Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d95b69-0d65-400b-9c66-51e8775b11ed/1/VRZr4bYNgaBmrO5Rh6QjPcUuuQo.roa
File: VRZr4bYNgaBmrO5Rh6QjPcUuuQo.roa (raw, json)
Hash identifier: nlNb2JAdAgop1cOKWkDvnyDbPEqbUaC7FUUCkZf+WxQ=
Subject key identifier: 55:16:6B:E1:B6:0D:81:A0:66:AC:EE:51:87:A4:23:3D:C5:2E:B9:0A
Certificate issuer: /CN=d9c480e61d6f75e4340d1518ee233a79259d9ea2
Certificate serial: 01856E144D67D3EC1A9854E3875992B649CD
Authority key identifier: D9:C4:80:E6:1D:6F:75:E4:34:0D:15:18:EE:23:3A:79:25:9D:9E:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2cSA5h1vdeQ0DRUY7iM6eSWdnqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d95b69-0d65-400b-9c66-51e8775b11ed/1/VRZr4bYNgaBmrO5Rh6QjPcUuuQo.roa
Signing time: Sun 01 Jan 2023 16:05:02 +0000
ROA not before: Sun 01 Jan 2023 16:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212880
IP address blocks: 185.43.29.0/24 maxlen: 24
2a0c:f100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:4d:67:d3:ec:1a:98:54:e3:87:59:92:b6:49:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9c480e61d6f75e4340d1518ee233a79259d9ea2
Validity
Not Before: Jan 1 16:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55166be1b60d81a066acee5187a4233dc52eb90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c7:40:cd:91:a9:85:57:23:01:c9:00:bd:ff:
f1:ef:ec:01:8a:ca:4d:04:71:0f:87:43:60:4c:17:
01:35:9e:4d:23:15:64:a5:ee:33:95:3f:66:5c:13:
71:55:fa:b0:88:58:0d:42:12:ab:fa:75:c0:7d:2f:
9f:1b:79:50:d3:77:d8:bc:38:89:5c:33:80:67:9f:
dd:80:d9:95:02:e0:98:63:c0:97:a8:85:b7:87:6f:
02:84:48:6e:5d:b2:a8:e6:cf:2a:61:b7:bf:25:8a:
6e:bc:8e:ad:0f:71:c1:c8:49:b7:56:82:dc:33:2d:
91:c8:19:2d:79:20:bb:81:11:a3:08:ae:1a:3d:0b:
ac:6b:48:e0:e1:3d:11:9e:ae:9c:ad:93:5d:f4:ee:
29:11:39:73:73:fc:34:2c:b2:8f:b3:16:42:b5:60:
e4:39:58:3c:94:ec:76:15:87:79:d7:19:ce:e9:6c:
39:22:13:7d:1e:93:93:2e:70:8c:a6:c6:9e:79:42:
6f:2a:6d:f5:40:56:69:ec:f8:04:dd:26:4c:45:67:
cf:52:78:b9:f6:ce:7f:d5:36:1b:ba:90:91:ec:f0:
a8:ca:2f:9c:f7:e4:85:a8:3f:df:a2:03:d1:55:d9:
c9:b0:2b:2c:4c:2d:a9:aa:2b:82:31:8b:51:9e:20:
50:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:16:6B:E1:B6:0D:81:A0:66:AC:EE:51:87:A4:23:3D:C5:2E:B9:0A
X509v3 Authority Key Identifier:
keyid:D9:C4:80:E6:1D:6F:75:E4:34:0D:15:18:EE:23:3A:79:25:9D:9E:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2cSA5h1vdeQ0DRUY7iM6eSWdnqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d95b69-0d65-400b-9c66-51e8775b11ed/1/VRZr4bYNgaBmrO5Rh6QjPcUuuQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d95b69-0d65-400b-9c66-51e8775b11ed/1/2cSA5h1vdeQ0DRUY7iM6eSWdnqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.29.0/24
IPv6:
2a0c:f100::/29
Signature Algorithm: sha256WithRSAEncryption
48:82:1c:6e:06:02:01:50:5d:7f:0a:b3:1c:a8:7d:d9:0b:ca:
e5:ff:85:19:10:08:78:6c:0c:a6:02:2d:3c:f7:4a:13:21:52:
de:d1:1d:84:44:d8:9a:b1:8f:d3:50:32:42:cd:b6:d0:f5:1c:
d1:40:bb:23:1c:7d:46:76:45:6d:43:91:0e:b4:60:1f:a5:ab:
49:42:39:8c:4b:a7:0e:55:fe:37:3f:71:e2:8e:d8:e4:fe:7d:
84:da:1c:35:56:34:94:99:43:4b:87:1f:87:1d:a6:de:41:b2:
19:36:3b:ae:91:b9:dc:a7:be:cc:b6:7d:3e:5e:5d:79:a3:2a:
78:bf:98:92:7e:78:c9:fa:99:07:08:6e:2a:00:e6:15:6b:23:
5e:5f:47:50:da:ce:5c:18:0e:b5:91:e1:89:6c:17:35:fa:b8:
f8:79:82:f6:05:26:b0:4c:90:91:51:d0:a6:6e:a1:21:b4:47:
a0:e0:56:77:0b:31:c7:32:1e:60:7a:46:9c:fb:1b:e5:8b:31:
89:2a:d1:9a:67:75:ce:4a:f8:bf:f3:40:4f:af:42:7e:79:3d:
29:a4:58:42:5b:ed:6e:3e:da:7d:28:0a:c7:bd:45:2d:7b:72:
93:c9:03:7a:7b:3c:55:85:63:0b:ab:77:fe:3c:05:e4:1c:68:
e7:2b:e8:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuFE1n0+wamFTjh1mStknNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YzQ4MGU2MWQ2Zjc1ZTQzNDBkMTUxOGVlMjMzYTc5MjU5
ZDllYTIwHhcNMjMwMTAxMTYwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTE2NmJlMWI2MGQ4MWEwNjZhY2VlNTE4N2E0MjMzZGM1MmViOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8dAzZGphVcjAckAvf/x7+wBispN
BHEPh0NgTBcBNZ5NIxVkpe4zlT9mXBNxVfqwiFgNQhKr+nXAfS+fG3lQ03fYvDiJ
XDOAZ5/dgNmVAuCYY8CXqIW3h28ChEhuXbKo5s8qYbe/JYpuvI6tD3HByEm3VoLc
My2RyBkteSC7gRGjCK4aPQusa0jg4T0Rnq6crZNd9O4pETlzc/w0LLKPsxZCtWDk
OVg8lOx2FYd51xnO6Ww5IhN9HpOTLnCMpsaeeUJvKm31QFZp7PgE3SZMRWfPUni5
9s5/1TYbupCR7PCoyi+c9+SFqD/fogPRVdnJsCssTC2pqiuCMYtRniBQ8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFUWa+G2DYGgZqzuUYekIz3FLrkKMB8GA1UdIwQY
MBaAFNnEgOYdb3XkNA0VGO4jOnklnZ6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNTQTVoMXZkZVEwRFJVWTdpTTZlU1dkbnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kOTViNjktMGQ2NS00MDBiLTljNjYt
NTFlODc3NWIxMWVkLzEvVlJacjRiWU5nYUJtck81Umg2UWpQY1V1dVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kOTViNjktMGQ2NS00MDBiLTljNjYtNTFlODc3NWIxMWVk
LzEvMmNTQTVoMXZkZVEwRFJVWTdpTTZlU1dkbnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSsdMA0E
AgACMAcDBQMqDPEAMA0GCSqGSIb3DQEBCwUAA4IBAQBIghxuBgIBUF1/CrMcqH3Z
C8rl/4UZEAh4bAymAi0890oTIVLe0R2ERNiasY/TUDJCzbbQ9RzRQLsjHH1GdkVt
Q5EOtGAfpatJQjmMS6cOVf43P3Hijtjk/n2E2hw1VjSUmUNLhx+HHabeQbIZNjuu
kbncp77Mtn0+Xl15oyp4v5iSfnjJ+pkHCG4qAOYVayNeX0dQ2s5cGA61keGJbBc1
+rj4eYL2BSawTJCRUdCmbqEhtEeg4FZ3CzHHMh5gekac+xvlizGJKtGaZ3XOSvi/
80BPr0J+eT0ppFhCW+1uPtp9KArHvUUte3KTyQN6ezxVhWMLq3f+PAXkHGjnK+j1
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:12 2024 by rpki-client on console-fra.rpki-client.org