Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/861953-5f65-4465-9046-f4d071f50f1d/1/jB8xAzMrlPGemoP3mkYEvBaIC3w.roa
File: jB8xAzMrlPGemoP3mkYEvBaIC3w.roa (raw, json)
Hash identifier: EVHnjsYy3/3JWpovJZbYtR+R2aEd9IXwCm8FUWYMwl4=
Subject key identifier: 8C:1F:31:03:33:2B:94:F1:9E:9A:83:F7:9A:46:04:BC:16:88:0B:7C
Certificate issuer: /CN=d5d1cd47a53ef57ebb567bc882ad2986faac5f0d
Certificate serial: 018572710FD3A314C1DB08C15286B41B29DD
Authority key identifier: D5:D1:CD:47:A5:3E:F5:7E:BB:56:7B:C8:82:AD:29:86:FA:AC:5F:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dHNR6U-9X67VnvIgq0phvqsXw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/861953-5f65-4465-9046-f4d071f50f1d/1/jB8xAzMrlPGemoP3mkYEvBaIC3w.roa
Signing time: Mon 02 Jan 2023 12:24:50 +0000
ROA not before: Mon 02 Jan 2023 12:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212213
IP address blocks: 185.59.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:0f:d3:a3:14:c1:db:08:c1:52:86:b4:1b:29:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5d1cd47a53ef57ebb567bc882ad2986faac5f0d
Validity
Not Before: Jan 2 12:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c1f3103332b94f19e9a83f79a4604bc16880b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5c:1c:2a:3b:ab:fc:3f:c6:f9:26:7d:d7:b7:
b7:1c:da:53:07:1a:c1:db:f5:ed:66:58:e3:b6:04:
06:d1:64:8e:cb:21:12:a7:52:1d:98:f9:65:1a:85:
b2:cd:ee:c2:3e:c3:d6:96:25:88:ba:f7:fe:b3:9d:
b4:54:7f:c0:b5:fa:54:d4:44:8c:24:4e:59:e4:13:
4b:22:dc:64:a3:31:e8:06:e0:11:77:60:d4:1d:05:
38:ac:ae:6f:a7:af:1e:50:fc:06:c0:e4:ba:d3:68:
1f:04:be:6d:83:f1:83:c6:5f:2b:7b:92:50:00:86:
69:2b:e1:72:e7:25:fa:e2:fe:d8:c5:8f:e1:cd:49:
65:5b:18:ec:f7:8d:6c:4a:a3:9c:0c:aa:72:98:32:
e6:d5:89:a3:57:38:52:e6:53:67:5c:31:64:59:91:
03:0b:06:ef:d0:44:1c:2e:81:26:f8:33:f4:ca:b4:
b2:6b:11:f9:9f:e3:a7:7f:fd:a5:dd:62:05:e0:1f:
95:ee:28:b7:8d:b3:b1:a3:c1:61:54:22:54:11:25:
ab:dc:c8:8d:9b:09:40:63:e7:44:06:7d:4c:34:dc:
53:2e:5a:3a:9e:cf:81:12:ee:c2:a5:fc:22:f9:4f:
d3:a6:d7:2a:6c:25:ec:14:cc:1d:1c:74:9c:12:23:
eb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:1F:31:03:33:2B:94:F1:9E:9A:83:F7:9A:46:04:BC:16:88:0B:7C
X509v3 Authority Key Identifier:
keyid:D5:D1:CD:47:A5:3E:F5:7E:BB:56:7B:C8:82:AD:29:86:FA:AC:5F:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dHNR6U-9X67VnvIgq0phvqsXw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/861953-5f65-4465-9046-f4d071f50f1d/1/jB8xAzMrlPGemoP3mkYEvBaIC3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/861953-5f65-4465-9046-f4d071f50f1d/1/1dHNR6U-9X67VnvIgq0phvqsXw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.217.0/24
Signature Algorithm: sha256WithRSAEncryption
89:45:a6:80:7a:59:49:9a:84:04:de:67:a9:ff:36:83:86:0b:
14:cc:82:1a:5e:8b:bc:85:08:f2:1d:8a:40:d3:54:ea:32:20:
06:52:45:b0:80:a5:d4:40:81:c7:5f:94:fe:9f:aa:f3:9c:10:
d3:7f:59:22:b9:68:38:ce:e8:41:c2:60:5b:71:83:50:20:54:
e5:0a:f1:4b:22:6f:01:be:e3:99:f7:8c:ef:60:f9:75:71:dc:
f9:4d:86:4f:11:4d:dc:5e:0a:9a:7b:1a:6e:b4:20:28:ff:49:
e2:a9:88:95:19:af:23:cd:eb:8f:9d:a6:74:fa:01:58:f6:95:
aa:7a:6b:44:0c:25:da:3b:4b:d4:6c:3e:6a:66:6e:78:c8:4a:
40:69:13:ff:b4:8b:07:30:48:c6:0e:57:1b:18:cd:b6:82:34:
88:1e:c9:e1:10:77:57:8b:89:a5:2d:fa:af:14:e6:df:9d:97:
27:cf:a4:7c:de:fa:72:9f:f2:ec:12:b6:6b:84:f5:c6:a5:ef:
b4:11:77:ad:0e:4f:42:d3:73:06:27:13:2a:7f:d4:ae:37:30:
d4:3a:c4:10:54:80:6e:bd:75:e5:d4:73:b1:e3:18:b8:10:9a:
27:14:f7:8f:fb:d3:fc:f2:46:3d:a5:47:ee:a9:a8:bf:8a:21:
15:4b:7e:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycQ/ToxTB2wjBUoa0GyndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZDFjZDQ3YTUzZWY1N2ViYjU2N2JjODgyYWQyOTg2ZmFh
YzVmMGQwHhcNMjMwMTAyMTIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzFmMzEwMzMzMmI5NGYxOWU5YTgzZjc5YTQ2MDRiYzE2ODgwYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVwcKjur/D/G+SZ917e3HNpTBxrB
2/XtZljjtgQG0WSOyyESp1IdmPllGoWyze7CPsPWliWIuvf+s520VH/AtfpU1ESM
JE5Z5BNLItxkozHoBuARd2DUHQU4rK5vp68eUPwGwOS602gfBL5tg/GDxl8re5JQ
AIZpK+Fy5yX64v7YxY/hzUllWxjs941sSqOcDKpymDLm1YmjVzhS5lNnXDFkWZED
Cwbv0EQcLoEm+DP0yrSyaxH5n+Onf/2l3WIF4B+V7ii3jbOxo8FhVCJUESWr3MiN
mwlAY+dEBn1MNNxTLlo6ns+BEu7Cpfwi+U/TptcqbCXsFMwdHHScEiPrlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwfMQMzK5TxnpqD95pGBLwWiAt8MB8GA1UdIwQY
MBaAFNXRzUelPvV+u1Z7yIKtKYb6rF8NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWRITlI2VS05WDY3Vm52SWdxMHBodnFzWHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84NjE5NTMtNWY2NS00NDY1LTkwNDYt
ZjRkMDcxZjUwZjFkLzEvakI4eEF6TXJsUEdlbW9QM21rWUV2QmFJQzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84NjE5NTMtNWY2NS00NDY1LTkwNDYtZjRkMDcxZjUwZjFk
LzEvMWRITlI2VS05WDY3Vm52SWdxMHBodnFzWHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTvZMA0G
CSqGSIb3DQEBCwUAA4IBAQCJRaaAellJmoQE3mep/zaDhgsUzIIaXou8hQjyHYpA
01TqMiAGUkWwgKXUQIHHX5T+n6rznBDTf1kiuWg4zuhBwmBbcYNQIFTlCvFLIm8B
vuOZ94zvYPl1cdz5TYZPEU3cXgqaexputCAo/0niqYiVGa8jzeuPnaZ0+gFY9pWq
emtEDCXaO0vUbD5qZm54yEpAaRP/tIsHMEjGDlcbGM22gjSIHsnhEHdXi4mlLfqv
FObfnZcnz6R83vpyn/LsErZrhPXGpe+0EXetDk9C03MGJxMqf9SuNzDUOsQQVIBu
vXXl1HOx4xi4EJonFPeP+9P88kY9pUfuqai/iiEVS343
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:09 2024 by rpki-client on console-ams.rpki-client.org