Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/r1P_HOOqpPqD9B4bPYc10CZEW4o.roa
File: r1P_HOOqpPqD9B4bPYc10CZEW4o.roa (raw, json)
Hash identifier: dksGpGifXoUeCGb1mn5ueT0H8Zf9BYqAM5LYDs+rqyk=
Subject key identifier: AF:53:FF:1C:E3:AA:A4:FA:83:F4:1E:1B:3D:87:35:D0:26:44:5B:8A
Certificate issuer: /CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Certificate serial: 01857155543A8B93A251CAEEFBEB60337386
Authority key identifier: D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/r1P_HOOqpPqD9B4bPYc10CZEW4o.roa
Signing time: Mon 02 Jan 2023 07:14:55 +0000
ROA not before: Mon 02 Jan 2023 07:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198551
IP address blocks: 185.238.36.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:54:3a:8b:93:a2:51:ca:ee:fb:eb:60:33:73:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Validity
Not Before: Jan 2 07:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af53ff1ce3aaa4fa83f41e1b3d8735d026445b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ac:b5:c2:ca:76:61:cc:30:d3:71:52:98:0b:
77:bf:46:87:6b:c1:03:e6:87:2d:a4:28:45:36:e9:
33:e1:01:8c:95:31:0c:5d:fe:2c:48:47:b8:37:19:
d6:a0:56:5f:67:79:ac:16:c8:b0:a6:1a:a3:5d:ea:
e2:8b:6f:0d:1f:2a:64:e6:82:41:51:4d:71:87:3b:
3c:b6:a6:e1:fa:ec:f4:eb:da:ba:84:f6:a7:54:dd:
9c:44:a2:23:f8:e0:b4:78:72:79:5f:b2:e8:34:3e:
d3:03:d7:8a:7d:c8:c1:10:a5:f2:60:2f:f1:7d:70:
f2:76:08:ee:e6:d6:d5:86:6e:45:f2:98:6f:64:79:
00:d3:5d:ed:51:06:be:f9:a8:b6:4a:ae:28:a9:e9:
27:4c:ff:d3:38:d1:e5:bd:8a:bc:d6:61:94:42:e5:
dd:61:9c:44:0e:da:43:38:e4:49:18:5d:6f:ca:18:
b9:9b:dd:40:4a:ce:1f:7a:4a:be:84:91:87:8e:16:
fe:70:cf:fb:a3:6a:0b:38:3c:45:67:ee:25:1b:ac:
c4:0c:61:66:4a:c5:ad:3a:db:81:09:d7:45:43:37:
00:a3:07:99:6c:9d:6e:47:5f:e4:3f:76:59:b3:fd:
02:7d:fe:b4:4a:93:a2:6f:38:bb:a2:01:e6:43:90:
e4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:53:FF:1C:E3:AA:A4:FA:83:F4:1E:1B:3D:87:35:D0:26:44:5B:8A
X509v3 Authority Key Identifier:
keyid:D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/r1P_HOOqpPqD9B4bPYc10CZEW4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.36.0/22
Signature Algorithm: sha256WithRSAEncryption
99:13:81:a3:4b:e6:0a:3c:bc:84:2b:c3:84:c5:54:32:f2:80:
80:ec:2a:fb:a1:55:32:5e:0e:a1:7f:85:0c:37:f1:cf:b6:8a:
a4:91:0a:59:ca:58:b0:c3:a1:2e:74:75:ec:58:28:ab:1c:bd:
0c:61:80:39:3e:fe:51:cc:e8:d2:53:6b:12:0d:1c:97:91:87:
e7:66:5c:27:4c:4b:f7:e4:5d:2d:f7:d1:b7:ff:df:1b:c5:8a:
73:fe:ad:81:d1:1b:70:dc:d3:85:c0:da:18:d2:1e:eb:8f:34:
35:a9:79:e8:08:92:18:bd:ef:10:5f:a8:b8:03:20:b3:5a:37:
d2:17:27:98:09:45:a8:6e:4d:90:cc:e5:7d:7c:5c:11:92:8d:
01:35:47:5b:1e:70:f1:8a:3d:c2:39:bc:08:b7:c4:cb:be:cc:
4d:1a:ea:c0:b7:c8:da:af:51:e5:4b:2f:f4:52:24:c2:e3:da:
52:f8:2a:d6:1e:50:79:94:92:5b:27:25:08:61:4c:eb:dd:0e:
a8:fd:1a:65:b4:34:fe:23:25:61:b8:6b:00:bf:fe:d8:a7:e0:
55:90:be:5d:3c:cc:53:6f:da:b2:3b:70:11:5d:54:8f:0e:67:
07:8c:61:44:6c:91:97:3f:3a:1f:f8:0f:eb:96:ee:77:e4:2a:
1d:b9:82:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVVQ6i5OiUcru++tgM3OGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZWUwMzg5Njg3ZGJkNDQ1ZGU2ZjkyMzljMWQwMmMzNzcw
Y2Y1NzQwHhcNMjMwMTAyMDcxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUzZmYxY2UzYWFhNGZhODNmNDFlMWIzZDg3MzVkMDI2NDQ1YjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKy1wsp2Ycww03FSmAt3v0aHa8ED
5octpChFNukz4QGMlTEMXf4sSEe4NxnWoFZfZ3msFsiwphqjXerii28NHypk5oJB
UU1xhzs8tqbh+uz069q6hPanVN2cRKIj+OC0eHJ5X7LoND7TA9eKfcjBEKXyYC/x
fXDydgju5tbVhm5F8phvZHkA013tUQa++ai2Sq4oqeknTP/TONHlvYq81mGUQuXd
YZxEDtpDOORJGF1vyhi5m91ASs4fekq+hJGHjhb+cM/7o2oLODxFZ+4lG6zEDGFm
SsWtOtuBCddFQzcAoweZbJ1uR1/kP3ZZs/0Cff60SpOibzi7ogHmQ5DkOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9T/xzjqqT6g/QeGz2HNdAmRFuKMB8GA1UdIwQY
MBaAFNDuA4lofb1EXeb5I5wdAsN3DPV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMTE0MTctNmFiYy00YzBkLThhZmEt
MWEyOWE0NDhkMzA5LzEvcjFQX0hPT3FwUHFEOUI0YlBZYzEwQ1pFVzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMTE0MTctNmFiYy00YzBkLThhZmEtMWEyOWE0NDhkMzA5
LzEvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue4kMA0G
CSqGSIb3DQEBCwUAA4IBAQCZE4GjS+YKPLyEK8OExVQy8oCA7Cr7oVUyXg6hf4UM
N/HPtoqkkQpZyliww6EudHXsWCirHL0MYYA5Pv5RzOjSU2sSDRyXkYfnZlwnTEv3
5F0t99G3/98bxYpz/q2B0Rtw3NOFwNoY0h7rjzQ1qXnoCJIYve8QX6i4AyCzWjfS
FyeYCUWobk2QzOV9fFwRko0BNUdbHnDxij3CObwIt8TLvsxNGurAt8jar1HlSy/0
UiTC49pS+CrWHlB5lJJbJyUIYUzr3Q6o/RpltDT+IyVhuGsAv/7Yp+BVkL5dPMxT
b9qyO3ARXVSPDmcHjGFEbJGXPzof+A/rlu535CoduYJ2
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:32 2024 by rpki-client on console-ams.rpki-client.org