Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/960qdNT1ls3Y7m9aCKv3Kx063wY.roa
File: 960qdNT1ls3Y7m9aCKv3Kx063wY.roa (raw, json)
Hash identifier: B4e8y3PXohi3fo/mDE5kx9q7kKR3OsE1r2dH/0jSht4=
Subject key identifier: F7:AD:2A:74:D4:F5:96:CD:D8:EE:6F:5A:08:AB:F7:2B:1D:3A:DF:06
Certificate issuer: /CN=d63343f7cc6c237da3f8b81138c051d8f93c9c4d
Certificate serial: 01856F66DE13C2DAEC870905AC4821E50555
Authority key identifier: D6:33:43:F7:CC:6C:23:7D:A3:F8:B8:11:38:C0:51:D8:F9:3C:9C:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1jND98xsI32j-LgROMBR2Pk8nE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/960qdNT1ls3Y7m9aCKv3Kx063wY.roa
Signing time: Sun 01 Jan 2023 22:14:50 +0000
ROA not before: Sun 01 Jan 2023 22:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209379
IP address blocks: 185.203.200.0/22 maxlen: 22
2a0a:edc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:de:13:c2:da:ec:87:09:05:ac:48:21:e5:05:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d63343f7cc6c237da3f8b81138c051d8f93c9c4d
Validity
Not Before: Jan 1 22:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7ad2a74d4f596cdd8ee6f5a08abf72b1d3adf06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c0:a3:41:57:3b:26:39:bf:4d:76:87:76:5a:
4e:b8:29:ae:e0:ed:ea:9d:f4:da:b1:e3:7e:7b:6d:
b0:50:c9:e9:af:47:a5:a6:8a:35:78:e4:15:7f:f3:
db:71:f9:a6:aa:ab:6d:db:2a:c7:17:8e:03:0f:05:
b2:ef:12:81:5f:1d:ac:bd:fc:80:6a:e7:14:d5:99:
9b:a3:f1:34:be:cf:be:13:db:44:71:e2:c0:ee:91:
b2:0c:ef:9f:a4:ec:bf:74:aa:f8:61:4e:12:c1:13:
07:56:80:d6:02:c5:c8:22:b3:c1:a1:a8:5b:ef:ce:
8e:fd:7f:31:ef:43:7d:34:12:ea:62:bb:99:1e:fc:
71:08:d7:8c:cf:b7:f6:9a:d3:59:a8:0b:71:36:77:
5e:18:71:ae:d3:06:3d:97:bb:72:fb:ba:8e:f6:5b:
ee:10:c8:6a:f3:34:9f:5b:02:11:f6:47:d2:90:6a:
54:e7:9f:68:1d:e0:83:b6:9a:ff:77:91:4c:c7:95:
62:d7:27:40:4f:c0:7d:b8:b2:58:6a:ce:9d:00:cf:
b7:8b:af:19:97:82:fd:29:5b:13:d8:a0:e3:4a:20:
f4:3f:ba:68:32:87:df:4a:91:cf:51:31:55:42:23:
af:9c:ca:33:76:d8:2f:99:21:b9:b3:f8:3a:65:37:
a3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AD:2A:74:D4:F5:96:CD:D8:EE:6F:5A:08:AB:F7:2B:1D:3A:DF:06
X509v3 Authority Key Identifier:
keyid:D6:33:43:F7:CC:6C:23:7D:A3:F8:B8:11:38:C0:51:D8:F9:3C:9C:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1jND98xsI32j-LgROMBR2Pk8nE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/960qdNT1ls3Y7m9aCKv3Kx063wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.200.0/22
IPv6:
2a0a:edc0::/32
Signature Algorithm: sha256WithRSAEncryption
a3:dd:20:b9:36:af:b4:25:b8:bf:73:eb:0e:40:9b:aa:26:31:
4a:36:42:72:1c:b5:d8:28:13:50:3e:38:7a:2b:77:25:2b:74:
7f:7f:7e:39:a2:65:18:55:f4:07:64:95:39:8d:41:61:74:df:
1d:2a:5f:76:d8:c2:82:a8:51:cb:3a:d1:a3:e7:bd:3e:2b:cc:
90:a3:ce:3b:17:3b:e9:4e:be:4b:8c:d0:6c:9e:2e:3f:91:31:
c5:6a:9e:9a:75:06:0a:7d:fd:77:1e:33:79:aa:80:9c:81:57:
5c:44:2d:fa:85:36:67:fa:24:19:91:25:8c:62:5a:5f:97:c7:
82:bc:70:05:bd:49:88:0e:bf:cc:6f:4b:6f:a5:ec:7d:14:0b:
41:27:8c:16:72:39:de:af:c8:cd:a0:94:42:ad:38:91:6a:38:
44:04:95:8d:23:17:f0:b7:54:f6:ba:bd:c1:95:fc:be:53:a3:
08:33:df:c8:f8:31:0e:f0:a3:bb:7d:0c:95:80:ba:5b:ab:63:
e0:69:b0:fc:ac:b1:04:f2:cb:84:2f:20:36:7d:17:bd:1f:e0:
e9:5b:85:e3:38:9d:51:0e:91:b3:b6:4c:e2:60:13:e2:b7:7b:
e8:3f:45:84:80:29:40:14:cf:a3:65:d2:54:81:ef:96:16:cc:
bb:cd:ec:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvZt4TwtrshwkFrEgh5QVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MzM0M2Y3Y2M2YzIzN2RhM2Y4YjgxMTM4YzA1MWQ4Zjkz
YzljNGQwHhcNMjMwMTAxMjIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FkMmE3NGQ0ZjU5NmNkZDhlZTZmNWEwOGFiZjcyYjFkM2FkZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksCjQVc7Jjm/TXaHdlpOuCmu4O3q
nfTaseN+e22wUMnpr0elpoo1eOQVf/Pbcfmmqqtt2yrHF44DDwWy7xKBXx2svfyA
aucU1Zmbo/E0vs++E9tEceLA7pGyDO+fpOy/dKr4YU4SwRMHVoDWAsXIIrPBoahb
786O/X8x70N9NBLqYruZHvxxCNeMz7f2mtNZqAtxNndeGHGu0wY9l7ty+7qO9lvu
EMhq8zSfWwIR9kfSkGpU559oHeCDtpr/d5FMx5Vi1ydAT8B9uLJYas6dAM+3i68Z
l4L9KVsT2KDjSiD0P7poMoffSpHPUTFVQiOvnMozdtgvmSG5s/g6ZTejwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPetKnTU9ZbN2O5vWgir9ysdOt8GMB8GA1UdIwQY
MBaAFNYzQ/fMbCN9o/i4ETjAUdj5PJxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWpORDk4eHNJMzJqLUxnUk9NQlIyUGs4bkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS84ZWI1ODEtOWM3NC00OGUxLTgyMWEt
NTMxODBlZWM1NmZiLzEvOTYwcWROVDFsczNZN205YUNLdjNLeDA2M3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS84ZWI1ODEtOWM3NC00OGUxLTgyMWEtNTMxODBlZWM1NmZi
LzEvMWpORDk4eHNJMzJqLUxnUk9NQlIyUGs4bkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucvIMA0E
AgACMAcDBQAqCu3AMA0GCSqGSIb3DQEBCwUAA4IBAQCj3SC5Nq+0Jbi/c+sOQJuq
JjFKNkJyHLXYKBNQPjh6K3clK3R/f345omUYVfQHZJU5jUFhdN8dKl922MKCqFHL
OtGj570+K8yQo847FzvpTr5LjNBsni4/kTHFap6adQYKff13HjN5qoCcgVdcRC36
hTZn+iQZkSWMYlpfl8eCvHAFvUmIDr/Mb0tvpex9FAtBJ4wWcjner8jNoJRCrTiR
ajhEBJWNIxfwt1T2ur3Blfy+U6MIM9/I+DEO8KO7fQyVgLpbq2PgabD8rLEE8suE
LyA2fRe9H+DpW4XjOJ1RDpGztkziYBPit3voP0WEgClAFM+jZdJUge+WFsy7zew8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:33 2024 by rpki-client on console-ams.rpki-client.org