Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/0HSNliQZYYnPfS8B3qUpyUvEZMM.roa
File: 0HSNliQZYYnPfS8B3qUpyUvEZMM.roa (raw, json)
Hash identifier: +g1La1HwmjA1jnkbLkx0PqQPxERrkPhVokwtHB2M2x4=
Subject key identifier: D0:74:8D:96:24:19:61:89:CF:7D:2F:01:DE:A5:29:C9:4B:C4:64:C3
Certificate issuer: /CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2
Certificate serial: 01856CCACCAA48FF035451C8B1AA2C8AB875
Authority key identifier: 00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/0HSNliQZYYnPfS8B3qUpyUvEZMM.roa
Signing time: Sun 01 Jan 2023 10:05:08 +0000
ROA not before: Sun 01 Jan 2023 10:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9051
IP address blocks: 185.40.208.0/22 maxlen: 24
2a04:86c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:cc:aa:48:ff:03:54:51:c8:b1:aa:2c:8a:b8:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2
Validity
Not Before: Jan 1 10:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0748d9624196189cf7d2f01dea529c94bc464c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e7:2a:5a:ff:09:51:17:93:aa:59:a6:90:90:
94:bb:58:c8:10:ec:8e:9e:11:31:ee:b1:4c:74:53:
52:83:39:63:05:9a:52:ed:5b:cb:5b:2b:21:ad:e7:
4a:19:77:ff:d0:08:b1:3d:aa:88:4d:48:ad:84:b5:
24:b3:f7:0b:d2:68:cf:e0:38:84:b2:d3:a5:2c:e7:
f7:22:15:09:c6:49:e2:57:fd:c2:eb:b3:f1:7d:51:
75:60:51:e8:91:6e:cc:32:90:6b:1f:7b:ed:84:d1:
67:e1:75:06:14:30:6d:8c:1a:81:07:33:a9:23:71:
09:9a:3e:7b:4e:71:1c:04:8c:69:84:47:ff:5c:d9:
b2:80:2e:1f:ec:26:5d:27:93:2d:03:2e:b3:72:85:
c1:07:37:a5:41:ca:5d:7d:a4:8e:8a:95:23:0c:c7:
31:20:ce:40:ce:9b:d9:68:22:29:b8:c0:a7:19:36:
4b:a1:0e:fb:58:c8:10:51:66:b5:2e:72:6d:33:25:
89:07:3a:b4:3d:fd:c0:cd:a6:18:7c:66:1b:2d:cd:
db:bd:12:49:bb:19:94:93:0a:cd:15:bf:b0:2a:79:
53:aa:3c:b6:9c:24:14:16:64:78:e1:17:77:e0:ed:
13:e8:08:af:90:b2:35:62:04:b5:9d:17:88:de:61:
64:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:74:8D:96:24:19:61:89:CF:7D:2F:01:DE:A5:29:C9:4B:C4:64:C3
X509v3 Authority Key Identifier:
keyid:00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/0HSNliQZYYnPfS8B3qUpyUvEZMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.208.0/22
IPv6:
2a04:86c0::/29
Signature Algorithm: sha256WithRSAEncryption
88:c9:1e:28:05:02:1b:9b:82:68:32:d2:43:20:ee:61:0d:b4:
7a:d9:58:26:a6:9f:c6:00:1e:54:c3:81:fa:17:84:dd:ff:8c:
02:3d:e6:0c:ea:ab:4e:fd:91:f2:0c:7b:5a:7f:cd:79:01:3a:
f5:0b:7d:bb:82:c8:bb:6d:7e:27:65:19:e5:52:f5:fd:2a:f3:
d3:f5:47:d7:aa:8f:cd:db:1c:c3:f7:85:1b:f8:bf:36:d1:b5:
d7:fd:bd:b7:c7:9a:24:69:2b:7c:92:da:47:e9:22:81:f2:90:
ac:ab:5f:ba:52:8b:a6:fa:91:96:58:f5:0f:3b:f3:96:3a:f8:
dd:30:c0:61:2a:02:2c:85:c4:e9:af:2a:aa:03:13:b6:37:cc:
54:9c:4e:f9:dc:c1:02:42:6d:48:52:3a:a2:8d:d6:d4:55:88:
48:21:d3:22:12:22:ce:7d:bf:e3:52:09:c5:b4:9c:d7:31:59:
f6:f5:78:bb:c7:5c:d6:5c:1a:e6:d6:74:54:82:54:ab:40:21:
04:6c:60:a0:68:7c:e5:ea:07:8f:e1:5f:91:0a:9e:ea:40:91:
4b:7f:2e:7a:7b:7f:c5:77:60:4a:6c:cc:a3:f6:ba:8d:c9:fc:
35:d1:84:2f:73:f0:81:51:f9:b0:59:46:6d:21:61:32:fa:b8:
30:6c:40:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsysyqSP8DVFHIsaosirh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWY5ZGRhMzA3Y2I1MjUzODVlZjkwZjUwNmQwZDU3YmI5
ZDJiZjIwHhcNMjMwMTAxMTAwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDc0OGQ5NjI0MTk2MTg5Y2Y3ZDJmMDFkZWE1MjljOTRiYzQ2NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkecqWv8JUReTqlmmkJCUu1jIEOyO
nhEx7rFMdFNSgzljBZpS7VvLWyshredKGXf/0AixPaqITUithLUks/cL0mjP4DiE
stOlLOf3IhUJxkniV/3C67PxfVF1YFHokW7MMpBrH3vthNFn4XUGFDBtjBqBBzOp
I3EJmj57TnEcBIxphEf/XNmygC4f7CZdJ5MtAy6zcoXBBzelQcpdfaSOipUjDMcx
IM5AzpvZaCIpuMCnGTZLoQ77WMgQUWa1LnJtMyWJBzq0Pf3AzaYYfGYbLc3bvRJJ
uxmUkwrNFb+wKnlTqjy2nCQUFmR44Rd34O0T6AivkLI1YgS1nReI3mFkJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNB0jZYkGWGJz30vAd6lKclLxGTDMB8GA1UdIwQY
MBaAFACvndowfLUlOF75D1BtDVe7nSvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTkt
OTBlYWNlOWUwNTllLzEvMEhTTmxpUVpZWW5QZlM4QjNxVXB5VXZFWk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTktOTBlYWNlOWUwNTll
LzEvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSjQMA0E
AgACMAcDBQMqBIbAMA0GCSqGSIb3DQEBCwUAA4IBAQCIyR4oBQIbm4JoMtJDIO5h
DbR62Vgmpp/GAB5Uw4H6F4Td/4wCPeYM6qtO/ZHyDHtaf815ATr1C327gsi7bX4n
ZRnlUvX9KvPT9UfXqo/N2xzD94Ub+L820bXX/b23x5okaSt8ktpH6SKB8pCsq1+6
Uoum+pGWWPUPO/OWOvjdMMBhKgIshcTpryqqAxO2N8xUnE753MECQm1IUjqijdbU
VYhIIdMiEiLOfb/jUgnFtJzXMVn29Xi7x1zWXBrm1nRUglSrQCEEbGCgaHzl6geP
4V+RCp7qQJFLfy56e3/Fd2BKbMyj9rqNyfw10YQvc/CBUfmwWUZtIWEy+rgwbECs
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:16 2024 by rpki-client on console-ams.rpki-client.org