Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/_PIL567Zi9hstKbLaYrIHis2Q1I.roa
File: _PIL567Zi9hstKbLaYrIHis2Q1I.roa (raw, json)
Hash identifier: BnwFE3pJ9FS+U1xEl28aoBQmj8IrnTVfybUkCigAhxs=
Subject key identifier: FC:F2:0B:E7:AE:D9:8B:D8:6C:B4:A6:CB:69:8A:C8:1E:2B:36:43:52
Certificate issuer: /CN=4f9d5fbaaf76a80a65e0e92c02061e895b2b8117
Certificate serial: 01856FE71EFE53ED3507C66C71BF89428D8C
Authority key identifier: 4F:9D:5F:BA:AF:76:A8:0A:65:E0:E9:2C:02:06:1E:89:5B:2B:81:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T51fuq92qApl4OksAgYeiVsrgRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/_PIL567Zi9hstKbLaYrIHis2Q1I.roa
Signing time: Mon 02 Jan 2023 00:34:55 +0000
ROA not before: Mon 02 Jan 2023 00:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21183
IP address blocks: 185.204.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:1e:fe:53:ed:35:07:c6:6c:71:bf:89:42:8d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9d5fbaaf76a80a65e0e92c02061e895b2b8117
Validity
Not Before: Jan 2 00:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcf20be7aed98bd86cb4a6cb698ac81e2b364352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:11:29:8d:c2:3f:da:58:0a:da:74:8f:19:62:
11:10:4a:dd:25:4a:ce:da:6b:63:7c:4d:22:8b:0a:
34:44:19:4c:ff:60:95:25:23:2f:fd:e4:86:e8:b6:
86:7e:f5:24:a3:dc:aa:bd:ce:b2:07:2d:34:5f:2f:
4f:d6:d3:7d:56:f9:b4:5b:1d:d2:e9:23:75:f9:b4:
27:65:88:9f:27:df:a5:94:45:fc:3c:7b:50:de:c4:
51:c9:a9:b7:27:b7:1d:08:91:2f:b4:68:66:0a:a6:
55:e8:e4:14:2c:fe:bf:e7:4f:11:28:8e:9b:d6:ee:
25:15:eb:c2:da:7d:a5:eb:5c:3e:e7:47:a0:08:ec:
98:5e:87:52:bd:87:20:b3:87:86:5a:cd:f8:6d:43:
99:dc:dd:1a:39:c1:99:32:89:77:ff:28:25:38:a1:
7d:dd:31:30:1a:a2:54:a4:0b:f2:fc:81:3d:80:d8:
4a:92:af:29:df:96:a3:45:47:bb:94:30:cf:02:af:
ef:56:48:16:cc:6e:9d:6d:21:47:a8:fd:d2:93:54:
d6:fc:cd:da:a6:e9:54:aa:5f:53:c3:16:b8:2b:79:
6e:75:46:26:1e:22:5b:73:a2:4b:5b:01:71:d3:83:
df:e2:cd:b4:be:a5:0c:0c:d2:91:75:bc:ed:30:52:
d3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F2:0B:E7:AE:D9:8B:D8:6C:B4:A6:CB:69:8A:C8:1E:2B:36:43:52
X509v3 Authority Key Identifier:
keyid:4F:9D:5F:BA:AF:76:A8:0A:65:E0:E9:2C:02:06:1E:89:5B:2B:81:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T51fuq92qApl4OksAgYeiVsrgRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/_PIL567Zi9hstKbLaYrIHis2Q1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/T51fuq92qApl4OksAgYeiVsrgRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.32.0/22
Signature Algorithm: sha256WithRSAEncryption
47:e2:8e:35:35:d9:77:24:b2:8c:f3:6f:73:d3:60:03:09:75:
37:5e:18:e7:c1:fd:2d:4d:22:fa:0f:03:50:09:15:98:16:44:
24:b5:44:9a:70:fc:54:b2:4b:61:05:50:4a:ba:ce:26:33:ab:
5c:90:bf:f6:80:55:48:3b:9e:3e:8d:07:18:8e:c3:a8:62:58:
35:ae:65:e3:60:53:13:81:ee:19:7c:ac:19:fa:a9:fc:f2:f9:
d0:91:3f:e6:5d:ca:6a:67:1f:86:ac:2e:c6:fb:2c:c7:05:e0:
c7:50:d5:54:a5:ed:8a:44:27:2f:d0:f9:c5:da:fd:9c:fd:8c:
23:10:ef:e1:2f:28:bd:6f:40:46:84:28:6b:ff:e2:5a:9e:19:
30:9b:4c:56:ed:14:ca:5e:84:e1:bb:95:bc:ca:4e:26:1d:46:
be:37:95:34:d8:78:6a:12:79:0c:0d:75:7b:37:b7:4a:0a:b9:
ba:78:1b:a5:c5:52:2d:89:0a:25:08:8b:e6:73:03:45:21:4f:
f2:19:a1:91:7a:03:6c:c2:73:3c:23:1d:80:79:7f:7b:10:32:
01:3f:37:07:22:f7:14:71:f8:46:83:91:5f:5f:69:42:36:c5:
e0:5c:55:44:4d:99:54:19:5f:11:a6:5f:06:30:72:40:da:fe:
98:d8:22:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5x7+U+01B8Zscb+JQo2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOWQ1ZmJhYWY3NmE4MGE2NWUwZTkyYzAyMDYxZTg5NWIy
YjgxMTcwHhcNMjMwMTAyMDAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2YyMGJlN2FlZDk4YmQ4NmNiNGE2Y2I2OThhYzgxZTJiMzY0MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhEpjcI/2lgK2nSPGWIREErdJUrO
2mtjfE0iiwo0RBlM/2CVJSMv/eSG6LaGfvUko9yqvc6yBy00Xy9P1tN9Vvm0Wx3S
6SN1+bQnZYifJ9+llEX8PHtQ3sRRyam3J7cdCJEvtGhmCqZV6OQULP6/508RKI6b
1u4lFevC2n2l61w+50egCOyYXodSvYcgs4eGWs34bUOZ3N0aOcGZMol3/yglOKF9
3TEwGqJUpAvy/IE9gNhKkq8p35ajRUe7lDDPAq/vVkgWzG6dbSFHqP3Sk1TW/M3a
pulUql9Twxa4K3ludUYmHiJbc6JLWwFx04Pf4s20vqUMDNKRdbztMFLTzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzyC+eu2YvYbLSmy2mKyB4rNkNSMB8GA1UdIwQY
MBaAFE+dX7qvdqgKZeDpLAIGHolbK4EXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDUxZnVxOTJxQXBsNE9rc0FnWWVpVnNyZ1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jNzA5MjgtY2VkZS00YjYyLTg5YTct
NjBmNmZhOTExMGUyLzEvX1BJTDU2N1ppOWhzdEtiTGFZcklIaXMyUTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jNzA5MjgtY2VkZS00YjYyLTg5YTctNjBmNmZhOTExMGUy
LzEvVDUxZnVxOTJxQXBsNE9rc0FnWWVpVnNyZ1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucwgMA0G
CSqGSIb3DQEBCwUAA4IBAQBH4o41Ndl3JLKM829z02ADCXU3Xhjnwf0tTSL6DwNQ
CRWYFkQktUSacPxUskthBVBKus4mM6tckL/2gFVIO54+jQcYjsOoYlg1rmXjYFMT
ge4ZfKwZ+qn88vnQkT/mXcpqZx+GrC7G+yzHBeDHUNVUpe2KRCcv0PnF2v2c/Ywj
EO/hLyi9b0BGhChr/+Janhkwm0xW7RTKXoThu5W8yk4mHUa+N5U02HhqEnkMDXV7
N7dKCrm6eBulxVItiQolCIvmcwNFIU/yGaGRegNswnM8Ix2AeX97EDIBPzcHIvcU
cfhGg5FfX2lCNsXgXFVETZlUGV8Rpl8GMHJA2v6Y2CJl
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:40 2024 by rpki-client on console-fra.rpki-client.org