Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/1kdaU11SA12s75k7CLc8KvHrjuA.roa
File: 1kdaU11SA12s75k7CLc8KvHrjuA.roa (raw, json)
Hash identifier: mD8a2+tx3SahFmGMC8oUDVQQEDa2mfUX63pUOnbGHxY=
Subject key identifier: D6:47:5A:53:5D:52:03:5D:AC:EF:99:3B:08:B7:3C:2A:F1:EB:8E:E0
Certificate issuer: /CN=682c842dfa2a1e714727bccb95f165347103f277
Certificate serial: 01856C9CAB62F319B9FC844D26DFD8C25423
Authority key identifier: 68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/1kdaU11SA12s75k7CLc8KvHrjuA.roa
Signing time: Sun 01 Jan 2023 09:14:44 +0000
ROA not before: Sun 01 Jan 2023 09:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11185
IP address blocks: 185.69.169.0/24 maxlen: 24
2a05:2241::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ab:62:f3:19:b9:fc:84:4d:26:df:d8:c2:54:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=682c842dfa2a1e714727bccb95f165347103f277
Validity
Not Before: Jan 1 09:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6475a535d52035dacef993b08b73c2af1eb8ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6a:63:32:0a:32:1b:12:d3:55:84:50:b5:1e:
62:87:72:4f:19:f2:e3:72:3a:d2:f0:17:17:4d:ef:
d0:fb:dc:78:49:43:a5:60:e2:49:2f:eb:58:c4:c3:
32:2f:a0:b5:b1:6c:ad:d6:4c:c0:b2:0f:db:ce:f4:
db:56:87:1d:37:38:80:da:dc:3d:94:bb:8a:f2:54:
da:15:26:02:90:45:eb:9a:17:03:1f:36:0c:08:e8:
65:d7:d4:d3:90:5d:56:b9:ce:29:bf:ff:72:f6:a5:
9c:94:e3:48:61:0f:5b:c8:c9:31:46:af:4c:1d:80:
dd:2d:b8:25:75:e4:97:89:5d:1c:64:05:0a:5f:43:
36:cd:17:b9:bc:f2:bd:cd:25:a1:1a:e7:51:e9:b6:
e9:80:74:ee:39:0e:4f:a6:0b:da:d2:93:83:f2:33:
20:dc:7e:33:17:a0:be:7a:db:ee:45:99:f7:1b:4f:
59:f9:e3:df:8e:15:8b:b5:0e:4f:7a:ed:a5:52:91:
1a:ec:35:ff:fa:6b:e4:b3:69:a8:09:5c:8a:a4:1b:
33:7b:ca:75:b7:43:e4:93:18:3e:8c:2d:a4:94:8a:
61:b1:58:df:1d:47:f3:61:fd:85:49:72:8a:7c:cc:
28:4b:0b:b1:2b:3a:3c:96:e1:a9:2d:d0:f7:b8:4c:
0a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:47:5A:53:5D:52:03:5D:AC:EF:99:3B:08:B7:3C:2A:F1:EB:8E:E0
X509v3 Authority Key Identifier:
keyid:68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/1kdaU11SA12s75k7CLc8KvHrjuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.169.0/24
IPv6:
2a05:2241::/32
Signature Algorithm: sha256WithRSAEncryption
92:11:85:a4:a8:cc:0d:f0:82:80:36:20:7d:82:17:fa:53:d8:
18:3f:bc:76:2d:3d:50:ae:62:f1:4c:f3:bf:10:4b:f5:aa:33:
3b:58:84:69:9a:7e:8c:de:7a:23:43:0b:2d:95:9e:d2:80:36:
b4:d2:c6:54:0d:be:a3:e8:e4:3b:1b:4b:fa:27:de:8d:a8:21:
a8:e6:3b:98:fd:07:e5:64:a6:50:dd:eb:4b:a8:3a:04:75:da:
68:e9:cf:9d:fc:04:cd:95:93:0d:41:07:b8:fb:75:6e:70:ad:
14:04:97:0b:fb:eb:bc:ad:e4:e3:46:39:47:72:0b:fe:08:01:
ce:a0:f4:b6:41:d9:19:60:ba:04:1c:37:8b:5e:ed:a1:dc:ca:
ea:7d:76:38:2c:17:07:02:2c:7b:75:0a:bb:32:89:5b:0b:d0:
aa:ea:cf:65:cc:bd:95:4c:15:9e:4a:40:67:a3:5e:61:96:bc:
1f:32:0e:ad:5e:bb:53:c1:a3:f6:14:1e:32:b7:f1:be:17:41:
a6:c6:49:b3:85:62:6c:88:e0:33:9c:15:dc:87:3a:22:e9:7d:
8b:a3:c0:e1:41:9f:10:22:c9:fa:39:af:b5:32:81:6f:29:6e:
7f:3c:20:7e:a4:7a:fc:c2:21:59:7d:52:28:8c:72:af:d8:67:
c5:59:f5:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsnKti8xm5/IRNJt/YwlQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MmM4NDJkZmEyYTFlNzE0NzI3YmNjYjk1ZjE2NTM0NzEw
M2YyNzcwHhcNMjMwMTAxMDkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ3NWE1MzVkNTIwMzVkYWNlZjk5M2IwOGI3M2MyYWYxZWI4ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWpjMgoyGxLTVYRQtR5ih3JPGfLj
cjrS8BcXTe/Q+9x4SUOlYOJJL+tYxMMyL6C1sWyt1kzAsg/bzvTbVocdNziA2tw9
lLuK8lTaFSYCkEXrmhcDHzYMCOhl19TTkF1Wuc4pv/9y9qWclONIYQ9byMkxRq9M
HYDdLbgldeSXiV0cZAUKX0M2zRe5vPK9zSWhGudR6bbpgHTuOQ5Ppgva0pOD8jMg
3H4zF6C+etvuRZn3G09Z+ePfjhWLtQ5Peu2lUpEa7DX/+mvks2moCVyKpBsze8p1
t0Pkkxg+jC2klIphsVjfHUfzYf2FSXKKfMwoSwuxKzo8luGpLdD3uEwKNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNZHWlNdUgNdrO+ZOwi3PCrx647gMB8GA1UdIwQY
MBaAFGgshC36Kh5xRye8y5XxZTRxA/J3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUN5RUxmb3FIbkZISjd6TGxmRmxOSEVEOG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wMDA0NjUtODNjYi00MWI0LThlNjAt
MDhkNjViMzg2MzlkLzEvMWtkYVUxMVNBMTJzNzVrN0NMYzhLdkhyanVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wMDA0NjUtODNjYi00MWI0LThlNjAtMDhkNjViMzg2Mzlk
LzEvYUN5RUxmb3FIbkZISjd6TGxmRmxOSEVEOG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUWpMA0E
AgACMAcDBQAqBSJBMA0GCSqGSIb3DQEBCwUAA4IBAQCSEYWkqMwN8IKANiB9ghf6
U9gYP7x2LT1QrmLxTPO/EEv1qjM7WIRpmn6M3nojQwstlZ7SgDa00sZUDb6j6OQ7
G0v6J96NqCGo5juY/QflZKZQ3etLqDoEddpo6c+d/ATNlZMNQQe4+3VucK0UBJcL
++u8reTjRjlHcgv+CAHOoPS2QdkZYLoEHDeLXu2h3MrqfXY4LBcHAix7dQq7Molb
C9Cq6s9lzL2VTBWeSkBno15hlrwfMg6tXrtTwaP2FB4yt/G+F0GmxkmzhWJsiOAz
nBXchzoi6X2Lo8DhQZ8QIsn6Oa+1MoFvKW5/PCB+pHr8wiFZfVIojHKv2GfFWfWU
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:25 2024 by rpki-client on console-fra.rpki-client.org