Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/c2ce9RZgSRBaOOTlZqwjDD3E6Ko.roa
File: c2ce9RZgSRBaOOTlZqwjDD3E6Ko.roa (raw, json)
Hash identifier: eThQYFvVb/nsic/jqrvOmSeWZKVptfHIH9tgNQgTKhc=
Subject key identifier: 73:67:1E:F5:16:60:49:10:5A:38:E4:E5:66:AC:23:0C:3D:C4:E8:AA
Certificate issuer: /CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Certificate serial: 01856F66F972EA7F3025FCFCFDFE45684D14
Authority key identifier: 5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/c2ce9RZgSRBaOOTlZqwjDD3E6Ko.roa
Signing time: Sun 01 Jan 2023 22:14:57 +0000
ROA not before: Sun 01 Jan 2023 22:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20609
IP address blocks: 185.108.120.0/22 maxlen: 24
91.202.52.0/22 maxlen: 24
2a06:4ac0::/32 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f9:72:ea:7f:30:25:fc:fc:fd:fe:45:68:4d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Validity
Not Before: Jan 1 22:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73671ef5166049105a38e4e566ac230c3dc4e8aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:de:04:f6:3d:70:c7:25:04:52:9b:7f:46:03:
37:90:b3:dc:0d:4b:ad:20:20:00:e5:8b:4c:19:da:
02:76:8b:d8:26:08:bc:5f:46:1d:0b:2e:ba:5f:29:
08:61:57:0b:7a:fa:88:8a:bd:d2:80:ff:66:63:31:
53:a0:36:d9:5e:65:88:87:c5:85:23:da:04:47:3a:
50:f6:73:66:dd:d1:49:63:dd:7e:4c:ab:3b:32:28:
82:65:26:79:e6:76:21:37:82:f5:31:7d:ad:d9:65:
3d:2d:1d:30:1d:54:a0:33:a6:a5:a4:56:ce:2b:12:
e0:15:2c:18:04:39:83:c2:8c:ed:b9:c3:93:ae:c3:
99:8b:58:b5:3c:59:e5:d1:64:6f:6e:52:1d:7b:70:
6b:49:85:c2:c2:37:f1:d5:4d:f3:45:5e:ae:a6:f8:
7c:9a:64:d8:37:f5:ca:10:11:50:8c:35:6f:1f:5d:
46:89:cb:db:cb:89:bc:f7:63:f2:6d:25:f3:f2:a9:
7f:39:2c:08:e9:ef:41:f3:0e:6a:83:69:ac:d0:92:
88:9f:2c:88:2f:fb:71:ff:26:b4:65:34:02:d0:5c:
95:b3:7a:f7:5c:7e:e9:a3:b4:95:e4:b0:b7:12:14:
8f:87:50:95:b1:96:0c:87:7d:25:ac:7d:05:ae:18:
64:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:67:1E:F5:16:60:49:10:5A:38:E4:E5:66:AC:23:0C:3D:C4:E8:AA
X509v3 Authority Key Identifier:
keyid:5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/c2ce9RZgSRBaOOTlZqwjDD3E6Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.52.0/22
185.108.120.0/22
IPv6:
2a06:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
1d:0f:1f:64:9e:85:a7:da:09:9e:76:c0:90:ff:b7:ef:dc:2c:
f2:9f:ad:60:da:dc:37:0b:9f:cf:23:e2:c3:1c:79:0d:77:76:
44:c8:87:fb:d8:a8:5f:f9:b4:c6:0e:01:e4:5b:ed:ec:14:ad:
22:28:b5:df:0d:37:33:2b:d5:98:3f:32:5b:68:4f:38:b6:59:
3f:5d:71:24:9d:66:3f:49:6d:a8:b9:53:6a:c8:9f:a1:f6:57:
e9:9e:6a:a5:4a:90:24:8e:4c:8a:49:37:a7:0b:75:27:5d:8a:
48:c0:c7:8e:b3:d8:a2:2d:f9:0f:8b:65:18:fd:d5:33:07:7e:
3a:02:cb:18:2a:26:27:f7:46:d7:5d:56:a4:9d:b8:2a:9a:27:
41:66:39:8e:6e:69:c9:63:66:57:5d:cb:78:ee:f9:ef:f2:b5:
a6:bd:bb:48:14:72:09:4c:82:af:01:6a:77:e4:47:b3:98:40:
87:90:68:ae:09:44:5a:96:15:6d:c0:93:2d:ef:d1:34:d7:ca:
96:62:16:cf:91:ee:90:e9:48:b9:cd:9c:25:b6:27:8d:1c:29:
13:b7:bf:41:61:64:e5:65:c8:90:b9:6e:68:1e:62:90:a9:66:
4e:21:ba:1d:3d:73:f2:ea:8a:31:c0:de:e5:98:c5:39:27:db:
39:83:19:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvZvly6n8wJfz8/f5FaE0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWQ0MDYwZmQ1MDFlYmFlOTNlZDQ0ZGE2YjdhNzllNjY3
MDViMmYwHhcNMjMwMTAxMjIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzY3MWVmNTE2NjA0OTEwNWEzOGU0ZTU2NmFjMjMwYzNkYzRlOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3d4E9j1wxyUEUpt/RgM3kLPcDUut
ICAA5YtMGdoCdovYJgi8X0YdCy66XykIYVcLevqIir3SgP9mYzFToDbZXmWIh8WF
I9oERzpQ9nNm3dFJY91+TKs7MiiCZSZ55nYhN4L1MX2t2WU9LR0wHVSgM6alpFbO
KxLgFSwYBDmDwoztucOTrsOZi1i1PFnl0WRvblIde3BrSYXCwjfx1U3zRV6upvh8
mmTYN/XKEBFQjDVvH11Gicvby4m892PybSXz8ql/OSwI6e9B8w5qg2ms0JKInyyI
L/tx/ya0ZTQC0FyVs3r3XH7po7SV5LC3EhSPh1CVsZYMh30lrH0FrhhkOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHNnHvUWYEkQWjjk5WasIww9xOiqMB8GA1UdIwQY
MBaAFF4dQGD9UB666T7UTaa3p55mcFsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQt
MGUxZGI5OGFkMjMxLzEvYzJjZTlSWmdTUkJhT09UbFpxd2pERDNFNktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQtMGUxZGI5OGFkMjMx
LzEvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8o0AwQC
uWx4MA0EAgACMAcDBQAqBkrAMA0GCSqGSIb3DQEBCwUAA4IBAQAdDx9knoWn2gme
dsCQ/7fv3Czyn61g2tw3C5/PI+LDHHkNd3ZEyIf72Khf+bTGDgHkW+3sFK0iKLXf
DTczK9WYPzJbaE84tlk/XXEknWY/SW2ouVNqyJ+h9lfpnmqlSpAkjkyKSTenC3Un
XYpIwMeOs9iiLfkPi2UY/dUzB346AssYKiYn90bXXVaknbgqmidBZjmObmnJY2ZX
Xct47vnv8rWmvbtIFHIJTIKvAWp35EezmECHkGiuCURalhVtwJMt79E018qWYhbP
ke6Q6Ui5zZwltieNHCkTt79BYWTlZciQuW5oHmKQqWZOIbodPXPy6ooxwN7lmMU5
J9s5gxl/
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:33 2024 by rpki-client on console-ams.rpki-client.org