Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/APlF4h6sQNj5RoAexdSenleWHfo.roa
File: APlF4h6sQNj5RoAexdSenleWHfo.roa (raw, json)
Hash identifier: mImnpexZ8QEhj63Dx5SGIbDNEiG9IrRCTBj/s7Wi84g=
Subject key identifier: 00:F9:45:E2:1E:AC:40:D8:F9:46:80:1E:C5:D4:9E:9E:57:96:1D:FA
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 01856DCADAD42D1020A726E740AC8BF48741
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/APlF4h6sQNj5RoAexdSenleWHfo.roa
Signing time: Sun 01 Jan 2023 14:44:48 +0000
ROA not before: Sun 01 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47215
IP address blocks: 185.13.208.0/22 maxlen: 24
2a03:a540::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:da:d4:2d:10:20:a7:26:e7:40:ac:8b:f4:87:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Jan 1 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00f945e21eac40d8f946801ec5d49e9e57961dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7b:e5:ac:b5:bc:2d:9b:cf:b4:3a:36:aa:76:
f4:56:cc:ce:36:6f:93:eb:a5:aa:86:3f:54:86:62:
c8:f7:60:ba:94:4f:64:e8:29:90:a5:fe:e7:3b:0f:
17:c8:06:ce:93:f1:c3:4b:02:54:8e:3c:f1:15:e3:
b0:4e:a8:3c:43:6c:08:07:ea:48:1f:2f:ca:89:b5:
54:1d:01:c4:8c:50:b4:8d:b6:28:82:b0:2d:2e:da:
83:f2:4a:a1:67:0a:24:61:59:aa:14:33:8b:e6:cc:
6e:b2:d6:14:89:e8:7c:a2:27:f8:16:74:73:3c:10:
54:d8:0a:fe:08:4b:55:d9:41:7b:d8:9b:72:73:9c:
e4:60:76:16:c4:d3:19:fc:50:80:e2:fb:da:99:6e:
7b:0d:92:b1:70:50:cc:a4:13:dc:bd:fb:7e:e5:3a:
bc:0c:05:05:e3:be:6b:ef:07:a5:15:40:e6:a2:e5:
15:14:6c:f3:3e:82:f2:11:dc:db:34:f0:aa:30:bc:
ad:eb:91:2b:b2:93:74:1a:e3:06:c6:cb:9a:d7:3b:
bc:20:d9:6e:28:d6:16:7f:c0:82:53:4f:56:19:c5:
ba:5a:59:ee:22:85:6e:1c:0a:c0:21:49:b8:64:d2:
fa:9c:04:60:c9:b3:59:31:b6:5c:a4:11:5a:b9:83:
66:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F9:45:E2:1E:AC:40:D8:F9:46:80:1E:C5:D4:9E:9E:57:96:1D:FA
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/APlF4h6sQNj5RoAexdSenleWHfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
21:b9:b6:8f:19:3a:e2:ac:ff:51:80:64:90:b8:21:51:96:51:
b6:30:75:a0:0d:09:08:95:ae:b8:e9:93:12:15:7c:88:4f:59:
b1:32:31:7b:c8:24:72:fb:6a:41:50:6a:11:12:6f:1a:10:45:
a1:5b:1d:b7:f4:8a:b5:40:39:4a:cb:87:b6:1a:f8:14:13:46:
82:5e:40:4e:8c:a4:65:a4:9b:74:12:f0:fb:e0:53:48:ca:73:
f4:6f:db:a5:27:41:c3:df:83:8f:63:e6:dc:b8:3a:89:4a:37:
6c:06:7c:1e:48:08:74:7d:55:64:06:77:fb:33:2d:68:45:5e:
1c:2d:3b:a1:c7:e0:06:7f:4c:81:34:ee:bc:f3:58:15:de:49:
88:d1:52:e6:06:25:94:00:5e:77:34:9a:b9:7a:82:0a:f3:45:
11:86:65:de:58:39:d3:ea:5f:29:be:db:1c:61:d1:f4:5a:b5:
b3:38:3a:3d:ed:45:80:c2:54:33:23:d0:33:49:36:03:68:4c:
b5:fb:0b:49:33:ca:85:d6:a3:ad:60:ab:1e:7f:63:38:c0:1e:
9f:5d:48:d1:68:b4:70:0b:21:f6:31:29:9a:36:66:d8:2c:b4:
d0:ab:ee:0d:3d:c7:97:a2:7e:73:7e:fe:ee:4c:11:b8:4a:e0:
8c:78:fb:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtytrULRAgpybnQKyL9IdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjMwMTAxMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGY5NDVlMjFlYWM0MGQ4Zjk0NjgwMWVjNWQ0OWU5ZTU3OTYxZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XvlrLW8LZvPtDo2qnb0VszONm+T
66Wqhj9UhmLI92C6lE9k6CmQpf7nOw8XyAbOk/HDSwJUjjzxFeOwTqg8Q2wIB+pI
Hy/KibVUHQHEjFC0jbYogrAtLtqD8kqhZwokYVmqFDOL5sxustYUieh8oif4FnRz
PBBU2Ar+CEtV2UF72Jtyc5zkYHYWxNMZ/FCA4vvamW57DZKxcFDMpBPcvft+5Tq8
DAUF475r7welFUDmouUVFGzzPoLyEdzbNPCqMLyt65ErspN0GuMGxsua1zu8INlu
KNYWf8CCU09WGcW6WlnuIoVuHArAIUm4ZNL6nARgybNZMbZcpBFauYNmjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAD5ReIerEDY+UaAHsXUnp5Xlh36MB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvQVBsRjRoNnNRTmo1Um9BZXhkU2VubGVXSGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQAhubaPGTrirP9RgGSQuCFR
llG2MHWgDQkIla646ZMSFXyIT1mxMjF7yCRy+2pBUGoREm8aEEWhWx239Iq1QDlK
y4e2GvgUE0aCXkBOjKRlpJt0EvD74FNIynP0b9ulJ0HD34OPY+bcuDqJSjdsBnwe
SAh0fVVkBnf7My1oRV4cLTuhx+AGf0yBNO6881gV3kmI0VLmBiWUAF53NJq5eoIK
80URhmXeWDnT6l8pvtscYdH0WrWzODo97UWAwlQzI9AzSTYDaEy1+wtJM8qF1qOt
YKsef2M4wB6fXUjRaLRwCyH2MSmaNmbYLLTQq+4NPceXon5zfv7uTBG4SuCMePsD
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:01 2024 by rpki-client on console-fra.rpki-client.org