Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/rJ__RWv6phcz9rNjibiSuOgVQnA.roa
File: rJ__RWv6phcz9rNjibiSuOgVQnA.roa (raw, json)
Hash identifier: IYaK+7TcNfJjAujNlXXsZqlwW17cbFwhJIYwyB14wRY=
Subject key identifier: AC:9F:FF:45:6B:FA:A6:17:33:F6:B3:63:89:B8:92:B8:E8:15:42:70
Certificate issuer: /CN=9ae07c94a8a6af7a5d18f4eaaea79e26df932214
Certificate serial: 018572B40F06385C98324210FFE0496461C6
Authority key identifier: 9A:E0:7C:94:A8:A6:AF:7A:5D:18:F4:EA:AE:A7:9E:26:DF:93:22:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/muB8lKimr3pdGPTqrqeeJt-TIhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/rJ__RWv6phcz9rNjibiSuOgVQnA.roa
Signing time: Mon 02 Jan 2023 13:38:01 +0000
ROA not before: Mon 02 Jan 2023 13:38:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42205
IP address blocks: 185.214.28.0/22 maxlen: 22
185.202.136.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:0f:06:38:5c:98:32:42:10:ff:e0:49:64:61:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ae07c94a8a6af7a5d18f4eaaea79e26df932214
Validity
Not Before: Jan 2 13:38:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac9fff456bfaa61733f6b36389b892b8e8154270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:57:3c:86:f0:31:79:f0:05:77:0d:3f:bc:ff:
7c:1e:a6:65:36:82:40:06:ef:52:fb:4c:8f:e7:46:
67:f9:9b:b8:2e:24:ee:65:67:b8:9e:3e:f6:08:b1:
7b:2a:7a:d9:b8:6d:64:0e:97:61:c4:4b:c5:82:f8:
15:44:11:ce:04:11:a0:cf:9a:ee:7e:6b:53:30:b1:
0f:cc:a9:19:06:68:8f:15:7d:f2:30:4f:6b:83:ab:
c9:98:e8:4c:04:16:4c:13:c5:b4:2c:ff:6e:64:4d:
e6:2c:48:e5:d9:f5:c6:3e:d0:79:b6:00:8e:eb:f4:
87:b1:e1:c5:99:30:27:b5:db:f2:c0:25:b4:66:c5:
e4:fc:b6:27:3f:fd:cf:78:9a:0d:10:67:1e:f5:c1:
b8:49:dc:61:a2:ca:c8:40:cf:c6:d0:49:d0:be:58:
9a:44:1f:fe:cf:d1:5f:0d:7c:66:4f:c7:60:11:3c:
ac:8f:fd:3c:6c:78:60:53:03:0e:7e:0f:a8:2f:b5:
b6:d2:3e:68:26:b4:7e:0a:d7:86:c7:4c:c0:47:6b:
21:0c:03:3b:dc:74:4a:5c:72:c9:67:f0:4f:a2:a5:
8f:b7:7d:e4:93:77:aa:b1:9d:18:ea:53:be:7f:a4:
96:ad:da:20:55:1a:14:b1:66:72:17:14:d8:2d:f9:
89:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9F:FF:45:6B:FA:A6:17:33:F6:B3:63:89:B8:92:B8:E8:15:42:70
X509v3 Authority Key Identifier:
keyid:9A:E0:7C:94:A8:A6:AF:7A:5D:18:F4:EA:AE:A7:9E:26:DF:93:22:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/muB8lKimr3pdGPTqrqeeJt-TIhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/rJ__RWv6phcz9rNjibiSuOgVQnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/muB8lKimr3pdGPTqrqeeJt-TIhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.136.0/22
185.214.28.0/22
Signature Algorithm: sha256WithRSAEncryption
69:64:ae:fa:ef:0b:e6:85:80:b9:ba:66:db:99:cd:60:63:aa:
75:3f:93:72:08:83:80:4d:85:5c:79:84:aa:db:b4:fe:8e:01:
15:70:67:5c:ab:63:ff:99:6a:7e:51:3f:aa:aa:7b:f6:87:03:
b7:3a:09:1c:b8:f6:55:30:49:f6:36:5f:44:86:20:67:c5:d5:
62:76:d6:27:ca:12:c6:63:6e:9e:ea:b1:1e:bc:af:c4:2b:d4:
81:de:a2:41:15:f5:b1:75:58:13:e1:67:e2:5b:bf:7a:4e:c5:
cb:29:b0:8b:de:d6:5f:b4:b3:3f:b0:96:87:1b:77:e0:03:3b:
e5:54:ba:da:5a:3a:eb:36:0f:06:3f:91:88:50:e3:07:49:13:
43:8b:30:5b:cb:c5:eb:ae:40:e7:bf:0a:c9:fd:04:75:d8:bf:
a8:52:bf:a3:c0:d1:da:73:8b:0c:6c:72:dd:e0:b4:d4:c8:5a:
7e:a5:29:c4:7c:d0:bd:d7:84:e8:74:96:55:45:2a:51:c2:0c:
16:bf:01:8d:01:d9:e6:21:b7:50:98:58:bc:19:49:83:63:24:
32:3a:85:bc:40:a7:40:19:41:f8:0e:3e:d5:0f:fd:62:35:d0:
83:fb:37:a1:4b:18:87:51:53:d1:6c:39:9b:ae:df:e6:bb:86:
b4:26:14:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVytA8GOFyYMkIQ/+BJZGHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZTA3Yzk0YThhNmFmN2E1ZDE4ZjRlYWFlYTc5ZTI2ZGY5
MzIyMTQwHhcNMjMwMTAyMTMzODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlmZmY0NTZiZmFhNjE3MzNmNmIzNjM4OWI4OTJiOGU4MTU0MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1c8hvAxefAFdw0/vP98HqZlNoJA
Bu9S+0yP50Zn+Zu4LiTuZWe4nj72CLF7KnrZuG1kDpdhxEvFgvgVRBHOBBGgz5ru
fmtTMLEPzKkZBmiPFX3yME9rg6vJmOhMBBZME8W0LP9uZE3mLEjl2fXGPtB5tgCO
6/SHseHFmTAntdvywCW0ZsXk/LYnP/3PeJoNEGce9cG4SdxhosrIQM/G0EnQvlia
RB/+z9FfDXxmT8dgETysj/08bHhgUwMOfg+oL7W20j5oJrR+CteGx0zAR2shDAM7
3HRKXHLJZ/BPoqWPt33kk3eqsZ0Y6lO+f6SWrdogVRoUsWZyFxTYLfmJvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKyf/0Vr+qYXM/azY4m4krjoFUJwMB8GA1UdIwQY
MBaAFJrgfJSopq96XRj06q6nnibfkyIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXVCOGxLaW1yM3BkR1BUcXJxZWVKdC1USWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8zYThkZDAtMzg3NS00ZWIyLWI2MzMt
ZTI2NjVkNDQ3ZDMyLzEvckpfX1JXdjZwaGN6OXJOamliaVN1T2dWUW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8zYThkZDAtMzg3NS00ZWIyLWI2MzMtZTI2NjVkNDQ3ZDMy
LzEvbXVCOGxLaW1yM3BkR1BUcXJxZWVKdC1USWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucqIAwQC
udYcMA0GCSqGSIb3DQEBCwUAA4IBAQBpZK767wvmhYC5umbbmc1gY6p1P5NyCIOA
TYVceYSq27T+jgEVcGdcq2P/mWp+UT+qqnv2hwO3OgkcuPZVMEn2Nl9EhiBnxdVi
dtYnyhLGY26e6rEevK/EK9SB3qJBFfWxdVgT4WfiW796TsXLKbCL3tZftLM/sJaH
G3fgAzvlVLraWjrrNg8GP5GIUOMHSRNDizBby8XrrkDnvwrJ/QR12L+oUr+jwNHa
c4sMbHLd4LTUyFp+pSnEfNC914TodJZVRSpRwgwWvwGNAdnmIbdQmFi8GUmDYyQy
OoW8QKdAGUH4Dj7VD/1iNdCD+zehSxiHUVPRbDmbrt/mu4a0JhS1
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:53 2024 by rpki-client on console-fra.rpki-client.org