Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/vS1qT1PqPguAEmENub2o4vPIcJs.roa
File: vS1qT1PqPguAEmENub2o4vPIcJs.roa (raw, json)
Hash identifier: wBzJRhTRSfd63bzIDVMCHXDxxOMHwP0h/nyF+UMKfCA=
Subject key identifier: BD:2D:6A:4F:53:EA:3E:0B:80:12:61:0D:B9:BD:A8:E2:F3:C8:70:9B
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 0185737180FC6A19B79F20AD130519B43F78
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/vS1qT1PqPguAEmENub2o4vPIcJs.roa
Signing time: Mon 02 Jan 2023 17:04:56 +0000
ROA not before: Mon 02 Jan 2023 17:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.230.0/25 maxlen: 25
185.1.230.128/25 maxlen: 25
212.237.192.0/24 maxlen: 24
212.237.193.0/24 maxlen: 24
195.69.118.0/24 maxlen: 24
195.69.117.0/24 maxlen: 24
195.69.116.0/24 maxlen: 24
195.69.119.0/24 maxlen: 24
195.245.240.0/24 maxlen: 24
2001:7f8:122::/49 maxlen: 49
2001:7f8:122:8000::/49 maxlen: 49
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:80:fc:6a:19:b7:9f:20:ad:13:05:19:b4:3f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 2 17:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd2d6a4f53ea3e0b8012610db9bda8e2f3c8709b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:03:2f:46:95:9f:a0:50:f2:b9:07:73:34:
13:6f:f8:cb:b7:99:18:13:6e:11:f4:25:9b:e2:53:
e4:84:11:cf:a2:7c:e1:bd:ac:c2:0e:60:b4:1a:12:
02:33:2e:7f:96:5f:3b:ce:1d:be:c0:f6:d1:e9:64:
84:4b:07:ad:52:0c:9c:a3:1b:48:a1:82:55:7f:98:
86:7d:cd:8c:09:d5:69:29:34:dd:fd:de:da:f1:0e:
fb:72:fa:ce:1d:66:dd:47:71:5d:bd:c3:9b:ca:ed:
77:74:b2:65:08:f9:8c:12:15:8f:a0:ce:dc:1d:cc:
f4:6a:be:df:1d:c2:7b:13:9a:e4:a5:76:8a:99:ba:
d4:53:90:20:ce:50:30:0d:18:e4:9b:15:ab:77:3b:
9c:ec:6e:6c:d7:6b:e2:cb:4f:0f:d1:8e:0f:49:b6:
bf:66:49:d0:26:47:4f:96:bd:3c:01:46:6d:12:1f:
39:25:40:fd:7a:91:33:15:79:e9:64:8f:b9:13:12:
15:a5:72:bb:02:32:0a:6e:58:29:88:77:dc:49:1e:
3e:43:4c:6e:bc:bf:ff:8d:02:b7:1d:e9:b8:1a:c9:
1d:5f:27:f4:41:17:89:52:2d:c0:9c:9e:a4:9c:09:
c3:ce:98:b5:cb:50:08:d2:eb:e2:c2:ba:7d:5b:91:
82:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2D:6A:4F:53:EA:3E:0B:80:12:61:0D:B9:BD:A8:E2:F3:C8:70:9B
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/vS1qT1PqPguAEmENub2o4vPIcJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.230.0/24
195.69.116.0/22
195.245.240.0/24
212.237.192.0/23
IPv6:
2001:7f8:122::/48
Signature Algorithm: sha256WithRSAEncryption
32:69:c0:73:b0:26:f3:32:56:45:38:c0:08:e4:a8:5a:08:b0:
09:82:e4:c1:a6:6c:11:0d:c6:0b:7c:83:e7:97:a7:3d:43:99:
50:bb:6a:4a:74:b6:6e:12:ab:22:c7:7f:8a:29:78:44:da:82:
4b:a2:c6:65:14:ef:fb:06:09:95:71:1d:ae:94:62:fc:35:02:
a6:1f:d7:69:c9:ee:d7:cb:80:97:0b:b6:f7:45:19:19:ab:de:
69:b7:9c:a3:08:25:88:da:30:9c:eb:cf:1e:70:e6:45:34:b9:
da:98:ab:cf:65:ca:04:03:f0:b9:34:e5:96:d8:b9:60:76:96:
c9:73:78:c5:7c:3b:9d:6e:a7:39:94:86:61:33:6a:2f:d8:ae:
0f:e6:7e:a2:06:d0:91:fd:38:3d:86:3f:54:05:ad:a1:51:8a:
fa:9e:09:f9:dc:4e:4b:ca:dc:27:06:55:89:fe:24:c3:9d:6b:
a9:34:53:27:9a:ee:be:b1:63:75:5b:c9:36:e3:e5:1f:9b:12:
00:0b:eb:dc:4e:28:d7:00:61:40:a9:af:2c:70:4c:7f:54:58:
05:3c:ed:35:5e:36:f2:c5:91:2f:7a:1a:d0:f1:7e:be:a1:89:
0d:ab:c8:b3:d7:0e:69:be:7a:29:80:3c:ab:38:2f:31:1f:e6:
0b:70:b1:0b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVzcYD8ahm3nyCtEwUZtD94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjMwMTAyMTcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJkNmE0ZjUzZWEzZTBiODAxMjYxMGRiOWJkYThlMmYzYzg3MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdADL0aVn6BQ8rkHczQTb/jLt5kY
E24R9CWb4lPkhBHPonzhvazCDmC0GhICMy5/ll87zh2+wPbR6WSESwetUgycoxtI
oYJVf5iGfc2MCdVpKTTd/d7a8Q77cvrOHWbdR3FdvcObyu13dLJlCPmMEhWPoM7c
Hcz0ar7fHcJ7E5rkpXaKmbrUU5AgzlAwDRjkmxWrdzuc7G5s12viy08P0Y4PSba/
ZknQJkdPlr08AUZtEh85JUD9epEzFXnpZI+5ExIVpXK7AjIKblgpiHfcSR4+Q0xu
vL//jQK3Hem4GskdXyf0QReJUi3AnJ6knAnDzpi1y1AI0uviwrp9W5GCCwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFL0tak9T6j4LgBJhDbm9qOLzyHCbMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvdlMxcVQxUHFQZ3VBRW1FTnViMm80dlBJY0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAuQHmAwQC
w0V0AwQAw/XwAwQB1O3AMA8EAgACMAkDBwAgAQf4ASIwDQYJKoZIhvcNAQELBQAD
ggEBADJpwHOwJvMyVkU4wAjkqFoIsAmC5MGmbBENxgt8g+eXpz1DmVC7akp0tm4S
qyLHf4opeETagkuixmUU7/sGCZVxHa6UYvw1AqYf12nJ7tfLgJcLtvdFGRmr3mm3
nKMIJYjaMJzrzx5w5kU0udqYq89lygQD8Lk05ZbYuWB2lslzeMV8O51upzmUhmEz
ai/Yrg/mfqIG0JH9OD2GP1QFraFRivqeCfncTkvK3CcGVYn+JMOda6k0Uyea7r6x
Y3VbyTbj5R+bEgAL69xOKNcAYUCpryxwTH9UWAU87TVeNvLFkS96GtDxfr6hiQ2r
yLPXDmm+eimAPKs4LzEf5gtwsQs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:40 2023 by rpki-client on console-ams.rpki-client.org