:25:c1:6e:e8:04:43:bd:9e:53:d8:42:05:cb:a4:1d:
0b:8f:45:3c:df:87:97:b7:dc:34:bc:0d:04:6d:69:4a:66:74:
c6:76:ed:75:83:e0:24:6d:46:07:db:97:03:59:78:29:5d:5d:
ea:ad:79:18:ac:71:29:46:2e:15:a4:3b:97:22:89:03:db:4c:
df:22:5b:37:d4:ee:c5:f1:d9:96:64:7e:59:8d:00:e8:33:28:
08:09:f1:d2:2a:83:ad:89:a3:9f:89:09:f3:ba:45:b3:47:4b:
ef:76:5c:86:e2:04:e7:4e:52:86:d4:52:8f:66:8d:8b:23:fc:
ab:24:12:10:c5:c7:51:39:d6:ac:67:25:23:1b:92:b2:cb:a2:
99:b4:99:f0:69:04:1c:fd:7c:49:80:1f:ad:97:99:d1:65:d4:
9a:d0:2b:10:0f:b7:e9:55:5b:50:2e:a2:84:be:df:1d:fa:2d:
dc:f7:65:48:0a:a1:34:8b:76:93:cc:64:1d:a2:c1:c1:3b:3d:
0e:96:39:f3:67:64:87:95:ef:0a:7e:65:fb:fa:35:7a:df:d3:
c4:c7:62:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWagYrTcgv4qTxWqYy2g0A3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2IzOTRjZjhhNDA1MWMxNjdkNDY4YmM3Yjg5MmE3MWRl
ZTRkMDMwHhcNMjMwMTEwMDcwNzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGRjMWJiZDViNGIzZmY4ZDJjZGY0ZmNiZWUxOGZhODk5Njg3NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIX7vkzgYTJtvMmaGS7bpJqULpEd
FbiK5zdc11BKFmul8Z8Xj3iCUiSGosRwzQLg2etcIKZAaF7jF49zZGv6/jJdiroP
pGiK0o4tE+hMmpURGp+2RA1Yd+EiWUkme9sWYnCTvfxJCrhpx/+ake8ilh4OfXmY
TGMsPS/8LN6X3hJ1xdYVt183+6h148xzgrFFUdJwaK4Po8kQGUUW6h9eOF2PLFmQ
cNuX+IISuhMUIQt6WeMbv2QuLdlZdwBsbHkOWJgDKvMVrT1BhrXA1djAI++ZgloH
KSuBkCOnQYhKikRATxhkXnFll91mQ6XrpmIxBKCvIFwM6BdnxViWEyhkHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDcG71bSz/40s30/L7hj6iZaHTFMB8GA1UdIwQY
MBaAFEZ7OUz4pAUcFn1Gi8e4kqcd7k0DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5zNVRQaWtCUndXZlVhTHg3aVNweDN1VFFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zNWM4MDUtZjYwYy00NDJjLWFjNWQt
MGYwMWI1NjA2NTdjLzEvd053YnZWdExQX2pTemZUOHZ1R1BxSmxvZE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zNWM4MDUtZjYwYy00NDJjLWFjNWQtMGYwMWI1NjA2NTdj
LzEvUm5zNVRQaWtCUndXZlVhTHg3aVNweDN1VFFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQjYMA0G
CSqGSIb3DQEBCwUAA4IBAQBVGdX3PCfuoYEwcZf/fLsnJtK+oQ6m4yAChcg/yaCn
F3SZqyM3t0AlwW7oBEO9nlPYQgXLpB0Lj0U834eXt9w0vA0EbWlKZnTGdu11g+Ak
bUYH25cDWXgpXV3qrXkYrHEpRi4VpDuXIokD20zfIls31O7F8dmWZH5ZjQDoMygI
CfHSKoOtiaOfiQnzukWzR0vvdlyG4gTnTlKG1FKPZo2LI/yrJBIQxcdROdasZyUj
G5Kyy6KZtJnwaQQc/XxJgB+tl5nRZdSa0CsQD7fpVVtQLqKEvt8d+i3c92VICqE0
i3aTzGQdosHBOz0OljnzZ2SHle8KfmX7+jV639PEx2Iu
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:26 2024 by rpki-client on console-fra.rpki-client.org