Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/SyG_xO_fzcv55o5r4HEhHo6SvdI.roa
File: SyG_xO_fzcv55o5r4HEhHo6SvdI.roa (raw, json)
Hash identifier: gP+BTsGi0VMW+lWgf9kTaNINT5wODPQ0Nrlqdj2u6XQ=
Subject key identifier: 4B:21:BF:C4:EF:DF:CD:CB:F9:E6:8E:6B:E0:71:21:1E:8E:92:BD:D2
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 0185719E67ACC42C5D64DA22F72EBADA3231
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/SyG_xO_fzcv55o5r4HEhHo6SvdI.roa
Signing time: Mon 02 Jan 2023 08:34:44 +0000
ROA not before: Mon 02 Jan 2023 08:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29205
IP address blocks: 185.49.12.0/22 maxlen: 22
91.230.36.0/23 maxlen: 23
185.100.228.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:67:ac:c4:2c:5d:64:da:22:f7:2e:ba:da:32:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Jan 2 08:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b21bfc4efdfcdcbf9e68e6be071211e8e92bdd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a6:11:46:7f:de:cd:fb:21:28:5c:c9:5a:27:
38:39:13:f0:3d:9c:68:26:3b:b1:ea:b4:c2:74:ed:
9a:34:06:e5:c8:d4:fa:ba:e5:10:08:9a:72:84:3e:
2e:24:8b:f6:45:5a:23:cb:bb:21:a0:f5:8e:1e:e8:
97:a6:da:9c:f9:3a:62:da:f1:00:85:62:42:90:be:
02:33:cc:0b:45:f6:10:4e:e9:b6:9d:33:60:61:fb:
b0:a1:fd:96:9a:39:83:84:05:34:cf:6e:ef:0f:af:
78:69:92:c6:2a:5a:89:72:cf:88:47:e7:ae:93:96:
0c:23:06:c8:ba:60:ba:12:f0:92:6e:60:ba:0c:e9:
a7:01:6e:26:b0:0d:97:dc:16:95:28:0d:5f:fa:a4:
46:51:61:ae:8a:1d:3f:02:36:88:e2:19:fe:f2:2e:
ea:02:37:4b:89:37:b4:c2:fe:10:e0:01:e9:c6:0f:
1d:b8:f3:41:85:06:22:fd:ec:a4:f3:f3:cd:d5:b5:
23:76:98:4e:4a:d6:91:05:cd:f8:ed:5d:a9:ba:c8:
0e:e6:ba:67:d2:5c:74:a6:13:9c:00:17:de:30:6f:
2e:12:df:f9:48:a4:3b:0b:b9:9f:aa:13:3d:cf:3a:
a4:30:1e:32:be:31:a6:d1:d2:ab:a2:56:70:1f:79:
7e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:21:BF:C4:EF:DF:CD:CB:F9:E6:8E:6B:E0:71:21:1E:8E:92:BD:D2
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/SyG_xO_fzcv55o5r4HEhHo6SvdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.36.0/23
185.49.12.0/22
185.100.228.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:01:49:2c:dd:74:1f:d1:0d:84:7b:9f:be:d4:b9:98:95:dd:
9a:d0:f7:f1:d6:0a:f3:b2:bc:63:3a:df:35:b8:f9:c2:6c:a8:
1b:8b:90:70:78:78:c4:7d:fe:6b:ab:c5:a0:55:6e:39:ef:fb:
e9:b5:46:c0:a5:d9:57:89:90:9e:ba:34:55:14:99:9a:6c:74:
61:a2:a1:fd:b8:c1:d8:e7:4c:73:36:53:9a:9e:1a:1d:4f:49:
81:a8:a7:e7:c0:c6:fd:10:c5:7b:9c:31:3a:1a:c6:7c:a4:68:
d5:23:7a:c6:be:e1:a3:a0:61:3b:53:d8:f2:45:5c:85:c4:b3:
af:f7:58:cc:85:14:84:cc:17:83:ec:31:d2:55:11:d9:fb:c0:
87:81:23:5f:9d:11:68:fa:62:d3:ff:84:71:cc:1d:73:3a:64:
70:8a:34:43:7f:48:d3:7a:c7:a4:42:13:b2:c6:42:36:e0:98:
bc:02:5e:c5:c1:51:59:d6:f3:c0:c9:af:54:35:4d:ea:ff:90:
ac:c4:08:0c:b2:39:8b:73:80:c4:02:1e:89:46:6e:72:7a:74:
e3:05:c3:16:9c:87:4b:66:dc:fc:17:80:29:81:25:bc:74:7d:
e4:d4:c6:a1:88:6c:47:2d:36:1e:58:73:de:d8:f9:1c:7f:2e:
30:75:2c:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxnmesxCxdZNoi9y662jIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjMwMTAyMDgzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjIxYmZjNGVmZGZjZGNiZjllNjhlNmJlMDcxMjExZThlOTJiZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqYRRn/ezfshKFzJWic4ORPwPZxo
Jjux6rTCdO2aNAblyNT6uuUQCJpyhD4uJIv2RVojy7shoPWOHuiXptqc+Tpi2vEA
hWJCkL4CM8wLRfYQTum2nTNgYfuwof2WmjmDhAU0z27vD694aZLGKlqJcs+IR+eu
k5YMIwbIumC6EvCSbmC6DOmnAW4msA2X3BaVKA1f+qRGUWGuih0/AjaI4hn+8i7q
AjdLiTe0wv4Q4AHpxg8duPNBhQYi/eyk8/PN1bUjdphOStaRBc347V2pusgO5rpn
0lx0phOcABfeMG8uEt/5SKQ7C7mfqhM9zzqkMB4yvjGm0dKrolZwH3l+gwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEshv8Tv383L+eaOa+BxIR6Okr3SMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvU3lHX3hPX2Z6Y3Y1NW81cjRIRWhIbzZTdmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+YkAwQC
uTEMAwQCuWTkMA0GCSqGSIb3DQEBCwUAA4IBAQCpAUks3XQf0Q2Ee5++1LmYld2a
0Pfx1grzsrxjOt81uPnCbKgbi5BweHjEff5rq8WgVW457/vptUbApdlXiZCeujRV
FJmabHRhoqH9uMHY50xzNlOanhodT0mBqKfnwMb9EMV7nDE6GsZ8pGjVI3rGvuGj
oGE7U9jyRVyFxLOv91jMhRSEzBeD7DHSVRHZ+8CHgSNfnRFo+mLT/4RxzB1zOmRw
ijRDf0jTesekQhOyxkI24Ji8Al7FwVFZ1vPAya9UNU3q/5CsxAgMsjmLc4DEAh6J
Rm5yenTjBcMWnIdLZtz8F4ApgSW8dH3k1MahiGxHLTYeWHPe2Pkcfy4wdSw9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:46 2023 by rpki-client on console-fra.rpki-client.org