Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ASJHjdUI-UXWyGVMS_0EqbxMh8o.roa
File: ASJHjdUI-UXWyGVMS_0EqbxMh8o.roa (raw, json)
Hash identifier: yog5drIaDLYfAnpZkREf2lZZhSi4OBVI23sfT9R7nM0=
Subject key identifier: 01:22:47:8D:D5:08:F9:45:D6:C8:65:4C:4B:FD:04:A9:BC:4C:87:CA
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F798ACF5E4996063C3589AA572689C7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ASJHjdUI-UXWyGVMS_0EqbxMh8o.roa
Signing time: Sun 01 Jan 2023 22:35:14 +0000
ROA not before: Sun 01 Jan 2023 22:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60781
IP address blocks: 185.51.192.0/24 maxlen: 24
2a01:b2e0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:8a:cf:5e:49:96:06:3c:35:89:aa:57:26:89:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0122478dd508f945d6c8654c4bfd04a9bc4c87ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e3:1d:b5:13:de:50:17:f5:1b:79:4f:a9:68:
31:89:89:e3:ab:6e:90:9a:11:c2:54:a6:86:ee:b5:
f5:98:20:bc:71:a9:ad:2a:9d:6b:95:63:1e:42:eb:
ab:d0:15:dc:5b:8f:43:fe:77:05:37:57:60:21:ce:
11:de:38:23:16:aa:f1:40:ac:25:63:6c:9c:a8:77:
b0:c1:6f:6d:56:45:68:df:e5:1a:f5:b6:13:ce:25:
fc:05:61:55:bd:c7:5e:58:89:30:3b:4e:fb:e6:dd:
26:02:fb:8a:b4:df:7d:2b:69:d6:6d:54:cf:c4:48:
09:ad:a9:99:d9:1f:1e:2b:51:53:c1:67:ae:05:be:
0d:96:d3:12:f2:1f:99:9a:b3:d4:b2:51:c0:97:46:
47:ee:1d:e1:a1:9d:fd:9b:67:47:71:ea:0a:4e:a4:
43:10:cd:c3:02:8c:1f:40:dd:cd:f0:9c:be:01:05:
66:8b:d5:cc:9e:43:3f:d4:a5:ef:11:d8:00:16:32:
9f:80:4e:d8:38:04:15:ae:89:22:29:df:6e:de:53:
b8:23:f4:8e:4d:cf:a9:b8:20:04:96:24:fe:4e:03:
74:76:bc:e9:1e:2e:41:a6:14:8a:92:d5:40:d1:b2:
e7:b9:29:bd:6b:ae:1d:9f:04:e7:5c:1e:ee:1f:f9:
53:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:22:47:8D:D5:08:F9:45:D6:C8:65:4C:4B:FD:04:A9:BC:4C:87:CA
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ASJHjdUI-UXWyGVMS_0EqbxMh8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.192.0/24
IPv6:
2a01:b2e0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:25:d2:a6:35:c2:82:84:80:7c:bb:4d:e5:29:8d:40:c6:82:
9a:9b:d2:98:5f:09:11:98:37:49:18:fe:51:35:60:f4:cf:62:
36:fe:f9:48:d7:cd:b1:d8:92:9c:90:8f:78:d4:8a:0b:48:d2:
f6:42:ff:ec:6b:2f:96:fe:5d:34:32:f5:d5:b3:00:ec:9b:a6:
96:7e:df:0d:ac:02:82:1d:20:0d:bd:60:54:82:b3:a0:a4:f0:
a5:0a:94:70:4c:82:76:35:91:e5:52:9f:d4:a3:4a:c0:6c:89:
27:49:98:19:b2:ad:d6:7b:99:d7:10:51:3a:93:ec:a2:15:e3:
63:10:cf:e0:71:2e:6f:7c:74:83:48:7e:7b:34:48:a6:ac:91:
d3:4e:54:19:ac:49:34:c0:4d:a7:18:56:12:9f:85:e1:1f:f0:
83:48:13:59:f9:b8:b3:4e:a2:14:cf:11:2c:7b:6b:26:dc:f9:
42:d9:e1:69:d3:89:16:86:e2:9e:4b:0d:16:1a:a8:5b:ff:b1:
d5:2d:a9:ab:9b:42:ce:ee:02:8e:d8:3c:eb:60:9d:a3:fd:a6:
53:9d:d2:ba:9a:7b:cc:31:d9:4b:8f:2f:08:71:74:37:10:7d:
43:0a:d9:be:95:a2:6e:8a:67:3b:ee:d6:50:c7:c3:7e:b4:0b:
7b:89:c3:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveYrPXkmWBjw1iapXJonHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTIyNDc4ZGQ1MDhmOTQ1ZDZjODY1NGM0YmZkMDRhOWJjNGM4N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+MdtRPeUBf1G3lPqWgxiYnjq26Q
mhHCVKaG7rX1mCC8camtKp1rlWMeQuur0BXcW49D/ncFN1dgIc4R3jgjFqrxQKwl
Y2ycqHewwW9tVkVo3+Ua9bYTziX8BWFVvcdeWIkwO0775t0mAvuKtN99K2nWbVTP
xEgJramZ2R8eK1FTwWeuBb4NltMS8h+ZmrPUslHAl0ZH7h3hoZ39m2dHceoKTqRD
EM3DAowfQN3N8Jy+AQVmi9XMnkM/1KXvEdgAFjKfgE7YOAQVrokiKd9u3lO4I/SO
Tc+puCAEliT+TgN0drzpHi5BphSKktVA0bLnuSm9a64dnwTnXB7uH/lTKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAEiR43VCPlF1shlTEv9BKm8TIfKMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQVNKSGpkVUktVVhXeUdWTVNfMEVxYnhNaDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTPAMA0E
AgACMAcDBQMqAbLgMA0GCSqGSIb3DQEBCwUAA4IBAQCNJdKmNcKChIB8u03lKY1A
xoKam9KYXwkRmDdJGP5RNWD0z2I2/vlI182x2JKckI941IoLSNL2Qv/say+W/l00
MvXVswDsm6aWft8NrAKCHSANvWBUgrOgpPClCpRwTIJ2NZHlUp/Uo0rAbIknSZgZ
sq3We5nXEFE6k+yiFeNjEM/gcS5vfHSDSH57NEimrJHTTlQZrEk0wE2nGFYSn4Xh
H/CDSBNZ+bizTqIUzxEse2sm3PlC2eFp04kWhuKeSw0WGqhb/7HVLamrm0LO7gKO
2DzrYJ2j/aZTndK6mnvMMdlLjy8IcXQ3EH1DCtm+laJuimc77tZQx8N+tAt7icNx
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:43 2024 by rpki-client on console-ams.rpki-client.org