Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3a8e4c-9217-4b1f-b6fd-842437d27279/1/0bxfF3OyEe6IFf7z9emDBtDTXD0.roa
File: 0bxfF3OyEe6IFf7z9emDBtDTXD0.roa (raw, json)
Hash identifier: nqSwVAbTIb5WAJS2LBiCBW3ohAyGNeRXt/0L3dTGfVA=
Subject key identifier: D1:BC:5F:17:73:B2:11:EE:88:15:FE:F3:F5:E9:83:06:D0:D3:5C:3D
Certificate issuer: /CN=f38627e36a4e16bdc39f0b550d74fd71e442d2c2
Certificate serial: 01856F26B93F18F632AD6D594B76BF6C7A4C
Authority key identifier: F3:86:27:E3:6A:4E:16:BD:C3:9F:0B:55:0D:74:FD:71:E4:42:D2:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84Yn42pOFr3DnwtVDXT9ceRC0sI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/3a8e4c-9217-4b1f-b6fd-842437d27279/1/0bxfF3OyEe6IFf7z9emDBtDTXD0.roa
Signing time: Sun 01 Jan 2023 21:04:46 +0000
ROA not before: Sun 01 Jan 2023 21:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62211
IP address blocks: 185.43.228.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:b9:3f:18:f6:32:ad:6d:59:4b:76:bf:6c:7a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f38627e36a4e16bdc39f0b550d74fd71e442d2c2
Validity
Not Before: Jan 1 21:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1bc5f1773b211ee8815fef3f5e98306d0d35c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b7:c8:79:d6:be:cf:08:7c:72:3f:8b:cd:8b:
15:d6:7e:37:c9:18:d1:84:46:8c:7d:ca:84:85:88:
9d:75:2f:70:20:6a:06:36:de:7f:79:3f:6d:3f:e1:
d0:ec:43:46:ee:56:8d:26:b3:b4:de:97:ad:4d:86:
04:1b:8d:f9:f2:22:d7:ab:14:2d:4e:12:8d:0b:81:
09:03:a7:d4:cd:a9:56:40:7d:ca:74:cb:89:bb:2d:
7e:e0:41:8b:a0:ba:1c:3a:61:73:18:5e:4c:2e:f8:
aa:cc:b3:93:69:98:19:e3:9f:37:67:55:35:88:a5:
e6:d8:7c:4c:8c:06:58:c4:f7:4c:59:d9:85:ac:a6:
5e:c7:fc:dd:8a:a6:e9:89:ee:3d:98:a8:8f:c0:a3:
43:d8:ca:bd:58:65:4d:5b:3b:11:e0:51:9e:ab:c6:
36:20:b5:b0:59:a9:5c:ee:b9:51:22:20:20:0f:21:
29:45:f5:3b:47:88:86:1b:8d:12:0c:3a:a3:2f:78:
70:cf:d7:ea:7f:b0:e9:1f:68:42:fb:1a:c7:07:33:
73:87:4f:02:09:a4:90:90:09:b3:98:2f:b1:a4:e3:
ad:1b:41:5e:60:5f:44:b2:29:d2:ff:15:23:65:dc:
29:fc:5e:6a:16:53:b1:ad:10:b4:94:af:04:b5:16:
b5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BC:5F:17:73:B2:11:EE:88:15:FE:F3:F5:E9:83:06:D0:D3:5C:3D
X509v3 Authority Key Identifier:
keyid:F3:86:27:E3:6A:4E:16:BD:C3:9F:0B:55:0D:74:FD:71:E4:42:D2:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84Yn42pOFr3DnwtVDXT9ceRC0sI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3a8e4c-9217-4b1f-b6fd-842437d27279/1/0bxfF3OyEe6IFf7z9emDBtDTXD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3a8e4c-9217-4b1f-b6fd-842437d27279/1/84Yn42pOFr3DnwtVDXT9ceRC0sI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.228.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:11:c3:bf:53:d6:24:aa:c3:5a:37:73:25:5d:55:16:a3:78:
ab:6d:cc:c9:ec:d5:56:f4:fa:88:5a:15:07:90:e3:cd:61:4a:
85:fd:4c:06:b3:e4:a7:b2:81:e6:77:f4:0a:17:f9:36:93:73:
67:cf:48:ce:07:ac:86:2f:59:77:10:2d:03:38:54:9d:a7:3e:
30:77:62:1f:35:72:53:f5:6f:0a:a5:1c:15:55:95:f9:e3:98:
b0:63:76:ed:0f:cf:34:8a:a2:d0:44:11:05:0f:0d:ad:9b:17:
16:1f:ff:ea:d2:19:74:a9:ab:a2:89:4c:98:b3:a5:32:3e:ea:
0b:83:8a:f0:45:64:fc:2f:cf:46:c9:3b:a7:f9:0a:73:ca:56:
51:12:c8:a4:55:fa:70:76:a8:fd:80:c8:c4:d1:f8:eb:ad:4a:
de:a0:bd:13:48:ed:87:47:57:52:34:c0:a8:3d:b7:1b:9d:07:
cd:0e:1e:7d:2d:53:a9:95:48:ef:84:8e:b8:22:05:9e:ea:b5:
71:73:98:6c:86:aa:7b:98:74:04:c1:db:02:a7:b8:05:c0:30:
f5:a7:84:94:c2:ae:dc:fa:53:a2:f1:5e:a7:7e:4d:a3:49:cc:
d7:d6:68:74:ea:fd:17:fb:61:b6:8e:80:60:60:ff:72:3b:b8:
ec:f1:c9:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJrk/GPYyrW1ZS3a/bHpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzODYyN2UzNmE0ZTE2YmRjMzlmMGI1NTBkNzRmZDcxZTQ0
MmQyYzIwHhcNMjMwMTAxMjEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWJjNWYxNzczYjIxMWVlODgxNWZlZjNmNWU5ODMwNmQwZDM1YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbfIeda+zwh8cj+LzYsV1n43yRjR
hEaMfcqEhYiddS9wIGoGNt5/eT9tP+HQ7ENG7laNJrO03petTYYEG4358iLXqxQt
ThKNC4EJA6fUzalWQH3KdMuJuy1+4EGLoLocOmFzGF5MLviqzLOTaZgZ4583Z1U1
iKXm2HxMjAZYxPdMWdmFrKZex/zdiqbpie49mKiPwKND2Mq9WGVNWzsR4FGeq8Y2
ILWwWalc7rlRIiAgDyEpRfU7R4iGG40SDDqjL3hwz9fqf7DpH2hC+xrHBzNzh08C
CaSQkAmzmC+xpOOtG0FeYF9EsinS/xUjZdwp/F5qFlOxrRC0lK8EtRa1SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNG8XxdzshHuiBX+8/XpgwbQ01w9MB8GA1UdIwQY
MBaAFPOGJ+NqTha9w58LVQ10/XHkQtLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODRZbjQycE9GcjNEbnd0VkRYVDljZVJDMHNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zYThlNGMtOTIxNy00YjFmLWI2ZmQt
ODQyNDM3ZDI3Mjc5LzEvMGJ4ZkYzT3lFZTZJRmY3ejllbURCdERUWEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zYThlNGMtOTIxNy00YjFmLWI2ZmQtODQyNDM3ZDI3Mjc5
LzEvODRZbjQycE9GcjNEbnd0VkRYVDljZVJDMHNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSvkMA0G
CSqGSIb3DQEBCwUAA4IBAQCeEcO/U9YkqsNaN3MlXVUWo3irbczJ7NVW9PqIWhUH
kOPNYUqF/UwGs+SnsoHmd/QKF/k2k3Nnz0jOB6yGL1l3EC0DOFSdpz4wd2IfNXJT
9W8KpRwVVZX545iwY3btD880iqLQRBEFDw2tmxcWH//q0hl0qauiiUyYs6UyPuoL
g4rwRWT8L89GyTun+QpzylZREsikVfpwdqj9gMjE0fjrrUreoL0TSO2HR1dSNMCo
PbcbnQfNDh59LVOplUjvhI64IgWe6rVxc5hshqp7mHQEwdsCp7gFwDD1p4SUwq7c
+lOi8V6nfk2jSczX1mh06v0X+2G2joBgYP9yO7js8cnX
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:33 2024 by rpki-client on console-ams.rpki-client.org