Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/dkaEx368LQyDxnnguTw9pERBZLk.roa
File: dkaEx368LQyDxnnguTw9pERBZLk.roa (raw, json)
Hash identifier: D3MleHTMqmwC4FdyUoRZRUYT8QWMb0NS3W6EgOJ0uWw=
Subject key identifier: 76:46:84:C7:7E:BC:2D:0C:83:C6:79:E0:B9:3C:3D:A4:44:41:64:B9
Certificate issuer: /CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
Certificate serial: 01856E78F33B1CF8D1FC528E2153290AC68E
Authority key identifier: 14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/dkaEx368LQyDxnnguTw9pERBZLk.roa
Signing time: Sun 01 Jan 2023 17:54:58 +0000
ROA not before: Sun 01 Jan 2023 17:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208035
IP address blocks: 185.35.56.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:f3:3b:1c:f8:d1:fc:52:8e:21:53:29:0a:c6:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
Validity
Not Before: Jan 1 17:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=764684c77ebc2d0c83c679e0b93c3da4444164b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c1:17:cf:0e:63:ca:0d:13:10:4b:cc:bb:71:
51:95:79:02:75:13:9b:74:83:f3:06:3f:02:8e:3d:
c2:31:c1:f8:5e:7e:c1:c4:dc:67:fb:02:f7:a9:fe:
84:2d:6c:b1:06:7b:55:f3:32:4c:c3:12:ce:8d:0e:
69:fa:d2:41:54:82:1a:d2:60:cc:17:6b:c1:9e:fd:
e6:1f:b0:2c:37:91:be:cb:6d:2a:38:a4:0f:fe:80:
50:dc:22:de:87:19:1e:44:ea:2f:94:49:1d:91:40:
da:26:20:62:cc:87:75:3c:7c:ae:77:95:7b:aa:e5:
f9:11:a8:9c:13:2b:bf:2b:fa:d5:81:a6:42:34:a0:
ac:da:f7:a7:36:45:12:62:6b:53:4b:eb:f6:4c:67:
24:4d:aa:ec:44:92:89:93:9d:54:17:35:ae:33:9e:
22:7b:4f:d0:15:92:97:8c:b4:e8:85:19:4b:02:93:
90:15:c1:b9:f1:f5:b1:45:13:f2:74:56:38:ef:ea:
5c:64:48:e1:79:ea:51:91:53:35:9a:79:c5:0b:9e:
2d:e8:a6:d3:d7:65:67:37:75:52:c0:2c:15:b5:15:
e8:40:1e:20:ff:73:ef:9a:00:2b:40:58:dc:a2:d8:
8e:d6:58:36:7b:c7:2c:b7:89:d5:33:51:d6:b6:42:
56:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:46:84:C7:7E:BC:2D:0C:83:C6:79:E0:B9:3C:3D:A4:44:41:64:B9
X509v3 Authority Key Identifier:
keyid:14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/dkaEx368LQyDxnnguTw9pERBZLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.56.0/22
Signature Algorithm: sha256WithRSAEncryption
09:ce:f2:bc:6b:13:62:9d:89:f2:4b:eb:da:c9:a1:16:62:eb:
cf:87:22:59:04:eb:05:a3:f5:96:3f:24:cc:49:60:4d:cb:98:
8e:af:0d:72:82:70:2b:34:6c:5c:5a:42:47:94:da:d7:99:4f:
01:89:f6:21:0f:d3:2b:b5:bd:f6:9d:34:7c:e3:49:07:d4:7f:
3a:6e:26:aa:94:dc:45:5c:7e:e0:c9:5d:af:59:0b:23:74:4d:
e3:21:7c:99:f4:7e:a2:d9:87:9b:93:45:84:1b:43:80:39:91:
d9:37:76:c2:ab:92:31:f9:30:27:c7:1d:f1:ea:1d:5b:8f:1b:
d5:df:99:f6:00:c4:3c:cc:8b:e3:e1:64:75:78:4e:83:df:e5:
31:0f:99:36:cf:9b:04:cf:22:01:75:e1:34:ed:3b:33:66:99:
6a:b4:01:09:ed:f7:fc:fa:cc:55:e0:68:b7:96:30:e0:b2:dc:
46:b5:ad:a2:45:e4:e0:11:20:d0:aa:ce:09:28:09:67:ed:c3:
33:da:a7:89:47:82:86:c5:fe:1c:7c:07:76:05:83:91:21:dc:
25:74:bd:73:4e:b5:a6:1d:bc:2a:d7:85:83:a7:a4:f3:f2:f8:
ff:e1:93:41:2a:22:50:14:81:58:18:86:6a:19:26:37:d1:63:
34:61:b7:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuePM7HPjR/FKOIVMpCsaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDZiNGY5ZmQ1MTY4ZWI3NzgxZTgyNGIxNDUzZTk5ZjVl
NjU1M2MwHhcNMjMwMTAxMTc1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQ2ODRjNzdlYmMyZDBjODNjNjc5ZTBiOTNjM2RhNDQ0NDE2NGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMEXzw5jyg0TEEvMu3FRlXkCdROb
dIPzBj8Cjj3CMcH4Xn7BxNxn+wL3qf6ELWyxBntV8zJMwxLOjQ5p+tJBVIIa0mDM
F2vBnv3mH7AsN5G+y20qOKQP/oBQ3CLehxkeROovlEkdkUDaJiBizId1PHyud5V7
quX5EaicEyu/K/rVgaZCNKCs2venNkUSYmtTS+v2TGckTarsRJKJk51UFzWuM54i
e0/QFZKXjLTohRlLApOQFcG58fWxRRPydFY47+pcZEjheepRkVM1mnnFC54t6KbT
12VnN3VSwCwVtRXoQB4g/3PvmgArQFjcotiO1lg2e8cst4nVM1HWtkJWJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZGhMd+vC0Mg8Z54Lk8PaREQWS5MB8GA1UdIwQY
MBaAFBQGtPn9UWjrd4HoJLFFPpn15lU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAt
YzE2MTI0NmM4MjVhLzEvZGthRXgzNjhMUXlEeG5uZ3VUdzlwRVJCWkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAtYzE2MTI0NmM4MjVh
LzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSM4MA0G
CSqGSIb3DQEBCwUAA4IBAQAJzvK8axNinYnyS+vayaEWYuvPhyJZBOsFo/WWPyTM
SWBNy5iOrw1ygnArNGxcWkJHlNrXmU8BifYhD9Mrtb32nTR840kH1H86biaqlNxF
XH7gyV2vWQsjdE3jIXyZ9H6i2Yebk0WEG0OAOZHZN3bCq5Ix+TAnxx3x6h1bjxvV
35n2AMQ8zIvj4WR1eE6D3+UxD5k2z5sEzyIBdeE07TszZplqtAEJ7ff8+sxV4Gi3
ljDgstxGta2iReTgESDQqs4JKAln7cMz2qeJR4KGxf4cfAd2BYORIdwldL1zTrWm
Hbwq14WDp6Tz8vj/4ZNBKiJQFIFYGIZqGSY30WM0YbcJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:17 2024 by rpki-client on console-ams.rpki-client.org