Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/IN49qgC1PmmvUUVp3QwMBoE2s_Y.roa
File: IN49qgC1PmmvUUVp3QwMBoE2s_Y.roa (raw, json)
Hash identifier: +lxyq7smelXqGu0/1nfvattktYtYfWIgebE3Pz+jBFQ=
Subject key identifier: 20:DE:3D:AA:00:B5:3E:69:AF:51:45:69:DD:0C:0C:06:81:36:B3:F6
Certificate issuer: /CN=d18c2030a5971c4a54096a8edbb21211e54216a7
Certificate serial: 018571831D5A6DE020371C3F60C471E736DC
Authority key identifier: D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/IN49qgC1PmmvUUVp3QwMBoE2s_Y.roa
Signing time: Mon 02 Jan 2023 08:04:56 +0000
ROA not before: Mon 02 Jan 2023 08:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35758
IP address blocks: 185.191.205.0/24 maxlen: 24
185.191.204.0/24 maxlen: 24
185.191.206.0/24 maxlen: 24
185.191.207.0/24 maxlen: 24
2a0a:1dc4::/30 maxlen: 30
2a0a:1dc0::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:1d:5a:6d:e0:20:37:1c:3f:60:c4:71:e7:36:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d18c2030a5971c4a54096a8edbb21211e54216a7
Validity
Not Before: Jan 2 08:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20de3daa00b53e69af514569dd0c0c068136b3f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:55:e4:6b:a6:ac:dd:ec:9d:8d:c6:72:73:07:
dd:fc:89:97:77:31:20:17:04:2e:cc:b6:96:07:b8:
8a:cb:38:01:5b:b0:1b:3c:c0:fc:f7:03:a0:ba:5d:
8c:fb:a9:e7:e6:d1:88:89:ea:31:c9:ca:00:0a:23:
44:7b:e6:bc:d8:c3:92:e4:6b:50:c5:1f:6a:92:5f:
14:f2:7f:61:0b:9d:ea:4d:51:8f:41:b9:fd:d5:18:
7e:47:31:e3:aa:5e:5d:07:46:c9:2f:97:27:2f:39:
b1:71:8e:c6:12:1b:6a:fa:8a:3b:dc:9a:f4:d5:82:
fc:95:e7:6d:c6:73:6e:c0:52:87:47:26:ec:96:1c:
11:20:36:35:ce:ee:ff:4b:1d:9a:87:30:8e:5d:f7:
f9:ba:fa:84:65:fb:e0:0f:af:f1:1d:cf:c8:c3:f2:
79:38:91:55:97:78:51:de:35:ed:07:48:a1:59:9b:
42:77:98:59:43:aa:df:94:63:9a:e9:89:97:6e:3b:
c0:b4:67:8d:01:9c:7e:2a:c4:d4:a9:32:ca:7e:8e:
1f:55:ab:b1:d3:eb:e3:97:5e:d3:0a:f4:6c:f5:db:
8c:b5:ba:50:da:57:6d:74:c1:ea:97:fa:b6:54:c8:
b7:c7:7b:ed:bd:0c:ea:71:3d:0e:b0:c2:8e:7b:6e:
69:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:DE:3D:AA:00:B5:3E:69:AF:51:45:69:DD:0C:0C:06:81:36:B3:F6
X509v3 Authority Key Identifier:
keyid:D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/IN49qgC1PmmvUUVp3QwMBoE2s_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.204.0/22
IPv6:
2a0a:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:60:eb:99:51:d1:36:01:e0:e0:d0:04:29:da:ff:3c:db:c7:
31:8d:d6:67:e9:d2:d2:f9:6d:2f:00:65:82:30:26:73:00:e4:
26:1f:60:ac:42:5c:60:d8:9f:6a:c5:ac:ab:fc:fc:8c:b0:47:
3f:be:fd:65:fa:28:05:1b:c9:73:9c:65:5a:8c:17:f2:d3:3e:
40:36:58:01:bb:f3:2e:1d:6b:0f:e8:48:db:f4:c6:8a:0d:cf:
7b:9c:e7:d6:10:09:00:3f:b0:0a:d3:09:df:10:15:74:a9:08:
a6:8f:8d:4f:ca:7f:2c:c7:5d:16:6a:f9:f7:b2:78:fa:60:17:
36:6c:a2:ed:9a:b2:ef:9c:89:7a:cb:d2:d2:da:ae:50:08:76:
77:8d:7a:fa:63:68:9b:66:55:92:ef:c8:b1:20:52:1d:4b:64:
f2:38:5b:15:84:66:c3:c5:f6:96:63:53:6a:0c:1a:bd:b8:d2:
75:14:0a:12:2c:63:a5:b0:ea:63:3f:ef:60:dd:93:c1:7a:93:
fc:11:b5:bb:6e:01:58:7b:b7:df:e9:31:f8:d4:d0:c3:85:5c:
9b:1d:77:a7:47:05:f6:af:4c:f1:72:9f:1e:a2:ed:3e:11:56:
2a:1b:4c:c9:4a:1d:6b:dd:93:cb:8b:11:17:27:37:52:ac:7e:
7c:8f:10:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxgx1abeAgNxw/YMRx5zbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOGMyMDMwYTU5NzFjNGE1NDA5NmE4ZWRiYjIxMjExZTU0
MjE2YTcwHhcNMjMwMTAyMDgwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGRlM2RhYTAwYjUzZTY5YWY1MTQ1NjlkZDBjMGMwNjgxMzZiM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVXka6as3eydjcZycwfd/ImXdzEg
FwQuzLaWB7iKyzgBW7AbPMD89wOgul2M+6nn5tGIieoxycoACiNEe+a82MOS5GtQ
xR9qkl8U8n9hC53qTVGPQbn91Rh+RzHjql5dB0bJL5cnLzmxcY7GEhtq+oo73Jr0
1YL8ledtxnNuwFKHRybslhwRIDY1zu7/Sx2ahzCOXff5uvqEZfvgD6/xHc/Iw/J5
OJFVl3hR3jXtB0ihWZtCd5hZQ6rflGOa6YmXbjvAtGeNAZx+KsTUqTLKfo4fVaux
0+vjl17TCvRs9duMtbpQ2ldtdMHql/q2VMi3x3vtvQzqcT0OsMKOe25p4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCDePaoAtT5pr1FFad0MDAaBNrP2MB8GA1UdIwQY
MBaAFNGMIDCllxxKVAlqjtuyEhHlQhanMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFl3Z01LV1hIRXBVQ1dxTzI3SVNFZVZDRnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jNGYxNDQtNmU2OC00NmI4LTg1OGQt
NTNhNjcyZDE0YjdhLzEvSU40OXFnQzFQbW12VVVWcDNRd01Cb0Uyc19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jNGYxNDQtNmU2OC00NmI4LTg1OGQtNTNhNjcyZDE0Yjdh
LzEvMFl3Z01LV1hIRXBVQ1dxTzI3SVNFZVZDRnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/MMA0E
AgACMAcDBQMqCh3AMA0GCSqGSIb3DQEBCwUAA4IBAQCdYOuZUdE2AeDg0AQp2v88
28cxjdZn6dLS+W0vAGWCMCZzAOQmH2CsQlxg2J9qxayr/PyMsEc/vv1l+igFG8lz
nGVajBfy0z5ANlgBu/MuHWsP6Ejb9MaKDc97nOfWEAkAP7AK0wnfEBV0qQimj41P
yn8sx10Wavn3snj6YBc2bKLtmrLvnIl6y9LS2q5QCHZ3jXr6Y2ibZlWS78ixIFId
S2TyOFsVhGbDxfaWY1NqDBq9uNJ1FAoSLGOlsOpjP+9g3ZPBepP8EbW7bgFYe7ff
6TH41NDDhVybHXenRwX2r0zxcp8eou0+EVYqG0zJSh1r3ZPLixEXJzdSrH58jxBn
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:38 2024 by rpki-client on console-ams.rpki-client.org