Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/xUrl868bQ8trrZ5XuWTBKzw0ldY.roa
File: xUrl868bQ8trrZ5XuWTBKzw0ldY.roa (raw, json)
Hash identifier: fd47ZMC8aB+7XV+NPmoy1CbDINV1Q1mD+QWTqeNDA+4=
Subject key identifier: C5:4A:E5:F3:AF:1B:43:CB:6B:AD:9E:57:B9:64:C1:2B:3C:34:95:D6
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 018570C2C6A7DEE5FED3746B4B1DC0136895
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/xUrl868bQ8trrZ5XuWTBKzw0ldY.roa
Signing time: Mon 02 Jan 2023 04:34:51 +0000
ROA not before: Mon 02 Jan 2023 04:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213303
IP address blocks: 185.228.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c6:a7:de:e5:fe:d3:74:6b:4b:1d:c0:13:68:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 2 04:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c54ae5f3af1b43cb6bad9e57b964c12b3c3495d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:51:d9:4f:c4:7d:75:c7:3f:81:9a:13:a8:
15:ed:3a:8b:bf:c3:5e:54:db:63:80:3d:c3:83:39:
75:11:a7:41:18:56:57:59:68:39:11:6e:17:8b:bb:
4b:6b:61:01:24:d4:0e:dd:c7:56:ce:dd:e8:c6:a9:
33:1f:43:c2:0f:0b:07:9c:2a:ab:a0:2b:06:c7:95:
c8:f0:5d:80:5b:a5:de:01:d9:c9:ec:63:bb:91:a7:
f6:65:ff:f9:61:25:ff:52:4f:5c:40:ef:94:9d:d8:
88:de:1b:23:32:d0:17:04:e6:ae:42:0c:65:2c:82:
1a:ef:71:c3:31:00:78:a2:31:3a:a3:34:8c:37:0e:
5b:61:99:70:0a:9f:c8:e2:77:3b:39:2e:9c:39:a0:
71:34:9d:ce:22:bf:11:d1:75:83:b2:d3:6e:05:f1:
63:77:c0:7e:a5:96:71:59:c5:d4:9c:f9:98:c9:11:
ce:d8:c6:99:c4:e4:4d:6e:a9:ff:a2:20:24:52:c8:
b0:1f:05:e1:c9:c9:ea:3c:2b:cd:5e:c9:eb:ba:19:
45:7b:36:c3:1d:d5:5a:eb:80:28:58:ad:d5:fc:c2:
2a:1e:ae:aa:14:07:64:2c:1f:39:51:ac:da:52:2e:
00:06:bd:f1:d9:52:be:ad:48:c2:c6:d8:cb:cc:43:
dc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4A:E5:F3:AF:1B:43:CB:6B:AD:9E:57:B9:64:C1:2B:3C:34:95:D6
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/xUrl868bQ8trrZ5XuWTBKzw0ldY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.172.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:f2:6c:2a:3a:e9:d0:58:a5:00:df:bf:05:5d:ba:86:30:66:
06:a7:e9:38:6a:e4:2a:51:3d:3a:87:23:51:33:41:39:c1:2a:
ab:ba:e6:65:e7:ae:c5:48:b8:b7:24:57:26:12:96:15:78:54:
1b:6d:37:cd:a4:9f:bf:b1:9b:61:23:94:ca:b8:f2:fc:ab:33:
2f:b5:94:5e:f9:d9:17:05:1b:4d:4f:2f:78:db:b1:68:65:f5:
8e:0b:70:48:de:ae:af:9e:e9:46:7c:0a:19:7f:64:ab:75:55:
d8:f2:90:7e:4e:62:d0:f9:0e:38:60:41:58:3c:18:6e:c6:1a:
a7:ae:07:82:13:a1:f9:f7:d5:62:58:59:f8:59:26:cc:3d:6b:
5b:87:46:47:1b:ad:af:2e:2b:bb:a2:07:a3:60:b3:9d:d8:8c:
e5:a1:30:66:11:21:b9:30:d0:c0:8a:46:07:a6:cd:81:0e:17:
97:5d:ab:f8:91:55:a9:98:9e:f7:31:ac:a2:39:a4:9d:da:f6:
3c:72:68:27:67:b9:a3:64:83:fb:2b:cd:8f:8f:80:cb:24:1d:
76:5b:2c:ab:c7:59:c2:4c:ed:27:6e:9a:52:b3:ce:0e:3c:ad:
a7:a1:69:77:ec:61:d6:33:d0:44:26:cf:37:8c:16:6b:1c:a7:
bb:20:bd:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwsan3uX+03RrSx3AE2iVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjMwMTAyMDQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRhZTVmM2FmMWI0M2NiNmJhZDllNTdiOTY0YzEyYjNjMzQ5NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0JR2U/EfXXHP4GaE6gV7TqLv8Ne
VNtjgD3Dgzl1EadBGFZXWWg5EW4Xi7tLa2EBJNQO3cdWzt3oxqkzH0PCDwsHnCqr
oCsGx5XI8F2AW6XeAdnJ7GO7kaf2Zf/5YSX/Uk9cQO+UndiI3hsjMtAXBOauQgxl
LIIa73HDMQB4ojE6ozSMNw5bYZlwCp/I4nc7OS6cOaBxNJ3OIr8R0XWDstNuBfFj
d8B+pZZxWcXUnPmYyRHO2MaZxORNbqn/oiAkUsiwHwXhycnqPCvNXsnruhlFezbD
HdVa64AoWK3V/MIqHq6qFAdkLB85UazaUi4ABr3x2VK+rUjCxtjLzEPcJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVK5fOvG0PLa62eV7lkwSs8NJXWMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEveFVybDg2OGJROHRyclo1WHVXVEJLencwbGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueSsMA0G
CSqGSIb3DQEBCwUAA4IBAQBu8mwqOunQWKUA378FXbqGMGYGp+k4auQqUT06hyNR
M0E5wSqruuZl567FSLi3JFcmEpYVeFQbbTfNpJ+/sZthI5TKuPL8qzMvtZRe+dkX
BRtNTy9427FoZfWOC3BI3q6vnulGfAoZf2SrdVXY8pB+TmLQ+Q44YEFYPBhuxhqn
rgeCE6H599ViWFn4WSbMPWtbh0ZHG62vLiu7ogejYLOd2IzloTBmESG5MNDAikYH
ps2BDheXXav4kVWpmJ73MayiOaSd2vY8cmgnZ7mjZIP7K82Pj4DLJB12Wyyrx1nC
TO0nbppSs84OPK2noWl37GHWM9BEJs83jBZrHKe7IL1U
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:25 2024 by rpki-client on console-fra.rpki-client.org