Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/goadQsM2cr8TDWQZpwdh0wEFI5U.roa
File: goadQsM2cr8TDWQZpwdh0wEFI5U.roa (raw, json)
Hash identifier: tDj3DBkIZld2vuMRCRF/nrnsj2OwG5XdGo9BJxtFSPk=
Subject key identifier: 82:86:9D:42:C3:36:72:BF:13:0D:64:19:A7:07:61:D3:01:05:23:95
Certificate issuer: /CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Certificate serial: 01856C65E5C0222AEC8FC689821CED99156E
Authority key identifier: DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/goadQsM2cr8TDWQZpwdh0wEFI5U.roa
Signing time: Sun 01 Jan 2023 08:14:55 +0000
ROA not before: Sun 01 Jan 2023 08:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202391
IP address blocks: 185.75.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e5:c0:22:2a:ec:8f:c6:89:82:1c:ed:99:15:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Validity
Not Before: Jan 1 08:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82869d42c33672bf130d6419a70761d301052395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:11:7a:c3:ec:3b:cb:e1:65:4c:09:ce:8e:90:
b3:0b:53:55:ab:bb:27:ba:7a:5a:27:8d:28:51:18:
e5:06:72:08:cc:93:36:70:b1:e7:ff:74:2d:ff:b5:
f7:06:f7:92:e3:d2:b1:50:62:40:4c:e8:b1:9a:78:
b8:43:29:4e:4b:d9:61:25:18:78:4c:15:10:db:96:
64:fa:45:c4:f7:cb:87:48:e7:3f:51:e3:96:2f:0f:
c3:12:3c:ce:14:a2:df:6b:8f:b0:18:75:80:14:82:
27:9b:44:3b:29:b7:76:ac:c7:e9:4d:25:ed:12:81:
c8:b7:06:73:28:bf:3b:7c:45:72:77:7e:be:59:64:
33:54:64:03:b9:f3:82:72:5b:f2:ce:d8:b3:09:34:
b9:64:24:be:2b:cc:9c:ac:69:8a:d8:5c:70:cf:5c:
bf:03:74:81:f1:2a:68:02:98:9b:34:90:b3:94:57:
df:76:64:b8:31:cd:89:59:1d:fb:27:fb:62:4e:cf:
d4:ef:cc:07:da:31:f6:ae:4b:bb:30:a1:b6:25:80:
1d:26:b8:28:2e:34:83:9f:4f:d0:ae:38:d7:56:65:
94:ff:87:28:44:88:08:d0:a1:8e:4e:67:cf:d7:4d:
60:b0:9e:ac:5e:a8:26:a8:ff:50:fe:5a:d2:0f:45:
e8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:86:9D:42:C3:36:72:BF:13:0D:64:19:A7:07:61:D3:01:05:23:95
X509v3 Authority Key Identifier:
keyid:DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/goadQsM2cr8TDWQZpwdh0wEFI5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.204.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:10:49:1e:fc:47:a7:62:b5:c5:8c:b8:77:62:c7:07:b8:3b:
42:66:37:11:68:d7:17:3f:bc:47:df:f3:23:85:44:54:3c:2e:
f8:6c:de:71:1c:fb:f4:4b:ed:7e:5d:a4:e4:76:d8:ba:4d:9b:
31:53:19:a0:bd:af:77:e2:af:cf:55:41:31:e9:7d:44:f1:f5:
63:63:1f:4f:18:ff:f0:61:ca:cb:a1:2f:aa:c2:2e:99:b6:65:
55:9e:86:03:fd:0a:95:3a:b1:2b:57:03:76:68:f1:0a:03:cd:
d9:62:06:03:da:ae:1b:fe:07:ba:3c:5d:5a:1b:5f:30:a9:44:
46:d5:c4:04:5d:20:c6:ac:fc:0f:74:9a:b4:35:08:48:26:80:
bf:f6:e3:ad:7b:e2:e9:4a:48:47:53:c3:9e:1e:67:73:7e:69:
47:48:07:53:e6:76:bf:13:38:2f:41:c6:8a:be:12:d3:70:0a:
d3:dd:5d:ea:9d:20:d6:96:a7:84:30:6e:cd:d8:01:05:84:31:
00:89:de:db:75:8d:8f:94:3a:df:ef:5c:92:fd:74:09:9d:37:
91:7c:aa:80:94:b6:e9:da:35:d5:f0:58:da:2e:f0:8b:a0:f5:
2a:a3:38:57:98:79:1e:59:1c:6a:ec:96:3b:63:71:f7:c7:29:
7e:c8:de:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZeXAIirsj8aJghztmRVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjdiOTM5OTM0YTJjYzIwNmZmYmE2YmNlOWM5MGZkY2Jh
MzljNzEwHhcNMjMwMTAxMDgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg2OWQ0MmMzMzY3MmJmMTMwZDY0MTlhNzA3NjFkMzAxMDUyMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxF6w+w7y+FlTAnOjpCzC1NVq7sn
unpaJ40oURjlBnIIzJM2cLHn/3Qt/7X3BveS49KxUGJATOixmni4QylOS9lhJRh4
TBUQ25Zk+kXE98uHSOc/UeOWLw/DEjzOFKLfa4+wGHWAFIInm0Q7Kbd2rMfpTSXt
EoHItwZzKL87fEVyd36+WWQzVGQDufOCclvyztizCTS5ZCS+K8ycrGmK2Fxwz1y/
A3SB8SpoApibNJCzlFffdmS4Mc2JWR37J/tiTs/U78wH2jH2rku7MKG2JYAdJrgo
LjSDn0/QrjjXVmWU/4coRIgI0KGOTmfP101gsJ6sXqgmqP9Q/lrSD0Xo8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKGnULDNnK/Ew1kGacHYdMBBSOVMB8GA1UdIwQY
MBaAFN8nuTmTSizCBv+6a86ckP3Lo5xxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0Njgt
NmVkNTRkM2ZlNGY0LzEvZ29hZFFzTTJjcjhURFdRWnB3ZGgwd0VGSTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0NjgtNmVkNTRkM2ZlNGY0
LzEvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUvMMA0G
CSqGSIb3DQEBCwUAA4IBAQAPEEke/EenYrXFjLh3YscHuDtCZjcRaNcXP7xH3/Mj
hURUPC74bN5xHPv0S+1+XaTkdti6TZsxUxmgva934q/PVUEx6X1E8fVjYx9PGP/w
YcrLoS+qwi6ZtmVVnoYD/QqVOrErVwN2aPEKA83ZYgYD2q4b/ge6PF1aG18wqURG
1cQEXSDGrPwPdJq0NQhIJoC/9uOte+LpSkhHU8OeHmdzfmlHSAdT5na/EzgvQcaK
vhLTcArT3V3qnSDWlqeEMG7N2AEFhDEAid7bdY2PlDrf71yS/XQJnTeRfKqAlLbp
2jXV8FjaLvCLoPUqozhXmHkeWRxq7JY7Y3H3xyl+yN4l
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:24 2024 by rpki-client on console-fra.rpki-client.org