Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/9he6ozaUGz70Wu7KTiHgqFoBtDA.roa
File: 9he6ozaUGz70Wu7KTiHgqFoBtDA.roa (raw, json)
Hash identifier: RLrjZlRapWP9yufwsMJ0Qqt45/YZT6PFP1RaOA1q5S0=
Subject key identifier: F6:17:BA:A3:36:94:1B:3E:F4:5A:EE:CA:4E:21:E0:A8:5A:01:B4:30
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 01856EAFC398DBCE3D211A129D9AC2A18AC1
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/9he6ozaUGz70Wu7KTiHgqFoBtDA.roa
Signing time: Sun 01 Jan 2023 18:54:50 +0000
ROA not before: Sun 01 Jan 2023 18:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 85.153.48.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c3:98:db:ce:3d:21:1a:12:9d:9a:c2:a1:8a:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 1 18:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f617baa336941b3ef45aeeca4e21e0a85a01b430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2d:69:d4:7e:16:85:64:ad:96:b2:89:f5:17:
7e:7e:e4:76:40:20:90:40:6c:e7:09:dc:c7:02:35:
b5:2e:51:38:c9:21:16:04:d8:e7:00:bb:30:21:ee:
cd:5f:06:06:94:66:5f:9d:72:d0:fd:cf:5d:24:87:
bc:f6:3d:bd:4c:7d:4d:ac:2a:80:6d:c2:ca:5a:f4:
67:a2:5a:54:f6:9b:0a:ad:c5:c2:64:bc:a5:11:ff:
d5:04:79:ce:75:48:28:a1:66:14:a3:25:51:9f:4e:
f9:83:fd:8a:1e:b0:8d:04:e1:c5:28:ca:09:1f:05:
97:5c:d5:b9:7d:1f:a7:23:51:39:34:c3:97:24:63:
2b:65:3e:9d:5e:e2:c2:83:6c:d8:ad:38:70:0d:12:
04:d2:f2:14:ae:56:b7:c6:a9:3a:40:3d:76:02:9e:
fc:ce:8e:00:ca:ae:eb:8a:38:85:22:e8:1b:87:39:
34:97:15:38:40:f7:ee:b8:90:84:43:1a:ee:f4:1c:
6a:32:d7:75:40:a3:d4:c5:d6:f0:20:0e:09:77:35:
99:0f:29:24:e5:ed:e4:33:aa:f6:59:3d:d6:5d:cf:
ff:1d:7e:17:d7:12:57:a9:0b:6d:86:1f:81:a4:09:
3d:48:c2:0a:be:4a:de:d0:2a:d6:23:34:2e:61:cd:
dc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:17:BA:A3:36:94:1B:3E:F4:5A:EE:CA:4E:21:E0:A8:5A:01:B4:30
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/9he6ozaUGz70Wu7KTiHgqFoBtDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.48.0/22
Signature Algorithm: sha256WithRSAEncryption
65:86:69:13:9c:43:dc:27:dc:eb:44:d7:0d:dc:81:ac:42:35:
90:af:83:83:67:e5:f6:b9:a5:4e:06:55:d8:cf:95:12:68:d6:
62:f0:6d:15:6c:38:82:ae:7c:af:54:0a:28:0a:ba:e1:60:31:
44:eb:a0:7d:5c:ab:44:00:7a:7e:1b:4e:1d:d1:53:b7:22:8f:
67:24:29:d2:54:75:51:a7:5e:ce:a3:38:80:62:5a:a8:cb:de:
84:16:2a:89:7e:7b:d2:cd:1f:b4:73:0b:86:5f:6b:45:34:02:
f4:c1:93:a7:7f:07:c4:ee:c0:d6:d0:02:bd:b4:a3:a6:8c:f7:
35:5c:d8:e0:a7:04:2a:27:6a:9c:13:99:ba:ea:8c:b0:7c:1d:
54:d0:34:6a:e1:d5:5e:d1:bb:af:59:e9:d5:b3:d9:0c:68:18:
73:6a:b6:cf:d8:16:a0:61:de:b5:f0:74:85:46:13:ea:4f:34:
09:d6:da:58:c1:fe:fc:bc:2e:ac:bf:fb:11:fb:54:dc:70:35:
41:dc:b7:e6:c0:c0:11:95:a4:24:02:e1:8c:80:43:43:1c:c0:
67:8c:ca:a6:5d:34:68:d0:c7:2f:b6:49:0c:6a:0d:47:ea:25:
26:2f:77:e8:8b:ad:0a:1a:56:7d:12:84:de:b2:ec:c3:95:8b:
ff:75:fd:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur8OY2849IRoSnZrCoYrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwMTAxMTg1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE3YmFhMzM2OTQxYjNlZjQ1YWVlY2E0ZTIxZTBhODVhMDFiNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3S1p1H4WhWStlrKJ9Rd+fuR2QCCQ
QGznCdzHAjW1LlE4ySEWBNjnALswIe7NXwYGlGZfnXLQ/c9dJIe89j29TH1NrCqA
bcLKWvRnolpU9psKrcXCZLylEf/VBHnOdUgooWYUoyVRn075g/2KHrCNBOHFKMoJ
HwWXXNW5fR+nI1E5NMOXJGMrZT6dXuLCg2zYrThwDRIE0vIUrla3xqk6QD12Ap78
zo4Ayq7rijiFIugbhzk0lxU4QPfuuJCEQxru9BxqMtd1QKPUxdbwIA4JdzWZDykk
5e3kM6r2WT3WXc//HX4X1xJXqQtthh+BpAk9SMIKvkre0CrWIzQuYc3cTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPYXuqM2lBs+9Fruyk4h4KhaAbQwMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvOWhlNm96YVVHejcwV3U3S1RpSGdxRm9CdERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVZkwMA0G
CSqGSIb3DQEBCwUAA4IBAQBlhmkTnEPcJ9zrRNcN3IGsQjWQr4ODZ+X2uaVOBlXY
z5USaNZi8G0VbDiCrnyvVAooCrrhYDFE66B9XKtEAHp+G04d0VO3Io9nJCnSVHVR
p17OoziAYlqoy96EFiqJfnvSzR+0cwuGX2tFNAL0wZOnfwfE7sDW0AK9tKOmjPc1
XNjgpwQqJ2qcE5m66oywfB1U0DRq4dVe0buvWenVs9kMaBhzarbP2BagYd618HSF
RhPqTzQJ1tpYwf78vC6sv/sR+1TccDVB3LfmwMARlaQkAuGMgENDHMBnjMqmXTRo
0McvtkkMag1H6iUmL3foi60KGlZ9EoTesuzDlYv/df0+
-----END CERTIFICATE-----
Generated at Thu Aug 31 11:26:49 2023 by rpki-client on console-fra.rpki-client.org