Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/9j_HWNyhvZhtNikYeACwuGqoNaE.roa
File: 9j_HWNyhvZhtNikYeACwuGqoNaE.roa (raw, json)
Hash identifier: 0zIlEo3qvwp5UaRT+DJg0tlEf0uKlLZDtsiXNb5qdX0=
Subject key identifier: F6:3F:C7:58:DC:A1:BD:98:6D:36:29:18:78:00:B0:B8:6A:A8:35:A1
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: 01856C0A2BF0129D6AFA74082811677B9E76
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/9j_HWNyhvZhtNikYeACwuGqoNaE.roa
Signing time: Sun 01 Jan 2023 06:34:43 +0000
ROA not before: Sun 01 Jan 2023 06:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34884
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:2b:f0:12:9d:6a:fa:74:08:28:11:67:7b:9e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 06:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f63fc758dca1bd986d3629187800b0b86aa835a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:54:c8:d0:6b:f5:4d:e5:5b:51:eb:0a:7b:c8:
b2:79:e2:b7:fb:b4:f5:3a:2f:55:f8:d0:51:8b:65:
cd:84:e5:3a:f3:e3:55:17:f6:6e:63:c0:99:b5:d1:
d7:c2:0e:34:e7:af:b0:50:5c:ed:8c:63:eb:e6:1c:
68:00:4c:aa:bd:13:87:c8:77:2c:40:4e:7b:f1:a1:
ab:d6:c3:95:e4:92:2e:8b:f9:7f:d0:32:7c:e8:f4:
88:18:6d:63:6c:e1:5e:62:db:cc:06:ab:3d:29:c2:
a1:b0:bc:23:9e:35:a1:93:8d:e0:14:cc:74:31:11:
e2:0a:47:b8:b7:31:25:20:ca:7a:df:0b:3f:8d:ff:
db:ba:cc:ed:78:13:8f:f1:43:9a:6c:59:c0:f9:68:
d4:f8:b5:15:4a:e3:ea:ca:a0:67:73:d3:26:57:f0:
e8:4e:0f:8e:db:6b:7b:c2:ed:66:a8:b1:5a:57:d2:
ba:d0:a0:fd:11:ba:c6:a4:01:de:31:44:da:53:35:
2d:92:f7:02:f9:b0:9e:3a:12:15:8d:14:23:26:72:
bf:ef:43:31:a7:32:b0:5b:a7:4c:1b:54:f7:9e:fb:
a8:c6:97:1c:3c:b9:bc:3c:16:97:f7:11:61:67:91:
d8:a1:10:67:f4:95:b1:eb:7f:b1:e9:9c:00:e7:b4:
dc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:3F:C7:58:DC:A1:BD:98:6D:36:29:18:78:00:B0:B8:6A:A8:35:A1
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/9j_HWNyhvZhtNikYeACwuGqoNaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:b2:28:6c:66:a6:f6:cf:06:97:fa:d4:f5:da:8e:8a:99:ef:
19:de:e5:3a:ad:2b:ef:0f:46:d6:13:c5:fc:a3:4e:98:d3:ba:
45:29:64:9d:62:ff:ed:02:b0:3e:1c:ba:8a:94:b9:92:9d:e4:
1d:04:57:b8:93:02:13:4a:e7:f2:31:41:84:91:6f:1a:6f:a4:
06:18:f9:b3:49:62:c1:ea:4c:2d:14:81:26:4e:30:c1:00:f5:
e7:d3:49:b0:24:4a:a2:62:aa:0a:23:16:48:94:3c:3a:80:4f:
6d:59:71:be:77:ce:a9:da:0b:1f:29:57:51:aa:7e:b3:a2:5f:
f6:88:21:28:36:da:d1:b6:a9:b2:0f:68:50:0f:73:92:94:ed:
fe:43:b2:8c:bf:ac:75:5e:1a:4a:3d:e5:92:ff:ce:0e:f0:63:
ae:e5:97:d9:d2:3d:05:dd:83:3f:6f:c7:b2:6e:ce:19:6c:f6:
5b:f3:27:91:c4:de:e6:b1:4b:de:1c:d1:62:69:b2:4c:4e:18:
34:bc:37:27:ce:76:48:5f:1f:9c:a1:1b:e0:d8:4d:4c:41:a4:
65:1a:26:48:a3:8f:fe:c0:c0:b7:5a:8e:e7:f2:d1:e5:a8:be:
bf:79:f3:c6:f9:0e:59:ab:9e:49:b5:74:42:00:3e:a7:2c:1f:
36:6c:17:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCivwEp1q+nQIKBFne552MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODQ3ZjgyMjE4OTdkNmU5NTJlODZlYTJjMzM5YWJhYWNj
MTMxZjUwHhcNMjMwMTAxMDYzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjNmYzc1OGRjYTFiZDk4NmQzNjI5MTg3ODAwYjBiODZhYTgzNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1TI0Gv1TeVbUesKe8iyeeK3+7T1
Oi9V+NBRi2XNhOU68+NVF/ZuY8CZtdHXwg4056+wUFztjGPr5hxoAEyqvROHyHcs
QE578aGr1sOV5JIui/l/0DJ86PSIGG1jbOFeYtvMBqs9KcKhsLwjnjWhk43gFMx0
MRHiCke4tzElIMp63ws/jf/buszteBOP8UOabFnA+WjU+LUVSuPqyqBnc9MmV/Do
Tg+O22t7wu1mqLFaV9K60KD9EbrGpAHeMUTaUzUtkvcC+bCeOhIVjRQjJnK/70Mx
pzKwW6dMG1T3nvuoxpccPLm8PBaX9xFhZ5HYoRBn9JWx63+x6ZwA57Tc1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPY/x1jcob2YbTYpGHgAsLhqqDWhMB8GA1UdIwQY
MBaAFHCEf4IhiX1ulS6G6iwzmrqswTH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgt
NmU4Nzg0YTdhZDA5LzEvOWpfSFdOeWh2Wmh0TmlrWWVBQ3d1R3FvTmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgtNmU4Nzg0YTdhZDA5
LzEvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSYcAwQC
uV/8MA0GCSqGSIb3DQEBCwUAA4IBAQAbsihsZqb2zwaX+tT12o6Kme8Z3uU6rSvv
D0bWE8X8o06Y07pFKWSdYv/tArA+HLqKlLmSneQdBFe4kwITSufyMUGEkW8ab6QG
GPmzSWLB6kwtFIEmTjDBAPXn00mwJEqiYqoKIxZIlDw6gE9tWXG+d86p2gsfKVdR
qn6zol/2iCEoNtrRtqmyD2hQD3OSlO3+Q7KMv6x1XhpKPeWS/84O8GOu5ZfZ0j0F
3YM/b8eybs4ZbPZb8yeRxN7msUveHNFiabJMThg0vDcnznZIXx+coRvg2E1MQaRl
GiZIo4/+wMC3Wo7n8tHlqL6/efPG+Q5Zq55JtXRCAD6nLB82bBcS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org