Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/8aTMXdkgtM3lyo37WCHM-SglPp8.roa
File: 8aTMXdkgtM3lyo37WCHM-SglPp8.roa (raw, json)
Hash identifier: dv0oXStnjdj1+m5b+Uhxd5pe7mkYDzLa+CGH/gPW8D0=
Subject key identifier: F1:A4:CC:5D:D9:20:B4:CD:E5:CA:8D:FB:58:21:CC:F9:28:25:3E:9F
Certificate issuer: /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial: 01856D81D7F1C5E75F15DE42AE823EC9BED6
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/8aTMXdkgtM3lyo37WCHM-SglPp8.roa
Signing time: Sun 01 Jan 2023 13:25:03 +0000
ROA not before: Sun 01 Jan 2023 13:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58144
IP address blocks: 185.20.252.0/22 maxlen: 24
185.20.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:d7:f1:c5:e7:5f:15:de:42:ae:82:3e:c9:be:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Validity
Not Before: Jan 1 13:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1a4cc5dd920b4cde5ca8dfb5821ccf928253e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2b:1d:73:11:92:69:9f:2c:e9:b4:c4:97:c4:
0d:57:f1:c6:00:0d:8e:9e:86:2f:75:45:15:cb:08:
46:6d:48:a6:e2:86:c0:7e:20:18:30:4e:d0:9b:61:
d8:22:00:f8:88:c9:e1:3a:14:4e:cb:bd:99:a2:48:
0f:3a:66:20:42:ae:54:59:3c:78:00:48:74:5c:22:
dc:46:77:ea:b1:49:69:2e:ee:11:16:a4:8e:09:b7:
61:b6:6a:e0:78:43:87:42:97:c8:65:2c:a2:d3:70:
ef:44:4d:eb:7b:34:98:93:24:25:0c:e5:50:44:67:
51:d6:d7:67:25:e7:7a:bc:41:a8:10:8f:7d:aa:22:
e8:5a:9f:5e:a7:ea:04:58:9e:98:39:36:10:f0:47:
43:69:47:99:2d:26:aa:a3:b8:5f:e7:5a:6f:2a:2c:
fa:b0:f8:3f:5f:5a:55:db:ce:f2:39:99:7d:8b:0a:
01:e8:18:b8:90:0b:61:0c:d4:bc:7d:9d:4f:bc:46:
4d:ca:3d:20:cb:af:f9:40:30:d7:c2:5a:23:ba:2f:
33:72:18:2a:b1:ba:78:82:71:03:35:ef:34:c6:61:
0a:a1:c9:a9:84:1a:4e:93:ed:74:e1:ee:69:18:b6:
cc:c8:7e:7d:86:c6:af:f7:b8:09:2a:a5:12:c5:bd:
53:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A4:CC:5D:D9:20:B4:CD:E5:CA:8D:FB:58:21:CC:F9:28:25:3E:9F
X509v3 Authority Key Identifier:
keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/8aTMXdkgtM3lyo37WCHM-SglPp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:95:d5:3d:bf:d5:04:bb:da:32:69:be:bd:a6:f7:39:57:2d:
9c:61:a5:30:0e:47:18:85:57:cf:15:e6:b9:c4:15:17:18:07:
05:a1:8b:e0:12:6e:51:ba:e2:73:f5:07:9a:1d:ab:b6:56:eb:
01:d0:84:5d:f4:b5:d9:80:a2:10:34:36:e3:2c:23:eb:b8:b4:
bf:b4:b4:db:b9:61:77:5a:2a:b6:ae:4d:b0:32:10:64:de:01:
13:9d:ee:9b:63:50:e1:a5:c2:2c:1c:55:a2:2b:3a:8d:6c:10:
6a:a1:4a:f6:85:b9:26:28:1e:ee:e3:b4:cd:81:1c:b4:38:9d:
06:71:ac:c0:ae:13:63:32:31:8a:58:a8:54:0c:87:33:a7:f4:
a2:21:37:91:e0:ad:82:ce:8b:4a:d2:f3:56:eb:a1:92:0b:4d:
01:cb:ef:f8:e8:3d:ff:d5:ab:84:ce:59:39:85:04:c4:8d:c1:
75:8f:0f:6a:42:a6:f4:3f:26:79:5b:17:83:4f:58:37:73:5a:
6a:36:d8:89:8d:56:04:56:9c:d8:35:94:37:1b:ff:14:8c:22:
9e:f4:2f:5e:15:80:43:e6:f2:ba:b0:69:fa:c2:d9:cd:d4:9c:
d7:43:6b:7f:ea:cb:5b:46:98:49:fb:09:d1:66:8e:7e:cd:7d:
6e:20:5f:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgdfxxedfFd5CroI+yb7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjMwMTAxMTMyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWE0Y2M1ZGQ5MjBiNGNkZTVjYThkZmI1ODIxY2NmOTI4MjUzZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSsdcxGSaZ8s6bTEl8QNV/HGAA2O
noYvdUUVywhGbUim4obAfiAYME7Qm2HYIgD4iMnhOhROy72ZokgPOmYgQq5UWTx4
AEh0XCLcRnfqsUlpLu4RFqSOCbdhtmrgeEOHQpfIZSyi03DvRE3rezSYkyQlDOVQ
RGdR1tdnJed6vEGoEI99qiLoWp9ep+oEWJ6YOTYQ8EdDaUeZLSaqo7hf51pvKiz6
sPg/X1pV287yOZl9iwoB6Bi4kAthDNS8fZ1PvEZNyj0gy6/5QDDXwlojui8zchgq
sbp4gnEDNe80xmEKocmphBpOk+104e5pGLbMyH59hsav97gJKqUSxb1TZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGkzF3ZILTN5cqN+1ghzPkoJT6fMB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEvOGFUTVhka2d0TTNseW8zN1dDSE0tU2dsUHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRT8MA0G
CSqGSIb3DQEBCwUAA4IBAQBdldU9v9UEu9oyab69pvc5Vy2cYaUwDkcYhVfPFea5
xBUXGAcFoYvgEm5RuuJz9QeaHau2VusB0IRd9LXZgKIQNDbjLCPruLS/tLTbuWF3
Wiq2rk2wMhBk3gETne6bY1DhpcIsHFWiKzqNbBBqoUr2hbkmKB7u47TNgRy0OJ0G
cazArhNjMjGKWKhUDIczp/SiITeR4K2CzotK0vNW66GSC00By+/46D3/1auEzlk5
hQTEjcF1jw9qQqb0PyZ5WxeDT1g3c1pqNtiJjVYEVpzYNZQ3G/8UjCKe9C9eFYBD
5vK6sGn6wtnN1JzXQ2t/6stbRphJ+wnRZo5+zX1uIF8i
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:28 2024 by rpki-client on console-ams.rpki-client.org