Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/2j6aW7yHBW---i7A6Mbk2kufMGM.roa
File: 2j6aW7yHBW---i7A6Mbk2kufMGM.roa (raw, json)
Hash identifier: ekRMTRyThDooMKpQUcPCZTJ5IrY7CtdjylSj6ktqPRM=
Subject key identifier: DA:3E:9A:5B:BC:87:05:6F:BE:FA:2E:C0:E8:C6:E4:DA:4B:9F:30:63
Certificate issuer: /CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Certificate serial: 018571C303CC35A46E85E341A7D657F22F30
Authority key identifier: 1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/2j6aW7yHBW---i7A6Mbk2kufMGM.roa
Signing time: Mon 02 Jan 2023 09:14:43 +0000
ROA not before: Mon 02 Jan 2023 09:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200290
IP address blocks: 185.171.104.0/24 maxlen: 24
185.171.104.0/23 maxlen: 23
185.171.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:03:cc:35:a4:6e:85:e3:41:a7:d6:57:f2:2f:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Validity
Not Before: Jan 2 09:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da3e9a5bbc87056fbefa2ec0e8c6e4da4b9f3063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bb:e3:11:84:5b:4d:f7:76:ef:b8:40:51:27:
1b:84:71:2e:7d:c6:c1:8c:cd:f5:0a:fe:ad:9f:70:
a7:cd:b0:7b:a0:b8:c2:9e:e0:8a:46:ca:29:cf:de:
75:97:78:f2:29:be:2b:e2:7a:df:80:9a:8a:85:49:
08:0b:75:0f:2d:37:00:1f:28:f0:65:d4:5c:b7:88:
5c:8b:1b:18:2d:c2:35:33:7d:79:ce:88:e1:8c:ca:
70:3a:b4:44:0b:d2:36:cd:fc:46:a0:d4:26:a2:04:
6a:bd:30:b2:6a:a7:b4:0c:63:0f:2f:da:a3:5c:d8:
0f:c3:a5:84:c1:c1:42:8b:51:4e:80:fc:19:23:97:
e6:15:8e:9d:55:a7:d0:76:31:63:9a:06:f8:54:90:
c1:53:cc:9e:91:c0:48:0a:2b:97:1f:46:31:22:94:
35:3a:60:88:62:9a:8d:b1:96:9d:8a:70:65:dc:40:
2a:57:c1:c2:99:f8:c2:a4:2f:e0:71:a0:01:a9:40:
76:71:d6:42:7c:42:0d:e5:72:46:a4:50:98:10:75:
a4:1e:1c:da:8c:1d:bc:55:24:29:87:41:ea:f9:f3:
f1:9f:22:ca:eb:62:54:a3:86:76:35:d7:b3:4d:14:
de:b9:d9:f4:09:d8:fe:35:82:bf:5e:b3:9c:61:6c:
5d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3E:9A:5B:BC:87:05:6F:BE:FA:2E:C0:E8:C6:E4:DA:4B:9F:30:63
X509v3 Authority Key Identifier:
keyid:1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/2j6aW7yHBW---i7A6Mbk2kufMGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.104.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:87:4b:e8:98:7f:1c:69:57:12:b8:1f:22:04:48:d4:b3:77:
04:4e:f8:99:f5:20:f3:68:fd:5a:2e:f4:23:a2:c0:a7:d3:e6:
21:9f:90:bd:d6:4b:3f:9b:0b:f6:41:6a:92:7d:17:05:aa:58:
31:77:37:39:5f:99:9f:a6:28:f4:94:a5:f5:f0:ca:c7:bc:8d:
dc:af:a8:8a:09:5b:c2:9e:d0:a4:d6:bc:71:27:0f:a9:97:7b:
bf:24:49:3d:2b:17:b1:08:bd:88:d1:a5:30:30:2d:41:43:71:
50:a9:d1:14:f1:07:86:af:f1:26:04:cb:52:ef:17:ef:eb:45:
04:88:84:0a:75:16:c0:86:f0:2f:4b:07:95:de:17:4e:41:6d:
19:b8:1d:b0:74:86:86:2d:36:82:80:2e:61:02:8e:bd:d2:be:
f3:2e:37:bf:62:69:ea:cf:cf:06:3d:cb:7c:53:79:df:33:f4:
73:9a:ae:bd:93:99:d4:35:fd:ba:46:5b:26:5a:0d:c1:80:c6:
10:b2:62:41:b4:93:f9:3a:3c:ef:c7:d2:54:28:6c:c8:fa:f9:
a6:dc:01:e5:31:88:a4:fb:df:ee:f6:cc:4f:75:46:0a:a0:b2:
55:76:69:fb:19:53:5b:e5:c5:83:a4:7b:26:8b:11:4a:1e:52:
8d:cf:ca:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxwwPMNaRuheNBp9ZX8i8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGY1OTUxYzlhZTc5OTc2ZDk3ZTFkMjhlNDY2YTYxNTEx
OTg5OGIwHhcNMjMwMTAyMDkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTNlOWE1YmJjODcwNTZmYmVmYTJlYzBlOGM2ZTRkYTRiOWYzMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLvjEYRbTfd277hAUScbhHEufcbB
jM31Cv6tn3CnzbB7oLjCnuCKRsopz951l3jyKb4r4nrfgJqKhUkIC3UPLTcAHyjw
ZdRct4hcixsYLcI1M315zojhjMpwOrREC9I2zfxGoNQmogRqvTCyaqe0DGMPL9qj
XNgPw6WEwcFCi1FOgPwZI5fmFY6dVafQdjFjmgb4VJDBU8yekcBICiuXH0YxIpQ1
OmCIYpqNsZadinBl3EAqV8HCmfjCpC/gcaABqUB2cdZCfEIN5XJGpFCYEHWkHhza
jB28VSQph0Hq+fPxnyLK62JUo4Z2NdezTRTeudn0Cdj+NYK/XrOcYWxdhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNo+mlu8hwVvvvouwOjG5NpLnzBjMB8GA1UdIwQY
MBaAFB3fWVHJrnmXbZfh0o5GamFRGYmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYt
MGU5NmIxZmZiMjQ3LzEvMmo2YVc3eUhCVy0tLWk3QTZNYmsya3VmTUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYtMGU5NmIxZmZiMjQ3
LzEvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuatoMA0G
CSqGSIb3DQEBCwUAA4IBAQAfh0vomH8caVcSuB8iBEjUs3cETviZ9SDzaP1aLvQj
osCn0+Yhn5C91ks/mwv2QWqSfRcFqlgxdzc5X5mfpij0lKX18MrHvI3cr6iKCVvC
ntCk1rxxJw+pl3u/JEk9KxexCL2I0aUwMC1BQ3FQqdEU8QeGr/EmBMtS7xfv60UE
iIQKdRbAhvAvSweV3hdOQW0ZuB2wdIaGLTaCgC5hAo690r7zLje/Ymnqz88GPct8
U3nfM/Rzmq69k5nUNf26RlsmWg3BgMYQsmJBtJP5Ojzvx9JUKGzI+vmm3AHlMYik
+9/u9sxPdUYKoLJVdmn7GVNb5cWDpHsmixFKHlKNz8qz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:10 2023 by rpki-client on console-fra.rpki-client.org