Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/0wGJCGJzz5obi6K7teswVNHdqIo.roa
File: 0wGJCGJzz5obi6K7teswVNHdqIo.roa (raw, json)
Hash identifier: B9UD2lKlG9+dtevdHdpkjcQ18oB1aHFL4hcOys/OQY4=
Subject key identifier: D3:01:89:08:62:73:CF:9A:1B:8B:A2:BB:B5:EB:30:54:D1:DD:A8:8A
Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Certificate serial: 01856FC2836FB9AD1ABCFBD61DDE319C415C
Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/0wGJCGJzz5obi6K7teswVNHdqIo.roa
Signing time: Sun 01 Jan 2023 23:54:56 +0000
ROA not before: Sun 01 Jan 2023 23:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212638
IP address blocks: 185.214.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:83:6f:b9:ad:1a:bc:fb:d6:1d:de:31:9c:41:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Validity
Not Before: Jan 1 23:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d30189086273cf9a1b8ba2bbb5eb3054d1dda88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f9:eb:54:01:37:de:19:9a:cd:e8:98:c0:98:
e1:e6:94:79:92:31:dd:d6:e3:fb:d3:9b:7e:60:ca:
fb:5d:a8:d1:10:38:33:f9:03:46:8e:0a:73:1a:a4:
bb:13:17:8e:71:6a:e4:94:ab:c4:53:db:ce:a4:10:
ea:dc:6e:7c:5f:d9:7e:7f:1f:03:31:26:c9:fd:74:
fd:1a:9a:71:82:36:d3:76:11:02:a7:4f:f7:4e:3b:
9a:fb:cb:f4:71:e6:03:9d:e2:38:36:f4:42:57:9a:
7d:fb:6b:a8:99:67:36:b8:e5:de:b6:34:b1:8c:b9:
f2:25:ba:97:de:b3:01:29:54:73:a2:c0:58:83:5c:
35:64:12:80:6b:27:91:31:64:25:24:e7:d5:f9:88:
0e:1f:9a:ac:92:1a:96:c0:2d:42:b7:7a:d3:50:ad:
b3:d9:6f:91:13:09:e1:d4:4e:4e:07:42:b0:1f:6d:
f2:6a:71:30:b5:13:64:2e:a7:d9:6b:7c:94:f8:00:
b0:c0:fb:fb:69:85:31:36:e4:c6:ec:14:a3:5f:f6:
00:7b:e3:73:1a:92:a0:32:1b:21:d8:f4:39:44:3b:
a7:ec:42:96:04:d3:ff:50:5e:f1:42:a2:86:69:4d:
d1:ce:cc:96:17:20:f2:49:eb:77:7a:60:b6:8a:55:
81:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:01:89:08:62:73:CF:9A:1B:8B:A2:BB:B5:EB:30:54:D1:DD:A8:8A
X509v3 Authority Key Identifier:
keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/0wGJCGJzz5obi6K7teswVNHdqIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.43.0/24
Signature Algorithm: sha256WithRSAEncryption
36:3c:bd:d2:18:a4:bf:ef:87:b5:83:5c:f4:6a:b2:67:88:9c:
97:16:43:31:db:b6:21:1b:6c:44:17:cd:9c:d6:04:bf:b1:7a:
ab:6d:48:aa:6f:61:f4:39:f5:13:71:1d:e9:e1:a2:b8:14:70:
46:3a:e2:36:99:14:f7:24:c8:57:2a:9b:2a:20:2d:42:27:9c:
6b:70:9c:33:fb:2a:13:c4:72:fc:5f:0d:02:bf:bb:ed:24:16:
c9:f0:01:bd:58:e7:f0:b6:c7:54:14:ab:99:c4:47:1f:6e:0a:
79:05:4f:84:0f:69:01:0c:1f:f8:69:f6:b9:6c:ee:fa:08:52:
ad:da:c6:e5:be:e8:7d:52:0a:0b:a3:36:ce:10:56:e2:13:c6:
4a:62:4e:ac:19:fe:4c:1d:fd:f9:d2:58:c0:09:36:97:95:06:
19:0f:a0:99:13:d1:cf:5a:0c:96:90:64:e7:83:9b:77:ef:02:
ff:59:a7:67:33:d5:58:63:8e:43:24:64:9b:10:88:71:89:4a:
eb:8a:ef:9f:17:10:f8:29:d6:cd:53:3e:d2:17:1c:af:b9:38:
a2:52:2b:09:17:b2:3f:a7:02:6c:c5:4b:f8:f4:9f:86:55:36:
3b:23:be:55:2b:e0:b0:4f:c5:95:dd:89:a6:d1:cd:25:85:64:
97:e8:c9:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwoNvua0avPvWHd4xnEFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1N2EyYzc0YWY1YTQ0ZDlhYWU0N2EwYjg5NDI1ZmE0Zjdm
YzdjMTkwHhcNMjMwMTAxMjM1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzAxODkwODYyNzNjZjlhMWI4YmEyYmJiNWViMzA1NGQxZGRhODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/nrVAE33hmazeiYwJjh5pR5kjHd
1uP705t+YMr7XajREDgz+QNGjgpzGqS7ExeOcWrklKvEU9vOpBDq3G58X9l+fx8D
MSbJ/XT9GppxgjbTdhECp0/3Tjua+8v0ceYDneI4NvRCV5p9+2uomWc2uOXetjSx
jLnyJbqX3rMBKVRzosBYg1w1ZBKAayeRMWQlJOfV+YgOH5qskhqWwC1Ct3rTUK2z
2W+REwnh1E5OB0KwH23yanEwtRNkLqfZa3yU+ACwwPv7aYUxNuTG7BSjX/YAe+Nz
GpKgMhsh2PQ5RDun7EKWBNP/UF7xQqKGaU3RzsyWFyDySet3emC2ilWBkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMBiQhic8+aG4uiu7XrMFTR3aiKMB8GA1UdIwQY
MBaAFIV6LHSvWkTZquR6C4lCX6T3/HwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQt
ODM2YWM5N2MwMWJiLzEvMHdHSkNHSnp6NW9iaTZLN3Rlc3dWTkhkcUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQtODM2YWM5N2MwMWJi
LzEvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudYrMA0G
CSqGSIb3DQEBCwUAA4IBAQA2PL3SGKS/74e1g1z0arJniJyXFkMx27YhG2xEF82c
1gS/sXqrbUiqb2H0OfUTcR3p4aK4FHBGOuI2mRT3JMhXKpsqIC1CJ5xrcJwz+yoT
xHL8Xw0Cv7vtJBbJ8AG9WOfwtsdUFKuZxEcfbgp5BU+ED2kBDB/4afa5bO76CFKt
2sblvuh9UgoLozbOEFbiE8ZKYk6sGf5MHf350ljACTaXlQYZD6CZE9HPWgyWkGTn
g5t37wL/WadnM9VYY45DJGSbEIhxiUrriu+fFxD4KdbNUz7SFxyvuTiiUisJF7I/
pwJsxUv49J+GVTY7I75VK+CwT8WV3Ymm0c0lhWSX6MmW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:33 2024 by rpki-client on console-fra.rpki-client.org