Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/n596owettwHwJsjWt3Ykwp1SsZM.roa
File: n596owettwHwJsjWt3Ykwp1SsZM.roa (raw, json)
Hash identifier: zIIueKaC9MNRqDuwjyhx/yeuqhsbkbWpxDkOhbGNRS4=
Subject key identifier: 9F:9F:7A:A3:07:AD:B7:01:F0:26:C8:D6:B7:76:24:C2:9D:52:B1:93
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 01856FF9441B2DA199660481911FE3E98816
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/n596owettwHwJsjWt3Ykwp1SsZM.roa
Signing time: Mon 02 Jan 2023 00:54:44 +0000
ROA not before: Mon 02 Jan 2023 00:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199775
IP address blocks: 185.95.108.0/22 maxlen: 24
185.6.152.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:44:1b:2d:a1:99:66:04:81:91:1f:e3:e9:88:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Jan 2 00:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f9f7aa307adb701f026c8d6b77624c29d52b193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:4a:52:eb:b8:96:79:d0:df:fb:a8:1e:93:
b7:d7:b9:4e:2c:11:84:c1:16:87:00:6f:34:53:0a:
ec:9d:98:07:60:f2:7a:fe:30:01:c5:b6:fb:27:2a:
4a:8d:4d:aa:40:9b:ce:fb:a2:42:39:43:f5:19:04:
89:d3:95:99:77:9d:93:17:3e:a9:ff:3c:2a:64:44:
c3:cf:9e:38:2e:7c:04:ab:01:ee:14:30:11:94:6b:
49:00:5e:31:a5:be:34:ac:85:f7:0f:6b:5c:64:4a:
7a:1d:c0:55:ba:f7:17:a6:0b:64:be:2d:75:08:12:
be:2f:59:0f:e9:fb:2d:cc:c7:e4:6e:30:e1:e4:b3:
83:a2:a0:32:98:47:57:8e:4c:bd:44:a2:f3:de:d0:
46:cd:7f:1c:c8:b4:1e:a0:87:c1:76:dd:ae:bc:ba:
53:b5:c3:1a:dc:bf:29:f8:f4:9d:fb:b3:c9:8b:ea:
f9:99:cd:91:ff:47:a0:a3:6b:02:12:36:04:17:52:
b3:26:75:cd:a1:49:8f:7c:47:f2:47:71:82:e9:1e:
70:9d:b3:10:d2:b8:41:76:fe:ef:2a:c4:89:bf:a1:
4e:82:c7:8a:e1:16:a0:e7:c2:28:4f:7c:4a:15:4a:
c9:64:d6:26:65:a2:a2:d6:e4:49:c4:0a:b8:0d:a0:
69:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:9F:7A:A3:07:AD:B7:01:F0:26:C8:D6:B7:76:24:C2:9D:52:B1:93
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/n596owettwHwJsjWt3Ykwp1SsZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.152.0/22
185.95.108.0/22
Signature Algorithm: sha256WithRSAEncryption
20:70:15:27:a6:61:fe:6a:b6:03:78:a6:f6:00:e8:4f:1e:01:
4c:61:3f:25:80:19:e1:95:c5:17:0f:5e:88:b5:2a:21:e5:fe:
01:7f:a1:d9:38:e8:f2:03:24:1b:5b:b6:49:3b:43:5b:83:34:
5c:13:04:df:6c:1e:19:a7:42:5a:51:c1:2a:aa:34:20:c1:54:
f7:7d:07:7e:60:14:09:28:c3:da:3b:07:f0:24:13:73:32:ff:
63:4d:46:98:27:1c:28:1e:fb:ac:be:9d:3e:69:f8:8f:18:9e:
bc:6d:98:63:4e:73:33:3e:5b:36:06:cb:4d:5a:dd:e1:2a:67:
ad:01:50:60:bc:86:51:da:78:05:91:e9:f2:bf:15:7b:77:e1:
f1:5b:b7:b2:1c:c3:63:5a:9c:40:11:17:de:56:6c:73:fe:7c:
97:b1:40:0d:00:f0:b2:ba:24:ef:16:58:c3:bf:02:93:03:6a:
c8:3c:00:21:44:1a:e8:d2:2d:0f:6d:68:06:27:fb:17:aa:89:
5f:d6:74:1d:41:f2:66:0a:e3:a1:51:4e:18:a2:d7:42:c6:9b:
6e:dd:bd:43:1f:cd:97:02:21:b0:47:56:a9:70:59:4c:a3:05:
a8:bf:39:61:41:7f:5e:47:00:5e:27:93:15:bf:c5:97:88:85:
cc:ba:d0:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv+UQbLaGZZgSBkR/j6YgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjMwMTAyMDA1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjlmN2FhMzA3YWRiNzAxZjAyNmM4ZDZiNzc2MjRjMjlkNTJiMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrJKUuu4lnnQ3/uoHpO317lOLBGE
wRaHAG80UwrsnZgHYPJ6/jABxbb7JypKjU2qQJvO+6JCOUP1GQSJ05WZd52TFz6p
/zwqZETDz544LnwEqwHuFDARlGtJAF4xpb40rIX3D2tcZEp6HcBVuvcXpgtkvi11
CBK+L1kP6fstzMfkbjDh5LODoqAymEdXjky9RKLz3tBGzX8cyLQeoIfBdt2uvLpT
tcMa3L8p+PSd+7PJi+r5mc2R/0ego2sCEjYEF1KzJnXNoUmPfEfyR3GC6R5wnbMQ
0rhBdv7vKsSJv6FOgseK4Rag58IoT3xKFUrJZNYmZaKi1uRJxAq4DaBpdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ+feqMHrbcB8CbI1rd2JMKdUrGTMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvbjU5Nm93ZXR0d0h3SnNqV3QzWWt3cDFTc1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQaYAwQC
uV9sMA0GCSqGSIb3DQEBCwUAA4IBAQAgcBUnpmH+arYDeKb2AOhPHgFMYT8lgBnh
lcUXD16ItSoh5f4Bf6HZOOjyAyQbW7ZJO0NbgzRcEwTfbB4Zp0JaUcEqqjQgwVT3
fQd+YBQJKMPaOwfwJBNzMv9jTUaYJxwoHvusvp0+afiPGJ68bZhjTnMzPls2BstN
Wt3hKmetAVBgvIZR2ngFkenyvxV7d+HxW7eyHMNjWpxAERfeVmxz/nyXsUANAPCy
uiTvFljDvwKTA2rIPAAhRBro0i0PbWgGJ/sXqolf1nQdQfJmCuOhUU4YotdCxptu
3b1DH82XAiGwR1apcFlMowWovzlhQX9eRwBeJ5MVv8WXiIXMutDc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:08 2023 by rpki-client on console-fra.rpki-client.org