Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/462f92-808c-4440-a905-e7484e2f9aa2/1/IcOrGA6FJDoiPUVTVwMwamlIaho.roa
File: IcOrGA6FJDoiPUVTVwMwamlIaho.roa (raw, json)
Hash identifier: rcHYmJ21g+mxrsMYl+TsqXzAUk14IBHsDONeTPlk93I=
Subject key identifier: 21:C3:AB:18:0E:85:24:3A:22:3D:45:53:57:03:30:6A:69:48:6A:1A
Certificate issuer: /CN=286f9a9bbb868ce6d43a154e2a7e298b6b2365b2
Certificate serial: 01869D32FB5ADC1B633407F349852EBF19E9
Authority key identifier: 28:6F:9A:9B:BB:86:8C:E6:D4:3A:15:4E:2A:7E:29:8B:6B:23:65:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KG-am7uGjObUOhVOKn4pi2sjZbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/462f92-808c-4440-a905-e7484e2f9aa2/1/IcOrGA6FJDoiPUVTVwMwamlIaho.roa
Signing time: Wed 01 Mar 2023 12:43:29 +0000
ROA not before: Wed 01 Mar 2023 12:43:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 185.252.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:32:fb:5a:dc:1b:63:34:07:f3:49:85:2e:bf:19:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=286f9a9bbb868ce6d43a154e2a7e298b6b2365b2
Validity
Not Before: Mar 1 12:43:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21c3ab180e85243a223d45535703306a69486a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b6:d2:cf:03:1e:be:bc:de:35:f0:2d:42:52:
e9:2e:e9:c3:f8:a1:9b:9b:59:2c:1c:e3:ef:f7:98:
2c:8d:98:d9:fe:6b:ab:3b:d1:39:52:6f:86:e3:31:
33:ac:c9:da:25:47:71:3f:ea:c0:f1:5f:80:2b:6e:
f1:74:9e:0d:1e:27:ce:ca:89:13:45:8e:a8:4f:d6:
fc:f0:f0:55:a0:87:87:7e:d4:6f:bf:f8:fc:21:21:
05:26:66:0b:fd:6f:8d:18:b6:ad:57:55:ec:86:db:
2c:e0:fd:f4:84:93:53:88:04:35:01:7b:ac:ba:0b:
99:73:a9:81:81:36:2d:e4:87:c2:fe:8b:fd:7e:cb:
82:66:00:d7:b5:c7:ce:dd:28:17:ca:84:12:ec:18:
8e:6f:3a:9e:0f:9b:f4:a8:c5:29:e9:aa:4b:62:6c:
eb:c4:c6:60:af:35:d7:cd:0b:f6:a6:34:8d:d3:25:
b2:1c:06:8c:b5:dc:ef:4d:6f:33:28:ce:b2:81:92:
6a:46:20:f2:b1:40:ae:ed:39:b1:5d:22:b2:78:2c:
89:da:14:fc:71:62:34:d8:53:fe:07:60:4a:55:af:
93:46:44:19:5b:8f:32:c0:c4:11:04:47:6f:73:24:
02:45:ea:6a:01:57:d5:43:3f:a4:97:d4:5b:99:82:
8f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C3:AB:18:0E:85:24:3A:22:3D:45:53:57:03:30:6A:69:48:6A:1A
X509v3 Authority Key Identifier:
keyid:28:6F:9A:9B:BB:86:8C:E6:D4:3A:15:4E:2A:7E:29:8B:6B:23:65:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KG-am7uGjObUOhVOKn4pi2sjZbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/462f92-808c-4440-a905-e7484e2f9aa2/1/IcOrGA6FJDoiPUVTVwMwamlIaho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/462f92-808c-4440-a905-e7484e2f9aa2/1/KG-am7uGjObUOhVOKn4pi2sjZbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.211.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:96:30:1e:e8:81:e2:9e:a9:a8:3f:7d:62:c6:4a:84:09:ac:
f7:e4:92:ff:77:14:83:93:7b:5e:98:25:2b:5b:de:26:6a:5e:
09:f0:3e:a1:b7:5e:a1:46:50:8c:c6:e1:d7:87:3a:69:dc:31:
0e:59:44:b5:33:e0:29:09:a4:75:8a:64:fb:64:4d:57:8d:d9:
d8:ed:38:d2:d1:39:16:62:03:57:55:b3:5e:15:d4:5d:86:0c:
f3:e1:64:00:cd:90:ec:0e:3a:4e:16:11:ca:50:d8:83:63:3a:
67:7d:36:77:3c:43:3d:38:e9:3d:8a:34:46:cd:4f:fc:55:91:
93:c6:d8:20:2e:fc:c9:b4:76:c4:3d:ba:c6:45:f0:66:bd:06:
8d:e9:e9:25:2b:21:5f:78:41:3a:d4:e0:74:0b:e4:b9:7b:39:
f3:cb:a1:cc:52:c2:6a:21:b1:65:1f:53:52:58:4e:b1:94:c1:
d6:e5:da:02:75:13:59:bd:a5:72:6b:7c:78:19:10:8f:0a:d8:
f2:72:43:0a:67:80:53:e6:ed:0a:b3:d5:ef:c4:20:1c:e7:6e:
af:99:83:a1:93:6e:2a:71:8b:2d:e3:f2:71:82:7f:30:f8:27:
1a:c3:bf:38:bd:60:0a:03:4b:f7:31:63:43:52:d7:e2:0a:fa:
81:6a:83:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYadMvta3BtjNAfzSYUuvxnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NmY5YTliYmI4NjhjZTZkNDNhMTU0ZTJhN2UyOThiNmIy
MzY1YjIwHhcNMjMwMzAxMTI0MzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWMzYWIxODBlODUyNDNhMjIzZDQ1NTM1NzAzMzA2YTY5NDg2YTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLbSzwMevrzeNfAtQlLpLunD+KGb
m1ksHOPv95gsjZjZ/murO9E5Um+G4zEzrMnaJUdxP+rA8V+AK27xdJ4NHifOyokT
RY6oT9b88PBVoIeHftRvv/j8ISEFJmYL/W+NGLatV1Xshtss4P30hJNTiAQ1AXus
uguZc6mBgTYt5IfC/ov9fsuCZgDXtcfO3SgXyoQS7BiObzqeD5v0qMUp6apLYmzr
xMZgrzXXzQv2pjSN0yWyHAaMtdzvTW8zKM6ygZJqRiDysUCu7TmxXSKyeCyJ2hT8
cWI02FP+B2BKVa+TRkQZW48ywMQRBEdvcyQCRepqAVfVQz+kl9RbmYKPCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHDqxgOhSQ6Ij1FU1cDMGppSGoaMB8GA1UdIwQY
MBaAFChvmpu7hozm1DoVTip+KYtrI2WyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0ctYW03dUdqT2JVT2hWT0tuNHBpMnNqWmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80NjJmOTItODA4Yy00NDQwLWE5MDUt
ZTc0ODRlMmY5YWEyLzEvSWNPckdBNkZKRG9pUFVWVFZ3TXdhbWxJYWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80NjJmOTItODA4Yy00NDQwLWE5MDUtZTc0ODRlMmY5YWEy
LzEvS0ctYW03dUdqT2JVT2hWT0tuNHBpMnNqWmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufzTMA0G
CSqGSIb3DQEBCwUAA4IBAQBtljAe6IHinqmoP31ixkqECaz35JL/dxSDk3temCUr
W94mal4J8D6ht16hRlCMxuHXhzpp3DEOWUS1M+ApCaR1imT7ZE1XjdnY7TjS0TkW
YgNXVbNeFdRdhgzz4WQAzZDsDjpOFhHKUNiDYzpnfTZ3PEM9OOk9ijRGzU/8VZGT
xtggLvzJtHbEPbrGRfBmvQaN6eklKyFfeEE61OB0C+S5eznzy6HMUsJqIbFlH1NS
WE6xlMHW5doCdRNZvaVya3x4GRCPCtjyckMKZ4BT5u0Ks9XvxCAc526vmYOhk24q
cYst4/Jxgn8w+Ccaw784vWAKA0v3MWNDUtfiCvqBaoNC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:45 2023 by rpki-client on console-fra.rpki-client.org