Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/o41HuXk6gBh7RXQX1inbYCytNZs.roa
File: o41HuXk6gBh7RXQX1inbYCytNZs.roa (raw, json)
Hash identifier: 7ZE9GJgL5IdUjg3ZkVAxXu0BBeACQoz2JxxuRjqH6Ek=
Subject key identifier: A3:8D:47:B9:79:3A:80:18:7B:45:74:17:D6:29:DB:60:2C:AD:35:9B
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01856FCB91CC6ED0BA9A1E533D863C1B88BC
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/o41HuXk6gBh7RXQX1inbYCytNZs.roa
Signing time: Mon 02 Jan 2023 00:04:50 +0000
ROA not before: Mon 02 Jan 2023 00:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 185.199.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:91:cc:6e:d0:ba:9a:1e:53:3d:86:3c:1b:88:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 2 00:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a38d47b9793a80187b457417d629db602cad359b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:26:da:8d:fc:1e:fd:ef:cb:3f:a7:03:c8:09:
e4:cb:0c:0b:ec:1d:41:31:7e:e4:4d:dc:05:3f:b6:
8a:4d:bc:56:e9:a4:24:42:93:06:3f:8d:e0:09:e4:
3a:8a:c0:05:cc:6b:f1:ea:6d:07:20:c3:90:cd:ca:
51:89:ce:76:33:5a:a8:02:08:b0:b7:91:a2:87:51:
45:b6:06:63:b0:c2:77:b2:de:76:1c:b1:39:c3:da:
03:92:35:50:84:4e:52:41:21:77:4b:ab:83:ec:79:
12:f8:23:6b:8b:24:f8:85:84:38:80:42:02:e5:d5:
e4:be:c3:4b:c1:86:b0:26:f5:83:47:4e:b8:fe:4c:
7b:fd:37:dc:d1:cf:21:1c:5b:c9:a9:64:89:48:70:
8d:b8:50:67:ad:d2:dc:b7:d9:5f:32:52:dc:42:ea:
b4:93:de:1b:41:30:50:75:9c:e2:b0:a1:eb:32:ac:
f4:3b:6b:f5:49:fd:88:1a:17:ec:01:1f:24:21:39:
8c:13:11:3c:57:d6:63:49:f1:57:c9:f7:4d:dc:00:
8d:19:92:c4:b9:4e:12:28:7a:21:cf:1f:99:f4:e9:
32:44:63:e3:d8:1b:b6:93:64:0c:4b:54:05:cd:53:
87:18:fa:74:55:d8:3f:f0:74:f7:4a:54:a9:61:09:
03:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8D:47:B9:79:3A:80:18:7B:45:74:17:D6:29:DB:60:2C:AD:35:9B
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/o41HuXk6gBh7RXQX1inbYCytNZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.227.0/24
Signature Algorithm: sha256WithRSAEncryption
17:94:64:70:4f:6d:4e:9f:51:d6:2b:91:41:9a:9f:c4:2d:f6:
ae:47:a9:5b:a9:26:c7:01:76:8d:35:c2:bb:76:44:9e:82:30:
e3:c7:c3:0c:f1:4b:7d:3c:cc:9d:68:eb:f9:02:17:b1:fa:7a:
dd:bb:95:5b:4d:79:82:26:73:6e:ac:92:be:07:3b:88:90:a4:
35:5a:56:af:ed:46:a7:45:e4:80:e7:1d:40:37:05:65:c6:d8:
09:ae:fa:25:77:b8:35:d1:93:66:24:64:e6:d6:4b:fe:cf:ee:
9e:a7:a7:89:d5:26:aa:cd:5e:f9:eb:44:81:0e:b0:4e:b2:ed:
c4:88:3d:d4:89:24:85:97:77:73:c7:0d:28:81:a9:3c:cd:0d:
88:49:42:2b:5d:8e:48:3d:77:0f:8f:52:94:dd:d4:42:53:06:
d1:92:82:cf:a9:b9:0e:67:f2:63:4c:5e:cc:6e:2c:6a:db:d3:
19:32:c6:cd:af:96:88:8c:a0:e8:2b:c1:76:6b:23:e8:72:75:
18:73:72:d6:1c:b6:f0:58:f1:62:d2:77:cd:68:1d:b6:b3:e1:
ec:89:d3:dd:fd:bf:17:c2:fb:11:34:f7:2d:91:fd:4c:ab:a0:
26:ce:32:fb:2d:5c:68:b1:e6:81:b6:47:b0:37:0f:7b:9a:04:
d5:02:e2:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy5HMbtC6mh5TPYY8G4i8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwMTAyMDAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhkNDdiOTc5M2E4MDE4N2I0NTc0MTdkNjI5ZGI2MDJjYWQzNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSbajfwe/e/LP6cDyAnkywwL7B1B
MX7kTdwFP7aKTbxW6aQkQpMGP43gCeQ6isAFzGvx6m0HIMOQzcpRic52M1qoAgiw
t5Gih1FFtgZjsMJ3st52HLE5w9oDkjVQhE5SQSF3S6uD7HkS+CNriyT4hYQ4gEIC
5dXkvsNLwYawJvWDR064/kx7/Tfc0c8hHFvJqWSJSHCNuFBnrdLct9lfMlLcQuq0
k94bQTBQdZzisKHrMqz0O2v1Sf2IGhfsAR8kITmMExE8V9ZjSfFXyfdN3ACNGZLE
uU4SKHohzx+Z9OkyRGPj2Bu2k2QMS1QFzVOHGPp0Vdg/8HT3SlSpYQkDuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKONR7l5OoAYe0V0F9Yp22AsrTWbMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvbzQxSHVYazZnQmg3UlhRWDFpbmJZQ3l0TlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucfjMA0G
CSqGSIb3DQEBCwUAA4IBAQAXlGRwT21On1HWK5FBmp/ELfauR6lbqSbHAXaNNcK7
dkSegjDjx8MM8Ut9PMydaOv5Ahex+nrdu5VbTXmCJnNurJK+BzuIkKQ1Wlav7Uan
ReSA5x1ANwVlxtgJrvold7g10ZNmJGTm1kv+z+6ep6eJ1SaqzV7560SBDrBOsu3E
iD3UiSSFl3dzxw0ogak8zQ2ISUIrXY5IPXcPj1KU3dRCUwbRkoLPqbkOZ/JjTF7M
bixq29MZMsbNr5aIjKDoK8F2ayPocnUYc3LWHLbwWPFi0nfNaB22s+HsidPd/b8X
wvsRNPctkf1Mq6AmzjL7LVxoseaBtkewNw97mgTVAuKm
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:08 2024 by rpki-client on console-ams.rpki-client.org