Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/g09E2sKjBI3l4WlzdOP8FtAwDis.roa
File: g09E2sKjBI3l4WlzdOP8FtAwDis.roa (raw, json)
Hash identifier: K4RUwzZ86K+a8Mdo/5YhO056wTpyvCa4d2HcXJ2fa/8=
Subject key identifier: 83:4F:44:DA:C2:A3:04:8D:E5:E1:69:73:74:E3:FC:16:D0:30:0E:2B
Certificate issuer: /CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Certificate serial: 0185737AB254433C65D2DC8176C7266DDEAF
Authority key identifier: 22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/g09E2sKjBI3l4WlzdOP8FtAwDis.roa
Signing time: Mon 02 Jan 2023 17:14:58 +0000
ROA not before: Mon 02 Jan 2023 17:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47957
IP address blocks: 185.8.52.0/22 maxlen: 24
185.139.244.0/22 maxlen: 24
2a02:d940::/29 maxlen: 48
2a07:18c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:b2:54:43:3c:65:d2:dc:81:76:c7:26:6d:de:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Validity
Not Before: Jan 2 17:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=834f44dac2a3048de5e1697374e3fc16d0300e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:be:41:af:47:e6:03:5d:fc:36:9c:63:35:37:
25:c5:c1:cd:d2:fa:91:80:64:6f:57:09:97:eb:ef:
a3:e0:dc:d3:b7:08:b3:9a:93:8d:c8:1e:91:c5:9c:
0d:e5:18:1e:dd:df:a6:50:9a:fb:dc:f6:36:cf:32:
5b:a4:38:6b:35:6a:7d:c8:d7:f1:4e:0d:29:7a:d7:
aa:ef:1f:ec:7e:d5:f1:55:53:5c:b7:a1:bc:fe:fe:
65:53:21:27:28:c5:b6:89:8d:5c:a4:b6:db:2b:18:
2f:f1:dd:48:ad:64:3f:25:66:8a:43:5e:ce:6c:75:
e0:b7:4f:ef:6f:a0:66:dc:59:5a:bb:33:c1:60:6e:
66:5f:49:7b:60:92:fe:4b:c2:0b:65:eb:98:ad:3b:
26:9a:ba:af:76:26:21:56:c4:3e:cb:6e:71:7c:56:
4d:dd:97:39:db:79:f7:1c:70:70:42:20:4f:43:7d:
42:95:d8:f6:ff:7f:69:b5:35:ba:bf:65:6e:75:cc:
28:02:0e:88:e1:e4:c1:2a:6c:79:6f:9b:4d:bf:35:
5a:7e:02:4d:e0:c9:43:f4:16:d6:f7:ed:98:c8:ba:
50:c7:19:23:7c:4c:83:e1:9b:83:31:21:93:30:ce:
3c:e7:57:20:b0:67:71:ef:87:18:cd:30:c1:a7:0c:
06:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4F:44:DA:C2:A3:04:8D:E5:E1:69:73:74:E3:FC:16:D0:30:0E:2B
X509v3 Authority Key Identifier:
keyid:22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/g09E2sKjBI3l4WlzdOP8FtAwDis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.52.0/22
185.139.244.0/22
IPv6:
2a02:d940::/29
2a07:18c0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:65:9e:3e:25:77:40:07:1a:5b:0e:0f:76:d7:43:8d:43:b7:
a8:28:ba:82:bc:f6:32:4c:5c:7d:d1:1b:35:59:9a:cc:91:a7:
b6:f3:94:b4:0c:b4:ff:07:0d:74:84:e6:a9:8a:07:49:fe:49:
68:2a:df:8b:2c:b1:37:40:40:34:38:10:33:de:83:33:b9:85:
39:07:d3:be:61:8d:d2:11:1d:51:38:90:f6:30:6d:85:1c:22:
cd:3e:87:1c:24:b6:9c:01:81:dc:14:dd:bd:ae:f4:c2:8f:90:
0f:1e:08:be:78:d1:ad:4a:32:1c:d5:06:47:a4:96:c5:cc:5c:
ea:c8:0f:17:56:e2:8d:bc:b4:cf:76:19:70:f7:dc:2c:a5:6a:
85:1e:9d:98:21:a9:0d:45:0f:7c:a0:b2:de:a8:fe:89:9e:56:
42:45:08:6e:65:99:53:3d:68:f9:1b:8f:09:f8:4a:04:97:87:
0a:b5:63:55:26:cd:8d:59:c4:75:16:ab:40:f6:68:29:22:75:
18:6b:37:df:61:4c:d0:e7:67:dc:45:2b:25:ce:1f:4b:6f:2a:
96:6e:93:31:0d:47:df:66:dd:30:64:f3:b2:aa:38:7c:82:33:
3b:38:fb:fe:1f:a5:80:a4:26:f1:f8:49:c5:1c:17:d5:cd:a8:
96:22:7d:b6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVzerJUQzxl0tyBdscmbd6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODM3MTFiZDdhYjEzZGEzZDExZjI1YmI1N2E0ZjQ4M2Mx
Zjk5YWMwHhcNMjMwMTAyMTcxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzRmNDRkYWMyYTMwNDhkZTVlMTY5NzM3NGUzZmMxNmQwMzAwZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr5Br0fmA138NpxjNTclxcHN0vqR
gGRvVwmX6++j4NzTtwizmpONyB6RxZwN5Rge3d+mUJr73PY2zzJbpDhrNWp9yNfx
Tg0peteq7x/sftXxVVNct6G8/v5lUyEnKMW2iY1cpLbbKxgv8d1IrWQ/JWaKQ17O
bHXgt0/vb6Bm3FlauzPBYG5mX0l7YJL+S8ILZeuYrTsmmrqvdiYhVsQ+y25xfFZN
3Zc523n3HHBwQiBPQ31Cldj2/39ptTW6v2VudcwoAg6I4eTBKmx5b5tNvzVafgJN
4MlD9BbW9+2YyLpQxxkjfEyD4ZuDMSGTMM4851cgsGdx74cYzTDBpwwGMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFINPRNrCowSN5eFpc3Tj/BbQMA4rMB8GA1UdIwQY
MBaAFCKDcRvXqxPaPRHyW7V6T0g8H5msMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEt
NWVlNzZmMGY2NGUyLzEvZzA5RTJzS2pCSTNsNFdsemRPUDhGdEF3RGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEtNWVlNzZmMGY2NGUy
LzEvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuQg0AwQC
uYv0MBYEAgACMBADBQMqAtlAAwcAKgcYwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQB7
ZZ4+JXdABxpbDg9210ONQ7eoKLqCvPYyTFx90Rs1WZrMkae285S0DLT/Bw10hOap
igdJ/kloKt+LLLE3QEA0OBAz3oMzuYU5B9O+YY3SER1ROJD2MG2FHCLNPoccJLac
AYHcFN29rvTCj5APHgi+eNGtSjIc1QZHpJbFzFzqyA8XVuKNvLTPdhlw99wspWqF
Hp2YIakNRQ98oLLeqP6JnlZCRQhuZZlTPWj5G48J+EoEl4cKtWNVJs2NWcR1FqtA
9mgpInUYazffYUzQ52fcRSslzh9LbyqWbpMxDUffZt0wZPOyqjh8gjM7OPv+H6WA
pCbx+EnFHBfVzaiWIn22
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:34 2024 by rpki-client on console-ams.rpki-client.org