Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/rh1TRgC2hPEZ2hDDknfzUgin6J0.roa
File: rh1TRgC2hPEZ2hDDknfzUgin6J0.roa (raw, json)
Hash identifier: 5AdcTa4pMJ28QkFWii1p1bY7+pI0CkEiVx5GvCP4WzM=
Subject key identifier: AE:1D:53:46:00:B6:84:F1:19:DA:10:C3:92:77:F3:52:08:A7:E8:9D
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: 01856C0A2CB3585469AB40123B4D7460CC19
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/rh1TRgC2hPEZ2hDDknfzUgin6J0.roa
Signing time: Sun 01 Jan 2023 06:34:44 +0000
ROA not before: Sun 01 Jan 2023 06:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43056
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:2c:b3:58:54:69:ab:40:12:3b:4d:74:60:cc:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 06:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae1d534600b684f119da10c39277f35208a7e89d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c6:32:2f:47:38:60:f5:41:f9:19:9d:f9:9d:
82:14:d0:85:f8:14:dd:cd:5e:9a:5b:48:22:f1:fb:
b0:52:a9:d9:58:0f:08:26:51:30:61:91:6b:d8:3f:
56:57:04:c1:50:b8:32:02:4a:8a:f5:04:4e:e4:6e:
42:33:45:f5:3d:7d:64:55:60:ab:a2:6d:20:ae:78:
8d:a4:05:02:d2:a1:f9:0b:68:0c:85:fa:eb:41:6a:
83:58:be:d6:d8:59:51:16:91:b2:22:38:44:a2:9c:
af:80:81:cb:15:15:43:6a:b5:91:68:3e:8c:77:32:
7e:a6:28:18:6f:c9:21:86:90:7d:57:2a:41:bc:42:
93:f8:0d:4e:9c:d3:d1:80:6b:fd:e2:f4:9f:13:0c:
1f:bc:55:0c:89:0c:0a:de:97:7c:06:2d:c3:05:37:
e5:43:81:d3:2c:4f:5d:39:30:d9:1f:41:4a:d2:3b:
b3:77:cf:88:5c:c1:2e:b5:d3:4e:96:5a:2c:53:a1:
14:dc:df:7d:52:34:49:01:6d:fd:ef:e5:d3:77:6b:
60:f4:3e:61:de:6c:ac:b1:73:39:90:6d:32:a9:ee:
9f:76:6d:e9:dd:49:37:3b:b1:5f:5f:00:bc:19:89:
5c:ab:b4:38:de:0a:96:ff:51:26:84:28:4b:91:b8:
ad:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1D:53:46:00:B6:84:F1:19:DA:10:C3:92:77:F3:52:08:A7:E8:9D
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/rh1TRgC2hPEZ2hDDknfzUgin6J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:2d:fc:af:ad:72:96:07:bc:5f:bb:20:f8:f0:34:74:ed:e9:
8a:a1:8d:f6:1d:c1:29:62:8a:8c:2c:06:3f:36:5a:46:46:bd:
0d:73:6c:06:00:f1:e6:35:50:05:76:d8:9f:51:8b:74:a1:a0:
4e:3c:5f:ab:38:45:c2:9b:6d:50:18:10:54:48:b0:e9:51:c0:
a1:9d:c6:c9:b3:7e:04:2b:50:37:7a:65:2a:cf:8c:5e:63:85:
db:62:9f:8c:38:87:65:b3:0d:87:ec:1b:69:ea:17:52:c8:3e:
ce:aa:4e:06:d8:3e:0f:ff:c0:d2:a4:96:f6:fb:98:4a:31:92:
59:57:60:d4:4e:92:bb:f8:18:0b:fa:cc:45:f5:25:28:6f:0d:
b5:81:58:e0:d1:9f:61:f8:37:2f:de:ce:40:ff:10:14:d1:ea:
cd:ea:71:5c:0b:bb:f8:07:b3:b2:df:e6:d2:06:2e:74:ef:ad:
b2:29:71:9f:be:f4:f4:28:d5:7e:ab:1a:ea:1c:bf:79:33:75:
4d:32:00:f2:5d:e3:e4:da:f1:74:ff:e7:c0:78:9d:79:ec:e3:
45:bd:cb:43:bf:2a:32:f9:6d:a7:c9:41:6a:47:bf:eb:78:2d:
d5:57:22:94:2b:df:b7:45:0e:1c:41:4d:66:5e:a2:95:af:2b:
f8:47:53:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCiyzWFRpq0ASO010YMwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODQ3ZjgyMjE4OTdkNmU5NTJlODZlYTJjMzM5YWJhYWNj
MTMxZjUwHhcNMjMwMTAxMDYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFkNTM0NjAwYjY4NGYxMTlkYTEwYzM5Mjc3ZjM1MjA4YTdlODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8YyL0c4YPVB+Rmd+Z2CFNCF+BTd
zV6aW0gi8fuwUqnZWA8IJlEwYZFr2D9WVwTBULgyAkqK9QRO5G5CM0X1PX1kVWCr
om0grniNpAUC0qH5C2gMhfrrQWqDWL7W2FlRFpGyIjhEopyvgIHLFRVDarWRaD6M
dzJ+pigYb8khhpB9VypBvEKT+A1OnNPRgGv94vSfEwwfvFUMiQwK3pd8Bi3DBTfl
Q4HTLE9dOTDZH0FK0juzd8+IXMEutdNOllosU6EU3N99UjRJAW397+XTd2tg9D5h
3myssXM5kG0yqe6fdm3p3Uk3O7FfXwC8GYlcq7Q43gqW/1EmhChLkbitWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4dU0YAtoTxGdoQw5J381IIp+idMB8GA1UdIwQY
MBaAFHCEf4IhiX1ulS6G6iwzmrqswTH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgt
NmU4Nzg0YTdhZDA5LzEvcmgxVFJnQzJoUEVaMmhERGtuZnpVZ2luNkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgtNmU4Nzg0YTdhZDA5
LzEvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSYcAwQC
uV/8MA0GCSqGSIb3DQEBCwUAA4IBAQCbLfyvrXKWB7xfuyD48DR07emKoY32HcEp
YoqMLAY/NlpGRr0Nc2wGAPHmNVAFdtifUYt0oaBOPF+rOEXCm21QGBBUSLDpUcCh
ncbJs34EK1A3emUqz4xeY4XbYp+MOIdlsw2H7Btp6hdSyD7Oqk4G2D4P/8DSpJb2
+5hKMZJZV2DUTpK7+BgL+sxF9SUobw21gVjg0Z9h+Dcv3s5A/xAU0erN6nFcC7v4
B7Oy3+bSBi50762yKXGfvvT0KNV+qxrqHL95M3VNMgDyXePk2vF0/+fAeJ157ONF
vctDvyoy+W2nyUFqR7/reC3VVyKUK9+3RQ4cQU1mXqKVryv4R1M5
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:05 2024 by rpki-client on console-fra.rpki-client.org