Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/z9Oc1PW4SjimNeD_VTUAuXy-krE.roa
File: z9Oc1PW4SjimNeD_VTUAuXy-krE.roa (raw, json)
Hash identifier: 7+CbFE3yVHcC3x7z20K3LNqLRhGA5Nm/JieiYKIOq8o=
Subject key identifier: CF:D3:9C:D4:F5:B8:4A:38:A6:35:E0:FF:55:35:00:B9:7C:BE:92:B1
Certificate issuer: /CN=935c42857e302feb14017301e43c39fe45e7f629
Certificate serial: 01856CC1741A13DD195248ECCE30AF78202C
Authority key identifier: 93:5C:42:85:7E:30:2F:EB:14:01:73:01:E4:3C:39:FE:45:E7:F6:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/z9Oc1PW4SjimNeD_VTUAuXy-krE.roa
Signing time: Sun 01 Jan 2023 09:54:55 +0000
ROA not before: Sun 01 Jan 2023 09:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34766
IP address blocks: 185.214.24.0/22 maxlen: 22
2a0b:9440::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:74:1a:13:dd:19:52:48:ec:ce:30:af:78:20:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=935c42857e302feb14017301e43c39fe45e7f629
Validity
Not Before: Jan 1 09:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfd39cd4f5b84a38a635e0ff553500b97cbe92b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:35:cc:24:9f:4a:cb:6a:e8:50:18:18:3a:2e:
21:41:69:b8:53:49:e8:ef:c6:a6:4e:2f:b5:52:7d:
d6:8f:59:69:43:aa:02:ab:40:9a:df:90:ca:9f:9d:
98:60:e9:cd:3d:4a:42:e3:0f:4e:75:b5:05:b3:56:
ac:f1:6d:af:d7:dd:33:88:b2:b0:d0:9b:31:09:2e:
75:09:b3:e5:2c:a7:ca:fb:2d:f5:b2:1e:6b:b1:0f:
b8:e4:97:0d:93:5d:a7:da:63:e4:74:88:d6:db:59:
78:74:ee:e4:f4:55:01:ea:8c:46:41:66:19:98:22:
bf:22:a1:72:35:c7:2a:8a:53:db:39:b0:cd:7e:dd:
7d:11:5e:28:a7:9e:4b:85:f8:29:85:a1:24:3a:c6:
46:61:43:d8:29:8b:84:eb:1d:36:d0:45:85:fc:7d:
fe:db:b5:5a:28:93:70:ff:1b:ff:df:ae:41:8a:ff:
65:d4:5b:2c:61:90:33:1f:a2:70:c1:55:9c:98:9b:
77:21:3c:ed:31:ed:43:56:04:15:f8:5a:1e:38:a1:
a8:cd:a4:f7:eb:4b:79:c9:54:e6:07:44:e1:df:71:
6a:18:f7:65:9b:37:82:ae:46:62:c9:86:37:53:23:
73:ae:51:ab:c6:e7:ec:b1:19:c9:7a:09:6c:cb:35:
e2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D3:9C:D4:F5:B8:4A:38:A6:35:E0:FF:55:35:00:B9:7C:BE:92:B1
X509v3 Authority Key Identifier:
keyid:93:5C:42:85:7E:30:2F:EB:14:01:73:01:E4:3C:39:FE:45:E7:F6:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/z9Oc1PW4SjimNeD_VTUAuXy-krE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/k1xChX4wL-sUAXMB5Dw5_kXn9ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.24.0/22
IPv6:
2a0b:9440::/29
Signature Algorithm: sha256WithRSAEncryption
cb:0d:8c:ce:fa:d0:70:63:76:be:90:2c:48:cc:cd:d5:02:2b:
c4:66:f9:6f:8d:87:9f:70:d7:cb:d6:f0:4c:c3:58:ec:9a:bd:
c3:47:a9:9c:b9:32:5c:09:89:78:c1:61:ce:7c:71:43:e2:42:
e9:57:71:3d:fe:3f:f2:6b:ac:8e:86:38:80:00:0c:d2:a9:17:
14:01:e6:56:17:a5:91:e7:2f:6b:5e:ef:93:9a:28:60:9d:cf:
72:70:b0:6e:af:c2:f5:ec:50:b0:d2:d3:4e:f0:44:40:87:d1:
aa:e3:8c:22:d7:c1:ae:7c:be:41:e6:44:f2:62:80:4d:1e:aa:
13:cf:9d:59:2b:ed:e4:dd:1c:ce:fd:1b:39:a5:db:86:0a:de:
ad:9e:1b:85:b3:8d:bd:02:3c:23:3a:f0:eb:83:02:b6:e4:9c:
d7:09:34:23:b9:5e:b7:f7:cd:39:15:76:11:c4:5d:80:73:ea:
a0:44:58:df:52:6b:17:50:82:8c:3c:2d:88:95:06:93:63:7f:
51:40:76:64:1b:37:db:9a:8e:99:ed:9e:d5:28:0a:34:d5:cf:
24:6c:4b:54:19:67:0e:c4:90:1c:13:54:12:02:5e:da:eb:18:
3a:d0:86:c9:e9:30:35:3c:0f:30:0f:47:53:88:44:cb:93:2b:
f4:70:19:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswXQaE90ZUkjszjCveCAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNWM0Mjg1N2UzMDJmZWIxNDAxNzMwMWU0M2MzOWZlNDVl
N2Y2MjkwHhcNMjMwMTAxMDk1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQzOWNkNGY1Yjg0YTM4YTYzNWUwZmY1NTM1MDBiOTdjYmU5MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljXMJJ9Ky2roUBgYOi4hQWm4U0no
78amTi+1Un3Wj1lpQ6oCq0Ca35DKn52YYOnNPUpC4w9OdbUFs1as8W2v190ziLKw
0JsxCS51CbPlLKfK+y31sh5rsQ+45JcNk12n2mPkdIjW21l4dO7k9FUB6oxGQWYZ
mCK/IqFyNccqilPbObDNft19EV4op55LhfgphaEkOsZGYUPYKYuE6x020EWF/H3+
27VaKJNw/xv/365Biv9l1FssYZAzH6JwwVWcmJt3ITztMe1DVgQV+FoeOKGozaT3
60t5yVTmB0Th33FqGPdlmzeCrkZiyYY3UyNzrlGrxufssRnJeglsyzXiqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM/TnNT1uEo4pjXg/1U1ALl8vpKxMB8GA1UdIwQY
MBaAFJNcQoV+MC/rFAFzAeQ8Of5F5/YpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazF4Q2hYNHdMLXNVQVhNQjVEdzVfa1huOWlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81NWU1MjktYjgzOS00NDRmLTg3MmQt
MWJmZDEwYTg4NDVhLzEvejlPYzFQVzRTamltTmVEX1ZUVUF1WHkta3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81NWU1MjktYjgzOS00NDRmLTg3MmQtMWJmZDEwYTg4NDVh
LzEvazF4Q2hYNHdMLXNVQVhNQjVEdzVfa1huOWlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudYYMA0E
AgACMAcDBQMqC5RAMA0GCSqGSIb3DQEBCwUAA4IBAQDLDYzO+tBwY3a+kCxIzM3V
AivEZvlvjYefcNfL1vBMw1jsmr3DR6mcuTJcCYl4wWHOfHFD4kLpV3E9/j/ya6yO
hjiAAAzSqRcUAeZWF6WR5y9rXu+Tmihgnc9ycLBur8L17FCw0tNO8ERAh9Gq44wi
18GufL5B5kTyYoBNHqoTz51ZK+3k3RzO/Rs5pduGCt6tnhuFs429AjwjOvDrgwK2
5JzXCTQjuV639805FXYRxF2Ac+qgRFjfUmsXUIKMPC2IlQaTY39RQHZkGzfbmo6Z
7Z7VKAo01c8kbEtUGWcOxJAcE1QSAl7a6xg60IbJ6TA1PA8wD0dTiETLkyv0cBmf
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:21 2024 by rpki-client on console-fra.rpki-client.org