Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/RjIsH72cAlDvOPQTxs-yXY_ovc0.roa
File: RjIsH72cAlDvOPQTxs-yXY_ovc0.roa (raw, json)
Hash identifier: +62RgLWkYnlisUc5RepysVOOqW5dKT20+Aw8oCeA1GM=
Subject key identifier: 46:32:2C:1F:BD:9C:02:50:EF:38:F4:13:C6:CF:B2:5D:8F:E8:BD:CD
Certificate issuer: /CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Certificate serial: 0188434A06C301B264110E482C5DE5CF8AF7
Authority key identifier: 31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/RjIsH72cAlDvOPQTxs-yXY_ovc0.roa
Signing time: Mon 22 May 2023 11:48:24 +0000
ROA not before: Mon 22 May 2023 11:48:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211656
IP address blocks: 185.165.228.0/22 maxlen: 24
185.117.252.0/22 maxlen: 24
62.112.24.0/22 maxlen: 24
2a10:ad40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:4a:06:c3:01:b2:64:11:0e:48:2c:5d:e5:cf:8a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Validity
Not Before: May 22 11:48:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46322c1fbd9c0250ef38f413c6cfb25d8fe8bdcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:70:2c:95:87:03:f5:3e:0f:87:a3:d8:52:f1:
66:7d:21:77:53:a9:e3:be:42:06:91:a8:5b:f9:07:
aa:59:9d:25:8a:c3:f1:ab:ad:b0:f6:48:49:ad:8c:
f8:38:67:53:d8:2f:a7:e0:78:db:13:b5:75:de:eb:
a7:3f:70:c4:b2:aa:c8:1f:f5:56:61:74:fc:dc:b8:
a7:40:dd:4b:1b:cb:20:81:a2:db:35:2f:c8:b9:08:
87:96:70:e0:9c:ef:b4:09:b6:8d:e3:84:96:78:0b:
79:23:49:ed:cd:55:10:36:80:da:79:97:8a:2a:35:
3a:ce:7d:e0:30:a9:af:9c:0f:35:a1:14:65:54:68:
d3:d6:df:20:88:f9:8c:69:a7:ec:11:18:15:58:63:
8c:2d:a5:d4:87:b3:76:17:23:a1:af:b5:b9:2d:b0:
bc:35:9a:15:45:b8:36:66:86:48:95:88:d0:6c:c4:
90:78:bf:da:0b:5f:20:44:86:96:3a:24:d6:5a:14:
db:ac:c6:79:95:75:be:ec:27:c7:e3:4f:c2:52:d5:
7c:7c:34:b4:e4:cc:bf:61:9e:dd:06:59:9d:99:9f:
81:59:8d:9e:49:41:9a:b1:47:91:cc:0a:42:7e:10:
df:67:57:68:45:bc:93:62:59:83:69:3c:49:d0:df:
d6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:32:2C:1F:BD:9C:02:50:EF:38:F4:13:C6:CF:B2:5D:8F:E8:BD:CD
X509v3 Authority Key Identifier:
keyid:31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/RjIsH72cAlDvOPQTxs-yXY_ovc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.24.0/22
185.117.252.0/22
185.165.228.0/22
IPv6:
2a10:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:51:05:e3:3f:ba:99:4b:0f:fc:5f:9e:2f:e9:c7:55:76:91:
e7:89:13:ac:e4:dc:08:ce:5d:46:69:00:0c:8e:48:ad:44:c0:
c2:c9:95:83:75:cb:09:38:46:44:a1:4b:cf:39:22:11:7b:d6:
38:c5:c6:84:e0:d0:f4:c9:d5:be:31:4b:38:1b:4a:ec:21:3c:
15:46:41:ea:56:b5:4c:48:b0:d8:09:9b:16:f3:b9:ec:38:b9:
01:0c:de:b9:b3:23:8d:74:5a:a1:07:58:63:db:62:29:71:a9:
d0:93:2d:15:98:1e:87:72:36:cf:ba:41:a5:33:47:9a:96:6d:
b6:e6:95:b3:56:ca:ad:2c:54:e5:53:8c:43:a9:49:37:17:88:
66:74:8a:08:28:36:59:13:1e:10:25:20:73:99:f0:36:85:6c:
f0:ec:7b:db:97:07:24:a2:a8:16:2e:05:75:75:a7:d3:ff:f3:
83:8b:77:c1:0f:1d:61:45:f0:46:ed:4d:4b:aa:7c:c9:07:b6:
9e:a6:96:f3:0b:a3:a6:f7:2a:31:6c:c4:92:f9:4a:28:5b:f6:
08:03:2a:98:34:4b:e3:3a:8b:99:46:dc:c4:a1:7b:15:65:0e:
38:35:f1:48:5b:18:ff:09:b9:83:b2:78:3a:28:dd:84:c8:e8:
6d:1f:da:bc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYhDSgbDAbJkEQ5ILF3lz4r3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDRlZTRhZmZmNTVlNjc0NDRkNDdkNDliNTEyYTgzNjhi
ZjllZjYwHhcNMjMwNTIyMTE0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjMyMmMxZmJkOWMwMjUwZWYzOGY0MTNjNmNmYjI1ZDhmZThiZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXAslYcD9T4Ph6PYUvFmfSF3U6nj
vkIGkahb+QeqWZ0lisPxq62w9khJrYz4OGdT2C+n4HjbE7V13uunP3DEsqrIH/VW
YXT83LinQN1LG8sggaLbNS/IuQiHlnDgnO+0CbaN44SWeAt5I0ntzVUQNoDaeZeK
KjU6zn3gMKmvnA81oRRlVGjT1t8giPmMaafsERgVWGOMLaXUh7N2FyOhr7W5LbC8
NZoVRbg2ZoZIlYjQbMSQeL/aC18gRIaWOiTWWhTbrMZ5lXW+7CfH40/CUtV8fDS0
5My/YZ7dBlmdmZ+BWY2eSUGasUeRzApCfhDfZ1doRbyTYlmDaTxJ0N/WzwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEYyLB+9nAJQ7zj0E8bPsl2P6L3NMB8GA1UdIwQY
MBaAFDHU7kr/9V5nRE1H1JtRKoNov572MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDIt
YmFiNTc2ZTIwMzkzLzEvUmpJc0g3MmNBbER2T1BRVHhzLXlYWV9vdmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDItYmFiNTc2ZTIwMzkz
LzEvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCPnAYAwQC
uXX8AwQCuaXkMA0EAgACMAcDBQMqEK1AMA0GCSqGSIb3DQEBCwUAA4IBAQBeUQXj
P7qZSw/8X54v6cdVdpHniROs5NwIzl1GaQAMjkitRMDCyZWDdcsJOEZEoUvPOSIR
e9Y4xcaE4ND0ydW+MUs4G0rsITwVRkHqVrVMSLDYCZsW87nsOLkBDN65syONdFqh
B1hj22IpcanQky0VmB6HcjbPukGlM0ealm225pWzVsqtLFTlU4xDqUk3F4hmdIoI
KDZZEx4QJSBzmfA2hWzw7HvblwckoqgWLgV1dafT//ODi3fBDx1hRfBG7U1LqnzJ
B7aeppbzC6Om9yoxbMSS+UooW/YIAyqYNEvjOouZRtzEoXsVZQ44NfFIWxj/CbmD
sng6KN2EyOhtH9q8
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:33 2024 by rpki-client on console-ams.rpki-client.org