Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/zd4uJBclJDWChIvLvL4LQXWCMno.roa
File: zd4uJBclJDWChIvLvL4LQXWCMno.roa (raw, json)
Hash identifier: GEgKGEukMxnAe7VABYQNDVS0sQK1x12F+QDbLWv0rAw=
Subject key identifier: CD:DE:2E:24:17:25:24:35:82:84:8B:CB:BC:BE:0B:41:75:82:32:7A
Certificate issuer: /CN=4f9d5fbaaf76a80a65e0e92c02061e895b2b8117
Certificate serial: 01856FE71FAE7B3BCD6151DCC23390852A13
Authority key identifier: 4F:9D:5F:BA:AF:76:A8:0A:65:E0:E9:2C:02:06:1E:89:5B:2B:81:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T51fuq92qApl4OksAgYeiVsrgRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/zd4uJBclJDWChIvLvL4LQXWCMno.roa
Signing time: Mon 02 Jan 2023 00:34:55 +0000
ROA not before: Mon 02 Jan 2023 00:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205832
IP address blocks: 185.204.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:1f:ae:7b:3b:cd:61:51:dc:c2:33:90:85:2a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9d5fbaaf76a80a65e0e92c02061e895b2b8117
Validity
Not Before: Jan 2 00:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdde2e241725243582848bcbbcbe0b417582327a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:aa:fb:b6:8b:0a:3d:ae:59:a9:cf:bf:4c:e5:
6c:1a:75:f2:6c:02:46:c4:08:4a:a2:86:74:25:4a:
23:bf:fe:87:91:f0:a0:1e:2b:7a:15:3a:ea:e3:c5:
01:1d:da:63:bb:38:0f:58:b5:e5:cd:6b:2c:1c:70:
06:14:46:cd:70:ff:70:2c:8a:80:39:4e:0f:3f:4d:
e9:cd:cf:1a:36:e1:39:de:a6:14:10:16:81:bf:af:
a6:4a:1f:09:c4:61:dc:4c:ed:2c:67:1d:e8:35:70:
6b:d3:fd:b6:47:17:4f:80:ac:b9:9d:1a:78:2c:57:
55:ef:e4:ae:cb:0c:e7:cb:fb:96:8f:56:15:8f:ed:
e8:9e:f2:f8:ea:a1:22:7e:c4:95:8d:18:61:8d:3c:
c3:94:f3:8f:4e:fc:7a:5c:d3:41:1c:43:56:c5:d6:
41:2a:c3:2e:c6:d7:33:fd:bb:af:51:5b:c0:38:e1:
74:c7:03:55:00:ef:61:76:da:98:11:7b:1b:08:32:
bb:8a:1d:e1:fd:3d:1c:16:99:d8:e4:6b:98:64:a2:
43:9d:de:36:2f:2b:14:97:23:38:a7:1f:25:b4:d0:
77:a8:24:0c:ff:73:65:8e:06:47:7a:9c:12:47:81:
03:e8:36:24:cc:fd:6f:bf:ee:44:b7:90:98:4c:e4:
d4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DE:2E:24:17:25:24:35:82:84:8B:CB:BC:BE:0B:41:75:82:32:7A
X509v3 Authority Key Identifier:
keyid:4F:9D:5F:BA:AF:76:A8:0A:65:E0:E9:2C:02:06:1E:89:5B:2B:81:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T51fuq92qApl4OksAgYeiVsrgRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/zd4uJBclJDWChIvLvL4LQXWCMno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/T51fuq92qApl4OksAgYeiVsrgRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:14:80:20:73:43:15:88:c8:36:82:f9:d6:69:b6:a0:19:61:
9a:f3:85:e7:4b:db:a0:9e:11:6b:a4:a2:43:bc:f3:3b:af:76:
5e:23:16:6d:3e:09:89:19:a0:16:e7:9a:59:92:cd:c2:2a:7d:
01:eb:31:6d:2d:01:68:aa:6e:a4:38:8b:3e:ee:c8:a6:7a:7f:
6b:f7:d6:8a:c7:86:2d:e7:1e:46:cb:4f:21:d7:ab:3e:93:d7:
95:c6:36:37:a2:b1:ac:30:ab:a1:b1:3f:ed:f6:04:eb:92:19:
75:c9:4d:1f:53:9b:9b:de:c5:9c:ae:0f:81:74:86:30:76:f2:
c8:81:7a:14:29:ac:82:91:c5:30:46:d8:7a:63:41:ff:8c:88:
ca:c1:84:37:1b:e4:8d:8d:23:87:89:da:d6:62:d9:b7:7b:82:
3e:af:3e:c8:ed:e1:b4:70:3b:09:6f:59:6e:1d:d6:8d:e2:23:
fd:4f:17:02:26:27:e4:56:07:4f:01:a4:40:21:36:a6:67:a7:
79:23:24:2a:01:d5:a2:9b:00:49:7d:9f:40:14:f1:ac:01:89:
ad:5b:b7:85:d8:ff:5e:29:c5:d4:67:43:5e:04:53:6f:96:59:
35:7e:a7:22:50:39:9b:96:cc:9b:91:76:54:aa:6b:32:fe:49:
23:9a:4b:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5x+uezvNYVHcwjOQhSoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOWQ1ZmJhYWY3NmE4MGE2NWUwZTkyYzAyMDYxZTg5NWIy
YjgxMTcwHhcNMjMwMTAyMDAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRlMmUyNDE3MjUyNDM1ODI4NDhiY2JiY2JlMGI0MTc1ODIzMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuar7tosKPa5Zqc+/TOVsGnXybAJG
xAhKooZ0JUojv/6HkfCgHit6FTrq48UBHdpjuzgPWLXlzWssHHAGFEbNcP9wLIqA
OU4PP03pzc8aNuE53qYUEBaBv6+mSh8JxGHcTO0sZx3oNXBr0/22RxdPgKy5nRp4
LFdV7+Suywzny/uWj1YVj+3onvL46qEifsSVjRhhjTzDlPOPTvx6XNNBHENWxdZB
KsMuxtcz/buvUVvAOOF0xwNVAO9hdtqYEXsbCDK7ih3h/T0cFpnY5GuYZKJDnd42
LysUlyM4px8ltNB3qCQM/3NljgZHepwSR4ED6DYkzP1vv+5Et5CYTOTUSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3eLiQXJSQ1goSLy7y+C0F1gjJ6MB8GA1UdIwQY
MBaAFE+dX7qvdqgKZeDpLAIGHolbK4EXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDUxZnVxOTJxQXBsNE9rc0FnWWVpVnNyZ1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jNzA5MjgtY2VkZS00YjYyLTg5YTct
NjBmNmZhOTExMGUyLzEvemQ0dUpCY2xKRFdDaEl2THZMNExRWFdDTW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jNzA5MjgtY2VkZS00YjYyLTg5YTctNjBmNmZhOTExMGUy
LzEvVDUxZnVxOTJxQXBsNE9rc0FnWWVpVnNyZ1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucwgMA0G
CSqGSIb3DQEBCwUAA4IBAQCoFIAgc0MViMg2gvnWabagGWGa84XnS9ugnhFrpKJD
vPM7r3ZeIxZtPgmJGaAW55pZks3CKn0B6zFtLQFoqm6kOIs+7simen9r99aKx4Yt
5x5Gy08h16s+k9eVxjY3orGsMKuhsT/t9gTrkhl1yU0fU5ub3sWcrg+BdIYwdvLI
gXoUKayCkcUwRth6Y0H/jIjKwYQ3G+SNjSOHidrWYtm3e4I+rz7I7eG0cDsJb1lu
HdaN4iP9TxcCJifkVgdPAaRAITamZ6d5IyQqAdWimwBJfZ9AFPGsAYmtW7eF2P9e
KcXUZ0NeBFNvllk1fqciUDmblsybkXZUqmsy/kkjmkuv
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:53 2024 by rpki-client on console-ams.rpki-client.org