Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/9AWbdbZt5MhLcihSvuxFHdBQiQw.roa
File: 9AWbdbZt5MhLcihSvuxFHdBQiQw.roa (raw, json)
Hash identifier: Fts5fsiqiuJEo5QI6vhrMLjxrFyuSKSRKp9KyD3EnSU=
Subject key identifier: F4:05:9B:75:B6:6D:E4:C8:4B:72:28:52:BE:EC:45:1D:D0:50:89:0C
Certificate issuer: /CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2
Certificate serial: 01856CCACD3F43392B4B38393F4291A8B807
Authority key identifier: 00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/9AWbdbZt5MhLcihSvuxFHdBQiQw.roa
Signing time: Sun 01 Jan 2023 10:05:08 +0000
ROA not before: Sun 01 Jan 2023 10:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24634
IP address blocks: 185.40.208.0/22 maxlen: 24
2a04:86c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:cd:3f:43:39:2b:4b:38:39:3f:42:91:a8:b8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2
Validity
Not Before: Jan 1 10:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4059b75b66de4c84b722852beec451dd050890c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d0:db:8b:48:ad:1f:ba:ea:47:e4:66:0d:d5:
ea:13:c7:99:b9:89:04:bf:b5:6a:c8:9d:e6:d6:ee:
55:7b:35:ee:bf:fa:bd:39:dd:e6:e5:b0:fb:90:0d:
b0:23:ee:02:4d:9a:97:4d:cc:73:4d:60:f8:c8:df:
71:88:a6:35:07:6e:7c:42:ef:57:48:62:8a:cb:22:
33:b3:63:35:72:8b:c8:7f:4d:08:0a:f5:eb:9c:3e:
1e:d5:80:ea:c9:77:6a:11:bf:15:f1:13:a7:b1:c9:
1f:28:2a:e1:82:33:ae:65:98:a7:aa:a2:4b:eb:36:
f6:b7:50:9e:65:a0:97:53:47:53:f0:6f:bf:eb:36:
e9:2a:6c:73:d9:36:e1:f2:77:87:21:cd:cb:df:9c:
14:8f:08:41:20:71:23:c8:21:49:8c:73:ec:23:e9:
c9:7f:86:17:f7:8e:7c:f7:c6:cd:a2:bc:70:b0:06:
a7:4f:dd:c6:32:0a:1d:14:d4:ea:38:79:85:f4:b7:
04:21:c6:7e:01:be:12:99:f4:84:a6:18:59:10:af:
22:f5:54:63:4e:2d:c2:23:8b:e5:78:30:dd:96:a5:
70:16:1e:36:6f:ac:57:fe:f0:fa:76:f7:b9:66:a6:
60:12:3e:57:1a:74:fe:b6:f1:7b:e9:bd:d7:5d:9d:
e2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:05:9B:75:B6:6D:E4:C8:4B:72:28:52:BE:EC:45:1D:D0:50:89:0C
X509v3 Authority Key Identifier:
keyid:00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/9AWbdbZt5MhLcihSvuxFHdBQiQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.208.0/22
IPv6:
2a04:86c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:41:fd:f8:7a:3f:a4:9a:06:c5:2e:6a:4a:e8:c3:a0:36:8b:
3d:55:1a:32:3a:d7:a0:01:f5:ac:eb:63:6d:90:5a:8a:da:c6:
66:49:c3:20:c5:fc:eb:e3:fd:25:0b:cb:99:ff:81:f1:1e:8e:
6e:be:42:b2:db:e4:8e:51:a8:de:8f:3f:7b:ef:29:92:83:b5:
9f:e2:d7:64:c1:23:d2:53:1e:07:d9:76:1c:9e:c1:02:92:1c:
f3:81:8b:86:46:04:85:11:bb:33:11:12:39:f1:ba:50:29:b4:
d2:06:17:84:19:d9:47:fe:32:69:a6:b4:a6:d6:11:ea:fc:e4:
54:ae:c5:2f:39:f6:25:a4:b2:77:3d:ad:8a:80:69:87:7d:d7:
df:87:d9:b2:d1:b8:82:5b:13:a3:97:c1:ff:5b:a6:78:11:fe:
3d:2e:e0:3b:4f:35:e6:60:e3:1b:5d:cb:7b:39:e0:7c:4f:e4:
df:ca:d4:5e:ba:e1:c5:c7:a8:6d:48:59:7e:eb:46:53:d8:d9:
f3:0d:e2:0b:fb:70:13:fd:55:8c:73:fb:46:df:16:e9:44:7b:
47:53:97:0d:08:e7:e1:93:17:96:71:b0:aa:e4:df:f2:89:ed:
85:2b:fe:6b:91:81:e0:43:93:75:4b:7f:e1:25:a8:55:bc:6b:
f0:40:d8:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsys0/QzkrSzg5P0KRqLgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWY5ZGRhMzA3Y2I1MjUzODVlZjkwZjUwNmQwZDU3YmI5
ZDJiZjIwHhcNMjMwMTAxMTAwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDA1OWI3NWI2NmRlNGM4NGI3MjI4NTJiZWVjNDUxZGQwNTA4OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9Dbi0itH7rqR+RmDdXqE8eZuYkE
v7VqyJ3m1u5VezXuv/q9Od3m5bD7kA2wI+4CTZqXTcxzTWD4yN9xiKY1B258Qu9X
SGKKyyIzs2M1covIf00ICvXrnD4e1YDqyXdqEb8V8ROnsckfKCrhgjOuZZinqqJL
6zb2t1CeZaCXU0dT8G+/6zbpKmxz2Tbh8neHIc3L35wUjwhBIHEjyCFJjHPsI+nJ
f4YX945898bNorxwsAanT93GMgodFNTqOHmF9LcEIcZ+Ab4SmfSEphhZEK8i9VRj
Ti3CI4vleDDdlqVwFh42b6xX/vD6dve5ZqZgEj5XGnT+tvF76b3XXZ3iFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPQFm3W2beTIS3IoUr7sRR3QUIkMMB8GA1UdIwQY
MBaAFACvndowfLUlOF75D1BtDVe7nSvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTkt
OTBlYWNlOWUwNTllLzEvOUFXYmRiWnQ1TWhMY2loU3Z1eEZIZEJRaVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTktOTBlYWNlOWUwNTll
LzEvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSjQMA0E
AgACMAcDBQMqBIbAMA0GCSqGSIb3DQEBCwUAA4IBAQAVQf34ej+kmgbFLmpK6MOg
Nos9VRoyOtegAfWs62NtkFqK2sZmScMgxfzr4/0lC8uZ/4HxHo5uvkKy2+SOUaje
jz977ymSg7Wf4tdkwSPSUx4H2XYcnsECkhzzgYuGRgSFEbszERI58bpQKbTSBheE
GdlH/jJpprSm1hHq/ORUrsUvOfYlpLJ3Pa2KgGmHfdffh9my0biCWxOjl8H/W6Z4
Ef49LuA7TzXmYOMbXct7OeB8T+TfytReuuHFx6htSFl+60ZT2NnzDeIL+3AT/VWM
c/tG3xbpRHtHU5cNCOfhkxeWcbCq5N/yie2FK/5rkYHgQ5N1S3/hJahVvGvwQNiE
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:16 2024 by rpki-client on console-ams.rpki-client.org