Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/iPYRY5j3tERRaO3eFWTCCjQJA9c.roa
File: iPYRY5j3tERRaO3eFWTCCjQJA9c.roa (raw, json)
Hash identifier: Xfr9Z9c0vun2uX3ugOnOmAb/aaH6Dyqteb9P6gvFp0U=
Subject key identifier: 88:F6:11:63:98:F7:B4:44:51:68:ED:DE:15:64:C2:0A:34:09:03:D7
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 0185729EDD89156A53AFA2F11CA146C948E8
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/iPYRY5j3tERRaO3eFWTCCjQJA9c.roa
Signing time: Mon 02 Jan 2023 13:14:51 +0000
ROA not before: Mon 02 Jan 2023 13:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210742
IP address blocks: 185.210.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:dd:89:15:6a:53:af:a2:f1:1c:a1:46:c9:48:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Jan 2 13:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88f6116398f7b4445168edde1564c20a340903d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ec:cb:99:62:52:6e:59:ea:9f:ad:f6:7a:31:
bb:6b:b1:c0:9f:ea:a0:64:5f:39:99:47:73:98:79:
2e:9f:8a:34:f1:ed:44:8e:d9:76:93:8c:85:f1:98:
50:97:67:53:bf:67:11:0b:2b:77:8e:df:dc:33:7c:
bd:cd:31:2c:ed:7f:d3:b8:1c:6d:ee:6a:9a:93:7a:
2c:9a:cd:62:d5:3d:9f:ff:af:6f:95:3e:0f:93:29:
4f:fe:e1:88:ce:1c:31:7c:08:0a:cb:ae:10:69:ba:
39:5f:d3:92:9e:a5:47:9f:80:8e:4c:31:f4:af:6e:
fa:42:59:0b:b4:1e:6d:4a:03:7b:67:9d:46:ba:0d:
54:aa:60:1a:9a:69:11:c0:94:38:2b:30:13:d8:cc:
98:d1:ff:ab:41:4c:11:ee:e4:97:cb:b2:11:15:ab:
f6:7c:ca:73:b4:9b:53:4a:bb:5d:2b:ab:ba:3f:1a:
a7:f5:b2:33:10:a1:4c:73:ff:c6:fe:4c:68:36:de:
d3:75:2c:60:da:f1:f8:9a:34:34:0b:e9:9d:83:f9:
cf:e0:11:9c:0a:59:5a:b6:54:98:08:21:d0:8d:f1:
57:78:00:a0:a0:7e:a7:5b:d6:d0:0b:f2:04:dd:d9:
65:59:05:0b:7b:05:ae:99:21:51:31:45:74:0d:a6:
89:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F6:11:63:98:F7:B4:44:51:68:ED:DE:15:64:C2:0A:34:09:03:D7
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/iPYRY5j3tERRaO3eFWTCCjQJA9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.32.0/22
Signature Algorithm: sha256WithRSAEncryption
09:42:43:ce:a4:0b:a3:76:09:35:43:01:0c:3f:1c:48:45:09:
87:87:f6:1f:43:98:28:46:a6:dd:22:f8:bc:d1:1d:70:07:cf:
ac:84:f1:5a:9d:bf:17:fb:1f:07:c6:4a:02:e1:6a:73:47:59:
23:16:af:8c:d6:ca:54:08:5e:22:ae:87:8a:6f:1b:48:c1:75:
ef:c0:df:d9:e5:eb:ec:57:5a:d4:13:f5:d9:fa:10:0b:82:a6:
cc:1b:df:cd:e2:0c:74:f5:3a:aa:cb:af:f6:ba:3b:4a:9d:2a:
63:bc:fe:3e:d1:fc:fd:bc:ea:df:80:9d:3d:86:cc:e5:c1:b8:
45:f1:95:0c:d6:8d:89:d1:aa:6f:02:cf:60:48:44:f6:1b:0a:
1b:bf:9a:f1:8d:6d:e8:bb:ae:d7:d4:7f:fe:4d:43:e3:91:6f:
c6:f6:e0:e8:a5:f9:e2:0e:34:71:17:62:4d:0e:e5:e4:9d:ba:
b9:4b:a8:f3:a2:20:80:21:62:ab:08:8c:21:b6:0c:f4:de:63:
a1:e0:2e:88:ce:fb:53:58:67:5e:4d:22:17:02:38:24:ae:c1:
08:ac:88:d3:9b:0e:31:e5:e9:5d:c6:72:f3:b6:69:5c:e5:28:
d3:b7:c4:08:4e:b3:40:ea:57:c7:c7:37:f1:94:a5:4c:7b:f7:
0c:85:30:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynt2JFWpTr6LxHKFGyUjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjQyNzc2YmU1MzJiZDA1NzUzMzI4NTVkOGM0MmM0OTUy
ZWQ5MzEwHhcNMjMwMTAyMTMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY2MTE2Mzk4ZjdiNDQ0NTE2OGVkZGUxNTY0YzIwYTM0MDkwM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+zLmWJSblnqn632ejG7a7HAn+qg
ZF85mUdzmHkun4o08e1Ejtl2k4yF8ZhQl2dTv2cRCyt3jt/cM3y9zTEs7X/TuBxt
7mqak3osms1i1T2f/69vlT4PkylP/uGIzhwxfAgKy64Qabo5X9OSnqVHn4COTDH0
r276QlkLtB5tSgN7Z51Gug1UqmAammkRwJQ4KzAT2MyY0f+rQUwR7uSXy7IRFav2
fMpztJtTSrtdK6u6Pxqn9bIzEKFMc//G/kxoNt7TdSxg2vH4mjQ0C+mdg/nP4BGc
CllatlSYCCHQjfFXeACgoH6nW9bQC/IE3dllWQULewWumSFRMUV0DaaJjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIj2EWOY97REUWjt3hVkwgo0CQPXMB8GA1UdIwQY
MBaAFOz0J3a+UyvQV1MyhV2MQsSVLtkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgt
NWU1M2MyM2I1NWIwLzEvaVBZUlk1ajN0RVJSYU8zZUZXVENDalFKQTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgtNWU1M2MyM2I1NWIw
LzEvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudIgMA0G
CSqGSIb3DQEBCwUAA4IBAQAJQkPOpAujdgk1QwEMPxxIRQmHh/YfQ5goRqbdIvi8
0R1wB8+shPFanb8X+x8HxkoC4WpzR1kjFq+M1spUCF4iroeKbxtIwXXvwN/Z5evs
V1rUE/XZ+hALgqbMG9/N4gx09Tqqy6/2ujtKnSpjvP4+0fz9vOrfgJ09hszlwbhF
8ZUM1o2J0apvAs9gSET2Gwobv5rxjW3ou67X1H/+TUPjkW/G9uDopfniDjRxF2JN
DuXknbq5S6jzoiCAIWKrCIwhtgz03mOh4C6IzvtTWGdeTSIXAjgkrsEIrIjTmw4x
5eldxnLztmlc5SjTt8QITrNA6lfHxzfxlKVMe/cMhTAl
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:34 2024 by rpki-client on console-ams.rpki-client.org