Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/82ba9d-3882-47fd-91d5-4b7e5c5a9d4b/1/jAJddqLg7p3KVMokGePGWSsD9Ek.roa
File: jAJddqLg7p3KVMokGePGWSsD9Ek.roa (raw, json)
Hash identifier: lg5NDYKhJ5JcNjPQc0HQsj79dhJpU4dJxAG0BmXbZPM=
Subject key identifier: 8C:02:5D:76:A2:E0:EE:9D:CA:54:CA:24:19:E3:C6:59:2B:03:F4:49
Certificate issuer: /CN=c131d46561744a681016c8d6f9a61b9c17cb7f0f
Certificate serial: 0185720C616B7E433B90B59EE156EFC6A6D4
Authority key identifier: C1:31:D4:65:61:74:4A:68:10:16:C8:D6:F9:A6:1B:9C:17:CB:7F:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wTHUZWF0SmgQFsjW-aYbnBfLfw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/82ba9d-3882-47fd-91d5-4b7e5c5a9d4b/1/jAJddqLg7p3KVMokGePGWSsD9Ek.roa
Signing time: Mon 02 Jan 2023 10:34:51 +0000
ROA not before: Mon 02 Jan 2023 10:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210433
IP address blocks: 185.81.200.0/22 maxlen: 24
2a03:6260::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:61:6b:7e:43:3b:90:b5:9e:e1:56:ef:c6:a6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c131d46561744a681016c8d6f9a61b9c17cb7f0f
Validity
Not Before: Jan 2 10:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c025d76a2e0ee9dca54ca2419e3c6592b03f449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:86:6c:b0:3a:b6:22:7e:8b:38:2b:03:c6:85:
39:1c:56:9d:12:b6:e9:1e:c1:a8:8d:d0:33:c2:a0:
61:ad:d0:4d:16:f3:38:08:51:a9:30:bb:31:73:c1:
2f:76:8e:1b:8b:73:53:c3:ec:1c:c3:c0:a0:d3:36:
cc:34:ca:95:d3:20:3a:b0:53:44:53:d7:e1:f6:de:
6f:b5:26:f0:2b:4a:7a:af:4e:dc:9e:eb:7a:33:35:
86:f0:85:0e:4c:63:1b:1a:55:7e:04:84:a8:c4:f2:
98:d9:3a:91:e2:13:4d:32:b7:22:d5:23:1c:19:2a:
88:8e:95:91:3a:dd:70:ed:04:28:6c:63:b1:d4:c1:
77:17:53:42:25:02:2a:61:4d:50:3a:02:4e:9b:77:
f5:55:d2:5f:e3:0d:64:69:4f:0b:11:b0:22:32:f8:
34:e1:9e:da:7d:3b:9a:dc:df:49:90:35:24:4e:20:
65:d6:5e:d6:d8:53:9d:ee:49:9b:25:44:ba:85:51:
ea:8a:a1:8a:15:f5:88:3d:0f:7a:5a:89:f5:ad:00:
f7:49:40:6c:ac:7e:2c:d6:00:9a:dd:e0:ec:7a:fb:
04:aa:9e:04:ce:2b:d8:d5:ab:66:96:5c:1b:d2:1f:
73:d2:f9:b6:1d:3f:61:99:88:f3:2b:75:fe:84:ea:
3f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:02:5D:76:A2:E0:EE:9D:CA:54:CA:24:19:E3:C6:59:2B:03:F4:49
X509v3 Authority Key Identifier:
keyid:C1:31:D4:65:61:74:4A:68:10:16:C8:D6:F9:A6:1B:9C:17:CB:7F:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wTHUZWF0SmgQFsjW-aYbnBfLfw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/82ba9d-3882-47fd-91d5-4b7e5c5a9d4b/1/jAJddqLg7p3KVMokGePGWSsD9Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/82ba9d-3882-47fd-91d5-4b7e5c5a9d4b/1/wTHUZWF0SmgQFsjW-aYbnBfLfw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.200.0/22
IPv6:
2a03:6260::/32
Signature Algorithm: sha256WithRSAEncryption
4e:41:11:29:7f:59:e8:5b:2c:a8:aa:f5:22:b8:c1:3d:04:59:
99:32:ac:17:84:35:d7:00:dd:7d:da:7a:bd:97:e8:a1:1b:22:
cc:42:c9:19:8e:8b:01:f8:c4:eb:8e:4c:28:cf:79:ee:b3:09:
30:fa:92:b2:15:93:00:92:44:59:86:84:a8:5c:52:60:70:32:
1b:ac:41:86:39:16:4c:cb:2f:5a:51:a0:f1:92:7b:ac:59:ce:
55:70:6d:1b:b8:b1:d3:5a:8a:c0:ad:3e:ec:dd:13:85:5f:e8:
8d:7e:15:21:f9:31:7e:94:8a:e1:0c:3f:7a:da:5f:a0:20:1e:
ac:66:2b:43:6f:c9:f4:1e:9b:9c:6b:ee:e3:0c:df:83:1d:4e:
7e:a3:4f:66:1b:32:3e:45:9a:d3:a6:65:bf:6e:c7:fe:dd:fe:
ae:ac:52:f6:3f:c8:95:23:0a:9a:a3:07:1f:51:34:28:55:d8:
6d:a9:0b:11:57:9d:6c:89:19:2a:b3:9f:b3:23:85:96:99:a8:
a9:53:70:f8:0b:95:0e:a3:04:8c:dd:70:b5:29:a4:f2:05:cf:
82:4d:e8:2f:96:a8:dd:d0:93:73:80:e2:29:2d:81:b7:de:95:
7c:96:5a:1c:56:14:00:8b:6c:77:e0:82:e1:30:b3:9f:9b:db:
75:57:e2:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyDGFrfkM7kLWe4VbvxqbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMzFkNDY1NjE3NDRhNjgxMDE2YzhkNmY5YTYxYjljMTdj
YjdmMGYwHhcNMjMwMTAyMTAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzAyNWQ3NmEyZTBlZTlkY2E1NGNhMjQxOWUzYzY1OTJiMDNmNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIZssDq2In6LOCsDxoU5HFadErbp
HsGojdAzwqBhrdBNFvM4CFGpMLsxc8Evdo4bi3NTw+wcw8Cg0zbMNMqV0yA6sFNE
U9fh9t5vtSbwK0p6r07cnut6MzWG8IUOTGMbGlV+BISoxPKY2TqR4hNNMrci1SMc
GSqIjpWROt1w7QQobGOx1MF3F1NCJQIqYU1QOgJOm3f1VdJf4w1kaU8LEbAiMvg0
4Z7afTua3N9JkDUkTiBl1l7W2FOd7kmbJUS6hVHqiqGKFfWIPQ96Won1rQD3SUBs
rH4s1gCa3eDsevsEqp4EzivY1atmllwb0h9z0vm2HT9hmYjzK3X+hOo/yQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIwCXXai4O6dylTKJBnjxlkrA/RJMB8GA1UdIwQY
MBaAFMEx1GVhdEpoEBbI1vmmG5wXy38PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1RIVVpXRjBTbWdRRnNqVy1hWWJuQmZMZnc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84MmJhOWQtMzg4Mi00N2ZkLTkxZDUt
NGI3ZTVjNWE5ZDRiLzEvakFKZGRxTGc3cDNLVk1va0dlUEdXU3NEOUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi84MmJhOWQtMzg4Mi00N2ZkLTkxZDUtNGI3ZTVjNWE5ZDRi
LzEvd1RIVVpXRjBTbWdRRnNqVy1hWWJuQmZMZnc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVHIMA0E
AgACMAcDBQAqA2JgMA0GCSqGSIb3DQEBCwUAA4IBAQBOQREpf1noWyyoqvUiuME9
BFmZMqwXhDXXAN192nq9l+ihGyLMQskZjosB+MTrjkwoz3nuswkw+pKyFZMAkkRZ
hoSoXFJgcDIbrEGGORZMyy9aUaDxknusWc5VcG0buLHTWorArT7s3ROFX+iNfhUh
+TF+lIrhDD962l+gIB6sZitDb8n0Hpuca+7jDN+DHU5+o09mGzI+RZrTpmW/bsf+
3f6urFL2P8iVIwqaowcfUTQoVdhtqQsRV51siRkqs5+zI4WWmaipU3D4C5UOowSM
3XC1KaTyBc+CTegvlqjd0JNzgOIpLYG33pV8llocVhQAi2x34ILhMLOfm9t1V+Lr
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:27 2024 by rpki-client on console-fra.rpki-client.org