Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/drf6tXJM_cj05yYaTLYEa-AYe6c.roa
File: drf6tXJM_cj05yYaTLYEa-AYe6c.roa (raw, json)
Hash identifier: iN0ZexAF4nTIhaBlOS+kPNqR5Afpd045mL+IJbbzArk=
Subject key identifier: 76:B7:FA:B5:72:4C:FD:C8:F4:E7:26:1A:4C:B6:04:6B:E0:18:7B:A7
Certificate issuer: /CN=d9c9baf46d6c94d27ce128da3b65b5a3b06db38b
Certificate serial: 01857355FCB71B10B567AC7F0F16E54A3D1B
Authority key identifier: D9:C9:BA:F4:6D:6C:94:D2:7C:E1:28:DA:3B:65:B5:A3:B0:6D:B3:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2cm69G1slNJ84SjaO2W1o7Bts4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/drf6tXJM_cj05yYaTLYEa-AYe6c.roa
Signing time: Mon 02 Jan 2023 16:34:53 +0000
ROA not before: Mon 02 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206706
IP address blocks: 185.228.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:fc:b7:1b:10:b5:67:ac:7f:0f:16:e5:4a:3d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9c9baf46d6c94d27ce128da3b65b5a3b06db38b
Validity
Not Before: Jan 2 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76b7fab5724cfdc8f4e7261a4cb6046be0187ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:03:b7:aa:8a:49:bb:6a:e6:35:96:5c:b0:bf:
93:28:54:73:ae:a2:04:b2:97:8d:21:9f:53:89:46:
49:b8:bc:5a:51:3b:bd:07:0e:46:4e:be:60:ab:23:
35:6f:ca:0c:76:a7:7a:8f:30:a6:b9:ae:c3:56:c8:
3e:79:7d:34:8a:6b:48:77:62:cf:29:93:39:85:93:
d3:ee:34:d6:ca:e1:46:59:0c:6c:ad:38:aa:d1:78:
0b:8f:34:2c:34:25:a0:86:de:ec:72:6b:ac:97:0a:
95:27:7f:fc:69:01:76:8b:08:61:8e:6b:36:49:9d:
36:ee:27:58:12:8b:fb:eb:65:b2:2b:b1:61:fb:6c:
97:e9:9c:13:f9:07:7e:7c:4d:92:c7:2a:06:ae:8b:
1e:9f:eb:3f:33:e0:64:bf:13:71:9a:6d:40:33:bf:
c0:46:41:98:1c:59:10:5f:3f:b2:2f:4f:c8:ac:3e:
1e:05:e1:f4:12:9e:57:0a:39:0f:90:e2:4b:73:6f:
fe:6b:f8:59:6f:99:13:82:43:75:bc:27:a8:2f:67:
aa:00:7a:f0:1e:5d:a6:1a:3c:31:37:b0:1c:24:d3:
fd:7c:0a:c1:f2:40:45:ac:a9:dd:63:0c:d0:6b:0c:
41:ff:bf:16:21:93:97:70:d2:7c:3c:08:47:36:36:
c8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B7:FA:B5:72:4C:FD:C8:F4:E7:26:1A:4C:B6:04:6B:E0:18:7B:A7
X509v3 Authority Key Identifier:
keyid:D9:C9:BA:F4:6D:6C:94:D2:7C:E1:28:DA:3B:65:B5:A3:B0:6D:B3:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2cm69G1slNJ84SjaO2W1o7Bts4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/drf6tXJM_cj05yYaTLYEa-AYe6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/2cm69G1slNJ84SjaO2W1o7Bts4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.249.0/24
Signature Algorithm: sha256WithRSAEncryption
59:f8:59:81:f4:37:0d:2c:98:13:a8:96:12:0a:d9:22:3f:3a:
bf:aa:a4:ae:aa:1a:77:47:8d:66:63:4a:8b:82:69:db:09:f0:
b0:3e:4a:d3:e1:bd:60:c8:d6:f6:a1:ad:00:34:7b:3e:81:0d:
4a:d3:9f:53:c0:71:eb:49:07:02:53:0b:77:3e:26:5a:ed:e6:
89:5a:79:4e:d9:c4:15:44:df:cb:28:11:73:42:ef:b4:ad:e7:
2e:40:cf:eb:5b:aa:e5:c5:d9:0d:ab:65:a4:16:fa:49:57:c7:
2f:d0:58:91:f8:9f:d9:55:bb:17:5d:44:78:4f:6a:d2:97:0a:
81:29:4f:d9:53:47:58:bf:0a:10:90:78:8e:9a:ff:80:66:f8:
7a:af:a6:05:61:17:b3:e2:b2:fe:27:48:4c:e7:4e:55:8b:18:
45:ba:8d:d8:31:fd:f8:43:13:72:f1:53:be:fa:b8:34:37:dc:
dc:0a:bd:38:3c:80:5a:cf:1e:96:aa:47:6f:68:9d:b3:c8:81:
b1:ef:bb:2d:fc:19:53:aa:fd:e6:78:e6:f7:47:bc:43:1b:0e:
69:79:7a:27:b0:6c:37:f0:73:c1:a1:ac:fa:4d:69:75:62:fd:
f8:cf:fc:76:34:8e:28:69:fc:00:36:f2:2c:4b:97:c7:15:3e:
93:c3:3f:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVfy3GxC1Z6x/DxblSj0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YzliYWY0NmQ2Yzk0ZDI3Y2UxMjhkYTNiNjViNWEzYjA2
ZGIzOGIwHhcNMjMwMTAyMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI3ZmFiNTcyNGNmZGM4ZjRlNzI2MWE0Y2I2MDQ2YmUwMTg3YmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggO3qopJu2rmNZZcsL+TKFRzrqIE
speNIZ9TiUZJuLxaUTu9Bw5GTr5gqyM1b8oMdqd6jzCmua7DVsg+eX00imtId2LP
KZM5hZPT7jTWyuFGWQxsrTiq0XgLjzQsNCWght7scmuslwqVJ3/8aQF2iwhhjms2
SZ027idYEov762WyK7Fh+2yX6ZwT+Qd+fE2SxyoGrosen+s/M+BkvxNxmm1AM7/A
RkGYHFkQXz+yL0/IrD4eBeH0Ep5XCjkPkOJLc2/+a/hZb5kTgkN1vCeoL2eqAHrw
Hl2mGjwxN7AcJNP9fArB8kBFrKndYwzQawxB/78WIZOXcNJ8PAhHNjbInQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHa3+rVyTP3I9OcmGky2BGvgGHunMB8GA1UdIwQY
MBaAFNnJuvRtbJTSfOEo2jtltaOwbbOLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNtNjlHMXNsTko4NFNqYU8yVzFvN0J0czRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NGY5OGMtYzFkMS00ZmUyLTlhZGMt
YTAxMGQ4ZTRmYWYwLzEvZHJmNnRYSk1fY2owNXlZYVRMWUVhLUFZZTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NGY5OGMtYzFkMS00ZmUyLTlhZGMtYTAxMGQ4ZTRmYWYw
LzEvMmNtNjlHMXNsTko4NFNqYU8yVzFvN0J0czRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueT5MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ+FmB9DcNLJgTqJYSCtkiPzq/qqSuqhp3R41mY0qL
gmnbCfCwPkrT4b1gyNb2oa0ANHs+gQ1K059TwHHrSQcCUwt3PiZa7eaJWnlO2cQV
RN/LKBFzQu+0recuQM/rW6rlxdkNq2WkFvpJV8cv0FiR+J/ZVbsXXUR4T2rSlwqB
KU/ZU0dYvwoQkHiOmv+AZvh6r6YFYRez4rL+J0hM505VixhFuo3YMf34QxNy8VO+
+rg0N9zcCr04PIBazx6WqkdvaJ2zyIGx77st/BlTqv3meOb3R7xDGw5peXonsGw3
8HPBoaz6TWl1Yv34z/x2NI4oafwANvIsS5fHFT6Twz9D
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:28 2024 by rpki-client on console-ams.rpki-client.org