Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/I5SANlYmfx8XuNh99Ojvi1htR7o.roa
File: I5SANlYmfx8XuNh99Ojvi1htR7o.roa (raw, json)
Hash identifier: BCsAF4AOUDSI4av7mq2V7PXhGm7DdaOSDpT5jBn+AbA=
Subject key identifier: 23:94:80:36:56:26:7F:1F:17:B8:D8:7D:F4:E8:EF:8B:58:6D:47:BA
Certificate issuer: /CN=887e81ba84344598c61462833aadf3204eae087c
Certificate serial: 018571956D2F7F0A31BF9F668AB0F387D439
Authority key identifier: 88:7E:81:BA:84:34:45:98:C6:14:62:83:3A:AD:F3:20:4E:AE:08:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/I5SANlYmfx8XuNh99Ojvi1htR7o.roa
Signing time: Mon 02 Jan 2023 08:24:56 +0000
ROA not before: Mon 02 Jan 2023 08:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35132
IP address blocks: 185.165.196.0/22 maxlen: 22
2a0a:2200::/29 maxlen: 29
2a0a:2200::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:6d:2f:7f:0a:31:bf:9f:66:8a:b0:f3:87:d4:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=887e81ba84344598c61462833aadf3204eae087c
Validity
Not Before: Jan 2 08:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2394803656267f1f17b8d87df4e8ef8b586d47ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f4:ef:8c:84:bf:bb:05:52:14:30:0b:6e:3b:
3c:74:45:22:82:d5:08:48:6c:1c:d0:21:86:d1:69:
b3:eb:f6:ee:d8:8a:bf:8a:ce:f8:78:35:25:6a:0d:
4c:c1:1f:5e:4c:e3:48:76:b2:73:d1:45:6a:a7:b5:
b6:2d:19:9f:ba:6b:d8:d1:6b:1e:95:41:a1:2a:08:
ec:cb:9a:61:97:ec:bb:96:a9:1c:58:22:14:4e:40:
55:2a:e1:5f:30:b1:85:77:7e:75:ac:16:8f:2b:b0:
20:1b:aa:c6:7a:9e:a2:7c:7c:4d:11:a7:7e:a1:36:
9e:d5:8c:c8:ea:f0:55:ce:37:52:9f:56:b2:a8:54:
3a:85:6c:f6:54:7f:f1:bb:fb:5b:dd:f0:c3:4d:10:
1d:92:38:9d:a5:11:fc:82:6e:74:ae:11:95:b3:4f:
8a:b9:54:ea:cc:30:92:74:5c:58:9a:d2:0a:47:05:
56:46:07:62:4b:5c:fb:b1:78:6f:02:c5:7b:b7:af:
ed:ae:84:41:ad:83:ca:17:bf:ba:c0:db:8f:49:08:
eb:9e:05:8d:da:81:bf:11:e0:bf:4d:c9:cf:12:63:
0d:79:fd:7d:43:b9:bc:83:59:9f:de:50:67:9f:dd:
c7:31:94:78:43:f2:0d:41:d3:f8:44:e9:d0:01:2e:
44:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:94:80:36:56:26:7F:1F:17:B8:D8:7D:F4:E8:EF:8B:58:6D:47:BA
X509v3 Authority Key Identifier:
keyid:88:7E:81:BA:84:34:45:98:C6:14:62:83:3A:AD:F3:20:4E:AE:08:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/I5SANlYmfx8XuNh99Ojvi1htR7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.196.0/22
IPv6:
2a0a:2200::/29
Signature Algorithm: sha256WithRSAEncryption
50:3f:57:1e:6c:c9:7d:0c:58:4f:da:07:36:64:cb:6b:9f:56:
22:25:29:09:fa:0a:bd:c0:45:aa:ad:34:1e:41:1e:1a:20:29:
11:4a:1d:2b:f8:b1:0a:9b:b4:d0:5f:b0:7d:b4:f5:05:0c:bc:
05:94:a5:21:9f:db:23:2f:2a:bc:da:4c:7d:c9:f9:38:63:d8:
10:9f:28:3a:3d:50:f9:46:21:0b:6c:57:a4:f6:8c:a8:e2:bf:
23:01:88:92:a9:43:65:9d:c8:32:3c:80:71:00:75:0d:88:80:
52:fd:bf:d1:4c:d9:20:ca:29:d3:b1:ec:d0:86:2d:9d:d2:ff:
82:e7:56:56:20:9c:6b:d2:a1:79:03:1c:d0:bc:48:b0:19:1f:
75:d0:f0:db:0d:ed:ee:b1:a5:09:bc:c7:ca:c1:e9:e9:4a:e8:
94:65:d4:32:75:7e:2a:f7:49:bb:77:50:af:06:3d:34:24:60:
76:82:92:97:a0:41:00:0d:2a:99:b6:22:09:bf:aa:ed:1d:85:
82:0f:f6:01:cd:f5:21:37:79:46:19:44:60:c1:80:e3:2f:be:
e0:c8:da:68:5d:49:c9:ef:a6:ac:a3:f6:e3:0d:44:95:01:67:
5f:84:b3:4c:b0:7e:2d:02:6c:ef:9d:b4:24:79:1e:07:21:b7:
24:65:89:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxlW0vfwoxv59mirDzh9Q5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4N2U4MWJhODQzNDQ1OThjNjE0NjI4MzNhYWRmMzIwNGVh
ZTA4N2MwHhcNMjMwMTAyMDgyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk0ODAzNjU2MjY3ZjFmMTdiOGQ4N2RmNGU4ZWY4YjU4NmQ0N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPTvjIS/uwVSFDALbjs8dEUigtUI
SGwc0CGG0Wmz6/bu2Iq/is74eDUlag1MwR9eTONIdrJz0UVqp7W2LRmfumvY0Wse
lUGhKgjsy5phl+y7lqkcWCIUTkBVKuFfMLGFd351rBaPK7AgG6rGep6ifHxNEad+
oTae1YzI6vBVzjdSn1ayqFQ6hWz2VH/xu/tb3fDDTRAdkjidpRH8gm50rhGVs0+K
uVTqzDCSdFxYmtIKRwVWRgdiS1z7sXhvAsV7t6/troRBrYPKF7+6wNuPSQjrngWN
2oG/EeC/TcnPEmMNef19Q7m8g1mf3lBnn93HMZR4Q/INQdP4ROnQAS5E5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCOUgDZWJn8fF7jYffTo74tYbUe6MB8GA1UdIwQY
MBaAFIh+gbqENEWYxhRigzqt8yBOrgh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUg2QnVvUTBSWmpHRkdLRE9xM3pJRTZ1Q0h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iNDViNDctYzJmZC00MmFmLTk4YmQt
ZTAxNjI0MDFmZjdhLzEvSTVTQU5sWW1meDhYdU5oOTlPanZpMWh0UjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iNDViNDctYzJmZC00MmFmLTk4YmQtZTAxNjI0MDFmZjdh
LzEvaUg2QnVvUTBSWmpHRkdLRE9xM3pJRTZ1Q0h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaXEMA0E
AgACMAcDBQMqCiIAMA0GCSqGSIb3DQEBCwUAA4IBAQBQP1cebMl9DFhP2gc2ZMtr
n1YiJSkJ+gq9wEWqrTQeQR4aICkRSh0r+LEKm7TQX7B9tPUFDLwFlKUhn9sjLyq8
2kx9yfk4Y9gQnyg6PVD5RiELbFek9oyo4r8jAYiSqUNlncgyPIBxAHUNiIBS/b/R
TNkgyinTsezQhi2d0v+C51ZWIJxr0qF5AxzQvEiwGR910PDbDe3usaUJvMfKwenp
SuiUZdQydX4q90m7d1CvBj00JGB2gpKXoEEADSqZtiIJv6rtHYWCD/YBzfUhN3lG
GURgwYDjL77gyNpoXUnJ76aso/bjDUSVAWdfhLNMsH4tAmzvnbQkeR4HIbckZYmw
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:39 2024 by rpki-client on console-fra.rpki-client.org