Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/b9e8ac4rEpBc6M2-pI-nRcZWUdM.roa
File: b9e8ac4rEpBc6M2-pI-nRcZWUdM.roa (raw, json)
Hash identifier: gGaszS1e8yCBgULumswFIv2acByEDJiupVKPyEeuWD8=
Subject key identifier: 6F:D7:BC:69:CE:2B:12:90:5C:E8:CD:BE:A4:8F:A7:45:C6:56:51:D3
Certificate issuer: /CN=62dfe53884b95a09f66a416e14f56c6b0f789afc
Certificate serial: 01857203450F3AAD59AF8560A5EE1C2E2E75
Authority key identifier: 62:DF:E5:38:84:B9:5A:09:F6:6A:41:6E:14:F5:6C:6B:0F:78:9A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yt_lOIS5Wgn2akFuFPVsaw94mvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/b9e8ac4rEpBc6M2-pI-nRcZWUdM.roa
Signing time: Mon 02 Jan 2023 10:24:55 +0000
ROA not before: Mon 02 Jan 2023 10:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205345
IP address blocks: 185.221.124.0/22 maxlen: 22
2a0d:c000::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:45:0f:3a:ad:59:af:85:60:a5:ee:1c:2e:2e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62dfe53884b95a09f66a416e14f56c6b0f789afc
Validity
Not Before: Jan 2 10:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fd7bc69ce2b12905ce8cdbea48fa745c65651d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a6:af:ef:04:8d:2e:46:39:3e:19:0a:2d:ad:
8a:44:34:b1:ca:0f:5c:c8:11:79:88:1c:5a:1f:ff:
37:32:74:b3:42:3b:d3:4b:11:24:9e:7d:34:6a:d6:
b2:40:44:f7:3f:4c:e0:50:c6:14:f6:5f:20:aa:2e:
95:fb:1a:e1:80:24:41:e2:af:e1:e1:3e:b5:f3:2c:
72:0e:24:10:a6:85:62:d6:46:50:8f:bb:fb:a1:8b:
96:2a:c6:76:92:2c:36:da:85:de:36:37:7e:df:07:
80:93:0b:4b:b9:28:69:f3:7b:a2:7a:06:b5:7d:6a:
25:d5:d9:bf:ab:4e:a4:cb:37:13:e2:84:3b:87:4d:
88:25:fc:f9:dc:56:c8:d2:86:80:de:3c:4a:03:79:
ed:86:8a:aa:18:3b:72:07:33:66:0f:9f:cb:f8:13:
f5:12:0e:23:76:1f:3a:30:ef:77:d4:1e:f6:e4:4c:
80:1d:d7:7b:18:bc:ca:78:67:39:82:af:39:5f:f8:
31:3d:51:75:11:73:1b:58:73:9e:22:09:d2:b9:71:
69:b0:20:08:89:06:a2:1f:80:5c:c1:b1:65:1d:d3:
b4:32:92:9f:b2:89:08:eb:e2:08:0c:6a:93:88:8e:
5d:5f:f5:31:fb:05:62:5b:ce:ea:cc:b2:e8:f1:f6:
93:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D7:BC:69:CE:2B:12:90:5C:E8:CD:BE:A4:8F:A7:45:C6:56:51:D3
X509v3 Authority Key Identifier:
keyid:62:DF:E5:38:84:B9:5A:09:F6:6A:41:6E:14:F5:6C:6B:0F:78:9A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yt_lOIS5Wgn2akFuFPVsaw94mvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/b9e8ac4rEpBc6M2-pI-nRcZWUdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/Yt_lOIS5Wgn2akFuFPVsaw94mvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.124.0/22
IPv6:
2a0d:c000::/29
Signature Algorithm: sha256WithRSAEncryption
7f:b5:7a:05:81:a7:f9:cf:b7:95:7a:b9:1e:fb:72:01:37:ec:
9d:66:0c:92:9b:79:fe:35:fe:95:ab:91:fa:55:45:8d:20:66:
59:42:f4:aa:23:2c:75:30:4c:36:3c:5f:95:50:f7:34:80:bc:
3a:3c:e8:60:93:1e:f2:a7:6b:4d:c7:72:06:9c:1c:c1:4a:74:
31:a0:32:b9:be:66:3f:9d:f6:43:8d:4e:6c:56:fc:eb:50:dd:
2e:8f:9b:99:b2:7c:67:e0:19:e8:c5:fd:4c:45:a9:ea:1c:65:
8b:cf:96:5c:2a:07:b5:86:b3:42:22:e4:df:7b:ea:d8:fc:9b:
27:bf:b8:c6:b8:6d:5e:8b:49:c8:14:24:44:90:5e:58:d5:74:
35:59:5a:58:ff:50:56:60:41:cf:84:d4:8d:39:97:3a:a8:45:
7f:a1:97:9e:fa:a1:45:17:10:c5:0b:a9:b0:9b:ac:62:43:af:
fe:cb:b3:9c:df:66:ae:fc:ea:e8:a1:6d:1e:30:99:02:35:41:
4c:01:d5:d5:65:03:a3:f2:3e:35:79:cf:36:c2:7e:72:4d:bc:
96:fd:cc:79:8d:79:44:8e:1f:46:43:74:b6:2d:a9:45:65:d7:
e9:33:e9:24:20:ce:a4:0f:91:fb:87:80:04:eb:cb:6b:95:1c:
87:f0:1c:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyA0UPOq1Zr4Vgpe4cLi51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZGZlNTM4ODRiOTVhMDlmNjZhNDE2ZTE0ZjU2YzZiMGY3
ODlhZmMwHhcNMjMwMTAyMTAyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQ3YmM2OWNlMmIxMjkwNWNlOGNkYmVhNDhmYTc0NWM2NTY1MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06av7wSNLkY5PhkKLa2KRDSxyg9c
yBF5iBxaH/83MnSzQjvTSxEknn00atayQET3P0zgUMYU9l8gqi6V+xrhgCRB4q/h
4T618yxyDiQQpoVi1kZQj7v7oYuWKsZ2kiw22oXeNjd+3weAkwtLuShp83uiega1
fWol1dm/q06kyzcT4oQ7h02IJfz53FbI0oaA3jxKA3nthoqqGDtyBzNmD5/L+BP1
Eg4jdh86MO931B725EyAHdd7GLzKeGc5gq85X/gxPVF1EXMbWHOeIgnSuXFpsCAI
iQaiH4BcwbFlHdO0MpKfsokI6+IIDGqTiI5dX/Ux+wViW87qzLLo8faTpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/XvGnOKxKQXOjNvqSPp0XGVlHTMB8GA1UdIwQY
MBaAFGLf5TiEuVoJ9mpBbhT1bGsPeJr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRfbE9JUzVXZ24yYWtGdUZQVnNhdzk0bXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mYjAwMzItYmM0NS00NThmLWFiMmIt
MjkzNmFhMjI3NzY1LzEvYjllOGFjNHJFcEJjNk0yLXBJLW5SY1pXVWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mYjAwMzItYmM0NS00NThmLWFiMmItMjkzNmFhMjI3NzY1
LzEvWXRfbE9JUzVXZ24yYWtGdUZQVnNhdzk0bXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud18MA0E
AgACMAcDBQMqDcAAMA0GCSqGSIb3DQEBCwUAA4IBAQB/tXoFgaf5z7eVerke+3IB
N+ydZgySm3n+Nf6Vq5H6VUWNIGZZQvSqIyx1MEw2PF+VUPc0gLw6POhgkx7yp2tN
x3IGnBzBSnQxoDK5vmY/nfZDjU5sVvzrUN0uj5uZsnxn4Bnoxf1MRanqHGWLz5Zc
Kge1hrNCIuTfe+rY/Jsnv7jGuG1ei0nIFCREkF5Y1XQ1WVpY/1BWYEHPhNSNOZc6
qEV/oZee+qFFFxDFC6mwm6xiQ6/+y7Oc32au/OrooW0eMJkCNUFMAdXVZQOj8j41
ec82wn5yTbyW/cx5jXlEjh9GQ3S2LalFZdfpM+kkIM6kD5H7h4AE68trlRyH8By1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org