Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/k45qMx-FgZOFL8SS3oc00hjU88w.roa
File: k45qMx-FgZOFL8SS3oc00hjU88w.roa (raw, json)
Hash identifier: Ikw63tUNHmVjMKnz6eI9VSXH9n8iHkIstKJT61PPYmg=
Subject key identifier: 93:8E:6A:33:1F:85:81:93:85:2F:C4:92:DE:87:34:D2:18:D4:F3:CC
Certificate issuer: /CN=1b2646828a9ea7bf8d40b4f9f0ba44ccdcb2cedd
Certificate serial: 01856D81850520147745E2D7422EE34A2834
Authority key identifier: 1B:26:46:82:8A:9E:A7:BF:8D:40:B4:F9:F0:BA:44:CC:DC:B2:CE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GyZGgoqep7-NQLT58LpEzNyyzt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/k45qMx-FgZOFL8SS3oc00hjU88w.roa
Signing time: Sun 01 Jan 2023 13:24:42 +0000
ROA not before: Sun 01 Jan 2023 13:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212889
IP address blocks: 185.238.70.0/24 maxlen: 24
185.238.71.0/24 maxlen: 24
185.238.69.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:85:05:20:14:77:45:e2:d7:42:2e:e3:4a:28:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2646828a9ea7bf8d40b4f9f0ba44ccdcb2cedd
Validity
Not Before: Jan 1 13:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=938e6a331f858193852fc492de8734d218d4f3cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:49:15:5b:82:38:aa:f4:9a:bc:e0:2a:1d:41:
a1:14:03:e5:b9:9a:0a:f7:85:80:fc:7a:3b:c0:85:
dd:e5:19:f7:75:0e:a9:3d:9e:80:73:da:16:9e:19:
5e:d7:95:6a:25:7d:fe:a8:c2:01:b3:0b:98:1e:33:
e9:da:67:9c:83:5e:98:af:c4:1c:04:ba:fc:4c:42:
c6:b9:54:18:8d:1c:21:4d:2d:d9:47:54:43:a6:7a:
ae:30:4f:f9:e0:51:4f:3a:d4:c6:54:fc:f0:f4:49:
a0:ac:90:d1:33:57:2b:40:c2:2a:d8:2d:2c:bc:98:
c1:64:de:10:64:5b:ce:ec:73:75:5f:90:a4:20:9d:
6d:68:99:5c:c6:73:f0:83:7d:48:45:e1:8d:2e:ed:
1a:d1:0a:cc:11:2b:e2:fe:16:a8:7a:65:f7:4b:28:
9a:d4:53:ed:a6:7f:ff:5e:87:58:ec:0b:fe:90:74:
09:d1:d1:84:60:db:2d:57:39:c8:a2:75:39:c7:a3:
72:a6:c0:b3:54:31:35:58:31:96:bd:bc:5c:ed:a6:
e9:b5:8e:c7:1e:04:06:f8:db:e9:2d:37:11:c9:5b:
ac:98:5c:73:9c:ba:5c:f7:91:f5:22:ae:61:f4:41:
d3:6e:48:96:33:e5:79:52:86:1c:13:2a:65:63:59:
3b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8E:6A:33:1F:85:81:93:85:2F:C4:92:DE:87:34:D2:18:D4:F3:CC
X509v3 Authority Key Identifier:
keyid:1B:26:46:82:8A:9E:A7:BF:8D:40:B4:F9:F0:BA:44:CC:DC:B2:CE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyZGgoqep7-NQLT58LpEzNyyzt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/k45qMx-FgZOFL8SS3oc00hjU88w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/GyZGgoqep7-NQLT58LpEzNyyzt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.69.0-185.238.71.255
Signature Algorithm: sha256WithRSAEncryption
58:06:f7:a4:46:bf:7f:c0:b5:53:18:0d:75:c9:da:58:f5:d3:
d4:81:dd:32:a9:74:b3:32:9d:08:49:0c:03:c2:ca:ef:56:8b:
0e:c2:4b:88:3e:a5:a6:4e:13:e9:d5:11:0b:02:66:4c:ad:f2:
2b:cd:0d:14:27:6d:98:4e:a1:fa:ed:12:22:b7:ee:f5:39:51:
a1:cf:08:c2:de:9d:2e:dc:7a:30:e1:ff:84:15:5b:64:d2:ab:
f0:20:93:b3:fa:5c:2f:3d:56:8a:f7:b4:9a:e5:5e:54:36:33:
ac:81:aa:88:92:69:57:d3:05:ef:9b:62:f3:d1:bd:e1:f3:bf:
98:2b:c2:b9:8d:cd:03:f2:d4:ef:02:70:d2:a4:0f:26:7e:9c:
61:c4:ea:ad:fa:c4:93:3d:12:25:5d:40:9b:af:ce:0a:ed:00:
e3:dc:fa:fa:e6:eb:bf:cd:17:5f:49:dd:13:93:78:aa:74:09:
33:de:a6:f3:f4:6b:9f:a6:d6:2b:34:68:69:cb:c4:54:ff:98:
16:5f:f7:c0:37:53:27:7a:99:2d:a0:cb:59:b7:2b:a4:35:56:
9f:8a:5e:ce:8d:6d:98:d2:d6:e4:0e:e4:2a:e3:4e:da:3e:28:
02:92:d4:48:36:b5:e1:5c:bf:e8:5a:b9:01:54:c5:3d:e1:6e:
e7:50:7e:35
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtgYUFIBR3ReLXQi7jSig0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjY0NjgyOGE5ZWE3YmY4ZDQwYjRmOWYwYmE0NGNjZGNi
MmNlZGQwHhcNMjMwMTAxMTMyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzhlNmEzMzFmODU4MTkzODUyZmM0OTJkZTg3MzRkMjE4ZDRmM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikkVW4I4qvSavOAqHUGhFAPluZoK
94WA/Ho7wIXd5Rn3dQ6pPZ6Ac9oWnhle15VqJX3+qMIBswuYHjPp2mecg16Yr8Qc
BLr8TELGuVQYjRwhTS3ZR1RDpnquME/54FFPOtTGVPzw9EmgrJDRM1crQMIq2C0s
vJjBZN4QZFvO7HN1X5CkIJ1taJlcxnPwg31IReGNLu0a0QrMESvi/haoemX3Syia
1FPtpn//XodY7Av+kHQJ0dGEYNstVznIonU5x6NypsCzVDE1WDGWvbxc7abptY7H
HgQG+NvpLTcRyVusmFxznLpc95H1Iq5h9EHTbkiWM+V5UoYcEyplY1k7kQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJOOajMfhYGThS/Ekt6HNNIY1PPMMB8GA1UdIwQY
MBaAFBsmRoKKnqe/jUC0+fC6RMzcss7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3laR2dvcWVwNy1OUUxUNThMcEV6Tnl5enQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9jMzY4MzYtYTJjOC00NzcxLWE5NTgt
OTc0ZmNmZWYyNjNiLzEvazQ1cU14LUZnWk9GTDhTUzNvYzAwaGpVODh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9jMzY4MzYtYTJjOC00NzcxLWE5NTgtOTc0ZmNmZWYyNjNi
LzEvR3laR2dvcWVwNy1OUUxUNThMcEV6Tnl5enQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC57kUD
BAO57kAwDQYJKoZIhvcNAQELBQADggEBAFgG96RGv3/AtVMYDXXJ2lj109SB3TKp
dLMynQhJDAPCyu9Wiw7CS4g+paZOE+nVEQsCZkyt8ivNDRQnbZhOofrtEiK37vU5
UaHPCMLenS7cejDh/4QVW2TSq/Agk7P6XC89Vor3tJrlXlQ2M6yBqoiSaVfTBe+b
YvPRveHzv5grwrmNzQPy1O8CcNKkDyZ+nGHE6q36xJM9EiVdQJuvzgrtAOPc+vrm
67/NF19J3ROTeKp0CTPepvP0a5+m1is0aGnLxFT/mBZf98A3Uyd6mS2gy1m3K6Q1
Vp+KXs6NbZjS1uQO5CrjTto+KAKS1Eg2teFcv+hauQFUxT3hbudQfjU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:41 2024 by rpki-client on console-fra.rpki-client.org