Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5a5b74-cab9-4220-b45e-87e8cbd80b4e/1/CbfHWqLze2v87ikxkN6srPQ2CuY.roa
File: CbfHWqLze2v87ikxkN6srPQ2CuY.roa (raw, json)
Hash identifier: U+AgdxqUbXB0ShgGTtN8EYWhPFO5a0maQbqa0v0wCTI=
Subject key identifier: 09:B7:C7:5A:A2:F3:7B:6B:FC:EE:29:31:90:DE:AC:AC:F4:36:0A:E6
Certificate issuer: /CN=ffdd76d973a2836e201526879f40ae3b65f564f4
Certificate serial: 01856CE60DBBCA027B7F471551218431C04F
Authority key identifier: FF:DD:76:D9:73:A2:83:6E:20:15:26:87:9F:40:AE:3B:65:F5:64:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9122XOig24gFSaHn0CuO2X1ZPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/5a5b74-cab9-4220-b45e-87e8cbd80b4e/1/CbfHWqLze2v87ikxkN6srPQ2CuY.roa
Signing time: Sun 01 Jan 2023 10:34:54 +0000
ROA not before: Sun 01 Jan 2023 10:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62117
IP address blocks: 185.46.236.0/24 maxlen: 24
185.46.236.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:0d:bb:ca:02:7b:7f:47:15:51:21:84:31:c0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdd76d973a2836e201526879f40ae3b65f564f4
Validity
Not Before: Jan 1 10:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09b7c75aa2f37b6bfcee293190deacacf4360ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f0:33:0f:94:77:5b:b4:19:6a:20:a2:49:7a:
2a:7a:83:40:41:ad:71:5f:35:6b:58:30:13:a2:f7:
16:43:21:70:59:d5:e0:67:f5:19:48:2b:24:bf:4b:
01:4a:cd:6c:fc:b3:d8:60:8c:44:61:6d:3a:1b:8b:
0e:68:5b:6d:12:0b:ee:b9:2b:0d:88:12:df:6f:bd:
62:81:f0:a2:7b:47:d2:7b:b6:6f:f4:7a:9f:2c:59:
73:ab:ca:31:f5:8e:ca:c4:46:5e:51:e7:d9:f5:00:
2d:79:63:3e:af:3d:75:82:f9:5d:44:e9:90:6a:87:
86:b6:8b:8f:24:f1:75:45:b0:b9:0c:8a:6a:19:21:
c4:7c:b2:9f:6c:6c:ff:ef:c3:b1:8e:05:3d:58:61:
88:a5:25:ae:13:54:db:52:e5:49:67:32:85:7a:ed:
8d:5d:af:d9:16:12:3b:5d:cc:8c:0e:5f:f0:c4:dd:
c4:06:0b:ce:b0:47:32:1f:04:f1:70:df:34:ab:09:
40:e5:a6:85:93:73:fa:6b:dd:ef:a3:9e:2e:e1:3f:
bf:ec:14:8c:c8:81:25:b4:84:25:3a:19:4a:0d:7b:
b0:e8:4e:f5:05:0f:9f:c7:bd:de:75:43:89:8c:f6:
f1:d3:14:cb:44:53:e5:0a:eb:f0:3b:9a:3b:5b:e5:
e1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B7:C7:5A:A2:F3:7B:6B:FC:EE:29:31:90:DE:AC:AC:F4:36:0A:E6
X509v3 Authority Key Identifier:
keyid:FF:DD:76:D9:73:A2:83:6E:20:15:26:87:9F:40:AE:3B:65:F5:64:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9122XOig24gFSaHn0CuO2X1ZPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5a5b74-cab9-4220-b45e-87e8cbd80b4e/1/CbfHWqLze2v87ikxkN6srPQ2CuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5a5b74-cab9-4220-b45e-87e8cbd80b4e/1/_9122XOig24gFSaHn0CuO2X1ZPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.236.0/22
Signature Algorithm: sha256WithRSAEncryption
33:74:a5:34:41:1f:87:40:bf:3e:33:3f:cd:5b:c3:9f:13:f9:
26:fd:00:0d:70:e1:0f:03:72:97:40:e9:d4:84:eb:a6:c1:fb:
06:20:21:7a:d9:19:0b:b9:01:05:0e:f4:e3:b9:53:73:f1:7e:
69:c4:af:41:4b:42:6c:38:37:f0:51:27:4c:ad:d0:66:ec:60:
db:fd:72:e7:e6:04:f1:ae:36:4f:fd:3a:9f:86:54:9d:ec:0f:
c1:f5:86:1b:76:04:d4:6c:4f:9c:d2:d6:ee:5d:c3:21:e2:9d:
4a:97:0a:04:31:32:13:55:9d:4f:f5:81:7b:ae:01:97:01:99:
7d:e9:5e:03:16:5b:1d:57:5e:a2:5f:1c:24:e0:6f:42:4e:be:
47:cb:9a:e2:e3:49:1b:e8:5d:ee:0e:82:98:66:7b:74:1c:c7:
20:c2:75:65:3f:d8:57:ff:8f:33:e6:d9:46:98:2b:0f:2d:83:
cf:6e:9e:3f:75:93:30:31:98:e0:18:94:e5:ca:19:0f:3c:99:
5f:5f:71:7f:df:a7:7c:84:a6:e0:d8:7f:d8:55:92:37:f9:3a:
86:12:75:f3:ee:17:eb:1c:3a:24:98:b6:90:66:b6:0c:6b:c7:
4e:7d:cc:19:77:c7:07:dc:82:4e:1e:19:d4:8c:bf:e0:2e:75:
a6:ff:54:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5g27ygJ7f0cVUSGEMcBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGQ3NmQ5NzNhMjgzNmUyMDE1MjY4NzlmNDBhZTNiNjVm
NTY0ZjQwHhcNMjMwMTAxMTAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI3Yzc1YWEyZjM3YjZiZmNlZTI5MzE5MGRlYWNhY2Y0MzYwYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPAzD5R3W7QZaiCiSXoqeoNAQa1x
XzVrWDATovcWQyFwWdXgZ/UZSCskv0sBSs1s/LPYYIxEYW06G4sOaFttEgvuuSsN
iBLfb71igfCie0fSe7Zv9HqfLFlzq8ox9Y7KxEZeUefZ9QAteWM+rz11gvldROmQ
aoeGtouPJPF1RbC5DIpqGSHEfLKfbGz/78OxjgU9WGGIpSWuE1TbUuVJZzKFeu2N
Xa/ZFhI7XcyMDl/wxN3EBgvOsEcyHwTxcN80qwlA5aaFk3P6a93vo54u4T+/7BSM
yIEltIQlOhlKDXuw6E71BQ+fx73edUOJjPbx0xTLRFPlCuvwO5o7W+Xh8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAm3x1qi83tr/O4pMZDerKz0NgrmMB8GA1UdIwQY
MBaAFP/ddtlzooNuIBUmh59Arjtl9WT0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzkxMjJYT2lnMjRnRlNhSG4wQ3VPMlgxWlBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YTViNzQtY2FiOS00MjIwLWI0NWUt
ODdlOGNiZDgwYjRlLzEvQ2JmSFdxTHplMnY4N2lreGtONnNyUFEyQ3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YTViNzQtY2FiOS00MjIwLWI0NWUtODdlOGNiZDgwYjRl
LzEvXzkxMjJYT2lnMjRnRlNhSG4wQ3VPMlgxWlBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS7sMA0G
CSqGSIb3DQEBCwUAA4IBAQAzdKU0QR+HQL8+Mz/NW8OfE/km/QANcOEPA3KXQOnU
hOumwfsGICF62RkLuQEFDvTjuVNz8X5pxK9BS0JsODfwUSdMrdBm7GDb/XLn5gTx
rjZP/TqfhlSd7A/B9YYbdgTUbE+c0tbuXcMh4p1KlwoEMTITVZ1P9YF7rgGXAZl9
6V4DFlsdV16iXxwk4G9CTr5Hy5ri40kb6F3uDoKYZnt0HMcgwnVlP9hX/48z5tlG
mCsPLYPPbp4/dZMwMZjgGJTlyhkPPJlfX3F/36d8hKbg2H/YVZI3+TqGEnXz7hfr
HDokmLaQZrYMa8dOfcwZd8cH3IJOHhnUjL/gLnWm/1R/
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:50 2024 by rpki-client on console-fra.rpki-client.org