Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/aE72dnlSmZh5BMQq6ZJVFOSvf1o.roa
File: aE72dnlSmZh5BMQq6ZJVFOSvf1o.roa (raw, json)
Hash identifier: uYNb3UJm7XFljnVXwn5vtpiya8jlxHPo6QqjNZBSkzo=
Subject key identifier: 68:4E:F6:76:79:52:99:98:79:04:C4:2A:E9:92:55:14:E4:AF:7F:5A
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42EB148200D3E0BCB1A7A6B46775EF
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/aE72dnlSmZh5BMQq6ZJVFOSvf1o.roa
Signing time: Sun 01 Jan 2023 21:35:34 +0000
ROA not before: Sun 01 Jan 2023 21:35:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202251
IP address blocks: 185.225.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:eb:14:82:00:d3:e0:bc:b1:a7:a6:b4:67:75:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=684ef676795299987904c42ae9925514e4af7f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:36:f6:77:80:b3:5c:8b:7c:a7:aa:62:79:18:
77:09:21:d4:04:30:65:df:ed:d2:80:fb:bd:de:aa:
d8:4e:63:4b:48:05:7e:d6:a5:78:86:1e:20:c6:c2:
9c:76:5e:84:14:aa:ba:ab:a3:c5:5b:35:89:d6:38:
09:95:bd:27:40:b5:88:55:45:ab:fd:9b:13:e0:5a:
85:ed:ca:88:23:f3:02:f4:bf:de:05:90:74:1f:61:
10:35:3f:5e:bd:4f:78:82:cf:8b:e8:07:be:b5:28:
75:59:4f:75:45:7d:cf:03:95:9a:23:4f:1c:c9:7f:
6d:d3:9a:18:6e:51:43:54:43:3a:2c:d6:af:ea:af:
54:9c:28:49:8a:f6:32:5d:36:2b:04:84:43:49:22:
c7:75:f8:9d:e0:24:c6:1d:d8:cf:97:b1:8b:b9:fd:
3e:d2:b0:9c:a1:e1:5c:c6:ae:aa:98:6d:7f:79:dc:
b4:0b:5b:29:42:c7:a8:73:8e:f1:87:18:33:49:b6:
59:77:84:c1:12:28:31:02:c0:f1:4a:0d:e4:65:2c:
86:d9:10:b0:51:d5:a8:b2:02:16:9c:53:26:f8:01:
67:8e:36:a6:0f:5b:3a:ff:60:2b:29:47:cd:32:1d:
a6:89:c4:88:0c:d7:92:58:a5:90:f9:9a:86:b6:de:
df:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4E:F6:76:79:52:99:98:79:04:C4:2A:E9:92:55:14:E4:AF:7F:5A
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/aE72dnlSmZh5BMQq6ZJVFOSvf1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.240.0/24
Signature Algorithm: sha256WithRSAEncryption
17:7d:4d:f3:67:11:d2:03:f2:09:9a:05:d1:8e:02:f5:66:94:
1b:a7:84:95:ff:ca:d5:95:1c:5a:d6:0c:17:92:79:5b:67:a3:
e2:6a:e6:95:cc:63:08:eb:97:8f:a6:ae:73:ef:5f:46:0c:4b:
05:11:ff:b6:81:df:2c:c9:d0:be:63:53:34:ca:71:8f:d6:37:
93:de:2f:b9:3c:70:71:aa:be:96:b7:61:8e:b3:fa:28:e8:ba:
bb:ea:a5:33:d1:c8:90:8e:f8:74:5a:e6:72:83:39:0a:31:45:
02:53:94:10:bf:f7:71:63:eb:03:66:1f:d3:ae:89:6f:c0:2f:
ce:c7:02:ba:12:c0:88:2b:7a:4a:30:f8:a1:98:82:45:15:65:
c8:65:54:e3:19:e5:0b:78:14:b8:d2:19:6a:0e:62:62:f7:cd:
83:55:9f:1b:5c:23:5d:4b:37:79:18:82:59:93:a1:6f:de:85:
f2:1b:38:07:43:29:75:9b:4e:23:b5:c4:e1:1b:ea:32:a8:3a:
fb:f3:1a:bc:f7:93:53:3c:18:9b:f0:11:bb:c9:0b:fd:eb:2f:
0a:fa:42:db:1f:1e:fc:bd:1a:b5:78:51:e9:4b:96:2a:c1:0f:
4b:f8:cf:13:c7:3c:d6:25:2f:e9:36:ab:a3:30:15:27:07:12:
90:64:cb:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQusUggDT4Lyxp6a0Z3XvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODRlZjY3Njc5NTI5OTk4NzkwNGM0MmFlOTkyNTUxNGU0YWY3ZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDb2d4CzXIt8p6pieRh3CSHUBDBl
3+3SgPu93qrYTmNLSAV+1qV4hh4gxsKcdl6EFKq6q6PFWzWJ1jgJlb0nQLWIVUWr
/ZsT4FqF7cqII/MC9L/eBZB0H2EQNT9evU94gs+L6Ae+tSh1WU91RX3PA5WaI08c
yX9t05oYblFDVEM6LNav6q9UnChJivYyXTYrBIRDSSLHdfid4CTGHdjPl7GLuf0+
0rCcoeFcxq6qmG1/edy0C1spQseoc47xhxgzSbZZd4TBEigxAsDxSg3kZSyG2RCw
UdWosgIWnFMm+AFnjjamD1s6/2ArKUfNMh2micSIDNeSWKWQ+ZqGtt7fOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhO9nZ5UpmYeQTEKumSVRTkr39aMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvYUU3MmRubFNtWmg1Qk1RcTZaSlZGT1N2ZjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueHwMA0G
CSqGSIb3DQEBCwUAA4IBAQAXfU3zZxHSA/IJmgXRjgL1ZpQbp4SV/8rVlRxa1gwX
knlbZ6PiauaVzGMI65ePpq5z719GDEsFEf+2gd8sydC+Y1M0ynGP1jeT3i+5PHBx
qr6Wt2GOs/oo6Lq76qUz0ciQjvh0WuZygzkKMUUCU5QQv/dxY+sDZh/TrolvwC/O
xwK6EsCIK3pKMPihmIJFFWXIZVTjGeULeBS40hlqDmJi982DVZ8bXCNdSzd5GIJZ
k6Fv3oXyGzgHQyl1m04jtcThG+oyqDr78xq895NTPBib8BG7yQv96y8K+kLbHx78
vRq1eFHpS5YqwQ9L+M8TxzzWJS/pNqujMBUnBxKQZMtk
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:51 2024 by rpki-client on console-ams.rpki-client.org