Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/X9GBnA4ERdZATOp9xOV_QdDzcWQ.roa
File: X9GBnA4ERdZATOp9xOV_QdDzcWQ.roa (raw, json)
Hash identifier: dqzklZY6kNcrl15M+Dp5eTDPKJTMxX3excCj27vFsFQ=
Subject key identifier: 5F:D1:81:9C:0E:04:45:D6:40:4C:EA:7D:C4:E5:7F:41:D0:F3:71:64
Certificate issuer: /CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Certificate serial: 01856F1DA3CFDEF56A495BF50BF26A49B4F5
Authority key identifier: 3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/X9GBnA4ERdZATOp9xOV_QdDzcWQ.roa
Signing time: Sun 01 Jan 2023 20:54:51 +0000
ROA not before: Sun 01 Jan 2023 20:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42011
IP address blocks: 185.209.116.0/22 maxlen: 22
2a0b:4540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:a3:cf:de:f5:6a:49:5b:f5:0b:f2:6a:49:b4:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Validity
Not Before: Jan 1 20:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fd1819c0e0445d6404cea7dc4e57f41d0f37164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a4:5b:5e:44:78:af:60:c6:eb:fd:1a:5b:d1:
b3:da:06:64:7d:26:b2:98:80:18:5b:8b:f2:76:e3:
17:ca:03:3b:3a:b4:db:e4:30:1c:cc:03:54:02:8b:
ce:ed:73:8a:e9:05:26:38:f9:50:a7:b1:39:ce:77:
a1:b6:16:3d:f9:eb:e0:24:72:03:9b:89:aa:fd:23:
ca:bc:c5:48:73:13:3a:a5:b9:2f:e6:28:bf:5c:f4:
10:7c:32:04:2a:28:cf:7b:53:18:83:f5:77:d5:cd:
30:00:13:80:eb:6f:8b:c1:69:8f:4b:81:52:bd:60:
bd:ce:8c:2e:34:6a:fe:e7:22:c1:c2:fa:95:b5:14:
8f:ac:81:2c:63:e2:f8:a8:df:e6:77:73:8d:db:8d:
f6:96:e6:f4:43:cc:37:6f:a8:f4:0f:43:3c:c6:71:
e4:53:07:35:db:91:ba:89:20:09:0b:fe:d5:23:34:
b8:36:d3:3f:85:84:96:30:91:f5:08:d4:fd:28:9f:
46:a4:45:c2:1f:69:18:37:34:87:d7:7d:1e:12:0b:
39:7b:bc:6b:5d:5a:2a:04:a1:1d:39:28:10:43:2d:
d3:36:ca:5b:85:1c:7d:05:87:f8:33:b9:f0:ba:38:
f1:fa:ba:73:04:48:d9:51:23:85:bf:af:02:eb:b7:
1f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D1:81:9C:0E:04:45:D6:40:4C:EA:7D:C4:E5:7F:41:D0:F3:71:64
X509v3 Authority Key Identifier:
keyid:3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/X9GBnA4ERdZATOp9xOV_QdDzcWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/O9lDbSE1wISJe3TGrTbaFwCnqY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.116.0/22
IPv6:
2a0b:4540::/29
Signature Algorithm: sha256WithRSAEncryption
75:d4:48:57:23:3d:77:57:b7:7a:c3:34:16:67:d6:ac:3d:52:
24:b2:b6:ea:ab:3a:c2:f4:72:b4:22:fe:f7:95:cc:89:e0:22:
d3:1b:b8:6a:a2:8a:56:15:88:6d:46:44:c8:51:83:f6:67:f8:
2c:cd:4b:9c:b3:da:c7:ec:aa:85:72:66:9b:7b:b8:b8:b1:9a:
d9:e1:d7:39:21:ef:06:dd:0c:5b:a5:ee:f7:ef:33:93:a8:fe:
53:c4:1f:c3:b4:8b:e3:5e:d0:16:e7:99:19:3e:90:6a:dd:e7:
44:63:f2:df:a1:6d:bd:fd:0a:34:4e:88:42:3d:f0:25:1f:60:
fd:bf:9f:25:e8:b7:d0:42:89:2a:10:40:f1:fd:48:a4:c6:06:
6a:19:7b:4b:56:a0:d7:8d:26:72:d3:91:06:76:94:73:6a:86:
67:d7:03:f4:d7:1a:b7:0d:89:9c:7f:76:82:ad:e1:1d:30:e1:
21:ec:54:58:a3:79:87:23:42:51:fb:5f:a5:19:ec:39:19:71:
6c:27:12:c5:0d:a0:1c:29:68:6a:6a:70:37:b8:43:c8:cb:47:
e1:02:6d:28:9d:11:e0:65:ad:a3:dc:85:0b:9e:e3:11:cf:10:
30:f3:de:94:8f:ac:3d:b3:99:11:fb:2f:2d:b5:a8:e1:58:b5:
f8:bc:04:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHaPP3vVqSVv1C/JqSbT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDk0MzZkMjEzNWMwODQ4OTdiNzRjNmFkMzZkYTE3MDBh
N2E5OGQwHhcNMjMwMTAxMjA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQxODE5YzBlMDQ0NWQ2NDA0Y2VhN2RjNGU1N2Y0MWQwZjM3MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqRbXkR4r2DG6/0aW9Gz2gZkfSay
mIAYW4vyduMXygM7OrTb5DAczANUAovO7XOK6QUmOPlQp7E5znehthY9+evgJHID
m4mq/SPKvMVIcxM6pbkv5ii/XPQQfDIEKijPe1MYg/V31c0wABOA62+LwWmPS4FS
vWC9zowuNGr+5yLBwvqVtRSPrIEsY+L4qN/md3ON2432lub0Q8w3b6j0D0M8xnHk
Uwc125G6iSAJC/7VIzS4NtM/hYSWMJH1CNT9KJ9GpEXCH2kYNzSH130eEgs5e7xr
XVoqBKEdOSgQQy3TNspbhRx9BYf4M7nwujjx+rpzBEjZUSOFv68C67cfPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF/RgZwOBEXWQEzqfcTlf0HQ83FkMB8GA1UdIwQY
MBaAFDvZQ20hNcCEiXt0xq022hcAp6mNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTIt
MjYzN2QxMzMzOGYxLzEvWDlHQm5BNEVSZFpBVE9wOXhPVl9RZER6Y1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTItMjYzN2QxMzMzOGYx
LzEvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudF0MA0E
AgACMAcDBQMqC0VAMA0GCSqGSIb3DQEBCwUAA4IBAQB11EhXIz13V7d6wzQWZ9as
PVIksrbqqzrC9HK0Iv73lcyJ4CLTG7hqoopWFYhtRkTIUYP2Z/gszUucs9rH7KqF
cmabe7i4sZrZ4dc5Ie8G3Qxbpe737zOTqP5TxB/DtIvjXtAW55kZPpBq3edEY/Lf
oW29/Qo0TohCPfAlH2D9v58l6LfQQokqEEDx/UikxgZqGXtLVqDXjSZy05EGdpRz
aoZn1wP01xq3DYmcf3aCreEdMOEh7FRYo3mHI0JR+1+lGew5GXFsJxLFDaAcKWhq
anA3uEPIy0fhAm0onRHgZa2j3IULnuMRzxAw896Uj6w9s5kR+y8ttajhWLX4vAR+
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:58 2024 by rpki-client on console-fra.rpki-client.org