Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4043b0-a30a-4147-8ef1-482548f52da6/1/B-qC6IwtleNytjWgytDSusdMK3M.roa
File: B-qC6IwtleNytjWgytDSusdMK3M.roa (raw, json)
Hash identifier: /LEwDM1xTKuNqHID2cRaVR1yN/Lu4W5A1f2n+EjZF6g=
Subject key identifier: 07:EA:82:E8:8C:2D:95:E3:72:B6:35:A0:CA:D0:D2:BA:C7:4C:2B:73
Certificate issuer: /CN=ac8bfa86618abd7fab5953f7b565fcb6e4b46851
Certificate serial: 01856F670BC4F1FEFE77E40DE218247F2C29
Authority key identifier: AC:8B:FA:86:61:8A:BD:7F:AB:59:53:F7:B5:65:FC:B6:E4:B4:68:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIv6hmGKvX-rWVP3tWX8tuS0aFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4043b0-a30a-4147-8ef1-482548f52da6/1/B-qC6IwtleNytjWgytDSusdMK3M.roa
Signing time: Sun 01 Jan 2023 22:15:02 +0000
ROA not before: Sun 01 Jan 2023 22:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202105
IP address blocks: 185.206.31.0/24 maxlen: 24
185.206.28.0/24 maxlen: 24
185.206.29.0/24 maxlen: 24
185.206.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:0b:c4:f1:fe:fe:77:e4:0d:e2:18:24:7f:2c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8bfa86618abd7fab5953f7b565fcb6e4b46851
Validity
Not Before: Jan 1 22:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07ea82e88c2d95e372b635a0cad0d2bac74c2b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:01:6b:86:fe:92:43:63:6c:42:59:c1:34:96:
2e:97:65:35:8e:2e:5f:4b:c8:3e:7d:84:54:ee:48:
55:9e:30:b3:fa:f4:7f:36:30:a0:ca:8a:12:2a:00:
d8:09:33:92:06:61:15:e8:ad:62:0e:d2:26:05:fb:
17:cb:62:1b:4b:48:3c:d1:dc:3d:15:0b:39:1b:a3:
e5:f6:53:01:87:67:5d:53:13:0c:15:52:54:29:07:
74:62:d4:82:bb:ba:9e:19:be:5a:14:4a:68:63:29:
9e:59:bf:22:12:7d:29:c4:8f:f9:83:a5:f8:f1:20:
98:ec:b3:1d:4b:c4:e6:74:de:3b:0c:79:bb:40:fa:
5f:5f:97:a6:03:14:22:dc:2d:ad:84:a4:60:d6:8e:
55:05:b0:9f:d2:7c:50:65:37:59:2b:aa:fc:46:68:
a3:5e:58:fe:95:d3:b5:88:97:a2:e0:ee:a1:9f:18:
f8:6c:4f:e9:42:d5:5e:0c:43:57:70:e1:61:24:94:
cd:86:a3:cf:dd:24:e1:cb:dc:a9:70:df:f6:6f:64:
5a:40:d5:d7:30:66:c3:9e:04:5c:36:b7:27:9a:93:
b0:dd:52:51:59:2b:76:79:07:f5:e6:02:e9:54:36:
16:e2:b6:4f:95:da:35:7c:13:da:3b:d8:12:79:e3:
31:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:EA:82:E8:8C:2D:95:E3:72:B6:35:A0:CA:D0:D2:BA:C7:4C:2B:73
X509v3 Authority Key Identifier:
keyid:AC:8B:FA:86:61:8A:BD:7F:AB:59:53:F7:B5:65:FC:B6:E4:B4:68:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIv6hmGKvX-rWVP3tWX8tuS0aFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4043b0-a30a-4147-8ef1-482548f52da6/1/B-qC6IwtleNytjWgytDSusdMK3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4043b0-a30a-4147-8ef1-482548f52da6/1/rIv6hmGKvX-rWVP3tWX8tuS0aFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.28.0/22
Signature Algorithm: sha256WithRSAEncryption
58:40:27:70:18:47:c1:7e:de:03:55:f7:33:93:10:7f:1a:a5:
ce:f2:2d:91:6f:1e:6f:ad:6b:69:2a:40:19:66:27:3c:4d:81:
6b:3d:ad:d1:41:b1:33:93:9a:5b:8e:73:fb:27:48:a2:01:bf:
3e:e7:95:27:3e:be:94:9b:72:e9:18:ab:0f:88:a8:7d:9a:1d:
dc:7c:7d:cd:fc:0e:2c:68:d0:06:8f:9c:4f:ad:d4:dc:7a:97:
2f:21:f1:ab:38:fa:0d:73:59:6a:d4:35:25:26:00:18:bb:ba:
18:2a:3e:99:f3:90:5d:07:b2:90:08:b2:2e:3d:6d:25:ad:2f:
99:0b:4b:43:41:74:6a:4f:da:32:02:d8:c9:84:d2:5f:b0:62:
92:c2:5e:ca:08:47:7a:92:6e:87:24:6f:b8:b6:7f:a5:3b:35:
8f:c6:ae:d7:ca:18:c6:94:e1:4c:ad:6b:b2:c6:75:2a:1a:3e:
05:e6:7b:7e:ac:22:e6:82:ed:38:16:cd:31:e7:ce:3f:69:88:
d9:a2:3e:35:f8:3c:6d:6a:01:38:71:74:da:58:0e:c0:2a:8f:
cd:07:09:ef:51:f8:52:26:f8:ab:e3:d0:73:d8:c4:49:1b:75:
ce:4d:ed:75:92:d6:96:c1:a0:57:29:fd:7f:ea:d6:6a:2a:ad:
59:f0:5e:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZwvE8f7+d+QN4hgkfywpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGJmYTg2NjE4YWJkN2ZhYjU5NTNmN2I1NjVmY2I2ZTRi
NDY4NTEwHhcNMjMwMTAxMjIxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2VhODJlODhjMmQ5NWUzNzJiNjM1YTBjYWQwZDJiYWM3NGMyYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwFrhv6SQ2NsQlnBNJYul2U1ji5f
S8g+fYRU7khVnjCz+vR/NjCgyooSKgDYCTOSBmEV6K1iDtImBfsXy2IbS0g80dw9
FQs5G6Pl9lMBh2ddUxMMFVJUKQd0YtSCu7qeGb5aFEpoYymeWb8iEn0pxI/5g6X4
8SCY7LMdS8TmdN47DHm7QPpfX5emAxQi3C2thKRg1o5VBbCf0nxQZTdZK6r8Rmij
Xlj+ldO1iJei4O6hnxj4bE/pQtVeDENXcOFhJJTNhqPP3SThy9ypcN/2b2RaQNXX
MGbDngRcNrcnmpOw3VJRWSt2eQf15gLpVDYW4rZPldo1fBPaO9gSeeMxPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfqguiMLZXjcrY1oMrQ0rrHTCtzMB8GA1UdIwQY
MBaAFKyL+oZhir1/q1lT97Vl/LbktGhRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckl2NmhtR0t2WC1yV1ZQM3RXWDh0dVMwYUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MDQzYjAtYTMwYS00MTQ3LThlZjEt
NDgyNTQ4ZjUyZGE2LzEvQi1xQzZJd3RsZU55dGpXZ3l0RFN1c2RNSzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MDQzYjAtYTMwYS00MTQ3LThlZjEtNDgyNTQ4ZjUyZGE2
LzEvckl2NmhtR0t2WC1yV1ZQM3RXWDh0dVMwYUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc4cMA0G
CSqGSIb3DQEBCwUAA4IBAQBYQCdwGEfBft4DVfczkxB/GqXO8i2Rbx5vrWtpKkAZ
Zic8TYFrPa3RQbEzk5pbjnP7J0iiAb8+55UnPr6Um3LpGKsPiKh9mh3cfH3N/A4s
aNAGj5xPrdTcepcvIfGrOPoNc1lq1DUlJgAYu7oYKj6Z85BdB7KQCLIuPW0lrS+Z
C0tDQXRqT9oyAtjJhNJfsGKSwl7KCEd6km6HJG+4tn+lOzWPxq7XyhjGlOFMrWuy
xnUqGj4F5nt+rCLmgu04Fs0x584/aYjZoj41+DxtagE4cXTaWA7AKo/NBwnvUfhS
Jvir49Bz2MRJG3XOTe11ktaWwaBXKf1/6tZqKq1Z8F6Y
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:52 2024 by rpki-client on console-fra.rpki-client.org