Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/67e3ac-c332-4d13-83ef-c7b10d505cfe/1/1SFJOlAKGc17dvW2Yjwi1UTHtAA.roa
File: 1SFJOlAKGc17dvW2Yjwi1UTHtAA.roa (raw, json)
Hash identifier: uaEARn9pO/mOUSNlxri9KeFFWB/vnn1Akf4VbRkzTmk=
Subject key identifier: D5:21:49:3A:50:0A:19:CD:7B:76:F5:B6:62:3C:22:D5:44:C7:B4:00
Certificate issuer: /CN=f57dc5996c8178c0de2ea20499eebdeade4023eb
Certificate serial: 0185718C2EB0E4903D266647753AF9E04533
Authority key identifier: F5:7D:C5:99:6C:81:78:C0:DE:2E:A2:04:99:EE:BD:EA:DE:40:23:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9X3FmWyBeMDeLqIEme696t5AI-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/67e3ac-c332-4d13-83ef-c7b10d505cfe/1/1SFJOlAKGc17dvW2Yjwi1UTHtAA.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59755
IP address blocks: 185.71.8.0/22 maxlen: 22
2a03:37a0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2e:b0:e4:90:3d:26:66:47:75:3a:f9:e0:45:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57dc5996c8178c0de2ea20499eebdeade4023eb
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d521493a500a19cd7b76f5b6623c22d544c7b400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b1:8c:8f:01:8c:db:f9:6e:4a:19:d6:be:31:
fd:5f:01:e4:cf:f6:06:eb:b1:4c:56:be:b7:d6:ea:
9a:d8:8e:8e:eb:cb:0d:36:dd:5c:fe:45:c8:13:25:
c7:9c:18:fd:c2:69:84:8e:29:89:ce:ca:07:a4:a5:
37:26:b8:59:d2:26:a8:84:8f:a1:92:d4:16:ee:e0:
48:52:54:46:53:de:3d:79:f2:31:5b:83:27:60:20:
ad:41:37:a7:80:00:20:e0:18:9f:ec:13:48:11:16:
05:19:fe:59:09:40:b9:8a:c2:31:63:f0:2f:56:ca:
1c:10:f7:01:2b:09:86:a6:5b:c0:e2:e2:99:2d:7a:
93:3f:c3:17:cc:21:7f:cd:f9:74:a6:a7:5d:0c:c9:
72:a3:85:2b:5e:19:ee:43:45:2b:02:3c:52:66:96:
9c:6e:83:11:a3:4a:b1:ce:b9:2f:2f:70:c2:53:df:
ac:e6:65:55:b2:d5:67:3b:6f:a2:56:cd:23:24:31:
43:d6:f6:a2:17:d0:03:c2:c7:80:fc:d3:62:c8:6e:
b5:7e:7d:4b:36:c7:6d:87:07:e5:47:08:1b:e0:47:
94:a6:fd:08:77:df:1a:b4:d5:61:61:74:e9:55:9d:
07:53:4c:19:7e:6d:0c:2c:3a:7a:16:25:9a:b3:01:
1c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:21:49:3A:50:0A:19:CD:7B:76:F5:B6:62:3C:22:D5:44:C7:B4:00
X509v3 Authority Key Identifier:
keyid:F5:7D:C5:99:6C:81:78:C0:DE:2E:A2:04:99:EE:BD:EA:DE:40:23:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9X3FmWyBeMDeLqIEme696t5AI-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/67e3ac-c332-4d13-83ef-c7b10d505cfe/1/1SFJOlAKGc17dvW2Yjwi1UTHtAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/67e3ac-c332-4d13-83ef-c7b10d505cfe/1/9X3FmWyBeMDeLqIEme696t5AI-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.8.0/22
IPv6:
2a03:37a0::/32
Signature Algorithm: sha256WithRSAEncryption
82:17:cf:3c:d9:cd:73:08:c4:2b:1a:73:f3:2a:c2:30:c7:7d:
ef:fa:05:6a:71:cf:aa:cd:db:1a:83:fb:2d:5e:cc:a2:94:bb:
8c:fd:85:7f:28:1b:f7:e5:37:74:6f:55:14:6e:5f:17:33:47:
01:87:7d:40:c1:3e:71:66:59:4c:bb:4a:58:b0:ab:e0:24:bc:
36:1a:03:ad:d3:28:69:2e:7b:73:40:24:36:78:d2:01:c6:22:
28:ae:6a:1f:93:79:50:c1:81:46:d1:f5:6e:81:27:21:ab:57:
0b:87:5e:05:8b:95:ee:4e:dd:0c:c4:20:6d:f1:ed:7d:f1:e5:
2e:c7:f7:fc:11:24:28:ff:72:04:2c:85:2b:7a:c1:84:34:9e:
94:82:ce:e9:29:9e:39:3e:ea:3b:a6:e1:dd:56:ff:65:9c:45:
ac:99:52:d2:a5:95:4a:a4:53:e5:f6:4a:ba:db:8a:63:ed:5a:
af:a8:b0:af:5f:70:93:15:c3:bd:67:c6:71:a1:3f:dc:d4:23:
77:cc:fa:e1:77:20:32:72:67:ee:aa:0b:64:4a:f2:96:b7:e4:
b8:33:13:e0:9c:28:38:2f:13:c1:4c:94:c2:30:13:a6:d9:8f:
d7:1d:70:33:0c:de:4a:86:5b:5f:6c:63:ad:e1:ce:15:6d:08:
aa:95:d7:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxjC6w5JA9JmZHdTr54EUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2RjNTk5NmM4MTc4YzBkZTJlYTIwNDk5ZWViZGVhZGU0
MDIzZWIwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTIxNDkzYTUwMGExOWNkN2I3NmY1YjY2MjNjMjJkNTQ0YzdiNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bGMjwGM2/luShnWvjH9XwHkz/YG
67FMVr631uqa2I6O68sNNt1c/kXIEyXHnBj9wmmEjimJzsoHpKU3JrhZ0iaohI+h
ktQW7uBIUlRGU949efIxW4MnYCCtQTengAAg4Bif7BNIERYFGf5ZCUC5isIxY/Av
VsocEPcBKwmGplvA4uKZLXqTP8MXzCF/zfl0pqddDMlyo4UrXhnuQ0UrAjxSZpac
boMRo0qxzrkvL3DCU9+s5mVVstVnO2+iVs0jJDFD1vaiF9ADwseA/NNiyG61fn1L
NsdthwflRwgb4EeUpv0Id98atNVhYXTpVZ0HU0wZfm0MLDp6FiWaswEcdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNUhSTpQChnNe3b1tmI8ItVEx7QAMB8GA1UdIwQY
MBaAFPV9xZlsgXjA3i6iBJnuvereQCPrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVgzRm1XeUJlTURlTHFJRW1lNjk2dDVBSS1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82N2UzYWMtYzMzMi00ZDEzLTgzZWYt
YzdiMTBkNTA1Y2ZlLzEvMVNGSk9sQUtHYzE3ZHZXMllqd2kxVVRIdEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82N2UzYWMtYzMzMi00ZDEzLTgzZWYtYzdiMTBkNTA1Y2Zl
LzEvOVgzRm1XeUJlTURlTHFJRW1lNjk2dDVBSS1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUcIMA0E
AgACMAcDBQAqAzegMA0GCSqGSIb3DQEBCwUAA4IBAQCCF8882c1zCMQrGnPzKsIw
x33v+gVqcc+qzdsag/stXsyilLuM/YV/KBv35Td0b1UUbl8XM0cBh31AwT5xZllM
u0pYsKvgJLw2GgOt0yhpLntzQCQ2eNIBxiIormofk3lQwYFG0fVugSchq1cLh14F
i5XuTt0MxCBt8e198eUux/f8ESQo/3IELIUresGENJ6Ugs7pKZ45Puo7puHdVv9l
nEWsmVLSpZVKpFPl9kq624pj7VqvqLCvX3CTFcO9Z8ZxoT/c1CN3zPrhdyAycmfu
qgtkSvKWt+S4MxPgnCg4LxPBTJTCMBOm2Y/XHXAzDN5KhltfbGOt4c4VbQiqlddd
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:15 2024 by rpki-client on console-ams.rpki-client.org