Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/fAaHEeThNRxaw0Suk1yh3SwRfjE.roa
File: fAaHEeThNRxaw0Suk1yh3SwRfjE.roa (raw, json)
Hash identifier: RS+L+KRg63BcxitevWjlv9NEn+/PfEhadlfH3+zrQRg=
Subject key identifier: 7C:06:87:11:E4:E1:35:1C:5A:C3:44:AE:93:5C:A1:DD:2C:11:7E:31
Certificate issuer: /CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Certificate serial: 018962F85CCC72D767F9C09215A29D9CD913
Authority key identifier: E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/fAaHEeThNRxaw0Suk1yh3SwRfjE.roa
Signing time: Mon 17 Jul 2023 08:29:51 +0000
ROA not before: Mon 17 Jul 2023 08:29:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202692
IP address blocks: 185.156.208.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:62:f8:5c:cc:72:d7:67:f9:c0:92:15:a2:9d:9c:d9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Validity
Not Before: Jul 17 08:29:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c068711e4e1351c5ac344ae935ca1dd2c117e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e6:bf:5e:de:96:5f:ed:b0:bf:d1:6a:1b:ed:
e3:c2:49:15:ae:93:61:c0:f7:a7:19:35:2b:86:1d:
c7:4d:37:19:ab:3a:52:55:fb:35:cc:f3:12:13:ed:
10:11:51:8f:56:45:65:5e:ae:9e:f4:cb:26:85:38:
8e:de:a5:e4:c7:78:01:b4:71:c4:a0:e4:72:5f:bc:
27:e2:c7:b4:d4:25:9b:db:c7:f9:38:16:0e:59:f3:
61:de:f6:21:ea:e4:80:77:61:9d:af:b3:5b:90:82:
e9:95:67:b0:ed:d2:33:3c:b5:a1:45:eb:42:cf:35:
86:4d:b6:3f:5e:8e:83:45:d8:98:94:16:68:aa:e8:
ac:d2:0f:32:b6:91:a6:fa:21:a7:2f:9c:84:af:0a:
50:00:f0:77:3e:d8:5e:73:d4:65:c3:6e:78:42:bd:
c8:cb:57:3c:90:a9:24:ad:e1:85:35:d9:03:7b:1b:
80:e6:74:cc:11:e8:55:b0:ca:61:1b:f1:02:81:36:
26:75:2e:8c:5b:c5:ca:23:90:5a:3c:fb:d4:58:92:
93:b8:6b:63:31:05:2e:ed:10:37:ff:ce:94:10:d8:
b8:10:9e:ec:3a:9f:f6:30:56:95:e5:2f:7b:36:8f:
d7:75:1a:e8:f2:e5:a6:46:a9:00:47:0e:32:db:34:
af:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:06:87:11:E4:E1:35:1C:5A:C3:44:AE:93:5C:A1:DD:2C:11:7E:31
X509v3 Authority Key Identifier:
keyid:E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/fAaHEeThNRxaw0Suk1yh3SwRfjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/5jGwgNTqb9Bham5wHHyBXW_4fAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.208.0/22
Signature Algorithm: sha256WithRSAEncryption
60:e2:95:47:17:69:2b:28:df:59:6c:6d:cd:db:7c:e8:d0:b9:
24:3a:2c:c6:74:d2:66:69:67:23:35:45:4b:4d:a9:8a:35:2e:
9a:f4:e5:5f:f7:1f:b5:f9:79:69:84:12:c3:45:d6:3b:45:d1:
56:73:f1:72:1f:39:6b:f7:d9:1b:bd:04:ca:5e:45:12:16:18:
3a:1e:01:17:a7:4a:6b:68:01:16:31:37:ee:2f:73:12:9c:09:
88:55:45:e0:06:f1:7c:e5:b5:a5:ca:2b:84:25:2b:13:51:da:
c6:90:96:1d:97:67:f9:95:a4:5c:ab:36:d5:4b:26:e5:d8:82:
9b:32:d4:35:59:5a:10:46:52:d0:37:f8:bb:d3:2b:5b:15:0c:
68:49:46:6c:f7:96:21:85:7e:cb:3a:35:0e:cc:29:a3:b3:19:
e1:6c:ec:b9:2e:fc:30:32:9d:8c:23:f4:b4:82:44:8f:99:93:
4e:15:d1:4f:72:c5:cd:e5:6b:2f:f9:d3:cc:2c:8e:3b:09:04:
65:5b:07:ef:cb:88:f0:b9:02:cc:cd:e2:b9:4b:cf:4f:54:92:
93:21:39:58:0a:3d:a2:9f:c6:ef:71:b4:b5:5d:79:f7:29:15:
da:1e:47:d7:03:28:1d:6c:b5:4d:7f:c8:b8:90:02:f8:40:31:
cd:c9:0e:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYli+FzMctdn+cCSFaKdnNkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MzFiMDgwZDRlYTZmZDA2MTZhNmU3MDFjN2M4MTVkNmZm
ODdjMDAwHhcNMjMwNzE3MDgyOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzA2ODcxMWU0ZTEzNTFjNWFjMzQ0YWU5MzVjYTFkZDJjMTE3ZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApea/Xt6WX+2wv9FqG+3jwkkVrpNh
wPenGTUrhh3HTTcZqzpSVfs1zPMSE+0QEVGPVkVlXq6e9MsmhTiO3qXkx3gBtHHE
oORyX7wn4se01CWb28f5OBYOWfNh3vYh6uSAd2Gdr7NbkILplWew7dIzPLWhRetC
zzWGTbY/Xo6DRdiYlBZoquis0g8ytpGm+iGnL5yErwpQAPB3Pthec9Rlw254Qr3I
y1c8kKkkreGFNdkDexuA5nTMEehVsMphG/ECgTYmdS6MW8XKI5BaPPvUWJKTuGtj
MQUu7RA3/86UENi4EJ7sOp/2MFaV5S97No/XdRro8uWmRqkARw4y2zSvIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwGhxHk4TUcWsNErpNcod0sEX4xMB8GA1UdIwQY
MBaAFOYxsIDU6m/QYWpucBx8gV1v+HwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWIt
OTNiM2EzNjk2ZDk2LzEvZkFhSEVlVGhOUnhhdzBTdWsxeWgzU3dSZmpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWItOTNiM2EzNjk2ZDk2
LzEvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZzQMA0G
CSqGSIb3DQEBCwUAA4IBAQBg4pVHF2krKN9ZbG3N23zo0LkkOizGdNJmaWcjNUVL
TamKNS6a9OVf9x+1+XlphBLDRdY7RdFWc/FyHzlr99kbvQTKXkUSFhg6HgEXp0pr
aAEWMTfuL3MSnAmIVUXgBvF85bWlyiuEJSsTUdrGkJYdl2f5laRcqzbVSybl2IKb
MtQ1WVoQRlLQN/i70ytbFQxoSUZs95YhhX7LOjUOzCmjsxnhbOy5LvwwMp2MI/S0
gkSPmZNOFdFPcsXN5Wsv+dPMLI47CQRlWwfvy4jwuQLMzeK5S89PVJKTITlYCj2i
n8bvcbS1XXn3KRXaHkfXAygdbLVNf8i4kAL4QDHNyQ58
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:48 2024 by rpki-client on console-ams.rpki-client.org