Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/8eb453-a3eb-4500-a7e0-32de5858ba6c/1/M1RbC5pIdrj21_3LAcjT4BcyiVo.roa
File: M1RbC5pIdrj21_3LAcjT4BcyiVo.roa (raw, json)
Hash identifier: WJNrs3vudyALNBduo9i/Vmy6Owkv3+Nb/Nfy8YBUXBw=
Subject key identifier: 33:54:5B:0B:9A:48:76:B8:F6:D7:FD:CB:01:C8:D3:E0:17:32:89:5A
Certificate issuer: /CN=4531ad46e0b9c010cd2885e6002c1a5b93cd5112
Certificate serial: 018BF32A5CEAD41E1404D2FB82C32E97D303
Authority key identifier: 45:31:AD:46:E0:B9:C0:10:CD:28:85:E6:00:2C:1A:5B:93:CD:51:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RTGtRuC5wBDNKIXmACwaW5PNURI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/8eb453-a3eb-4500-a7e0-32de5858ba6c/1/M1RbC5pIdrj21_3LAcjT4BcyiVo.roa
Signing time: Tue 21 Nov 2023 18:35:21 +0000
ROA not before: Tue 21 Nov 2023 18:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21232
IP address blocks: 185.193.224.0/22 maxlen: 22
2a14:5300::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f3:2a:5c:ea:d4:1e:14:04:d2:fb:82:c3:2e:97:d3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4531ad46e0b9c010cd2885e6002c1a5b93cd5112
Validity
Not Before: Nov 21 18:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33545b0b9a4876b8f6d7fdcb01c8d3e01732895a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a1:8a:78:d9:3f:47:70:b7:f3:6f:a9:83:44:
07:ea:4e:3f:e8:15:f7:1e:c9:f9:36:f0:c7:f2:13:
14:14:77:a6:0c:22:0c:eb:0f:6a:13:b5:62:93:eb:
2e:f9:75:81:b0:fa:44:5a:b0:8a:bc:36:d2:c5:76:
6a:2f:58:66:83:fb:80:28:5d:5a:51:ff:47:fe:75:
53:05:89:5e:fc:08:13:da:2b:45:ec:85:38:42:3a:
12:5c:f4:41:fd:34:99:99:74:a6:11:e7:ed:0f:68:
97:90:45:31:26:0a:12:85:ec:6f:e6:b0:89:9d:5d:
b3:45:59:5c:5f:e3:a2:b5:36:95:93:c5:12:62:89:
e3:59:ef:8e:ec:d0:99:9f:ae:8d:2c:34:05:0b:0e:
97:03:91:e8:d2:11:0f:24:28:a0:3c:d3:e9:3c:8c:
b4:a9:e3:b6:aa:19:2d:39:45:4a:72:b9:43:c3:c1:
ff:fe:62:18:de:85:92:02:88:dd:93:da:65:ea:63:
3c:fc:0a:3a:43:c2:33:7f:01:95:dd:40:61:ec:60:
f8:e4:15:a8:c2:b2:33:dd:fe:2b:b3:54:44:de:23:
7c:b8:96:33:2e:95:bf:b8:47:eb:f9:16:b0:0e:04:
1d:e1:4c:6c:44:ae:1d:33:9e:c8:1c:33:9f:64:ed:
ed:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:54:5B:0B:9A:48:76:B8:F6:D7:FD:CB:01:C8:D3:E0:17:32:89:5A
X509v3 Authority Key Identifier:
keyid:45:31:AD:46:E0:B9:C0:10:CD:28:85:E6:00:2C:1A:5B:93:CD:51:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RTGtRuC5wBDNKIXmACwaW5PNURI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/8eb453-a3eb-4500-a7e0-32de5858ba6c/1/M1RbC5pIdrj21_3LAcjT4BcyiVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/8eb453-a3eb-4500-a7e0-32de5858ba6c/1/RTGtRuC5wBDNKIXmACwaW5PNURI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.224.0/22
IPv6:
2a14:5300::/32
Signature Algorithm: sha256WithRSAEncryption
8f:b9:6c:28:43:2e:bb:1d:c9:e1:e1:3c:db:ae:3d:ee:87:e4:
ee:a7:6d:93:d9:b7:3e:e1:81:12:b9:39:64:8e:51:d6:c7:6c:
a1:fd:2e:bc:9f:33:34:5d:03:5d:67:19:07:17:9e:44:a8:51:
28:b2:19:34:57:40:1c:33:5f:c4:c4:f5:40:41:d0:6f:69:35:
14:a6:2a:dc:d0:d3:e7:d7:36:cd:b3:28:07:ad:ab:ef:2b:90:
05:08:6f:a3:d5:c8:f3:e3:86:57:d5:26:a3:13:bb:48:2a:c6:
12:3c:08:7d:0a:75:d9:ca:20:3a:14:74:a0:f1:4c:6e:ee:a1:
78:bb:94:72:15:9a:db:34:82:c4:87:26:db:cb:d1:ec:41:4c:
ea:cf:cc:e2:be:f8:6e:54:51:42:aa:cc:f2:dd:b5:6e:fa:36:
67:1e:3d:ae:65:7c:db:96:53:e2:00:69:7f:95:14:32:35:87:
2d:84:a8:f0:a4:ce:7b:0b:97:c8:2d:02:28:23:8e:bb:40:51:
b6:65:24:f3:8f:48:d4:a2:9d:43:be:63:af:13:f1:5f:bd:8b:
65:e3:51:bc:e3:18:0a:07:93:7c:7d:50:fb:a4:5f:20:da:07:
5a:b3:17:0d:d8:d2:4f:d8:a7:ca:4d:1b:77:6c:d8:19:da:ca:
b8:08:5f:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvzKlzq1B4UBNL7gsMul9MDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MzFhZDQ2ZTBiOWMwMTBjZDI4ODVlNjAwMmMxYTViOTNj
ZDUxMTIwHhcNMjMxMTIxMTgzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzU0NWIwYjlhNDg3NmI4ZjZkN2ZkY2IwMWM4ZDNlMDE3MzI4OTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06GKeNk/R3C382+pg0QH6k4/6BX3
Hsn5NvDH8hMUFHemDCIM6w9qE7Vik+su+XWBsPpEWrCKvDbSxXZqL1hmg/uAKF1a
Uf9H/nVTBYle/AgT2itF7IU4QjoSXPRB/TSZmXSmEeftD2iXkEUxJgoShexv5rCJ
nV2zRVlcX+OitTaVk8USYonjWe+O7NCZn66NLDQFCw6XA5Ho0hEPJCigPNPpPIy0
qeO2qhktOUVKcrlDw8H//mIY3oWSAojdk9pl6mM8/Ao6Q8IzfwGV3UBh7GD45BWo
wrIz3f4rs1RE3iN8uJYzLpW/uEfr+RawDgQd4UxsRK4dM57IHDOfZO3tQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDNUWwuaSHa49tf9ywHI0+AXMolaMB8GA1UdIwQY
MBaAFEUxrUbgucAQzSiF5gAsGluTzVESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlRHdFJ1QzV3QkROS0lYbUFDd2FXNVBOVVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy84ZWI0NTMtYTNlYi00NTAwLWE3ZTAt
MzJkZTU4NThiYTZjLzEvTTFSYkM1cElkcmoyMV8zTEFjalQ0QmN5aVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy84ZWI0NTMtYTNlYi00NTAwLWE3ZTAtMzJkZTU4NThiYTZj
LzEvUlRHdFJ1QzV3QkROS0lYbUFDd2FXNVBOVVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucHgMA0E
AgACMAcDBQAqFFMAMA0GCSqGSIb3DQEBCwUAA4IBAQCPuWwoQy67Hcnh4Tzbrj3u
h+Tup22T2bc+4YESuTlkjlHWx2yh/S68nzM0XQNdZxkHF55EqFEoshk0V0AcM1/E
xPVAQdBvaTUUpirc0NPn1zbNsygHravvK5AFCG+j1cjz44ZX1SajE7tIKsYSPAh9
CnXZyiA6FHSg8Uxu7qF4u5RyFZrbNILEhybby9HsQUzqz8zivvhuVFFCqszy3bVu
+jZnHj2uZXzbllPiAGl/lRQyNYcthKjwpM57C5fILQIoI467QFG2ZSTzj0jUop1D
vmOvE/FfvYtl41G84xgKB5N8fVD7pF8g2gdasxcN2NJP2KfKTRt3bNgZ2sq4CF84
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:41 2024 by rpki-client on console-ams.rpki-client.org