Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Lf0l2XSOr7WJg6jdKZ3JO9fmZNk.roa
File: Lf0l2XSOr7WJg6jdKZ3JO9fmZNk.roa (raw, json)
Hash identifier: +87DfLEQg4+9AfJHd921YgMqCChgzp3+7XsLEKj/oh8=
Subject key identifier: 2D:FD:25:D9:74:8E:AF:B5:89:83:A8:DD:29:9D:C9:3B:D7:E6:64:D9
Certificate issuer: /CN=12ee6257d0c3a2b930561af2522d9e5af7f9cbc7
Certificate serial: 01856F824DE0A0316BF9F0B6BBC8D5A7C2F8
Authority key identifier: 12:EE:62:57:D0:C3:A2:B9:30:56:1A:F2:52:2D:9E:5A:F7:F9:CB:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu5iV9DDorkwVhryUi2eWvf5y8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Lf0l2XSOr7WJg6jdKZ3JO9fmZNk.roa
Signing time: Sun 01 Jan 2023 22:44:48 +0000
ROA not before: Sun 01 Jan 2023 22:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.235.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:4d:e0:a0:31:6b:f9:f0:b6:bb:c8:d5:a7:c2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ee6257d0c3a2b930561af2522d9e5af7f9cbc7
Validity
Not Before: Jan 1 22:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dfd25d9748eafb58983a8dd299dc93bd7e664d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7c:d5:ac:bb:08:ef:88:0e:0d:57:da:34:03:
18:c7:24:67:0b:2f:8b:33:4e:c4:80:c1:46:5d:a2:
bd:5f:93:58:b6:87:ff:22:6d:ff:85:02:97:1b:16:
40:3b:61:63:b1:4c:0e:a6:49:fb:f2:a5:f5:32:8a:
83:36:07:ea:e8:21:85:51:f9:1d:50:aa:3e:2c:bf:
2e:f2:c1:d9:9a:63:84:25:c3:95:66:39:41:d5:f6:
7f:ed:3b:d3:b3:07:19:94:8d:66:d5:5f:b9:6b:e8:
25:8b:0f:75:b3:e6:9b:7a:96:50:b3:f7:26:30:9e:
8c:5e:80:31:d5:d9:94:83:0c:13:cb:99:ef:5f:fe:
e4:dd:a8:de:14:12:5a:5b:ce:9e:f6:dd:a5:ac:4c:
c6:60:de:a5:dd:dd:b8:ba:0c:fa:e5:b2:e1:5e:28:
36:ed:67:bd:47:de:46:cb:02:73:1f:41:f6:87:92:
98:94:74:bb:ca:e1:f1:fc:e2:61:24:b5:a0:06:ab:
24:7b:6b:39:f6:3e:8a:f2:00:07:58:8f:a4:d8:ea:
6c:da:27:0d:44:ac:fe:9d:0e:e8:d1:08:0a:91:2d:
b8:12:81:0b:ba:19:19:31:d9:51:9a:88:f0:51:68:
d3:cd:7e:2d:1f:03:16:7c:58:b0:2d:4a:8d:47:32:
eb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FD:25:D9:74:8E:AF:B5:89:83:A8:DD:29:9D:C9:3B:D7:E6:64:D9
X509v3 Authority Key Identifier:
keyid:12:EE:62:57:D0:C3:A2:B9:30:56:1A:F2:52:2D:9E:5A:F7:F9:CB:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu5iV9DDorkwVhryUi2eWvf5y8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Lf0l2XSOr7WJg6jdKZ3JO9fmZNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Eu5iV9DDorkwVhryUi2eWvf5y8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.38.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:52:27:51:8b:2b:7c:2d:2b:8e:8e:e1:ae:d4:0e:a6:9c:c5:
43:85:e8:27:ee:ff:6d:ad:b0:4c:0e:e7:1a:f7:f4:0d:c3:0e:
5f:07:75:61:e2:62:12:72:b4:a0:bd:34:e6:22:c8:ec:ac:62:
5f:bb:31:12:a4:65:21:5d:c2:23:fa:fd:7d:a6:5e:18:26:b3:
ce:5d:d9:5b:df:87:7a:8e:10:32:96:f8:19:f2:60:f8:08:62:
2e:34:6c:ac:3b:44:e4:96:b3:1a:42:61:da:6b:cf:fc:75:4d:
22:f4:90:7e:7c:aa:64:67:50:2a:8c:ed:cb:bb:bf:15:a2:7b:
48:c0:ba:8f:39:d2:7b:d6:d3:a4:83:1f:ff:9f:df:0e:70:d3:
e6:69:f7:4a:f8:ad:22:d7:6c:04:37:ad:79:68:a3:27:d3:98:
af:24:12:72:8b:f2:2c:89:9b:39:49:f4:7c:80:9b:b5:93:72:
bf:d8:0f:1d:9c:a5:56:82:15:1f:89:b7:dd:55:43:e9:e3:fe:
28:2a:5e:98:d6:79:ba:2a:37:1e:07:7d:e1:3f:80:7a:a9:8e:
9f:45:da:0b:78:9b:9b:13:2d:e4:be:86:6c:c1:68:07:0e:9f:
af:bf:5c:cb:17:25:61:78:d6:17:8a:95:e9:0d:8b:ee:37:e3:
a6:39:17:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgk3goDFr+fC2u8jVp8L4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWU2MjU3ZDBjM2EyYjkzMDU2MWFmMjUyMmQ5ZTVhZjdm
OWNiYzcwHhcNMjMwMTAxMjI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZkMjVkOTc0OGVhZmI1ODk4M2E4ZGQyOTlkYzkzYmQ3ZTY2NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHzVrLsI74gODVfaNAMYxyRnCy+L
M07EgMFGXaK9X5NYtof/Im3/hQKXGxZAO2FjsUwOpkn78qX1MoqDNgfq6CGFUfkd
UKo+LL8u8sHZmmOEJcOVZjlB1fZ/7TvTswcZlI1m1V+5a+gliw91s+abepZQs/cm
MJ6MXoAx1dmUgwwTy5nvX/7k3ajeFBJaW86e9t2lrEzGYN6l3d24ugz65bLhXig2
7We9R95GywJzH0H2h5KYlHS7yuHx/OJhJLWgBqske2s59j6K8gAHWI+k2Ops2icN
RKz+nQ7o0QgKkS24EoELuhkZMdlRmojwUWjTzX4tHwMWfFiwLUqNRzLrDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC39Jdl0jq+1iYOo3SmdyTvX5mTZMB8GA1UdIwQY
MBaAFBLuYlfQw6K5MFYa8lItnlr3+cvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXU1aVY5RERvcmt3VmhyeVVpMmVXdmY1eThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MWRlZTItZTFjMS00MGNlLWIzMTEt
M2YzMzg2NjE5MmQwLzEvTGYwbDJYU09yN1dKZzZqZEtaM0pPOWZtWk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MWRlZTItZTFjMS00MGNlLWIzMTEtM2YzMzg2NjE5MmQw
LzEvRXU1aVY5RERvcmt3VmhyeVVpMmVXdmY1eThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuesmMA0G
CSqGSIb3DQEBCwUAA4IBAQDAUidRiyt8LSuOjuGu1A6mnMVDhegn7v9trbBMDuca
9/QNww5fB3Vh4mIScrSgvTTmIsjsrGJfuzESpGUhXcIj+v19pl4YJrPOXdlb34d6
jhAylvgZ8mD4CGIuNGysO0TklrMaQmHaa8/8dU0i9JB+fKpkZ1AqjO3Lu78VontI
wLqPOdJ71tOkgx//n98OcNPmafdK+K0i12wEN615aKMn05ivJBJyi/IsiZs5SfR8
gJu1k3K/2A8dnKVWghUfibfdVUPp4/4oKl6Y1nm6KjceB33hP4B6qY6fRdoLeJub
Ey3kvoZswWgHDp+vv1zLFyVheNYXipXpDYvuN+OmORd1
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:36 2024 by rpki-client on console-ams.rpki-client.org