Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/35be04-d5b7-44aa-ade4-13401d1f22d2/1/xzVz7sLhm4ehJ1VzghWgxHZKQpg.roa
File: xzVz7sLhm4ehJ1VzghWgxHZKQpg.roa (raw, json)
Hash identifier: 2xX26avvf1E6X+jkqcHa+RuC5W270usoH162RMUYbWc=
Subject key identifier: C7:35:73:EE:C2:E1:9B:87:A1:27:55:73:82:15:A0:C4:76:4A:42:98
Certificate issuer: /CN=ae4a29c6138e2d93d54a36328b94cb1f8a382a6b
Certificate serial: 01856CE5FD0EB5E2287FAF0CCA32767914A9
Authority key identifier: AE:4A:29:C6:13:8E:2D:93:D5:4A:36:32:8B:94:CB:1F:8A:38:2A:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rkopxhOOLZPVSjYyi5TLH4o4Kms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/35be04-d5b7-44aa-ade4-13401d1f22d2/1/xzVz7sLhm4ehJ1VzghWgxHZKQpg.roa
Signing time: Sun 01 Jan 2023 10:34:49 +0000
ROA not before: Sun 01 Jan 2023 10:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202611
IP address blocks: 185.32.184.0/23 maxlen: 24
2a0b:1440::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Apr 2023 08:51:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:fd:0e:b5:e2:28:7f:af:0c:ca:32:76:79:14:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae4a29c6138e2d93d54a36328b94cb1f8a382a6b
Validity
Not Before: Jan 1 10:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c73573eec2e19b87a12755738215a0c4764a4298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:91:23:9f:78:ed:d7:81:e9:53:1b:81:f2:ec:
e9:b6:73:5f:52:bf:cb:1a:4b:f3:9f:89:9c:1d:9e:
c8:f3:ae:2c:8c:f5:1e:12:b6:98:a8:aa:46:04:d4:
91:d2:d6:33:d6:34:4a:20:6e:df:9a:16:59:2d:6f:
b8:af:e6:93:7f:6c:78:a9:18:b4:f6:95:a8:28:b6:
c5:71:11:9d:64:89:0f:b6:95:b2:71:4a:02:00:38:
d0:85:b0:54:69:f5:5e:7b:04:14:1d:b5:30:b6:9e:
5a:b1:bc:15:9c:5b:dd:f0:02:48:03:c9:7c:50:ff:
eb:09:59:ee:65:f7:63:19:9c:65:71:ca:1e:2a:9d:
ef:e7:ec:b5:30:34:6f:9a:26:db:65:42:df:87:cd:
83:f7:6e:22:6e:49:ea:ee:5a:96:ec:5c:98:8a:14:
53:05:db:ac:71:e8:d2:94:eb:7d:89:82:f0:87:23:
39:fb:7e:3a:f3:08:da:02:55:df:a3:b3:5a:e5:d0:
c5:45:f1:02:ea:5e:5f:fb:17:b8:42:7f:c7:85:3b:
54:1e:4f:c2:a4:d9:68:9d:18:05:49:13:3a:21:1c:
df:fe:5c:47:79:ed:87:37:e8:89:24:b9:0b:83:bb:
d8:67:81:3a:72:3d:81:7b:fd:b5:45:8b:8e:cd:9f:
1f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:35:73:EE:C2:E1:9B:87:A1:27:55:73:82:15:A0:C4:76:4A:42:98
X509v3 Authority Key Identifier:
keyid:AE:4A:29:C6:13:8E:2D:93:D5:4A:36:32:8B:94:CB:1F:8A:38:2A:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkopxhOOLZPVSjYyi5TLH4o4Kms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/35be04-d5b7-44aa-ade4-13401d1f22d2/1/xzVz7sLhm4ehJ1VzghWgxHZKQpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/35be04-d5b7-44aa-ade4-13401d1f22d2/1/rkopxhOOLZPVSjYyi5TLH4o4Kms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.184.0/23
IPv6:
2a0b:1440::/32
Signature Algorithm: sha256WithRSAEncryption
19:40:ce:f0:64:b9:ca:88:32:d4:b3:d2:fb:7f:55:e0:58:ce:
77:ff:00:e4:62:cc:a3:07:4d:fc:5b:6a:01:57:41:82:fb:23:
e7:35:3e:bf:00:e9:4f:f6:ab:d9:4b:fd:47:d7:8f:4a:29:3d:
d6:9e:38:20:79:de:56:9c:d9:60:5c:4c:49:6e:e9:7a:4b:69:
91:e9:13:6c:70:ce:d4:bc:fe:a3:28:e4:b7:8c:0a:02:19:2a:
77:f4:f3:ea:ae:71:04:69:9d:48:f8:92:ce:07:0c:5f:84:ab:
e1:87:16:46:44:6b:b4:32:c8:84:df:2d:46:92:4d:f2:8e:78:
9e:fb:7c:67:15:cf:78:88:6b:2c:9b:13:22:35:38:c8:9a:22:
04:50:0d:46:29:17:71:c3:17:3b:65:6b:bd:bd:b0:52:1f:b0:
fd:16:e7:96:4d:82:f0:b6:fa:4d:69:d6:0a:99:34:8a:01:ea:
e1:2e:bc:56:e0:43:1e:f7:ad:15:97:65:45:b3:d2:8f:8d:bc:
ed:35:87:5d:7e:0e:6c:d9:fe:30:82:55:16:ce:4a:5d:8d:b1:
fe:f4:f9:4d:fe:cc:fe:4c:65:27:fe:53:30:d1:1f:ad:ac:86:
8e:51:40:05:93:26:15:69:43:bc:b0:55:02:a8:6b:8b:7d:5f:
00:df:82:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs5f0OteIof68MyjJ2eRSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNGEyOWM2MTM4ZTJkOTNkNTRhMzYzMjhiOTRjYjFmOGEz
ODJhNmIwHhcNMjMwMTAxMTAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM1NzNlZWMyZTE5Yjg3YTEyNzU1NzM4MjE1YTBjNDc2NGE0Mjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJEjn3jt14HpUxuB8uzptnNfUr/L
Gkvzn4mcHZ7I864sjPUeEraYqKpGBNSR0tYz1jRKIG7fmhZZLW+4r+aTf2x4qRi0
9pWoKLbFcRGdZIkPtpWycUoCADjQhbBUafVeewQUHbUwtp5asbwVnFvd8AJIA8l8
UP/rCVnuZfdjGZxlccoeKp3v5+y1MDRvmibbZULfh82D924ibknq7lqW7FyYihRT
BduscejSlOt9iYLwhyM5+3468wjaAlXfo7Na5dDFRfEC6l5f+xe4Qn/HhTtUHk/C
pNlonRgFSRM6IRzf/lxHee2HN+iJJLkLg7vYZ4E6cj2Be/21RYuOzZ8fHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMc1c+7C4ZuHoSdVc4IVoMR2SkKYMB8GA1UdIwQY
MBaAFK5KKcYTji2T1Uo2MouUyx+KOCprMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmtvcHhoT09MWlBWU2pZeWk1VExING80S21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zNWJlMDQtZDViNy00NGFhLWFkZTQt
MTM0MDFkMWYyMmQyLzEveHpWejdzTGhtNGVoSjFWemdoV2d4SFpLUXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zNWJlMDQtZDViNy00NGFhLWFkZTQtMTM0MDFkMWYyMmQy
LzEvcmtvcHhoT09MWlBWU2pZeWk1VExING80S21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuSC4MA0E
AgACMAcDBQAqCxRAMA0GCSqGSIb3DQEBCwUAA4IBAQAZQM7wZLnKiDLUs9L7f1Xg
WM53/wDkYsyjB038W2oBV0GC+yPnNT6/AOlP9qvZS/1H149KKT3Wnjgged5WnNlg
XExJbul6S2mR6RNscM7UvP6jKOS3jAoCGSp39PPqrnEEaZ1I+JLOBwxfhKvhhxZG
RGu0MsiE3y1Gkk3yjnie+3xnFc94iGssmxMiNTjImiIEUA1GKRdxwxc7ZWu9vbBS
H7D9FueWTYLwtvpNadYKmTSKAerhLrxW4EMe960Vl2VFs9KPjbztNYddfg5s2f4w
glUWzkpdjbH+9PlN/sz+TGUn/lMw0R+trIaOUUAFkyYVaUO8sFUCqGuLfV8A34KF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:57 2024 by rpki-client on console-ams.rpki-client.org