Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/pxCISVmPD4V28hH9ke9GZDyeUsg.roa
File: pxCISVmPD4V28hH9ke9GZDyeUsg.roa (raw, json)
Hash identifier: sYLuXj5Lx2cKInLrBYae1YYsEqnecoWWPtHikT/LJDs=
Subject key identifier: A7:10:88:49:59:8F:0F:85:76:F2:11:FD:91:EF:46:64:3C:9E:52:C8
Certificate issuer: /CN=7a43253a368fc6475853971ba9235be0233d8b7c
Certificate serial: 01856BEEC7296DA05D21638C38ADA5D57E41
Authority key identifier: 7A:43:25:3A:36:8F:C6:47:58:53:97:1B:A9:23:5B:E0:23:3D:8B:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ekMlOjaPxkdYU5cbqSNb4CM9i3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/pxCISVmPD4V28hH9ke9GZDyeUsg.roa
Signing time: Sun 01 Jan 2023 06:04:48 +0000
ROA not before: Sun 01 Jan 2023 06:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198682
IP address blocks: 185.249.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:c7:29:6d:a0:5d:21:63:8c:38:ad:a5:d5:7e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a43253a368fc6475853971ba9235be0233d8b7c
Validity
Not Before: Jan 1 06:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7108849598f0f8576f211fd91ef46643c9e52c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ad:cf:af:74:a9:2a:19:81:f0:45:9f:a4:5d:
00:07:6f:24:e0:8b:7c:2a:40:48:41:d3:18:ee:5e:
33:e7:72:6b:24:0b:52:08:49:a4:b9:5a:e3:d6:5e:
98:a3:a8:0d:b8:7b:1c:6f:03:d2:bc:13:a7:ae:78:
24:55:f3:a6:e1:06:61:9b:6c:29:c9:3a:83:d8:a2:
eb:a7:a8:03:c5:89:59:92:40:9c:df:eb:85:19:94:
31:11:b8:98:a2:49:67:43:21:cb:39:a6:37:43:57:
6f:99:35:eb:3e:7e:fd:fe:c8:e5:c4:f5:af:9b:a0:
a5:ae:1d:e7:0b:e0:5e:0c:c3:9b:3f:bf:57:e6:d6:
6a:b7:67:a3:97:56:16:2c:11:54:5c:18:5f:03:f8:
2d:2e:1e:55:06:5d:6c:96:f2:f7:b1:7c:33:70:c8:
99:55:84:cc:67:f2:8c:41:7a:21:7f:c1:fa:2e:be:
b0:22:c5:23:83:17:53:56:48:3e:84:c5:b7:72:3a:
68:2c:54:0b:c4:59:71:26:8d:cc:52:c0:ed:ae:ee:
fb:ca:1d:8a:c3:20:ed:d9:03:50:5d:99:a0:9f:9c:
e6:d4:c5:1c:07:c7:ab:4e:c7:ea:48:dc:61:c5:12:
84:42:1d:42:2e:38:a2:39:f8:96:0c:0a:19:e3:a1:
63:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:10:88:49:59:8F:0F:85:76:F2:11:FD:91:EF:46:64:3C:9E:52:C8
X509v3 Authority Key Identifier:
keyid:7A:43:25:3A:36:8F:C6:47:58:53:97:1B:A9:23:5B:E0:23:3D:8B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekMlOjaPxkdYU5cbqSNb4CM9i3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/pxCISVmPD4V28hH9ke9GZDyeUsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.32.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:aa:0b:f5:30:c3:84:2d:ec:28:a2:a9:e3:b5:10:81:2a:08:
b1:a8:74:e0:74:08:32:d5:a0:76:97:1b:3b:8e:e0:21:6c:ce:
ac:6a:ab:61:06:f9:f7:f4:e8:12:84:8f:69:db:ef:28:fe:d2:
51:2c:5e:4a:73:fb:82:6f:68:7e:ef:db:b5:7d:b3:8c:35:7e:
17:7d:0a:fc:84:cc:4c:08:c0:79:d9:47:30:a8:b1:ba:6f:54:
40:13:90:bf:3c:a6:18:80:08:a2:23:04:b4:fd:82:4c:8a:e7:
52:87:7a:77:9a:48:a9:45:65:d3:82:16:32:03:f5:c0:33:26:
70:9f:13:2b:65:46:ee:ab:2c:d4:7d:f9:d1:fb:c9:ba:2f:b8:
34:72:4f:90:c9:69:fb:46:4a:dd:4b:11:0f:2a:a5:dd:0a:7d:
d5:68:d3:d7:a5:31:f5:13:d5:86:8b:c1:c3:5e:2b:d4:80:01:
b2:a1:38:d5:ab:2f:23:7a:bf:fe:6e:9f:e7:b3:f4:ed:48:b6:
94:f9:3a:7c:64:34:4f:f6:fc:b5:2c:90:04:c4:21:35:68:9f:
0f:6f:3f:2b:cb:59:c9:46:7a:bd:a7:4f:28:2a:42:9f:bf:4c:
ef:e2:90:05:ab:2a:7a:55:40:d5:82:21:97:77:46:b2:ee:70:
6e:a4:41:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7scpbaBdIWOMOK2l1X5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNDMyNTNhMzY4ZmM2NDc1ODUzOTcxYmE5MjM1YmUwMjMz
ZDhiN2MwHhcNMjMwMTAxMDYwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzEwODg0OTU5OGYwZjg1NzZmMjExZmQ5MWVmNDY2NDNjOWU1MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq3Pr3SpKhmB8EWfpF0AB28k4It8
KkBIQdMY7l4z53JrJAtSCEmkuVrj1l6Yo6gNuHscbwPSvBOnrngkVfOm4QZhm2wp
yTqD2KLrp6gDxYlZkkCc3+uFGZQxEbiYoklnQyHLOaY3Q1dvmTXrPn79/sjlxPWv
m6Clrh3nC+BeDMObP79X5tZqt2ejl1YWLBFUXBhfA/gtLh5VBl1slvL3sXwzcMiZ
VYTMZ/KMQXohf8H6Lr6wIsUjgxdTVkg+hMW3cjpoLFQLxFlxJo3MUsDtru77yh2K
wyDt2QNQXZmgn5zm1MUcB8erTsfqSNxhxRKEQh1CLjiiOfiWDAoZ46FjoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcQiElZjw+FdvIR/ZHvRmQ8nlLIMB8GA1UdIwQY
MBaAFHpDJTo2j8ZHWFOXG6kjW+AjPYt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWtNbE9qYVB4a2RZVTVjYnFTTmI0Q005aTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iY2FlN2QtOWRhYS00ZmMxLTgwN2It
N2Y2ZGVhMzhlN2FhLzEvcHhDSVNWbVBENFYyOGhIOWtlOUdaRHllVXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9iY2FlN2QtOWRhYS00ZmMxLTgwN2ItN2Y2ZGVhMzhlN2Fh
LzEvZWtNbE9qYVB4a2RZVTVjYnFTTmI0Q005aTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufkgMA0G
CSqGSIb3DQEBCwUAA4IBAQAsqgv1MMOELewooqnjtRCBKgixqHTgdAgy1aB2lxs7
juAhbM6saqthBvn39OgShI9p2+8o/tJRLF5Kc/uCb2h+79u1fbOMNX4XfQr8hMxM
CMB52UcwqLG6b1RAE5C/PKYYgAiiIwS0/YJMiudSh3p3mkipRWXTghYyA/XAMyZw
nxMrZUbuqyzUffnR+8m6L7g0ck+QyWn7RkrdSxEPKqXdCn3VaNPXpTH1E9WGi8HD
XivUgAGyoTjVqy8jer/+bp/ns/TtSLaU+Tp8ZDRP9vy1LJAExCE1aJ8Pbz8ry1nJ
Rnq9p08oKkKfv0zv4pAFqyp6VUDVgiGXd0ay7nBupEHa
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:58 2024 by rpki-client on console-fra.rpki-client.org