Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/8czJKIJbmiHGB-WgIXyHmtQZM6A.roa
File: 8czJKIJbmiHGB-WgIXyHmtQZM6A.roa (raw, json)
Hash identifier: yI7W4zJUBZbZpYENgWMubVwHPr0oYFJOkVeJ3Ceujao=
Subject key identifier: F1:CC:C9:28:82:5B:9A:21:C6:07:E5:A0:21:7C:87:9A:D4:19:33:A0
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A426B7A20907B2ED30A2400022DB7
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/8czJKIJbmiHGB-WgIXyHmtQZM6A.roa
Signing time: Sun 01 Jan 2023 03:05:06 +0000
ROA not before: Sun 01 Jan 2023 03:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206153
IP address blocks: 37.230.159.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:42:6b:7a:20:90:7b:2e:d3:0a:24:00:02:2d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1ccc928825b9a21c607e5a0217c879ad41933a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:04:ce:0a:94:b3:e4:54:ce:f3:50:1e:d4:cf:
31:10:4b:e2:88:7f:41:60:9f:32:53:64:bd:91:9d:
43:ba:91:49:62:e1:12:53:3f:7b:9f:5d:af:61:5f:
a8:38:80:98:fd:d3:a7:8d:92:94:4c:b7:18:ee:cc:
dd:1d:1d:75:e8:2e:7e:28:94:15:d8:a4:95:85:03:
49:9b:91:0a:9d:bb:99:10:23:0a:ec:be:a3:dd:f9:
45:7b:ec:09:e4:af:a6:41:60:14:ae:b6:04:c5:07:
20:2a:7b:c3:38:f6:6a:96:25:48:2b:6f:60:24:6a:
f0:65:96:b3:3b:0c:4a:0c:c2:db:ad:1f:45:b1:e6:
02:67:e8:76:88:da:12:70:5e:aa:5f:94:4e:c0:db:
24:03:16:16:8d:ae:7e:97:ea:71:25:aa:bf:b1:d0:
70:27:f8:7f:fd:73:6a:a5:c1:1d:71:7c:bc:75:db:
82:22:e2:96:a0:d5:1e:6a:94:36:03:7c:58:c2:29:
81:be:fd:f1:34:7b:b9:d5:25:0c:15:1e:25:6c:3b:
03:2c:97:a2:cd:5e:de:7b:85:5f:4d:d7:45:39:81:
2b:a1:f1:8e:02:c0:54:37:e0:31:27:67:6d:70:9c:
02:7b:bf:3d:75:84:db:d5:bf:77:c0:1b:53:bb:2b:
3f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CC:C9:28:82:5B:9A:21:C6:07:E5:A0:21:7C:87:9A:D4:19:33:A0
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/8czJKIJbmiHGB-WgIXyHmtQZM6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.159.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:7b:16:35:5f:de:a1:0d:a1:66:05:a1:b2:43:a2:65:b8:f7:
a9:d4:2f:cb:22:71:b6:0b:e2:55:81:48:b9:96:b1:7b:0e:4f:
50:b7:3f:cb:79:fc:f8:c4:cc:9e:2f:14:4f:0f:78:60:25:a6:
a8:f9:11:6b:77:94:4d:b4:00:63:fc:cc:1a:27:90:d1:33:c2:
b2:59:1d:07:57:f4:f2:6d:5f:c1:21:f7:7d:1d:33:5a:62:b6:
ac:5f:24:51:eb:cd:a4:8a:c4:c7:a8:b7:01:23:e0:56:4e:96:
ac:1c:32:fa:af:aa:4f:05:da:db:15:8f:ab:a7:18:ef:a5:19:
9e:31:4e:ba:99:2e:e9:02:e6:71:77:98:42:a9:90:8a:13:f3:
5e:9a:b8:fd:72:e3:f6:a7:99:c0:95:ad:6e:67:00:8f:d6:c2:
25:37:c6:87:1f:39:6d:9c:4a:b7:60:b9:bb:61:67:fa:82:8b:
27:a1:b9:dd:7e:8a:4c:d8:40:84:bd:0f:bc:b4:4e:9b:43:21:
2a:76:f2:c8:52:97:27:a5:bb:b4:1d:dd:7a:ab:4a:95:48:66:
47:7b:d1:c1:ed:38:a6:79:71:4f:e9:e5:17:a6:e8:d5:5b:37:
53:ac:6b:7b:24:a8:c8:3e:88:00:53:95:5b:e6:b5:29:cf:68:
b0:db:6a:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSkJreiCQey7TCiQAAi23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNjYzkyODgyNWI5YTIxYzYwN2U1YTAyMTdjODc5YWQ0MTkzM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgTOCpSz5FTO81Ae1M8xEEviiH9B
YJ8yU2S9kZ1DupFJYuESUz97n12vYV+oOICY/dOnjZKUTLcY7szdHR116C5+KJQV
2KSVhQNJm5EKnbuZECMK7L6j3flFe+wJ5K+mQWAUrrYExQcgKnvDOPZqliVIK29g
JGrwZZazOwxKDMLbrR9FseYCZ+h2iNoScF6qX5ROwNskAxYWja5+l+pxJaq/sdBw
J/h//XNqpcEdcXy8dduCIuKWoNUeapQ2A3xYwimBvv3xNHu51SUMFR4lbDsDLJei
zV7ee4VfTddFOYErofGOAsBUN+AxJ2dtcJwCe789dYTb1b93wBtTuys/XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHMySiCW5ohxgfloCF8h5rUGTOgMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvOGN6SktJSmJtaUhHQi1XZ0lYeUhtdFFaTTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJeafMA0G
CSqGSIb3DQEBCwUAA4IBAQAcexY1X96hDaFmBaGyQ6JluPep1C/LInG2C+JVgUi5
lrF7Dk9Qtz/Lefz4xMyeLxRPD3hgJaao+RFrd5RNtABj/MwaJ5DRM8KyWR0HV/Ty
bV/BIfd9HTNaYrasXyRR682kisTHqLcBI+BWTpasHDL6r6pPBdrbFY+rpxjvpRme
MU66mS7pAuZxd5hCqZCKE/Nemrj9cuP2p5nAla1uZwCP1sIlN8aHHzltnEq3YLm7
YWf6gosnobndfopM2ECEvQ+8tE6bQyEqdvLIUpcnpbu0Hd16q0qVSGZHe9HB7Tim
eXFP6eUXpujVWzdTrGt7JKjIPogAU5Vb5rUpz2iw22r2
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:50 2024 by rpki-client on console-fra.rpki-client.org