Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/tEpnqM5RgBflBwbDnAlZA3x5Zyc.roa
File: tEpnqM5RgBflBwbDnAlZA3x5Zyc.roa (raw, json)
Hash identifier: mAvGkLGbV1Bc6UjX7n7iD79Dy5ZkVQkAnZBn1sTO17U=
Subject key identifier: B4:4A:67:A8:CE:51:80:17:E5:07:06:C3:9C:09:59:03:7C:79:67:27
Certificate issuer: /CN=247405e9cee39d71944d5e3149eb01b61f9adb1e
Certificate serial: 01856F14B00744D8EC89F8410788BDA006F0
Authority key identifier: 24:74:05:E9:CE:E3:9D:71:94:4D:5E:31:49:EB:01:B6:1F:9A:DB:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/tEpnqM5RgBflBwbDnAlZA3x5Zyc.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.194.101.0/24 maxlen: 24
185.194.100.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:b0:07:44:d8:ec:89:f8:41:07:88:bd:a0:06:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=247405e9cee39d71944d5e3149eb01b61f9adb1e
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b44a67a8ce518017e50706c39c0959037c796727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b0:dd:ec:36:ff:de:a7:1b:51:ec:f3:2a:33:
5f:78:09:a8:6d:e2:0e:3a:c3:4f:9c:35:64:4f:56:
e4:b0:83:42:29:e7:e1:9f:cc:69:9e:0e:d7:71:d5:
2c:17:ca:37:f3:f0:bf:1e:39:9a:bd:57:4b:03:88:
a7:50:8e:d9:3d:d2:d8:6d:4e:82:bf:54:26:57:58:
28:5b:78:bd:69:a7:24:fb:ae:6a:61:8a:c8:d9:08:
03:c2:32:69:61:b3:39:7c:4d:47:e3:35:11:de:85:
fe:20:12:4b:ef:d7:4b:65:c5:aa:4b:33:75:22:11:
f1:21:a5:ef:de:d3:c0:5b:28:13:87:7e:bc:1c:30:
57:58:ff:f2:85:f3:d0:e5:ef:a6:e1:ed:31:68:84:
cd:be:03:ed:c0:1e:0f:00:56:a5:bd:94:6b:dc:04:
ca:86:39:5f:af:fe:99:50:f0:49:6f:87:e5:de:6b:
cd:46:d6:a5:49:5c:b2:56:43:7d:66:cc:8e:04:e6:
70:84:2f:69:f9:95:14:29:43:95:6d:60:66:40:4f:
09:c6:f5:38:22:e6:25:65:be:37:20:86:01:cb:3a:
58:4e:c2:3c:f6:58:60:3a:4a:e5:21:5e:0b:30:7e:
10:99:f6:61:3d:d8:b5:4d:c0:2f:88:ae:62:0a:66:
43:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4A:67:A8:CE:51:80:17:E5:07:06:C3:9C:09:59:03:7C:79:67:27
X509v3 Authority Key Identifier:
keyid:24:74:05:E9:CE:E3:9D:71:94:4D:5E:31:49:EB:01:B6:1F:9A:DB:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/tEpnqM5RgBflBwbDnAlZA3x5Zyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/JHQF6c7jnXGUTV4xSesBth-a2x4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.100.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:88:c0:54:83:3d:e4:7b:5a:ef:1f:4d:f3:00:c5:93:92:9a:
20:16:21:6d:2a:2f:01:fa:2d:d1:2f:bb:48:49:d0:48:f1:4d:
5f:7e:f4:0f:95:42:71:b1:db:3f:66:10:24:f6:b4:c3:0c:b8:
7c:a7:04:be:47:83:f3:7b:86:1f:c2:60:ce:af:67:88:d7:26:
fd:0c:61:75:ab:00:ec:b1:89:11:f4:f7:f5:65:b6:58:ad:f3:
52:87:4e:d2:ad:63:88:5d:1f:9e:5d:f1:a6:99:01:df:e0:9b:
89:ee:1d:1c:0a:af:d1:71:c5:fc:44:8b:9e:15:c2:04:aa:b5:
5d:0f:64:e1:cb:42:57:a4:3c:27:5f:75:0b:d1:45:75:15:1f:
b8:1a:53:08:67:2d:69:d9:c9:9d:54:d1:86:b5:2a:64:b6:84:
8b:3d:69:c6:91:05:9d:81:dc:1e:d6:83:19:6e:4b:ca:94:a0:
53:a1:0d:3f:bf:23:9d:07:c5:34:70:51:87:ac:68:b2:d4:5d:
30:6b:19:47:c2:92:47:44:5d:8f:7b:ce:52:a4:70:ab:59:fb:
66:34:c2:12:31:9e:7e:d4:3c:91:26:cf:12:63:6e:d5:14:ca:
06:79:06:10:41:1a:04:c4:3f:0b:fe:e5:21:3c:59:e1:5c:74:
7f:8f:d3:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFLAHRNjsifhBB4i9oAbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NzQwNWU5Y2VlMzlkNzE5NDRkNWUzMTQ5ZWIwMWI2MWY5
YWRiMWUwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDRhNjdhOGNlNTE4MDE3ZTUwNzA2YzM5YzA5NTkwMzdjNzk2NzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLDd7Db/3qcbUezzKjNfeAmobeIO
OsNPnDVkT1bksINCKefhn8xpng7XcdUsF8o38/C/HjmavVdLA4inUI7ZPdLYbU6C
v1QmV1goW3i9aack+65qYYrI2QgDwjJpYbM5fE1H4zUR3oX+IBJL79dLZcWqSzN1
IhHxIaXv3tPAWygTh368HDBXWP/yhfPQ5e+m4e0xaITNvgPtwB4PAFalvZRr3ATK
hjlfr/6ZUPBJb4fl3mvNRtalSVyyVkN9ZsyOBOZwhC9p+ZUUKUOVbWBmQE8JxvU4
IuYlZb43IIYByzpYTsI89lhgOkrlIV4LMH4QmfZhPdi1TcAviK5iCmZDMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRKZ6jOUYAX5QcGw5wJWQN8eWcnMB8GA1UdIwQY
MBaAFCR0BenO451xlE1eMUnrAbYfmtseMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkhRRjZjN2puWEdVVFY0eFNlc0J0aC1hMng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85YTNhOTgtZDY3MC00MzQzLTkyMDYt
NDdiYmFjYTA3OGZmLzEvdEVwbnFNNVJnQmZsQndiRG5BbFpBM3g1WnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC85YTNhOTgtZDY3MC00MzQzLTkyMDYtNDdiYmFjYTA3OGZm
LzEvSkhRRjZjN2puWEdVVFY0eFNlc0J0aC1hMng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucJkMA0G
CSqGSIb3DQEBCwUAA4IBAQAeiMBUgz3ke1rvH03zAMWTkpogFiFtKi8B+i3RL7tI
SdBI8U1ffvQPlUJxsds/ZhAk9rTDDLh8pwS+R4Pze4YfwmDOr2eI1yb9DGF1qwDs
sYkR9Pf1ZbZYrfNSh07SrWOIXR+eXfGmmQHf4JuJ7h0cCq/RccX8RIueFcIEqrVd
D2Thy0JXpDwnX3UL0UV1FR+4GlMIZy1p2cmdVNGGtSpktoSLPWnGkQWdgdwe1oMZ
bkvKlKBToQ0/vyOdB8U0cFGHrGiy1F0waxlHwpJHRF2Pe85SpHCrWftmNMISMZ5+
1DyRJs8SY27VFMoGeQYQQRoExD8L/uUhPFnhXHR/j9PV
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:11 2024 by rpki-client on console-ams.rpki-client.org