Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f288bd-10f5-47b3-b124-6b136494e3dc/1/1-HyC14cfB3UrO6f95w6-Jlj3pL4.roa
File: 1-HyC14cfB3UrO6f95w6-Jlj3pL4.roa (raw, json)
Hash identifier: GteQsAKiV66wkAYib6XScT1/+4cPWZ9Jkb5ZWGt7pzI=
Subject key identifier: F8:7C:82:D7:87:1F:07:75:2B:3B:A7:FD:E7:0E:BE:26:58:F7:A4:BE
Certificate issuer: /CN=abb060166d64cead0e295797e8d27c55d8898bc2
Certificate serial: 01856CF83D3CF87ACF2E5F7B24384C4E1B79
Authority key identifier: AB:B0:60:16:6D:64:CE:AD:0E:29:57:97:E8:D2:7C:55:D8:89:8B:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7BgFm1kzq0OKVeX6NJ8VdiJi8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f288bd-10f5-47b3-b124-6b136494e3dc/1/1-HyC14cfB3UrO6f95w6-Jlj3pL4.roa
Signing time: Sun 01 Jan 2023 10:54:45 +0000
ROA not before: Sun 01 Jan 2023 10:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205390
IP address blocks: 185.220.0.0/22 maxlen: 24
2a0b:ecc0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:3d:3c:f8:7a:cf:2e:5f:7b:24:38:4c:4e:1b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abb060166d64cead0e295797e8d27c55d8898bc2
Validity
Not Before: Jan 1 10:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f87c82d7871f07752b3ba7fde70ebe2658f7a4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ce:5d:cb:b9:e3:fd:3e:07:e8:e1:d1:30:24:
cc:e9:ab:4e:f8:14:3c:f2:33:1b:c1:c5:df:c5:a8:
97:7f:e1:9f:83:f7:1e:8b:a4:60:67:4b:41:c4:ba:
96:e9:c9:03:52:d1:de:ab:75:ff:db:28:82:36:2b:
75:b7:f6:a8:fb:b8:26:2f:c1:69:26:e2:f3:9c:da:
13:a1:0d:da:a5:c4:69:98:1f:2e:58:26:75:48:30:
47:c6:48:79:b0:59:3c:61:76:a4:b8:9d:51:33:af:
05:a2:53:15:80:92:59:dd:10:eb:4a:5e:04:26:cb:
32:67:a7:10:7c:70:18:20:19:ae:d1:cc:ab:d5:b7:
ce:96:f3:ad:c3:19:a4:52:9e:f7:88:db:1e:9e:a7:
c0:b2:4d:f5:6a:0b:7c:bf:9b:08:74:f9:db:b1:e6:
3b:b5:aa:c1:1a:04:51:1e:c3:e7:44:b7:ef:f5:41:
9f:78:98:c2:c0:ce:63:4f:01:76:10:06:20:bc:4a:
83:af:42:26:e8:1f:ad:92:d0:3a:55:88:5d:16:e3:
57:ef:33:31:41:a9:9e:21:82:2a:26:f2:80:ca:e3:
22:f3:5c:a2:11:20:69:1b:fb:8d:14:ac:a7:20:ca:
d0:68:e0:08:1c:a1:ce:4d:62:0e:6c:80:99:ea:7a:
d6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7C:82:D7:87:1F:07:75:2B:3B:A7:FD:E7:0E:BE:26:58:F7:A4:BE
X509v3 Authority Key Identifier:
keyid:AB:B0:60:16:6D:64:CE:AD:0E:29:57:97:E8:D2:7C:55:D8:89:8B:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7BgFm1kzq0OKVeX6NJ8VdiJi8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f288bd-10f5-47b3-b124-6b136494e3dc/1/1-HyC14cfB3UrO6f95w6-Jlj3pL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f288bd-10f5-47b3-b124-6b136494e3dc/1/q7BgFm1kzq0OKVeX6NJ8VdiJi8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.0.0/22
IPv6:
2a0b:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
22:eb:1f:8b:ee:3d:fb:4c:3d:69:aa:3f:35:a2:85:b1:6b:86:
69:af:4f:1c:bb:b9:63:c3:6a:61:bf:a1:e7:82:9a:02:d0:7c:
72:2d:29:0f:b3:02:e0:02:ed:21:ab:ae:7f:53:4c:8f:19:3b:
7c:f0:7f:40:d8:2c:c8:3c:7f:9b:1f:64:cb:b9:4b:4a:86:be:
d5:3d:4a:c5:d9:aa:e0:0c:0b:a8:e2:8e:c0:06:7e:c7:a8:c6:
00:17:5a:bf:ad:d3:a2:95:99:d4:15:2d:6d:97:d9:3b:b6:14:
e2:1e:73:a9:15:46:21:75:9f:30:29:f7:46:f4:e1:10:76:06:
2e:4d:f3:d0:08:09:eb:58:11:f1:cb:20:4f:19:44:3c:6f:5d:
87:f8:41:34:94:ec:2e:49:88:28:b9:bb:f5:b9:57:af:81:7a:
f5:ae:ff:8d:c7:c7:50:74:85:ec:f5:69:92:f3:24:c2:30:08:
58:91:82:18:a3:a9:00:6c:76:27:f0:ba:89:86:55:8b:6f:b4:
cd:88:aa:38:69:5f:8f:eb:39:30:6a:58:49:b2:2e:52:f2:74:
f7:58:29:5e:10:3d:dd:35:43:62:42:ee:a1:e9:ae:c1:c7:c2:
6a:91:65:c8:1e:72:70:62:b0:05:fd:04:e2:30:7d:27:e4:cc:
22:f5:1e:31
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVs+D08+HrPLl97JDhMTht5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYjA2MDE2NmQ2NGNlYWQwZTI5NTc5N2U4ZDI3YzU1ZDg4
OThiYzIwHhcNMjMwMTAxMTA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODdjODJkNzg3MWYwNzc1MmIzYmE3ZmRlNzBlYmUyNjU4ZjdhNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl85dy7nj/T4H6OHRMCTM6atO+BQ8
8jMbwcXfxaiXf+Gfg/cei6RgZ0tBxLqW6ckDUtHeq3X/2yiCNit1t/ao+7gmL8Fp
JuLznNoToQ3apcRpmB8uWCZ1SDBHxkh5sFk8YXakuJ1RM68FolMVgJJZ3RDrSl4E
JssyZ6cQfHAYIBmu0cyr1bfOlvOtwxmkUp73iNsenqfAsk31agt8v5sIdPnbseY7
tarBGgRRHsPnRLfv9UGfeJjCwM5jTwF2EAYgvEqDr0Im6B+tktA6VYhdFuNX7zMx
QameIYIqJvKAyuMi81yiESBpG/uNFKynIMrQaOAIHKHOTWIObICZ6nrWnQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPh8gteHHwd1Kzun/ecOviZY96S+MB8GA1UdIwQY
MBaAFKuwYBZtZM6tDilXl+jSfFXYiYvCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdCZ0ZtMWt6cTBPS1ZlWDZOSjhWZGlKaThJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMjg4YmQtMTBmNS00N2IzLWIxMjQt
NmIxMzY0OTRlM2RjLzEvMS1IeUMxNGNmQjNVck82Zjk1dzYtSmxqM3BMNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWUvZjI4OGJkLTEwZjUtNDdiMy1iMTI0LTZiMTM2NDk0ZTNk
Yy8xL3E3QmdGbTFrenEwT0tWZVg2Tko4VmRpSmk4SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArncADAN
BAIAAjAHAwUDKgvswDANBgkqhkiG9w0BAQsFAAOCAQEAIusfi+49+0w9aao/NaKF
sWuGaa9PHLu5Y8NqYb+h54KaAtB8ci0pD7MC4ALtIauuf1NMjxk7fPB/QNgsyDx/
mx9ky7lLSoa+1T1Kxdmq4AwLqOKOwAZ+x6jGABdav63TopWZ1BUtbZfZO7YU4h5z
qRVGIXWfMCn3RvThEHYGLk3z0AgJ61gR8csgTxlEPG9dh/hBNJTsLkmIKLm79blX
r4F69a7/jcfHUHSF7PVpkvMkwjAIWJGCGKOpAGx2J/C6iYZVi2+0zYiqOGlfj+s5
MGpYSbIuUvJ091gpXhA93TVDYkLuoemuwcfCapFlyB5ycGKwBf0E4jB9J+TMIvUe
MQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:55 2024 by rpki-client on console-ams.rpki-client.org