Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/rfsxs77TZ-yVDjfEzeZjcgSxG_g.roa
File: rfsxs77TZ-yVDjfEzeZjcgSxG_g.roa (raw, json)
Hash identifier: W1TgE6loGQYwsgFcXY5+TJXR+pvUZPXcuyJsxML7zh4=
Subject key identifier: AD:FB:31:B3:BE:D3:67:EC:95:0E:37:C4:CD:E6:63:72:04:B1:1B:F8
Certificate issuer: /CN=36b55fb34d29f962545132a025b52644fdffbf6f
Certificate serial: 01856F8B7176B9806BDCB7EE6FF432C19E21
Authority key identifier: 36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/rfsxs77TZ-yVDjfEzeZjcgSxG_g.roa
Signing time: Sun 01 Jan 2023 22:54:47 +0000
ROA not before: Sun 01 Jan 2023 22:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 185.206.123.0/24 maxlen: 24
2a10:ca00:4::/48 maxlen: 48
2a10:ca00:2::/48 maxlen: 48
2a10:ca00:3::/48 maxlen: 48
2a10:ca00:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:71:76:b9:80:6b:dc:b7:ee:6f:f4:32:c1:9e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b55fb34d29f962545132a025b52644fdffbf6f
Validity
Not Before: Jan 1 22:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adfb31b3bed367ec950e37c4cde6637204b11bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8b:88:72:81:6f:20:e3:f7:fe:bb:84:2b:fc:
b1:f6:ac:6e:21:aa:2b:6a:aa:23:c6:e9:a9:71:8e:
63:d8:f7:6d:bf:1b:35:30:7c:54:af:ab:eb:93:3e:
63:46:1f:a9:60:bf:85:af:c6:33:75:e6:16:70:39:
b3:2b:85:ac:5b:fe:dd:74:cf:be:7e:40:c2:07:c3:
71:78:3c:9a:6a:c2:4b:9e:e4:2f:1a:af:c7:0b:15:
a2:cc:8d:ef:ff:af:2f:6c:bd:28:85:61:5c:ad:09:
02:a8:2a:93:be:f3:18:58:61:22:e9:f9:c6:3f:25:
93:f5:73:89:de:ff:e8:3c:cf:42:1b:2f:c4:85:50:
33:44:71:63:04:87:bb:4c:14:fe:65:ce:d5:fd:ad:
4c:29:5b:71:3b:a2:af:b7:e8:ea:b0:a9:87:84:96:
e3:a4:3f:0c:a8:18:aa:5c:19:ec:6d:ac:77:30:89:
82:30:9a:34:bd:5a:0e:a4:79:3a:b4:aa:ab:69:9c:
52:f4:03:f5:de:9c:87:cf:e7:4a:23:3a:c9:41:d6:
89:a1:2f:d2:2f:48:4e:f4:e1:25:4b:4b:24:bc:80:
4b:ba:fa:8e:8a:f9:57:8b:c3:39:1f:3f:d6:b8:70:
78:fb:6a:e9:3d:a2:c4:ca:74:a5:25:6b:5c:43:4d:
62:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:FB:31:B3:BE:D3:67:EC:95:0E:37:C4:CD:E6:63:72:04:B1:1B:F8
X509v3 Authority Key Identifier:
keyid:36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/rfsxs77TZ-yVDjfEzeZjcgSxG_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/NrVfs00p-WJUUTKgJbUmRP3_v28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.123.0/24
IPv6:
2a10:ca00:1::-2a10:ca00:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:7f:70:56:35:35:5a:44:f0:20:e2:1d:88:99:ea:4b:f2:38:
2b:8c:36:35:c0:8f:34:81:b4:3e:fc:9e:01:d3:80:f1:73:28:
0a:a4:54:45:c1:ed:6c:7a:14:1d:46:b3:a9:9e:13:f9:44:46:
40:95:bf:ea:6d:36:88:d6:4e:39:57:48:96:27:e7:09:4a:4e:
9f:60:d7:4a:d8:29:97:a6:4a:df:81:89:fd:e7:62:5a:48:20:
00:70:0f:8d:32:4a:99:e1:65:bb:e3:de:8f:3c:13:81:90:5a:
45:81:a4:d8:49:2b:ac:d5:c1:cf:e2:fd:ae:93:8d:66:8c:f4:
92:f7:b5:ff:66:78:3e:7a:e1:c4:de:9a:9c:4b:40:fd:a1:a7:
f2:5c:5a:87:45:43:2e:89:55:c7:cc:15:bc:ce:81:56:8f:3f:
9d:42:e1:77:6b:51:f9:34:32:16:3c:ad:40:f3:5e:be:66:b3:
bb:67:32:e1:cc:89:35:95:c8:66:62:a6:94:be:71:4a:b1:79:
46:9d:cb:73:a2:e2:f7:7f:da:97:76:88:32:dd:9b:28:0d:d2:
f6:98:75:18:41:d7:1d:a1:34:fc:7d:04:15:34:85:d2:1b:d6:
86:6a:f3:15:88:62:02:a6:56:e2:7d:da:e1:6b:70:31:4b:a8:
dd:78:81:98
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVvi3F2uYBr3Lfub/QywZ4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjU1ZmIzNGQyOWY5NjI1NDUxMzJhMDI1YjUyNjQ0ZmRm
ZmJmNmYwHhcNMjMwMTAxMjI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGZiMzFiM2JlZDM2N2VjOTUwZTM3YzRjZGU2NjM3MjA0YjExYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIuIcoFvIOP3/ruEK/yx9qxuIaor
aqojxumpcY5j2Pdtvxs1MHxUr6vrkz5jRh+pYL+Fr8YzdeYWcDmzK4WsW/7ddM++
fkDCB8NxeDyaasJLnuQvGq/HCxWizI3v/68vbL0ohWFcrQkCqCqTvvMYWGEi6fnG
PyWT9XOJ3v/oPM9CGy/EhVAzRHFjBIe7TBT+Zc7V/a1MKVtxO6Kvt+jqsKmHhJbj
pD8MqBiqXBnsbax3MImCMJo0vVoOpHk6tKqraZxS9AP13pyHz+dKIzrJQdaJoS/S
L0hO9OElS0skvIBLuvqOivlXi8M5Hz/WuHB4+2rpPaLEynSlJWtcQ01iyQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFK37MbO+02fslQ43xM3mY3IEsRv4MB8GA1UdIwQY
MBaAFDa1X7NNKfliVFEyoCW1JkT9/79vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJWZnMwMHAtV0pVVVRLZ0piVW1SUDNfdjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yYmYwMGItYmZiYy00ZjZiLWExM2Ut
ZjEwZjczYTllY2IzLzEvcmZzeHM3N1RaLXlWRGpmRXplWmpjZ1N4R19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yYmYwMGItYmZiYy00ZjZiLWExM2UtZjEwZjczYTllY2Iz
LzEvTnJWZnMwMHAtV0pVVVRLZ0piVW1SUDNfdjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAuc57MBoE
AgACMBQwEgMHACoQygAAAQMHACoQygAABDANBgkqhkiG9w0BAQsFAAOCAQEAa39w
VjU1WkTwIOIdiJnqS/I4K4w2NcCPNIG0PvyeAdOA8XMoCqRURcHtbHoUHUazqZ4T
+URGQJW/6m02iNZOOVdIlifnCUpOn2DXStgpl6ZK34GJ/ediWkggAHAPjTJKmeFl
u+PejzwTgZBaRYGk2EkrrNXBz+L9rpONZoz0kve1/2Z4PnrhxN6anEtA/aGn8lxa
h0VDLolVx8wVvM6BVo8/nULhd2tR+TQyFjytQPNevmazu2cy4cyJNZXIZmKmlL5x
SrF5Rp3Lc6Li93/al3aIMt2bKA3S9ph1GEHXHaE0/H0EFTSF0hvWhmrzFYhiAqZW
4n3a4WtwMUuo3XiBmA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:04 2024 by rpki-client on console-ams.rpki-client.org