Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/vT0Pocct5R2hiCPyirx3hBThK3A.roa
File: vT0Pocct5R2hiCPyirx3hBThK3A.roa (raw, json)
Hash identifier: 5vc7COcTzNOZFEj44/Kw5+Yv3Cd8+kduF3fhSyw/4VE=
Subject key identifier: BD:3D:0F:A1:C7:2D:E5:1D:A1:88:23:F2:8A:BC:77:84:14:E1:2B:70
Certificate issuer: /CN=32d44919fdd08afb9a4d0a8778923011251dd7f0
Certificate serial: 0185701542517BE60FC0ED4C0C8F79C9DEA7
Authority key identifier: 32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/vT0Pocct5R2hiCPyirx3hBThK3A.roa
Signing time: Mon 02 Jan 2023 01:25:19 +0000
ROA not before: Mon 02 Jan 2023 01:25:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 185.5.146.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:42:51:7b:e6:0f:c0:ed:4c:0c:8f:79:c9:de:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32d44919fdd08afb9a4d0a8778923011251dd7f0
Validity
Not Before: Jan 2 01:25:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd3d0fa1c72de51da18823f28abc778414e12b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fa:53:a4:c8:85:a8:76:e4:99:e8:04:fc:e9:
f4:83:01:51:71:7a:5d:7e:c5:45:eb:5f:d1:d5:43:
f9:3c:da:9b:be:b8:51:cb:ac:a7:3f:8c:d9:48:aa:
38:90:be:ef:28:5d:4a:30:a3:95:ab:da:72:11:ed:
ad:76:6f:73:33:8c:ed:2a:bb:8c:e8:da:4c:fc:d6:
82:90:07:cc:b0:1e:0a:26:7d:46:7a:cc:97:ac:97:
d1:16:ae:16:e8:d5:e2:b8:cc:d3:09:3a:0c:37:06:
4e:41:30:ff:d0:84:95:a5:48:3b:c8:38:ba:ca:dd:
ac:47:d0:1a:87:a0:ac:18:2d:a0:57:81:05:cf:d2:
78:a8:f9:80:c3:5a:dc:75:b8:aa:f8:31:f5:c1:f3:
0d:a1:82:00:e3:20:5f:13:33:3f:af:46:a1:a8:3f:
03:05:94:86:9a:29:19:eb:1d:03:0c:b9:ff:ad:44:
d8:95:e8:6e:cc:fb:b6:83:bd:91:0c:c2:e3:70:c3:
75:0f:d6:40:52:96:9a:f4:c3:96:a3:a6:c4:d3:4f:
b6:4c:19:a0:ab:06:5e:aa:f9:d7:37:59:20:d0:e5:
58:51:05:95:89:d5:36:3a:ff:15:a9:c7:bc:7f:2f:
87:52:74:a3:d2:47:10:36:23:ed:4a:bf:db:24:b4:
c3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3D:0F:A1:C7:2D:E5:1D:A1:88:23:F2:8A:BC:77:84:14:E1:2B:70
X509v3 Authority Key Identifier:
keyid:32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/vT0Pocct5R2hiCPyirx3hBThK3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.146.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f4:2c:ce:bb:8d:59:36:03:3a:03:cc:f8:f7:27:f2:3a:02:
49:8f:2e:43:b4:13:0a:b9:6d:7e:47:4b:3c:97:48:0f:73:44:
9c:05:ef:1b:bb:49:b4:63:9b:b2:5f:2c:2a:a9:e2:55:ac:e4:
85:b9:6e:ad:d1:3f:7f:62:76:26:42:13:d4:3a:6d:eb:6c:a5:
49:ff:81:c0:ab:3b:b9:fe:bb:84:20:f8:75:92:db:63:77:95:
89:e8:a3:8e:3a:71:c4:21:3d:e8:42:f1:c5:b5:d4:ce:75:8c:
80:ee:7e:df:2e:8b:ee:78:8a:53:2f:7a:22:2b:a6:96:6a:8e:
5c:f9:bf:88:18:c4:d5:fb:9d:95:86:2e:a7:53:bf:a4:e2:e5:
b5:f7:ad:f8:3d:85:ee:ff:ca:06:d2:dd:21:af:e9:69:cb:c8:
d0:e2:ba:fc:4e:a4:49:0a:68:e5:58:02:15:29:0f:08:8c:3b:
7a:39:bd:2d:86:b6:93:48:44:4b:6b:56:4a:9f:fd:20:b0:63:
eb:70:2d:11:f5:83:49:2a:29:7f:c5:e9:95:ad:53:89:6d:04:
0a:e6:72:62:4b:da:40:12:a1:08:2c:f6:ef:fc:0e:f5:1a:b6:
5c:46:b1:5f:c7:e7:02:2a:52:49:9f:17:8f:5e:82:75:f4:79:
67:80:dd:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFUJRe+YPwO1MDI95yd6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDQ0OTE5ZmRkMDhhZmI5YTRkMGE4Nzc4OTIzMDExMjUx
ZGQ3ZjAwHhcNMjMwMTAyMDEyNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNkMGZhMWM3MmRlNTFkYTE4ODIzZjI4YWJjNzc4NDE0ZTEyYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvpTpMiFqHbkmegE/On0gwFRcXpd
fsVF61/R1UP5PNqbvrhRy6ynP4zZSKo4kL7vKF1KMKOVq9pyEe2tdm9zM4ztKruM
6NpM/NaCkAfMsB4KJn1GesyXrJfRFq4W6NXiuMzTCToMNwZOQTD/0ISVpUg7yDi6
yt2sR9Aah6CsGC2gV4EFz9J4qPmAw1rcdbiq+DH1wfMNoYIA4yBfEzM/r0ahqD8D
BZSGmikZ6x0DDLn/rUTYlehuzPu2g72RDMLjcMN1D9ZAUpaa9MOWo6bE00+2TBmg
qwZeqvnXN1kg0OVYUQWVidU2Ov8Vqce8fy+HUnSj0kcQNiPtSr/bJLTDfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL09D6HHLeUdoYgj8oq8d4QU4StwMB8GA1UdIwQY
MBaAFDLUSRn90Ir7mk0Kh3iSMBElHdfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRSSkdmM1FpdnVhVFFxSGVKSXdFU1VkMV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mZDIyOTQtY2YzNy00ZmM5LTllZGQt
YTRmN2IwODhiYzFhLzEvdlQwUG9jY3Q1UjJoaUNQeWlyeDNoQlRoSzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mZDIyOTQtY2YzNy00ZmM5LTllZGQtYTRmN2IwODhiYzFh
LzEvTXRSSkdmM1FpdnVhVFFxSGVKSXdFU1VkMV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQWSMA0G
CSqGSIb3DQEBCwUAA4IBAQAB9CzOu41ZNgM6A8z49yfyOgJJjy5DtBMKuW1+R0s8
l0gPc0ScBe8bu0m0Y5uyXywqqeJVrOSFuW6t0T9/YnYmQhPUOm3rbKVJ/4HAqzu5
/ruEIPh1kttjd5WJ6KOOOnHEIT3oQvHFtdTOdYyA7n7fLovueIpTL3oiK6aWao5c
+b+IGMTV+52Vhi6nU7+k4uW19634PYXu/8oG0t0hr+lpy8jQ4rr8TqRJCmjlWAIV
KQ8IjDt6Ob0thraTSERLa1ZKn/0gsGPrcC0R9YNJKil/xemVrVOJbQQK5nJiS9pA
EqEILPbv/A71GrZcRrFfx+cCKlJJnxePXoJ19HlngN0T
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:21 2024 by rpki-client on console-ams.rpki-client.org