Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/sJu0jbSVsMUahWJT8iQoNj_XRFE.roa
File: sJu0jbSVsMUahWJT8iQoNj_XRFE.roa (raw, json)
Hash identifier: wTIq/KMXe+4TQa0Ta/eusQA5HqPJiI4JZxS+iGW11bw=
Subject key identifier: B0:9B:B4:8D:B4:95:B0:C5:1A:85:62:53:F2:24:28:36:3F:D7:44:51
Certificate issuer: /CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25
Certificate serial: 01864CB3663920E9FFDD9E3F52C6A28AA8C2
Authority key identifier: EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/sJu0jbSVsMUahWJT8iQoNj_XRFE.roa
Signing time: Mon 13 Feb 2023 21:34:30 +0000
ROA not before: Mon 13 Feb 2023 21:34:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51586
IP address blocks: 185.216.220.0/22 maxlen: 24
2a0b:bdc0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4c:b3:66:39:20:e9:ff:dd:9e:3f:52:c6:a2:8a:a8:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25
Validity
Not Before: Feb 13 21:34:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b09bb48db495b0c51a856253f22428363fd74451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7c:3e:6e:32:bc:dc:fe:b7:c4:f4:a5:80:eb:
60:1f:11:ab:bb:cf:5c:93:c3:19:ec:e7:ba:f8:8e:
bb:1b:e2:66:3f:c4:bf:74:6c:38:ff:3e:73:50:e2:
3e:81:94:f6:b0:cc:0f:fa:82:66:fb:c3:5b:d8:26:
49:b0:d9:42:fc:df:e1:65:e4:f0:76:ff:91:0c:b4:
02:de:14:ed:e7:91:b5:c7:45:cd:9c:2f:1d:79:56:
d2:7e:4e:71:a0:1e:4c:ff:d2:9c:b2:84:8e:a7:c2:
ba:d3:c8:7d:e4:d4:c6:e6:4b:12:cd:61:19:98:fa:
12:d1:e8:87:b3:f1:f2:99:86:5a:29:f4:3b:da:3f:
ae:18:05:b2:e7:17:8c:9c:bf:40:07:6d:8c:64:1a:
82:e8:73:0f:cf:1b:ea:ac:ce:5f:07:a8:f0:0b:31:
a1:46:33:28:25:42:b0:83:cd:f9:e0:ce:27:40:37:
a4:78:20:d0:dc:6d:81:b3:d0:b6:94:8a:45:0e:63:
a5:74:bb:5e:d7:b1:42:5e:34:32:06:09:15:ce:52:
8f:2d:d8:77:13:66:24:f1:b0:1e:f3:8e:2f:65:5c:
41:24:79:f8:07:4b:b2:b4:d8:fd:13:dc:92:03:87:
9d:a4:a3:13:25:c8:95:0c:77:68:70:37:40:7a:5b:
a4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:9B:B4:8D:B4:95:B0:C5:1A:85:62:53:F2:24:28:36:3F:D7:44:51
X509v3 Authority Key Identifier:
keyid:EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/sJu0jbSVsMUahWJT8iQoNj_XRFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/7F_falG5gJHp7Hvfr0g-x3Q6WiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.220.0/22
IPv6:
2a0b:bdc0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:d3:9e:d0:48:57:87:f3:6d:19:05:ae:d9:76:8d:f3:b3:01:
c8:a1:c7:11:91:56:d0:51:81:1c:37:86:cf:d4:9a:88:d0:a9:
70:da:3e:7f:87:bf:ca:a3:7e:ca:90:b8:f5:52:17:2c:62:4a:
ba:d9:e9:c2:55:1b:d4:8f:59:df:23:26:5b:e9:1e:3b:66:dd:
c3:98:60:16:b1:b3:67:57:d8:03:bc:68:21:f7:8d:5a:da:6f:
b0:fc:21:98:17:d4:a5:cd:55:c4:da:10:69:c6:f9:37:4e:f6:
9b:54:79:f5:eb:84:43:88:26:92:b5:e8:32:c5:f7:77:92:b9:
fd:66:72:72:a3:bc:0d:10:71:32:3d:ae:ea:b4:90:5a:03:00:
ac:28:d7:81:6d:25:f5:33:cf:84:2a:3f:ae:ed:b1:be:b7:f5:
d8:38:a2:7d:68:f0:ce:ed:94:e8:a1:b3:a1:61:bc:5a:e1:ef:
da:1f:78:cd:0a:1c:17:69:7a:fd:1b:04:86:50:30:3e:06:b5:
04:8a:64:cf:5b:13:04:1c:bf:7f:5f:00:f4:f5:37:aa:88:64:
f1:98:f6:2a:73:e1:c1:70:ad:ac:6d:cd:ac:55:d4:91:41:e9:
36:5e:23:62:6f:12:3f:07:e4:05:a1:6e:7c:21:c8:40:8e:91:
7c:c8:96:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZMs2Y5IOn/3Z4/UsaiiqjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNWZkZjZhNTFiOTgwOTFlOWVjN2JkZmFmNDgzZWM3NzQz
YTVhMjUwHhcNMjMwMjEzMjEzNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDliYjQ4ZGI0OTViMGM1MWE4NTYyNTNmMjI0MjgzNjNmZDc0NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXw+bjK83P63xPSlgOtgHxGru89c
k8MZ7Oe6+I67G+JmP8S/dGw4/z5zUOI+gZT2sMwP+oJm+8Nb2CZJsNlC/N/hZeTw
dv+RDLQC3hTt55G1x0XNnC8deVbSfk5xoB5M/9KcsoSOp8K608h95NTG5ksSzWEZ
mPoS0eiHs/HymYZaKfQ72j+uGAWy5xeMnL9AB22MZBqC6HMPzxvqrM5fB6jwCzGh
RjMoJUKwg8354M4nQDekeCDQ3G2Bs9C2lIpFDmOldLte17FCXjQyBgkVzlKPLdh3
E2Yk8bAe844vZVxBJHn4B0uytNj9E9ySA4edpKMTJciVDHdocDdAelukywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLCbtI20lbDFGoViU/IkKDY/10RRMB8GA1UdIwQY
MBaAFOxf32pRuYCR6ex7369IPsd0OlolMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2Mt
Y2JmMzQzZGViN2JjLzEvc0p1MGpiU1ZzTVVhaFdKVDhpUW9Oal9YUkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2MtY2JmMzQzZGViN2Jj
LzEvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudjcMA0E
AgACMAcDBQAqC73AMA0GCSqGSIb3DQEBCwUAA4IBAQBO057QSFeH820ZBa7Zdo3z
swHIoccRkVbQUYEcN4bP1JqI0Klw2j5/h7/Ko37KkLj1UhcsYkq62enCVRvUj1nf
IyZb6R47Zt3DmGAWsbNnV9gDvGgh941a2m+w/CGYF9SlzVXE2hBpxvk3TvabVHn1
64RDiCaStegyxfd3krn9ZnJyo7wNEHEyPa7qtJBaAwCsKNeBbSX1M8+EKj+u7bG+
t/XYOKJ9aPDO7ZToobOhYbxa4e/aH3jNChwXaXr9GwSGUDA+BrUEimTPWxMEHL9/
XwD09TeqiGTxmPYqc+HBcK2sbc2sVdSRQek2XiNibxI/B+QFoW58IchAjpF8yJaW
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:27 2024 by rpki-client on console-ams.rpki-client.org