Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/O0NKlt_kVnh_dl2szxkVuvhTPIA.roa
File: O0NKlt_kVnh_dl2szxkVuvhTPIA.roa (raw, json)
Hash identifier: FOGc6yuXt75QgxiCucZCOWeo32kN1D6/BXGsUlmR+n4=
Subject key identifier: 3B:43:4A:96:DF:E4:56:78:7F:76:5D:AC:CF:19:15:BA:F8:53:3C:80
Certificate issuer: /CN=d8fc6e45181d839fd10e4a902762f26c9a646796
Certificate serial: 01856CC15D6BFBF3287B6B95C18EBF3FEB22
Authority key identifier: D8:FC:6E:45:18:1D:83:9F:D1:0E:4A:90:27:62:F2:6C:9A:64:67:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/O0NKlt_kVnh_dl2szxkVuvhTPIA.roa
Signing time: Sun 01 Jan 2023 09:54:49 +0000
ROA not before: Sun 01 Jan 2023 09:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201135
IP address blocks: 185.84.188.0/23 maxlen: 23
185.84.190.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:5d:6b:fb:f3:28:7b:6b:95:c1:8e:bf:3f:eb:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8fc6e45181d839fd10e4a902762f26c9a646796
Validity
Not Before: Jan 1 09:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b434a96dfe456787f765daccf1915baf8533c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2d:3f:9b:f7:bd:56:34:6c:ff:53:82:39:b7:
06:6e:91:35:41:b8:cf:7a:cc:41:69:f6:b8:9a:8f:
02:a0:84:cf:a1:48:88:3f:db:ff:ac:85:83:cb:58:
f1:fc:51:62:d6:e3:7b:f0:64:f2:12:f7:80:45:91:
24:03:50:f0:62:31:60:f4:6a:2a:0f:76:2c:28:87:
a2:77:58:03:69:67:33:db:2d:3b:34:22:f0:c1:6b:
ad:f4:39:b6:fd:d1:3d:c8:73:26:3b:c5:c0:ad:d9:
09:1b:2e:3e:e2:d2:03:44:82:d4:61:4f:62:3f:07:
80:47:6f:ea:a8:9a:4e:cf:d3:55:4d:49:17:c4:6f:
2d:fa:c2:b9:8a:d5:59:7a:73:d8:61:1c:65:fa:45:
2d:bb:7c:6f:e6:fb:33:86:bd:3f:06:48:ba:f4:cf:
71:a4:7b:4f:70:91:13:75:fc:a7:17:1d:50:8b:56:
24:80:4e:85:73:2e:44:2b:ae:ce:ab:1c:89:f4:60:
5a:59:23:65:f8:d7:d5:af:ce:be:50:c8:35:ee:20:
e8:e2:60:7f:66:16:45:4c:6c:23:7e:42:cc:1d:60:
db:b1:74:75:3f:56:4d:c6:d9:32:ed:82:52:d6:0c:
49:83:68:50:fc:08:26:b5:7a:d5:3f:91:d0:85:e3:
a0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:43:4A:96:DF:E4:56:78:7F:76:5D:AC:CF:19:15:BA:F8:53:3C:80
X509v3 Authority Key Identifier:
keyid:D8:FC:6E:45:18:1D:83:9F:D1:0E:4A:90:27:62:F2:6C:9A:64:67:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/O0NKlt_kVnh_dl2szxkVuvhTPIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.188.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:af:99:a5:25:2e:4f:ef:e3:51:8e:1e:c1:5d:5b:86:5f:da:
e1:7d:4d:fd:1b:1e:21:5c:48:74:57:12:7e:d6:d4:d9:eb:18:
cc:c7:ea:13:60:50:1b:f3:b7:10:e3:fc:f1:0d:66:22:aa:4c:
48:a6:d2:d7:cd:0f:14:8d:e9:43:6c:09:8a:bc:54:5a:09:b0:
22:43:18:fe:95:c8:61:f0:54:c8:bc:e3:12:24:4d:4d:f8:4c:
d6:7a:dd:98:5d:ba:70:9c:41:e5:2b:49:66:6c:f0:65:e3:17:
07:d8:95:ca:e2:48:27:2c:1d:6c:51:ce:cf:3f:f6:fb:6d:bf:
75:38:d7:c6:ef:9a:bd:20:6a:d7:5b:aa:c7:3d:b4:d1:9c:da:
34:5f:d3:b7:1d:54:0b:89:b4:2e:01:d9:b2:db:67:db:d7:1e:
35:73:ed:4b:c4:c9:66:71:8f:61:f4:0a:29:36:e7:73:6b:ee:
c3:2d:28:db:38:c3:b6:38:f5:9e:35:07:fa:ee:de:c2:ee:81:
6f:62:b7:57:b1:4c:b6:9c:f1:5b:ce:11:0a:6c:7b:9c:7c:b8:
a1:23:da:97:9e:10:15:a0:86:36:b7:99:92:a0:f9:a4:ca:bb:
ca:bd:fd:fb:15:41:8e:ee:77:ab:29:2c:68:81:fe:ed:d2:1e:
87:f2:36:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswV1r+/Moe2uVwY6/P+siMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZmM2ZTQ1MTgxZDgzOWZkMTBlNGE5MDI3NjJmMjZjOWE2
NDY3OTYwHhcNMjMwMTAxMDk1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQzNGE5NmRmZTQ1Njc4N2Y3NjVkYWNjZjE5MTViYWY4NTMzYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri0/m/e9VjRs/1OCObcGbpE1QbjP
esxBafa4mo8CoITPoUiIP9v/rIWDy1jx/FFi1uN78GTyEveARZEkA1DwYjFg9Goq
D3YsKIeid1gDaWcz2y07NCLwwWut9Dm2/dE9yHMmO8XArdkJGy4+4tIDRILUYU9i
PweAR2/qqJpOz9NVTUkXxG8t+sK5itVZenPYYRxl+kUtu3xv5vszhr0/Bki69M9x
pHtPcJETdfynFx1Qi1YkgE6Fcy5EK67OqxyJ9GBaWSNl+NfVr86+UMg17iDo4mB/
ZhZFTGwjfkLMHWDbsXR1P1ZNxtky7YJS1gxJg2hQ/AgmtXrVP5HQheOgAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtDSpbf5FZ4f3ZdrM8ZFbr4UzyAMB8GA1UdIwQY
MBaAFNj8bkUYHYOf0Q5KkCdi8myaZGeWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlB4dVJSZ2RnNV9SRGtxUUoyTHliSnBrWjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MjM0M2MtZWRiZS00YThhLTg0ZjIt
N2ViMmViODViODRhLzEvTzBOS2x0X2tWbmhfZGwyc3p4a1Z1dmhUUElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MjM0M2MtZWRiZS00YThhLTg0ZjItN2ViMmViODViODRh
LzEvMlB4dVJSZ2RnNV9SRGtxUUoyTHliSnBrWjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVS8MA0G
CSqGSIb3DQEBCwUAA4IBAQAbr5mlJS5P7+NRjh7BXVuGX9rhfU39Gx4hXEh0VxJ+
1tTZ6xjMx+oTYFAb87cQ4/zxDWYiqkxIptLXzQ8UjelDbAmKvFRaCbAiQxj+lchh
8FTIvOMSJE1N+EzWet2YXbpwnEHlK0lmbPBl4xcH2JXK4kgnLB1sUc7PP/b7bb91
ONfG75q9IGrXW6rHPbTRnNo0X9O3HVQLibQuAdmy22fb1x41c+1LxMlmcY9h9Aop
Nudza+7DLSjbOMO2OPWeNQf67t7C7oFvYrdXsUy2nPFbzhEKbHucfLihI9qXnhAV
oIY2t5mSoPmkyrvKvf37FUGO7nerKSxogf7t0h6H8jYq
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:53 2024 by rpki-client on console-fra.rpki-client.org