Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/sE6gvsTixQdR6OzHWAiJQDHrozM.roa
File: sE6gvsTixQdR6OzHWAiJQDHrozM.roa (raw, json)
Hash identifier: 3Pzea6oe1G+hZhHAIhWB5ko0H4LCxO4X7o6rBme6hm0=
Subject key identifier: B0:4E:A0:BE:C4:E2:C5:07:51:E8:EC:C7:58:08:89:40:31:EB:A3:33
Certificate issuer: /CN=aac223fb1942115e48a9754207292d00a082ecdf
Certificate serial: 018CE1EB5FBA3A8C4BF035A96A31A7BAF041
Authority key identifier: AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/sE6gvsTixQdR6OzHWAiJQDHrozM.roa
Signing time: Sun 07 Jan 2024 03:15:48 +0000
ROA not before: Sun 07 Jan 2024 03:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202685
IP address blocks: 185.17.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 07 Jan 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e1:eb:5f:ba:3a:8c:4b:f0:35:a9:6a:31:a7:ba:f0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aac223fb1942115e48a9754207292d00a082ecdf
Validity
Not Before: Jan 7 03:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b04ea0bec4e2c50751e8ecc75808894031eba333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:db:b1:91:37:37:f6:57:77:57:27:4b:a3:69:
78:40:b7:17:f0:41:52:78:69:58:99:18:6a:ad:a7:
dc:21:29:19:bb:97:36:13:9a:ba:8a:a3:ac:5f:fe:
86:98:8c:75:f7:8e:51:f3:79:61:e3:42:10:e7:64:
1d:c9:bd:a1:e6:2a:50:39:79:10:9d:4f:50:b0:9d:
6e:8f:fe:cf:67:21:b2:85:80:ab:98:10:0d:59:a0:
27:c2:21:d5:29:3a:59:1d:dc:bc:3f:5c:73:ff:0a:
29:ca:f6:49:e1:fe:d1:21:6c:a6:8b:c6:b3:29:7f:
fc:d9:2f:e3:64:22:58:44:c6:dd:dd:96:a5:df:8f:
08:0d:9f:29:e8:35:52:1b:7d:1d:14:a6:64:9b:3a:
8d:f8:96:e6:f5:40:2f:87:f5:ac:ca:08:f1:88:1e:
03:d1:c3:73:ab:50:51:33:cc:e9:34:e3:4b:a5:58:
24:56:e9:f0:f9:c1:6e:ff:3f:ba:fb:45:c2:c8:ee:
bc:05:6b:f2:21:8c:f0:23:33:20:f5:02:81:9f:aa:
7c:99:8f:30:b5:22:cf:6b:4d:10:60:90:2d:75:e6:
70:01:00:4c:06:9d:bd:c0:04:9f:ef:05:9f:67:17:
f0:a6:ef:ff:93:25:c1:dc:32:85:ef:12:fd:db:62:
69:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:4E:A0:BE:C4:E2:C5:07:51:E8:EC:C7:58:08:89:40:31:EB:A3:33
X509v3 Authority Key Identifier:
keyid:AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/sE6gvsTixQdR6OzHWAiJQDHrozM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.20.0/22
Signature Algorithm: sha256WithRSAEncryption
07:69:78:ef:2a:6a:d1:10:35:8b:ab:18:0a:58:55:21:e5:ca:
3f:3c:57:a0:a0:51:fb:29:63:a4:83:fb:86:e9:af:4d:78:78:
04:75:2b:20:08:bf:c7:50:f0:8d:a5:87:68:60:40:e1:6d:af:
8d:ee:73:76:3f:21:67:ea:1e:bd:80:36:15:df:5b:3e:3c:25:
ff:99:90:d0:52:0d:9a:74:f5:2c:09:06:fb:8a:c0:dc:ac:e0:
b2:80:49:ee:36:aa:95:c0:f3:9e:08:b2:fb:44:b0:32:c0:c8:
66:4b:d1:7f:93:50:41:9b:67:5d:92:b9:dc:8b:5e:d1:ae:71:
d0:b4:b0:6f:5d:1b:ff:bc:ff:b0:b1:44:c3:cd:55:6d:2b:9f:
8c:1a:e4:40:c2:91:88:aa:d7:51:d1:51:8a:05:c0:aa:a1:2b:
f9:af:8d:b5:ca:e0:c7:00:04:ef:69:4b:04:b7:45:1c:a3:5a:
3d:82:80:d0:3d:50:39:fb:39:0f:b1:c3:74:8a:51:23:56:5a:
13:67:e3:8a:8a:43:d1:35:7b:6e:ec:68:df:2c:14:6a:00:00:
92:9f:d7:cc:1a:28:24:29:6d:51:ff:b8:36:8a:b2:ea:1a:80:
23:e2:64:ab:e9:2d:83:8c:f5:1a:7c:7e:29:d3:39:35:a0:45:
4c:b5:e1:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzh61+6OoxL8DWpajGnuvBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYzIyM2ZiMTk0MjExNWU0OGE5NzU0MjA3MjkyZDAwYTA4
MmVjZGYwHhcNMjQwMTA3MDMxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDRlYTBiZWM0ZTJjNTA3NTFlOGVjYzc1ODA4ODk0MDMxZWJhMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9uxkTc39ld3VydLo2l4QLcX8EFS
eGlYmRhqrafcISkZu5c2E5q6iqOsX/6GmIx1945R83lh40IQ52Qdyb2h5ipQOXkQ
nU9QsJ1uj/7PZyGyhYCrmBANWaAnwiHVKTpZHdy8P1xz/wopyvZJ4f7RIWymi8az
KX/82S/jZCJYRMbd3Zal348IDZ8p6DVSG30dFKZkmzqN+Jbm9UAvh/WsygjxiB4D
0cNzq1BRM8zpNONLpVgkVunw+cFu/z+6+0XCyO68BWvyIYzwIzMg9QKBn6p8mY8w
tSLPa00QYJAtdeZwAQBMBp29wASf7wWfZxfwpu//kyXB3DKF7xL922JpFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBOoL7E4sUHUejsx1gIiUAx66MzMB8GA1UdIwQY
MBaAFKrCI/sZQhFeSKl1QgcpLQCgguzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEt
MWRhYTk1MWM3MWI3LzEvc0U2Z3ZzVGl4UWRSNk96SFdBaUpRREhyb3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEtMWRhYTk1MWM3MWI3
LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuREUMA0G
CSqGSIb3DQEBCwUAA4IBAQAHaXjvKmrREDWLqxgKWFUh5co/PFegoFH7KWOkg/uG
6a9NeHgEdSsgCL/HUPCNpYdoYEDhba+N7nN2PyFn6h69gDYV31s+PCX/mZDQUg2a
dPUsCQb7isDcrOCygEnuNqqVwPOeCLL7RLAywMhmS9F/k1BBm2ddkrnci17RrnHQ
tLBvXRv/vP+wsUTDzVVtK5+MGuRAwpGIqtdR0VGKBcCqoSv5r421yuDHAATvaUsE
t0Uco1o9goDQPVA5+zkPscN0ilEjVloTZ+OKikPRNXtu7GjfLBRqAACSn9fMGigk
KW1R/7g2irLqGoAj4mSr6S2DjPUafH4p0zk1oEVMteHB
-----END CERTIFICATE-----
Generated at Sun Jan 7 15:53:36 2024 by rpki-client on console-ams.rpki-client.org