Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/X_AXFvRaZ1VAhDus8atR89mAVuI.roa
File: X_AXFvRaZ1VAhDus8atR89mAVuI.roa (raw, json)
Hash identifier: uUxkKjJhj3A8cun2nNFalwhkeeuXRdubOp+1zHaO3d4=
Subject key identifier: 5F:F0:17:16:F4:5A:67:55:40:84:3B:AC:F1:AB:51:F3:D9:80:56:E2
Certificate issuer: /CN=4bd444c864e9e85d35376e0f68281799f6281f14
Certificate serial: 01856F8B79101CA82BB6FE7E23FA8FEC1EEE
Authority key identifier: 4B:D4:44:C8:64:E9:E8:5D:35:37:6E:0F:68:28:17:99:F6:28:1F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S9REyGTp6F01N24PaCgXmfYoHxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/X_AXFvRaZ1VAhDus8atR89mAVuI.roa
Signing time: Sun 01 Jan 2023 22:54:49 +0000
ROA not before: Sun 01 Jan 2023 22:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49788
IP address blocks: 185.13.92.0/22 maxlen: 22
2a02:f480::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:79:10:1c:a8:2b:b6:fe:7e:23:fa:8f:ec:1e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bd444c864e9e85d35376e0f68281799f6281f14
Validity
Not Before: Jan 1 22:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ff01716f45a675540843bacf1ab51f3d98056e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5b:12:88:1f:09:34:1a:82:9a:bb:1a:8c:45:
d9:be:f9:ec:5f:e3:f6:9c:25:e9:cc:5e:2e:29:92:
9f:48:b0:47:13:a5:13:6c:3f:36:b4:42:27:22:24:
dc:c8:f5:a3:1b:3b:6d:6c:a4:83:b3:b7:31:ee:06:
81:a5:75:72:06:5e:20:15:de:11:3e:a9:bd:6c:5b:
78:f9:e6:ff:a2:67:40:35:2e:18:5a:46:aa:c1:b9:
f2:e4:75:6d:87:c3:12:5c:d8:4a:92:95:f0:17:08:
af:33:47:7c:76:e9:c3:21:f8:23:9e:df:cb:17:48:
cc:e4:9f:9a:b3:f3:70:25:df:70:ad:86:5f:5a:5d:
85:05:a3:75:64:dd:9c:13:35:40:7b:bc:45:54:3a:
49:2b:d4:93:02:05:ff:be:7b:0a:8d:36:86:d9:38:
62:26:1a:78:81:a9:19:f5:1a:2e:6f:67:38:33:57:
73:55:ee:be:0d:a2:32:2a:c0:76:4d:c2:1b:5b:20:
4d:ec:b6:70:0f:73:57:ca:b8:f5:61:74:06:0f:ea:
39:62:b7:6c:60:7b:b9:38:fa:ad:27:b7:a7:28:c1:
9e:a7:ac:fc:19:7e:90:53:8b:8f:da:2a:a3:c0:e9:
71:99:24:45:78:1c:22:07:b5:e3:e7:23:62:52:9e:
55:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F0:17:16:F4:5A:67:55:40:84:3B:AC:F1:AB:51:F3:D9:80:56:E2
X509v3 Authority Key Identifier:
keyid:4B:D4:44:C8:64:E9:E8:5D:35:37:6E:0F:68:28:17:99:F6:28:1F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S9REyGTp6F01N24PaCgXmfYoHxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/X_AXFvRaZ1VAhDus8atR89mAVuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/S9REyGTp6F01N24PaCgXmfYoHxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.92.0/22
IPv6:
2a02:f480::/29
Signature Algorithm: sha256WithRSAEncryption
76:e5:78:46:d9:4f:91:50:62:99:09:c3:74:73:f9:b3:d9:60:
dd:0f:fa:da:e4:f5:64:31:8c:45:50:8a:a7:0c:2c:c8:db:8d:
d6:79:6e:b8:a8:da:e7:f2:b2:38:07:7c:8d:e2:95:65:af:1d:
d7:62:08:af:a5:1e:8f:4f:17:b3:4f:2a:c7:f4:19:f2:ea:e4:
24:ce:58:77:46:48:d3:fb:d0:4e:c2:10:f0:c9:a7:d5:6b:90:
97:58:af:33:2a:a3:4c:98:b2:84:b8:e5:36:4f:ee:30:c2:3c:
cd:d1:15:a4:cd:d4:8e:44:89:b0:1c:75:46:50:a2:ef:fa:9c:
e9:ed:9b:9e:6a:70:69:d7:e3:04:aa:b4:ff:62:6d:d1:19:b3:
ed:9f:af:6b:75:c2:7f:3a:b2:0c:79:31:9b:bb:f0:e8:49:52:
00:a2:72:57:9e:72:bd:da:00:d1:76:f9:9b:61:bb:c6:d0:57:
44:ee:11:18:04:44:06:47:c7:c5:12:c9:61:18:ee:1c:32:e1:
69:a5:f1:b0:42:83:74:fe:5d:0d:1e:c7:39:bc:ce:d2:3a:eb:
af:d0:08:65:59:d0:57:df:33:7a:17:6e:42:85:dc:b2:10:c1:
00:4a:6d:a7:54:ad:3f:59:b9:94:57:aa:f7:7c:86:be:fe:08:
ec:3d:de:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvi3kQHKgrtv5+I/qP7B7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZDQ0NGM4NjRlOWU4NWQzNTM3NmUwZjY4MjgxNzk5ZjYy
ODFmMTQwHhcNMjMwMTAxMjI1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmYwMTcxNmY0NWE2NzU1NDA4NDNiYWNmMWFiNTFmM2Q5ODA1NmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1sSiB8JNBqCmrsajEXZvvnsX+P2
nCXpzF4uKZKfSLBHE6UTbD82tEInIiTcyPWjGzttbKSDs7cx7gaBpXVyBl4gFd4R
Pqm9bFt4+eb/omdANS4YWkaqwbny5HVth8MSXNhKkpXwFwivM0d8dunDIfgjnt/L
F0jM5J+as/NwJd9wrYZfWl2FBaN1ZN2cEzVAe7xFVDpJK9STAgX/vnsKjTaG2Thi
Jhp4gakZ9Roub2c4M1dzVe6+DaIyKsB2TcIbWyBN7LZwD3NXyrj1YXQGD+o5Yrds
YHu5OPqtJ7enKMGep6z8GX6QU4uP2iqjwOlxmSRFeBwiB7Xj5yNiUp5V3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF/wFxb0WmdVQIQ7rPGrUfPZgFbiMB8GA1UdIwQY
MBaAFEvURMhk6ehdNTduD2goF5n2KB8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzlSRXlHVHA2RjAxTjI0UGFDZ1htZllvSHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80YTBjZGMtZTdmZS00NTBlLTk3ZWMt
MjkwOTVhZDFjY2VkLzEvWF9BWEZ2UmFaMVZBaER1czhhdFI4OW1BVnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80YTBjZGMtZTdmZS00NTBlLTk3ZWMtMjkwOTVhZDFjY2Vk
LzEvUzlSRXlHVHA2RjAxTjI0UGFDZ1htZllvSHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ1cMA0E
AgACMAcDBQMqAvSAMA0GCSqGSIb3DQEBCwUAA4IBAQB25XhG2U+RUGKZCcN0c/mz
2WDdD/ra5PVkMYxFUIqnDCzI243WeW64qNrn8rI4B3yN4pVlrx3XYgivpR6PTxez
TyrH9Bny6uQkzlh3RkjT+9BOwhDwyafVa5CXWK8zKqNMmLKEuOU2T+4wwjzN0RWk
zdSORImwHHVGUKLv+pzp7ZueanBp1+MEqrT/Ym3RGbPtn69rdcJ/OrIMeTGbu/Do
SVIAonJXnnK92gDRdvmbYbvG0FdE7hEYBEQGR8fFEslhGO4cMuFppfGwQoN0/l0N
Hsc5vM7SOuuv0AhlWdBX3zN6F25ChdyyEMEASm2nVK0/WbmUV6r3fIa+/gjsPd76
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:52 2024 by rpki-client on console-ams.rpki-client.org