Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/pCycp_-pbceEYmG4CB_0tvDcsG0.roa
File: pCycp_-pbceEYmG4CB_0tvDcsG0.roa (raw, json)
Hash identifier: gK4wUXgiykDWCCBignIIMGP0k0JAuNpeizXgM6Rh4Kk=
Subject key identifier: A4:2C:9C:A7:FF:A9:6D:C7:84:62:61:B8:08:1F:F4:B6:F0:DC:B0:6D
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 01856DCADBCE9AC9E0A33E693ABCF39005DE
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/pCycp_-pbceEYmG4CB_0tvDcsG0.roa
Signing time: Sun 01 Jan 2023 14:44:49 +0000
ROA not before: Sun 01 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199412
IP address blocks: 185.13.208.0/22 maxlen: 24
2a03:a540::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:db:ce:9a:c9:e0:a3:3e:69:3a:bc:f3:90:05:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Jan 1 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a42c9ca7ffa96dc7846261b8081ff4b6f0dcb06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1b:41:33:78:f7:9e:ca:b8:98:d8:eb:94:5b:
af:90:70:11:43:4f:c7:d8:c0:2e:4d:3f:f3:f7:52:
68:0b:a1:01:54:0c:0e:47:10:de:c7:ab:c0:55:39:
af:b1:fa:61:24:84:50:50:18:63:e9:66:b9:63:01:
48:bf:03:81:22:68:a1:3e:2b:24:95:e5:a0:80:ed:
c0:1b:b6:3c:5a:41:fd:30:1b:d3:5a:93:cb:71:86:
93:ff:8a:34:8d:19:ae:1f:28:bd:ab:5f:38:7a:a1:
48:06:d7:65:37:0b:75:47:ba:cc:f7:90:84:ca:8a:
bd:4d:85:ed:37:42:90:f0:2d:59:7f:8a:02:a6:5b:
ea:ad:a0:64:78:06:f2:e1:0e:5d:76:cf:1d:c8:1e:
a6:57:7a:dd:54:63:9c:37:99:27:47:cf:85:ec:7b:
af:dc:67:50:d9:b0:bb:be:13:ff:64:ef:85:92:d1:
69:c7:13:c5:a7:1a:ea:a9:14:ee:fb:bc:32:0d:21:
05:e0:70:da:39:c2:f5:39:47:b8:2e:31:bc:c3:8e:
62:e3:56:18:86:16:af:73:88:68:cf:b1:a9:e1:ac:
76:a3:98:56:59:3b:98:a4:10:3e:9b:90:92:f8:ac:
fa:49:93:9f:f0:f6:de:f2:08:01:41:35:32:67:10:
91:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:2C:9C:A7:FF:A9:6D:C7:84:62:61:B8:08:1F:F4:B6:F0:DC:B0:6D
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/pCycp_-pbceEYmG4CB_0tvDcsG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
61:e1:5b:40:bf:1d:dd:46:8d:ff:ac:80:da:af:f7:b2:dc:45:
d7:09:c2:c1:d8:43:a5:b8:78:e1:d5:c4:aa:b5:56:f1:a0:c6:
a2:17:e0:a4:25:22:1c:8c:4f:e0:06:85:9a:ce:03:d2:ca:b8:
a6:32:c1:95:f1:cc:17:8b:47:4e:8c:5e:01:de:8f:b2:b1:ee:
62:5a:8f:79:00:6b:7a:2d:b9:9f:2f:e2:18:f5:d6:dc:e5:41:
55:89:be:5b:b8:c2:cd:ba:ec:4f:58:7a:64:dd:cd:6f:28:72:
ff:bf:98:e0:fe:e3:e5:52:6e:44:8a:d6:80:a4:c5:7c:ac:c2:
29:f1:db:8e:50:48:2d:1d:28:8c:6e:da:b7:14:e9:5e:d5:55:
d7:32:9f:c2:d3:4e:1b:77:d0:7e:e5:2c:8a:36:db:42:fa:43:
ab:51:37:04:03:fd:80:0d:bf:35:e4:df:fb:25:36:1d:e5:0d:
91:d3:0b:58:cf:cb:7a:30:b4:72:a5:1a:61:14:9d:91:8d:28:
d0:e9:54:05:c9:c7:db:0d:b6:d9:77:64:22:11:07:1f:56:9a:
cc:c4:cd:ab:5a:ea:dd:b4:9f:5f:da:74:64:a9:ae:cb:3d:ea:
1e:8a:c8:97:f5:ab:c6:d6:75:cf:69:8c:68:80:f5:70:2d:59:
ca:ab:b7:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtytvOmsngoz5pOrzzkAXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjMwMTAxMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDJjOWNhN2ZmYTk2ZGM3ODQ2MjYxYjgwODFmZjRiNmYwZGNiMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghtBM3j3nsq4mNjrlFuvkHARQ0/H
2MAuTT/z91JoC6EBVAwORxDex6vAVTmvsfphJIRQUBhj6Wa5YwFIvwOBImihPisk
leWggO3AG7Y8WkH9MBvTWpPLcYaT/4o0jRmuHyi9q184eqFIBtdlNwt1R7rM95CE
yoq9TYXtN0KQ8C1Zf4oCplvqraBkeAby4Q5dds8dyB6mV3rdVGOcN5knR8+F7Huv
3GdQ2bC7vhP/ZO+FktFpxxPFpxrqqRTu+7wyDSEF4HDaOcL1OUe4LjG8w45i41YY
hhavc4hoz7Gp4ax2o5hWWTuYpBA+m5CS+Kz6SZOf8Pbe8ggBQTUyZxCRpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKQsnKf/qW3HhGJhuAgf9Lbw3LBtMB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvcEN5Y3BfLXBiY2VFWW1HNENCXzB0dkRjc0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQBh4VtAvx3dRo3/rIDar/ey
3EXXCcLB2EOluHjh1cSqtVbxoMaiF+CkJSIcjE/gBoWazgPSyrimMsGV8cwXi0dO
jF4B3o+yse5iWo95AGt6LbmfL+IY9dbc5UFVib5buMLNuuxPWHpk3c1vKHL/v5jg
/uPlUm5EitaApMV8rMIp8duOUEgtHSiMbtq3FOle1VXXMp/C004bd9B+5SyKNttC
+kOrUTcEA/2ADb815N/7JTYd5Q2R0wtYz8t6MLRypRphFJ2RjSjQ6VQFycfbDbbZ
d2QiEQcfVprMxM2rWurdtJ9f2nRkqa7LPeoeisiX9avG1nXPaYxogPVwLVnKq7co
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:02 2024 by rpki-client on console-ams.rpki-client.org