Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/6j3d9D2AV-Y8CulOuFN3ZYFY9J4.roa
File: 6j3d9D2AV-Y8CulOuFN3ZYFY9J4.roa (raw, json)
Hash identifier: m0HKYuGU6qslJZvTYBd0D9rf35wJJrOrqroL9ltUH+E=
Subject key identifier: EA:3D:DD:F4:3D:80:57:E6:3C:0A:E9:4E:B8:53:77:65:81:58:F4:9E
Certificate issuer: /CN=258f5a8e295ad1d7b48a1e11958790052b57a253
Certificate serial: 01856F94B6830F31B7331457C7461BCACF7F
Authority key identifier: 25:8F:5A:8E:29:5A:D1:D7:B4:8A:1E:11:95:87:90:05:2B:57:A2:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/6j3d9D2AV-Y8CulOuFN3ZYFY9J4.roa
Signing time: Sun 01 Jan 2023 23:04:54 +0000
ROA not before: Sun 01 Jan 2023 23:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25117
IP address blocks: 185.228.228.0/22 maxlen: 24
2a03:7787:fffc::/47 maxlen: 47
2a03:7787:fffe::/47 maxlen: 47
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:b6:83:0f:31:b7:33:14:57:c7:46:1b:ca:cf:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f5a8e295ad1d7b48a1e11958790052b57a253
Validity
Not Before: Jan 1 23:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea3dddf43d8057e63c0ae94eb85377658158f49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:83:13:7c:61:c7:7f:ee:86:6b:09:23:eb:e3:
dd:66:18:eb:6b:68:e5:6e:cf:fa:24:94:dc:2d:d6:
e6:d0:32:13:cb:0c:2c:52:63:9d:bd:2b:53:c9:4d:
00:93:5c:be:cf:05:e4:7a:b1:a0:f5:c5:c7:08:36:
89:46:6e:10:8d:76:85:1e:81:1b:22:fe:f0:ba:dd:
1c:7b:fd:bd:ac:24:36:bc:76:24:6a:43:a6:38:d0:
7b:3e:75:9b:2f:85:b2:c6:4b:1b:60:32:f4:15:97:
e3:54:19:e4:9b:ee:30:34:5e:90:fe:67:f1:43:24:
bb:57:da:7c:db:af:69:28:be:18:5d:a1:81:73:8a:
4d:25:00:e6:4f:b1:6c:03:7a:66:fd:5a:6f:86:28:
35:0c:e9:3a:a1:da:97:be:94:69:89:7a:0e:4c:2e:
61:c5:c8:cb:20:e0:70:44:4f:4a:f9:7d:81:c1:b3:
f3:7d:9e:91:6e:f9:ee:fb:e5:56:de:d4:15:fe:29:
12:5f:94:9e:1b:25:a6:8b:45:4b:d6:9f:25:20:7c:
25:b1:d8:e5:8b:c3:b4:ee:ba:07:d5:10:b6:34:5c:
2a:75:1f:91:24:06:1c:5d:6b:18:b3:3e:9e:b1:3d:
5a:11:e6:83:bc:ed:c3:4e:05:e0:0e:01:2b:35:83:
fc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3D:DD:F4:3D:80:57:E6:3C:0A:E9:4E:B8:53:77:65:81:58:F4:9E
X509v3 Authority Key Identifier:
keyid:25:8F:5A:8E:29:5A:D1:D7:B4:8A:1E:11:95:87:90:05:2B:57:A2:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/6j3d9D2AV-Y8CulOuFN3ZYFY9J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/JY9ajila0de0ih4RlYeQBStXolM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.228.0/22
IPv6:
2a03:7787:fffc::/46
Signature Algorithm: sha256WithRSAEncryption
53:70:8c:e5:b8:fe:9c:fe:61:fd:9c:f7:cd:e6:f6:aa:fd:f5:
fa:24:58:0d:59:5f:c1:c3:8a:41:67:ef:8f:59:86:e9:7b:2f:
cf:ae:51:24:05:b9:6f:bb:37:86:d4:a8:62:b8:bb:34:eb:e6:
3d:d5:b6:af:62:ed:0b:8e:25:5d:2c:1a:8a:b2:93:57:4e:fe:
fa:11:19:8f:df:09:da:2b:1e:cb:d4:42:ad:ad:d6:95:d1:8c:
c4:24:38:da:e3:d5:93:84:2a:6e:6b:53:66:b8:d3:59:c4:82:
b7:1f:e4:a4:14:95:86:be:43:2b:d1:99:a6:34:4c:a3:9f:6e:
fd:57:df:43:ec:69:d4:88:51:0c:ee:54:f5:28:ab:c0:f9:87:
57:c6:43:0c:59:80:65:70:a2:88:be:73:da:92:59:ae:c8:de:
7c:22:00:1e:cd:82:c6:c3:8a:a8:1d:1e:27:78:9e:c8:a8:a7:
7c:53:95:2b:fe:2d:ff:be:b6:45:76:5f:1a:ac:88:61:33:5d:
c6:b8:d6:60:93:f1:e8:4d:7d:ac:00:85:30:b0:de:a9:ca:5d:
46:af:59:c6:bb:07:bb:f7:f5:41:0f:37:61:83:f6:00:04:77:
f6:7f:e5:0d:ae:23:29:2f:33:09:5b:a2:28:8d:ba:8e:88:87:
41:0e:9f:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvlLaDDzG3MxRXx0Ybys9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGY1YThlMjk1YWQxZDdiNDhhMWUxMTk1ODc5MDA1MmI1
N2EyNTMwHhcNMjMwMTAxMjMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTNkZGRmNDNkODA1N2U2M2MwYWU5NGViODUzNzc2NTgxNThmNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIMTfGHHf+6Gawkj6+PdZhjra2jl
bs/6JJTcLdbm0DITywwsUmOdvStTyU0Ak1y+zwXkerGg9cXHCDaJRm4QjXaFHoEb
Iv7wut0ce/29rCQ2vHYkakOmONB7PnWbL4WyxksbYDL0FZfjVBnkm+4wNF6Q/mfx
QyS7V9p8269pKL4YXaGBc4pNJQDmT7FsA3pm/Vpvhig1DOk6odqXvpRpiXoOTC5h
xcjLIOBwRE9K+X2BwbPzfZ6Rbvnu++VW3tQV/ikSX5SeGyWmi0VL1p8lIHwlsdjl
i8O07roH1RC2NFwqdR+RJAYcXWsYsz6esT1aEeaDvO3DTgXgDgErNYP8iQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOo93fQ9gFfmPArpTrhTd2WBWPSeMB8GA1UdIwQY
MBaAFCWPWo4pWtHXtIoeEZWHkAUrV6JTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk5YWppbGEwZGUwaWg0UmxZZVFCU3RYb2xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zNzE5ZjMtMjJlMS00MzQ0LTlhMzkt
NDU4YTI3MzYxNTdhLzEvNmozZDlEMkFWLVk4Q3VsT3VGTjNaWUZZOUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zNzE5ZjMtMjJlMS00MzQ0LTlhMzktNDU4YTI3MzYxNTdh
LzEvSlk5YWppbGEwZGUwaWg0UmxZZVFCU3RYb2xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCueTkMA8E
AgACMAkDBwIqA3eH//wwDQYJKoZIhvcNAQELBQADggEBAFNwjOW4/pz+Yf2c983m
9qr99fokWA1ZX8HDikFn749Zhul7L8+uUSQFuW+7N4bUqGK4uzTr5j3Vtq9i7QuO
JV0sGoqyk1dO/voRGY/fCdorHsvUQq2t1pXRjMQkONrj1ZOEKm5rU2a401nEgrcf
5KQUlYa+QyvRmaY0TKOfbv1X30PsadSIUQzuVPUoq8D5h1fGQwxZgGVwooi+c9qS
Wa7I3nwiAB7NgsbDiqgdHid4nsiop3xTlSv+Lf++tkV2XxqsiGEzXca41mCT8ehN
fawAhTCw3qnKXUavWca7B7v39UEPN2GD9gAEd/Z/5Q2uIykvMwlboiiNuo6Ih0EO
n34=
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:11 2024 by rpki-client on console-fra.rpki-client.org