Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/A8rVILnVpoo71VYJ45aksLFPmLM.roa
File: A8rVILnVpoo71VYJ45aksLFPmLM.roa (raw, json)
Hash identifier: Qj2MZpTt0rZo+mR5vj7d4PkMCHtHZ8hWJu//k7bF80E=
Subject key identifier: 03:CA:D5:20:B9:D5:A6:8A:3B:D5:56:09:E3:96:A4:B0:B1:4F:98:B3
Certificate issuer: /CN=a66246b806e89aba40e7e58888f3576513a3934a
Certificate serial: 018C58B1F30F990604454DF1B4A0A2AE0F39
Authority key identifier: A6:62:46:B8:06:E8:9A:BA:40:E7:E5:88:88:F3:57:65:13:A3:93:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pmJGuAbomrpA5-WIiPNXZROjk0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/A8rVILnVpoo71VYJ45aksLFPmLM.roa
Signing time: Mon 11 Dec 2023 11:45:06 +0000
ROA not before: Mon 11 Dec 2023 11:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39615
IP address blocks: 185.227.181.0/24 maxlen: 24
185.227.180.0/24 maxlen: 24
185.227.183.0/24 maxlen: 24
185.227.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:b1:f3:0f:99:06:04:45:4d:f1:b4:a0:a2:ae:0f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a66246b806e89aba40e7e58888f3576513a3934a
Validity
Not Before: Dec 11 11:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03cad520b9d5a68a3bd55609e396a4b0b14f98b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a3:ef:31:9e:51:84:08:20:cd:d2:fc:5a:44:
e3:5e:3e:99:1c:98:cb:61:2d:06:ab:cb:8e:55:ba:
9d:42:03:14:4a:c4:bf:42:ce:a3:4f:5c:e0:ca:9c:
d4:39:56:ac:2d:fc:cc:bc:d5:f0:2c:cb:23:ee:ee:
94:b4:8e:72:da:6a:7c:34:03:8a:a0:14:bd:d1:97:
f0:2a:19:ce:83:f3:b1:39:a3:fb:c5:b3:c5:33:98:
a6:ed:f0:0c:c2:20:f9:65:1f:79:88:29:96:97:c5:
d1:87:c0:75:4a:7c:6b:c8:ac:3e:14:41:10:c7:4b:
8f:85:20:58:ef:0a:05:13:aa:26:8c:c4:49:51:4c:
16:98:f6:b4:96:03:51:16:a9:a1:27:94:7d:49:6c:
db:af:89:71:d9:b3:cd:5f:22:79:3e:96:b7:3d:79:
bd:6d:df:b5:96:32:85:5a:ea:c2:4d:31:7e:2b:62:
78:15:75:bd:a3:67:89:b3:48:00:74:e0:ec:48:a6:
ae:c4:8a:1b:67:71:7a:19:db:fc:52:a6:37:72:29:
2f:f4:84:42:02:1d:89:4a:0d:f9:54:7c:d4:8e:2e:
f4:90:bb:19:94:02:1e:06:70:d4:70:a5:ca:97:58:
81:9c:a6:01:a4:52:26:33:86:1d:d4:36:be:93:ad:
e0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CA:D5:20:B9:D5:A6:8A:3B:D5:56:09:E3:96:A4:B0:B1:4F:98:B3
X509v3 Authority Key Identifier:
keyid:A6:62:46:B8:06:E8:9A:BA:40:E7:E5:88:88:F3:57:65:13:A3:93:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pmJGuAbomrpA5-WIiPNXZROjk0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/A8rVILnVpoo71VYJ45aksLFPmLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/pmJGuAbomrpA5-WIiPNXZROjk0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.180.0/22
Signature Algorithm: sha256WithRSAEncryption
47:99:ab:48:0d:09:c0:2b:70:ae:5e:6b:fd:80:cd:c5:62:a6:
ef:27:2e:89:2b:f5:bb:c4:4e:ca:78:fc:f5:7b:ba:b9:a5:32:
c0:1a:b7:a4:b2:f6:26:1d:ea:89:a8:f1:46:08:ae:23:5d:ad:
fb:eb:fb:d6:66:83:1b:09:a3:2e:c1:e1:4a:f2:85:3b:5e:8b:
80:b1:2b:3a:63:af:0a:19:fd:6b:b2:1a:55:93:d3:8a:f8:3a:
e6:5b:92:44:33:70:e1:85:fd:22:16:67:92:e7:ed:bc:14:b1:
e2:ff:67:14:7a:93:7a:69:3f:ce:4d:3b:2b:cb:c7:bb:20:b4:
28:52:49:af:a8:53:e4:7c:a7:35:56:9f:cb:c2:54:70:c1:d7:
c0:ce:20:97:41:d5:8f:24:c2:78:1c:08:c2:9a:97:04:b7:44:
c6:32:0a:fc:39:c3:38:f9:e2:54:6e:a3:33:cd:a4:2f:e1:9d:
60:ea:8c:8f:8d:54:9a:ac:fb:b3:7d:53:0a:95:78:bb:e3:83:
5f:11:d2:92:0a:65:71:67:64:a2:f8:55:b9:1b:e9:04:ac:06:
fc:4c:3f:9f:b6:87:00:16:8d:2d:13:c3:50:69:fb:01:1f:d7:
a1:ec:dd:3c:c8:2f:ea:3c:10:bd:66:68:af:54:90:db:a9:50:
48:50:08:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxYsfMPmQYERU3xtKCirg85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NjI0NmI4MDZlODlhYmE0MGU3ZTU4ODg4ZjM1NzY1MTNh
MzkzNGEwHhcNMjMxMjExMTE0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2NhZDUyMGI5ZDVhNjhhM2JkNTU2MDllMzk2YTRiMGIxNGY5OGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKPvMZ5RhAggzdL8WkTjXj6ZHJjL
YS0Gq8uOVbqdQgMUSsS/Qs6jT1zgypzUOVasLfzMvNXwLMsj7u6UtI5y2mp8NAOK
oBS90ZfwKhnOg/OxOaP7xbPFM5im7fAMwiD5ZR95iCmWl8XRh8B1SnxryKw+FEEQ
x0uPhSBY7woFE6omjMRJUUwWmPa0lgNRFqmhJ5R9SWzbr4lx2bPNXyJ5Ppa3PXm9
bd+1ljKFWurCTTF+K2J4FXW9o2eJs0gAdODsSKauxIobZ3F6Gdv8UqY3cikv9IRC
Ah2JSg35VHzUji70kLsZlAIeBnDUcKXKl1iBnKYBpFImM4Yd1Da+k63gZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPK1SC51aaKO9VWCeOWpLCxT5izMB8GA1UdIwQY
MBaAFKZiRrgG6Jq6QOfliIjzV2UTo5NKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG1KR3VBYm9tcnBBNS1XSWlQTlhaUk9qazBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81NTUyMjEtMDAwZC00OWY2LTgzMzUt
NGZkMjhjNjYxOWFlLzEvQThyVklMblZwb283MVZZSjQ1YWtzTEZQbUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81NTUyMjEtMDAwZC00OWY2LTgzMzUtNGZkMjhjNjYxOWFl
LzEvcG1KR3VBYm9tcnBBNS1XSWlQTlhaUk9qazBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueO0MA0G
CSqGSIb3DQEBCwUAA4IBAQBHmatIDQnAK3CuXmv9gM3FYqbvJy6JK/W7xE7KePz1
e7q5pTLAGreksvYmHeqJqPFGCK4jXa376/vWZoMbCaMuweFK8oU7XouAsSs6Y68K
Gf1rshpVk9OK+DrmW5JEM3Dhhf0iFmeS5+28FLHi/2cUepN6aT/OTTsry8e7ILQo
UkmvqFPkfKc1Vp/LwlRwwdfAziCXQdWPJMJ4HAjCmpcEt0TGMgr8OcM4+eJUbqMz
zaQv4Z1g6oyPjVSarPuzfVMKlXi744NfEdKSCmVxZ2Si+FW5G+kErAb8TD+ftocA
Fo0tE8NQafsBH9eh7N08yC/qPBC9ZmivVJDbqVBIUAhk
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:39 2024 by rpki-client on console-ams.rpki-client.org