Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/462f92-808c-4440-a905-e7484e2f9aa2/1/iZeiVttrMs-j2c_9z0X5GDUGP-g.roa
File: iZeiVttrMs-j2c_9z0X5GDUGP-g.roa (raw, json)
Hash identifier: TSv62Om8CXnoxIkimdN9qEg+aM7BWp6tA32ImHrGMnM=
Subject key identifier: 89:97:A2:56:DB:6B:32:CF:A3:D9:CF:FD:CF:45:F9:18:35:06:3F:E8
Certificate issuer: /CN=286f9a9bbb868ce6d43a154e2a7e298b6b2365b2
Certificate serial: 018570FBBF35D8F064AD3A0CA8E5793123A6
Authority key identifier: 28:6F:9A:9B:BB:86:8C:E6:D4:3A:15:4E:2A:7E:29:8B:6B:23:65:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KG-am7uGjObUOhVOKn4pi2sjZbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/462f92-808c-4440-a905-e7484e2f9aa2/1/iZeiVttrMs-j2c_9z0X5GDUGP-g.roa
Signing time: Mon 02 Jan 2023 05:37:04 +0000
ROA not before: Mon 02 Jan 2023 05:37:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 185.252.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:bf:35:d8:f0:64:ad:3a:0c:a8:e5:79:31:23:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=286f9a9bbb868ce6d43a154e2a7e298b6b2365b2
Validity
Not Before: Jan 2 05:37:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8997a256db6b32cfa3d9cffdcf45f91835063fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:50:9a:bf:b2:de:9a:6b:61:d8:fe:15:8b:18:
0f:d6:63:23:81:7c:45:0e:7c:47:98:e7:b1:f6:fd:
7b:4f:15:22:19:1a:7e:7a:f7:5e:a1:9e:6e:0b:48:
cb:b2:d4:ee:bd:61:d6:80:44:f9:36:76:f8:ae:98:
8f:f3:16:0f:2e:32:bb:2a:41:af:b4:c1:02:3d:a3:
4f:b4:cb:0a:d5:1e:69:e2:b5:e6:88:58:2a:dd:0b:
d4:e8:1b:9e:09:ae:f0:6c:76:b4:10:18:0f:3b:9c:
8f:30:a1:f8:da:1f:f7:9c:c2:af:e3:e6:90:dd:74:
32:ff:43:2c:be:99:c7:cf:98:7f:58:c4:29:7b:96:
ae:60:70:dc:83:50:93:53:8d:96:d7:8f:ad:3c:87:
e1:78:3a:fe:87:97:ff:1a:eb:73:5d:4b:8c:61:2c:
19:13:46:0b:b6:6f:02:d2:14:16:da:e9:fc:e9:a9:
4c:80:47:11:8f:3c:6d:58:b1:a0:04:c7:21:c4:5f:
ba:d0:09:e6:0b:73:31:fe:1d:14:13:30:df:3e:46:
31:2a:85:0d:21:82:34:35:99:98:c9:ce:ab:f5:31:
d2:95:64:29:d8:e6:9a:50:35:44:92:5c:bd:66:40:
60:77:77:d8:9f:f6:af:04:58:f5:b2:24:bb:5d:78:
9a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:97:A2:56:DB:6B:32:CF:A3:D9:CF:FD:CF:45:F9:18:35:06:3F:E8
X509v3 Authority Key Identifier:
keyid:28:6F:9A:9B:BB:86:8C:E6:D4:3A:15:4E:2A:7E:29:8B:6B:23:65:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KG-am7uGjObUOhVOKn4pi2sjZbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/462f92-808c-4440-a905-e7484e2f9aa2/1/iZeiVttrMs-j2c_9z0X5GDUGP-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/462f92-808c-4440-a905-e7484e2f9aa2/1/KG-am7uGjObUOhVOKn4pi2sjZbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.211.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:38:65:43:2e:6f:9a:8e:68:75:98:09:a7:6c:eb:a0:6c:65:
14:c2:aa:9a:f2:69:db:95:28:ea:06:dd:bd:06:82:c0:20:be:
e8:ba:9a:1f:f9:83:5d:90:79:6e:31:cd:6d:22:ca:14:1f:85:
0c:3c:31:04:c7:58:ac:96:92:7a:43:31:64:4f:d7:5f:01:3b:
9d:7e:36:46:c7:c7:92:fe:94:fc:81:99:5d:40:1b:7b:fc:ba:
0e:35:bb:6b:33:a6:f0:66:80:40:95:66:83:20:a4:e2:f1:56:
e0:da:55:a3:69:9f:37:3c:d7:b0:c1:ef:fc:43:b1:bf:9c:2d:
e3:1a:b7:4a:0b:70:fe:f9:e0:5c:d2:d9:81:db:65:2a:80:07:
72:fb:70:ea:1f:d0:fc:a0:84:17:12:79:9d:ac:c9:19:0b:b1:
6b:0f:eb:7d:3c:85:d6:8b:aa:0c:16:16:4c:90:70:aa:9e:36:
c0:39:9e:30:59:92:77:22:9a:8c:bb:29:c6:56:c7:ea:9f:63:
0e:49:eb:b8:21:8a:01:53:83:8b:8f:ec:c8:f0:3d:e9:eb:1d:
78:41:be:25:b9:7a:c7:6b:42:56:27:1a:36:7b:d8:b2:12:7e:
4e:13:08:35:70:91:d8:e9:72:c8:e1:8e:27:a6:00:67:8c:17:
d4:eb:91:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7812PBkrToMqOV5MSOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NmY5YTliYmI4NjhjZTZkNDNhMTU0ZTJhN2UyOThiNmIy
MzY1YjIwHhcNMjMwMTAyMDUzNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk3YTI1NmRiNmIzMmNmYTNkOWNmZmRjZjQ1ZjkxODM1MDYzZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01Cav7Lemmth2P4VixgP1mMjgXxF
DnxHmOex9v17TxUiGRp+evdeoZ5uC0jLstTuvWHWgET5Nnb4rpiP8xYPLjK7KkGv
tMECPaNPtMsK1R5p4rXmiFgq3QvU6BueCa7wbHa0EBgPO5yPMKH42h/3nMKv4+aQ
3XQy/0MsvpnHz5h/WMQpe5auYHDcg1CTU42W14+tPIfheDr+h5f/GutzXUuMYSwZ
E0YLtm8C0hQW2un86alMgEcRjzxtWLGgBMchxF+60AnmC3Mx/h0UEzDfPkYxKoUN
IYI0NZmYyc6r9THSlWQp2OaaUDVEkly9ZkBgd3fYn/avBFj1siS7XXiaqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImXolbbazLPo9nP/c9F+Rg1Bj/oMB8GA1UdIwQY
MBaAFChvmpu7hozm1DoVTip+KYtrI2WyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0ctYW03dUdqT2JVT2hWT0tuNHBpMnNqWmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80NjJmOTItODA4Yy00NDQwLWE5MDUt
ZTc0ODRlMmY5YWEyLzEvaVplaVZ0dHJNcy1qMmNfOXowWDVHRFVHUC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80NjJmOTItODA4Yy00NDQwLWE5MDUtZTc0ODRlMmY5YWEy
LzEvS0ctYW03dUdqT2JVT2hWT0tuNHBpMnNqWmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufzTMA0G
CSqGSIb3DQEBCwUAA4IBAQBeOGVDLm+ajmh1mAmnbOugbGUUwqqa8mnblSjqBt29
BoLAIL7oupof+YNdkHluMc1tIsoUH4UMPDEEx1islpJ6QzFkT9dfATudfjZGx8eS
/pT8gZldQBt7/LoONbtrM6bwZoBAlWaDIKTi8Vbg2lWjaZ83PNewwe/8Q7G/nC3j
GrdKC3D++eBc0tmB22UqgAdy+3DqH9D8oIQXEnmdrMkZC7FrD+t9PIXWi6oMFhZM
kHCqnjbAOZ4wWZJ3IpqMuynGVsfqn2MOSeu4IYoBU4OLj+zI8D3p6x14Qb4luXrH
a0JWJxo2e9iyEn5OEwg1cJHY6XLI4Y4npgBnjBfU65G6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:45 2023 by rpki-client on console-fra.rpki-client.org