Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/iy8QUsmCkSX0dB4uFrUqnPBGHWU.roa
File: iy8QUsmCkSX0dB4uFrUqnPBGHWU.roa (raw, json)
Hash identifier: 5YxcdgdfxyhHMtzkbmKxtIZwmw6TG72teJfINJa1uaI=
Subject key identifier: 8B:2F:10:52:C9:82:91:25:F4:74:1E:2E:16:B5:2A:9C:F0:46:1D:65
Certificate issuer: /CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Certificate serial: 018C870B4270B5E01E261874AFC50039B565
Authority key identifier: F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/iy8QUsmCkSX0dB4uFrUqnPBGHWU.roa
Signing time: Wed 20 Dec 2023 11:45:11 +0000
ROA not before: Wed 20 Dec 2023 11:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211467
IP address blocks: 185.98.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:0b:42:70:b5:e0:1e:26:18:74:af:c5:00:39:b5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Validity
Not Before: Dec 20 11:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b2f1052c9829125f4741e2e16b52a9cf0461d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:15:22:aa:99:d0:c5:7c:c2:e1:7a:f1:97:ea:
40:98:fa:b0:d9:fe:0b:35:52:57:4c:43:0a:0a:d3:
58:f4:13:bb:5b:41:99:30:51:56:ef:31:12:e8:86:
6e:23:eb:c5:55:38:5b:1a:e3:c8:c2:79:b7:a6:dd:
95:2d:89:4c:58:23:ad:3b:01:0d:ed:13:c4:78:5c:
56:50:f1:c0:a6:11:61:42:4f:72:43:28:67:e3:9c:
8a:64:22:bc:52:98:ea:e6:01:ac:55:7e:b2:6c:7b:
0a:9e:69:99:3d:77:7e:f7:18:df:1e:a2:ad:01:0c:
b8:cc:76:ce:82:62:04:20:c7:29:32:49:5f:59:a9:
1d:78:82:fb:bd:f5:44:26:d1:02:0a:c4:dd:69:51:
49:d8:14:44:b0:45:a4:37:93:15:13:5c:67:63:06:
62:ee:08:da:2a:b5:6f:32:1f:1b:7b:1a:d8:43:cc:
90:f3:ef:6c:f9:17:00:fa:dc:1b:cd:3b:ef:44:f5:
f8:b9:5d:a5:7c:23:08:c7:20:45:ca:85:0f:de:67:
81:0e:6d:71:5e:a7:be:e7:e4:39:f8:38:e0:8a:c2:
8f:3f:5f:7a:4c:ed:9c:c1:fd:2a:07:d6:c2:6a:ca:
a9:c3:1a:1c:20:74:c7:85:64:e0:70:92:c1:6e:20:
5f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2F:10:52:C9:82:91:25:F4:74:1E:2E:16:B5:2A:9C:F0:46:1D:65
X509v3 Authority Key Identifier:
keyid:F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/iy8QUsmCkSX0dB4uFrUqnPBGHWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.219.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:1e:b1:4f:63:93:a4:a3:08:a4:d9:87:9d:fa:e0:13:13:6c:
19:27:87:34:7b:87:0d:f5:37:2c:f2:1c:13:06:0c:d4:8e:e9:
28:61:a8:f3:b4:f2:2c:f1:df:22:14:e3:59:20:1e:b0:7d:cf:
5c:0b:f9:25:ca:8e:5d:61:c7:81:0c:83:69:fa:6e:57:a7:51:
01:49:ba:39:a7:b7:95:9a:71:11:68:9f:c7:34:d3:f8:74:ea:
ec:7c:39:69:04:dc:c2:7d:c1:da:65:b3:cc:b3:f1:6b:a8:60:
80:b6:3c:5c:da:e2:58:82:f6:91:45:70:6e:ec:0b:fa:85:74:
a8:dd:df:c3:b4:4f:09:c0:7e:32:99:54:0f:11:ac:ca:0a:0d:
a1:4e:91:a8:9d:64:ba:e0:d2:3e:21:92:1d:25:12:de:a2:6b:
6b:17:ed:f7:86:6c:b3:49:16:b8:d4:5d:0e:74:7a:39:8f:82:
61:78:09:b8:0d:31:49:3c:80:f0:fd:d0:05:07:f0:ee:45:30:
c8:5c:7f:57:5c:c6:9c:af:cf:8d:66:a4:1e:08:e9:eb:54:a2:
59:23:82:5c:83:52:75:55:18:85:f0:00:b1:3c:e2:0c:91:0f:
4c:0d:3b:c4:2a:32:6d:5f:5d:09:bc:16:cf:ab:fa:c5:8f:ed:
a7:c3:6e:46
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYyHC0JwteAeJhh0r8UAObVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Y2FhNzk3YjkwMGZjMzU1ZmMyNDEyNDY3NzUxZWViMmMx
YzY0YmUwHhcNMjMxMjIwMTE0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjJmMTA1MmM5ODI5MTI1ZjQ3NDFlMmUxNmI1MmE5Y2YwNDYxZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxUiqpnQxXzC4Xrxl+pAmPqw2f4L
NVJXTEMKCtNY9BO7W0GZMFFW7zES6IZuI+vFVThbGuPIwnm3pt2VLYlMWCOtOwEN
7RPEeFxWUPHAphFhQk9yQyhn45yKZCK8Upjq5gGsVX6ybHsKnmmZPXd+9xjfHqKt
AQy4zHbOgmIEIMcpMklfWakdeIL7vfVEJtECCsTdaVFJ2BREsEWkN5MVE1xnYwZi
7gjaKrVvMh8bexrYQ8yQ8+9s+RcA+twbzTvvRPX4uV2lfCMIxyBFyoUP3meBDm1x
Xqe+5+Q5+DjgisKPP196TO2cwf0qB9bCasqpwxocIHTHhWTgcJLBbiBfmQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIsvEFLJgpEl9HQeLha1KpzwRh1lMB8GA1UdIwQY
MBaAFPjKp5e5APw1X8JBJGd1HussHGS+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1NcW5sN2tBX0RWZndrRWtaM1VlNnl3Y1pMNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvMWI1NWNmLWJlOTQtNDlhZC05ZWI4
LTlkYjNkNDRjNmQyZi8xL2l5OFFVc21Da1NYMGRCNHVGclVxblBCR0hXVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDcvMWI1NWNmLWJlOTQtNDlhZC05ZWI4LTlkYjNkNDRjNmQy
Zi8xLzEtTXFubDdrQV9EVmZ3a0VrWjNVZTZ5d2NaTDQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5Ytsw
DQYJKoZIhvcNAQELBQADggEBAKIesU9jk6SjCKTZh5364BMTbBknhzR7hw31Nyzy
HBMGDNSO6ShhqPO08izx3yIU41kgHrB9z1wL+SXKjl1hx4EMg2n6blenUQFJujmn
t5WacRFon8c00/h06ux8OWkE3MJ9wdpls8yz8WuoYIC2PFza4liC9pFFcG7sC/qF
dKjd38O0TwnAfjKZVA8RrMoKDaFOkaidZLrg0j4hkh0lEt6ia2sX7feGbLNJFrjU
XQ50ejmPgmF4CbgNMUk8gPD90AUH8O5FMMhcf1dcxpyvz41mpB4I6etUolkjglyD
UnVVGIXwALE84gyRD0wNO8QqMm1fXQm8Fs+r+sWP7afDbkY=
-----END CERTIFICATE-----
Generated at Sun Dec 24 10:33:55 2023 by rpki-client on console-fra.rpki-client.org