Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/USo1LhTPzQov4v-_oksNXscj3ws.roa
File: USo1LhTPzQov4v-_oksNXscj3ws.roa (raw, json)
Hash identifier: +4t6EdtBpvmKsBpnQx5LlpGiLcfLCKwBD5E3erFpiSk=
Subject key identifier: 51:2A:35:2E:14:CF:CD:0A:2F:E2:FF:BF:A2:4B:0D:5E:C7:23:DF:0B
Certificate issuer: /CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Certificate serial: 018572C38D57F9473599141F779A95C6F0B4
Authority key identifier: A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/USo1LhTPzQov4v-_oksNXscj3ws.roa
Signing time: Mon 02 Jan 2023 13:54:56 +0000
ROA not before: Mon 02 Jan 2023 13:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.189.173.0/24 maxlen: 24
185.189.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:8d:57:f9:47:35:99:14:1f:77:9a:95:c6:f0:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Validity
Not Before: Jan 2 13:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=512a352e14cfcd0a2fe2ffbfa24b0d5ec723df0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:aa:49:59:8d:d3:90:8b:53:7b:ce:d0:e5:a2:
f0:d1:04:ad:da:73:e4:43:a2:43:7b:90:57:de:dd:
61:ca:6a:6b:c4:5d:54:a8:d1:95:4b:43:ad:a5:c7:
d1:5e:5b:7d:2b:8d:3f:d9:d2:ea:38:64:ae:ca:70:
98:50:10:09:a9:14:c9:4a:54:88:7b:d5:4c:11:2a:
4b:cc:23:1d:a5:61:e3:e4:b1:12:66:ce:ae:c3:81:
19:82:88:6c:9d:39:67:a0:de:21:5b:bd:c9:7c:9c:
bc:ae:ca:56:a9:3b:96:5b:5e:b3:e1:4b:4e:d8:9c:
8c:69:93:f3:41:80:b6:d7:28:d9:dd:76:ea:c7:c4:
da:de:6c:78:1d:23:1b:de:45:42:56:1d:78:ec:a3:
9d:9e:69:e7:c7:ac:43:cd:03:00:ef:bc:91:af:d9:
7a:09:18:28:a3:3b:29:80:07:4f:89:7e:e8:c0:57:
10:90:1e:5b:83:68:42:07:a6:c6:5b:d9:4d:bc:0f:
91:81:0c:cb:f4:eb:7e:fb:1b:fc:cf:24:07:da:85:
2f:f6:42:d3:3a:8e:e0:97:38:2c:74:1a:c2:84:0f:
0d:91:c3:4e:23:02:29:25:1f:76:2f:e3:d9:82:a0:
8c:15:c6:7a:79:af:2e:6e:46:62:ca:b2:32:06:24:
b6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2A:35:2E:14:CF:CD:0A:2F:E2:FF:BF:A2:4B:0D:5E:C7:23:DF:0B
X509v3 Authority Key Identifier:
keyid:A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/USo1LhTPzQov4v-_oksNXscj3ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.172.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:ca:78:bc:af:e3:76:02:90:5c:b9:17:c4:59:ee:ee:31:53:
8f:f8:af:b3:e3:91:45:f0:fe:2a:5e:02:a7:a9:48:6c:c8:82:
87:37:25:1a:a4:54:78:96:cb:68:69:5b:cf:7a:04:5d:19:6c:
a0:e0:10:c1:48:55:0e:f7:e2:5c:94:f2:1f:36:b1:3f:b0:3f:
98:3f:65:a4:1e:28:37:59:a4:0d:c8:8f:fa:dd:0b:f1:41:bf:
a5:fc:03:05:8d:e0:81:71:c8:3e:a7:0c:e7:f6:ba:dc:d3:de:
54:d3:0a:d0:e5:ec:f8:32:ab:1a:16:cd:53:57:e6:d3:cf:35:
17:d6:31:d7:f0:5b:e6:32:c1:a5:b8:2e:15:02:cc:34:76:ac:
73:d8:86:7e:da:94:a6:0e:51:48:fb:55:0b:f7:be:c1:64:2a:
7e:d0:34:ea:6a:94:12:25:b0:42:47:a8:11:cd:d5:93:59:62:
17:d9:02:0f:84:7e:51:bc:73:c1:62:90:60:08:44:a5:dd:b4:
70:ce:21:76:39:b2:45:1f:30:bd:30:8b:79:1d:f8:59:85:c2:
2e:08:4b:0d:fa:45:a2:24:1c:ab:fc:72:7c:47:55:7d:91:e7:
49:eb:5b:a3:96:8e:8d:38:95:1d:4b:a2:97:3f:6c:39:b6:ec:
5a:62:fe:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw41X+Uc1mRQfd5qVxvC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MTAzNTZkYzBhNTIxODk1Y2U2MWY4NTQ5NWUwNmRhZjdh
MTJiM2IwHhcNMjMwMTAyMTM1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJhMzUyZTE0Y2ZjZDBhMmZlMmZmYmZhMjRiMGQ1ZWM3MjNkZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6pJWY3TkItTe87Q5aLw0QSt2nPk
Q6JDe5BX3t1hymprxF1UqNGVS0OtpcfRXlt9K40/2dLqOGSuynCYUBAJqRTJSlSI
e9VMESpLzCMdpWHj5LESZs6uw4EZgohsnTlnoN4hW73JfJy8rspWqTuWW16z4UtO
2JyMaZPzQYC21yjZ3Xbqx8Ta3mx4HSMb3kVCVh147KOdnmnnx6xDzQMA77yRr9l6
CRgoozspgAdPiX7owFcQkB5bg2hCB6bGW9lNvA+RgQzL9Ot++xv8zyQH2oUv9kLT
Oo7glzgsdBrChA8NkcNOIwIpJR92L+PZgqCMFcZ6ea8ubkZiyrIyBiS2aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEqNS4Uz80KL+L/v6JLDV7HI98LMB8GA1UdIwQY
MBaAFKUQNW3ApSGJXOYfhUleBtr3oSs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYt
MDExODJmODQwNzg5LzEvVVNvMUxoVFB6UW92NHYtX29rc05Yc2NqM3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYtMDExODJmODQwNzg5
LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBub2sMA0G
CSqGSIb3DQEBCwUAA4IBAQCjyni8r+N2ApBcuRfEWe7uMVOP+K+z45FF8P4qXgKn
qUhsyIKHNyUapFR4lstoaVvPegRdGWyg4BDBSFUO9+JclPIfNrE/sD+YP2WkHig3
WaQNyI/63QvxQb+l/AMFjeCBccg+pwzn9rrc095U0wrQ5ez4MqsaFs1TV+bTzzUX
1jHX8FvmMsGluC4VAsw0dqxz2IZ+2pSmDlFI+1UL977BZCp+0DTqapQSJbBCR6gR
zdWTWWIX2QIPhH5RvHPBYpBgCESl3bRwziF2ObJFHzC9MIt5HfhZhcIuCEsN+kWi
JByr/HJ8R1V9kedJ61ujlo6NOJUdS6KXP2w5tuxaYv60
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:08 2024 by rpki-client on console-fra.rpki-client.org