Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/J1GHx4oWfl7sSblauJw6x42uviM.roa
File: J1GHx4oWfl7sSblauJw6x42uviM.roa (raw, json)
Hash identifier: 5nTAMXYjmEic5ccdKw7MeG7bO9bPKLbqyxHxbNh8r5A=
Subject key identifier: 27:51:87:C7:8A:16:7E:5E:EC:49:B9:5A:B8:9C:3A:C7:8D:AE:BE:23
Certificate issuer: /CN=ea1c951d61b87da19439784d23667a89cb3290a4
Certificate serial: 01856F5492FCA3E475E9DB5A7476C707130D
Authority key identifier: EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/J1GHx4oWfl7sSblauJw6x42uviM.roa
Signing time: Sun 01 Jan 2023 21:54:51 +0000
ROA not before: Sun 01 Jan 2023 21:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203603
IP address blocks: 185.249.233.0/24 maxlen: 24
185.249.234.0/23 maxlen: 23
185.113.236.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:92:fc:a3:e4:75:e9:db:5a:74:76:c7:07:13:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1c951d61b87da19439784d23667a89cb3290a4
Validity
Not Before: Jan 1 21:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=275187c78a167e5eec49b95ab89c3ac78daebe23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b1:6c:90:d7:5b:79:cf:73:96:49:93:aa:9f:
aa:b7:26:99:8b:c2:10:dc:60:ba:a3:8c:6c:cd:50:
d1:81:7f:89:bf:4e:4d:54:de:af:8b:1f:6f:c8:76:
0b:f9:b3:3c:12:90:4f:22:87:0f:00:00:c7:b9:ba:
69:97:94:a7:72:f6:25:09:12:9d:4e:50:04:1d:45:
50:95:39:be:ac:68:c7:ca:1a:81:7f:c8:42:4a:bd:
8b:2c:0d:83:c3:d7:f1:90:9a:9c:d0:f5:92:59:cb:
08:1b:22:1e:66:03:a8:48:97:4b:46:86:17:c0:c3:
22:6a:3d:ba:fd:ed:08:ea:0e:ba:13:86:df:68:85:
f9:92:bc:8a:1e:f0:64:03:04:59:d5:6e:49:2b:45:
22:5c:f1:b0:e9:ac:ed:e8:69:ff:2a:e5:bd:6e:6a:
5d:70:1a:32:be:ff:f8:02:66:b7:b2:0e:ee:1b:a7:
c5:71:9c:5f:93:ee:8a:b8:3f:af:26:ba:1e:57:b9:
60:5c:ac:08:3f:70:c2:47:49:69:81:1b:ce:94:93:
c2:34:af:96:04:0b:e7:02:6d:f9:0b:57:73:c1:57:
c1:bd:37:c3:7a:a1:48:4e:45:6d:e7:09:00:1b:5c:
2d:08:34:89:fa:9c:6b:de:f9:cf:e6:b9:78:5e:45:
89:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:51:87:C7:8A:16:7E:5E:EC:49:B9:5A:B8:9C:3A:C7:8D:AE:BE:23
X509v3 Authority Key Identifier:
keyid:EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/J1GHx4oWfl7sSblauJw6x42uviM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/6hyVHWG4faGUOXhNI2Z6icsykKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.236.0/22
185.249.233.0-185.249.235.255
Signature Algorithm: sha256WithRSAEncryption
07:82:32:bc:ef:32:84:62:4e:05:03:f2:36:d4:d2:fe:a1:bd:
04:96:e4:20:46:7e:95:0a:9a:c5:28:3d:df:33:b3:2e:b1:58:
f6:3d:99:22:81:0c:40:d5:c7:ad:53:37:19:91:b2:1c:cc:18:
0b:09:cc:b4:0f:54:6e:09:71:c2:2b:e1:fe:54:79:34:62:2a:
d6:98:29:e2:bc:74:e9:25:ae:f3:e5:67:aa:80:d1:05:7e:b3:
c1:2a:5f:d5:f0:1b:14:cc:d7:0b:cc:ac:29:38:bd:4b:ad:a0:
8e:83:3a:b7:ad:dc:c6:f2:d5:f4:f4:13:9a:9e:3b:74:82:f5:
aa:98:84:dd:cd:78:5a:e7:66:82:4c:04:b7:dc:34:4c:b4:88:
e6:c3:c3:7a:4c:ca:dd:f2:e0:82:71:84:45:48:2d:e0:79:2b:
c6:d3:a8:31:a2:aa:ef:cd:8a:8b:7a:9a:15:c0:c5:70:54:7b:
03:f1:47:06:cd:fa:3e:62:57:3d:5e:0e:5f:16:c3:1c:14:cd:
6b:58:71:1b:6c:8c:e9:01:09:ac:1e:87:d5:05:5b:1f:06:ac:
5f:57:b2:84:a3:05:18:26:71:6e:2c:4d:b6:c3:3c:17:cc:66:
48:ba:1a:78:1a:4e:37:d8:dd:fe:57:82:44:84:40:ef:5e:6d:
aa:d5:40:4d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvVJL8o+R16dtadHbHBxMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMWM5NTFkNjFiODdkYTE5NDM5Nzg0ZDIzNjY3YTg5Y2Iz
MjkwYTQwHhcNMjMwMTAxMjE1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzUxODdjNzhhMTY3ZTVlZWM0OWI5NWFiODljM2FjNzhkYWViZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLFskNdbec9zlkmTqp+qtyaZi8IQ
3GC6o4xszVDRgX+Jv05NVN6vix9vyHYL+bM8EpBPIocPAADHubppl5SncvYlCRKd
TlAEHUVQlTm+rGjHyhqBf8hCSr2LLA2Dw9fxkJqc0PWSWcsIGyIeZgOoSJdLRoYX
wMMiaj26/e0I6g66E4bfaIX5kryKHvBkAwRZ1W5JK0UiXPGw6azt6Gn/KuW9bmpd
cBoyvv/4Ama3sg7uG6fFcZxfk+6KuD+vJroeV7lgXKwIP3DCR0lpgRvOlJPCNK+W
BAvnAm35C1dzwVfBvTfDeqFITkVt5wkAG1wtCDSJ+pxr3vnP5rl4XkWJ2wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCdRh8eKFn5e7Em5WricOseNrr4jMB8GA1UdIwQY
MBaAFOoclR1huH2hlDl4TSNmeonLMpCkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmh5VkhXRzRmYUdVT1hoTkkyWjZpY3N5a0tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MTc3MTUtOTQ4NC00MGY5LTg5NmMt
NzI0YjFhMDIxMmQ0LzEvSjFHSHg0b1dmbDdzU2JsYXVKdzZ4NDJ1dmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MTc3MTUtOTQ4NC00MGY5LTg5NmMtNzI0YjFhMDIxMmQ0
LzEvNmh5VkhXRzRmYUdVT1hoTkkyWjZpY3N5a0tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuXHsMAwD
BAC5+ekDBAK5+egwDQYJKoZIhvcNAQELBQADggEBAAeCMrzvMoRiTgUD8jbU0v6h
vQSW5CBGfpUKmsUoPd8zsy6xWPY9mSKBDEDVx61TNxmRshzMGAsJzLQPVG4JccIr
4f5UeTRiKtaYKeK8dOklrvPlZ6qA0QV+s8EqX9XwGxTM1wvMrCk4vUutoI6DOret
3Mby1fT0E5qeO3SC9aqYhN3NeFrnZoJMBLfcNEy0iObDw3pMyt3y4IJxhEVILeB5
K8bTqDGiqu/Niot6mhXAxXBUewPxRwbN+j5iVz1eDl8WwxwUzWtYcRtsjOkBCawe
h9UFWx8GrF9XsoSjBRgmcW4sTbbDPBfMZki6GngaTjfY3f5XgkSEQO9ebarVQE0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:47 2024 by rpki-client on console-ams.rpki-client.org