Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iJzGU3SdWJ4KiCrg2E3TzjjZl7k.roa
File: iJzGU3SdWJ4KiCrg2E3TzjjZl7k.roa (raw, json)
Hash identifier: WdrAVtf1EoZeyQ1Bazy6X2/uVZuFd/CWN/Fpa0/GZMI=
Subject key identifier: 88:9C:C6:53:74:9D:58:9E:0A:88:2A:E0:D8:4D:D3:CE:38:D9:97:B9
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01856FCB879029F09B682D01D9B44DE7FE70
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iJzGU3SdWJ4KiCrg2E3TzjjZl7k.roa
Signing time: Mon 02 Jan 2023 00:04:47 +0000
ROA not before: Mon 02 Jan 2023 00:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41059
IP address blocks: 185.1.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:87:90:29:f0:9b:68:2d:01:d9:b4:4d:e7:fe:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 00:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=889cc653749d589e0a882ae0d84dd3ce38d997b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:40:88:e6:a7:32:57:45:35:8b:d8:39:7d:ed:
54:f3:f0:6c:8d:23:70:68:6f:fb:cd:d3:91:d4:56:
2f:c1:2d:23:3d:05:0b:26:38:ac:12:4a:71:b9:f5:
0d:a4:18:96:5c:6e:aa:ef:8f:dc:76:ba:f1:59:80:
7a:43:f3:75:2d:7d:02:5f:e1:93:d3:92:de:63:a5:
ea:72:da:f6:dc:6d:d7:a9:e3:b2:9b:1b:bb:8f:da:
57:a7:a2:e7:35:50:cc:a4:0f:80:c1:df:87:ea:fe:
26:e6:7a:d9:80:8a:a9:ae:b6:a9:08:56:ae:0c:4b:
db:22:2b:2f:37:96:4e:99:52:8a:d7:36:00:90:6d:
6d:49:ca:ce:fe:84:3e:87:82:46:b4:22:c5:89:d2:
e2:b0:4c:54:da:56:71:1e:be:50:a7:5a:74:2b:ef:
f3:f2:ae:58:bb:95:6b:a3:73:a7:f8:53:14:ac:bc:
18:b9:6d:01:37:53:b9:7b:64:90:0d:5c:54:26:c4:
0a:e9:69:e6:68:40:3a:ac:b0:47:65:28:52:e7:80:
17:86:7f:27:a7:65:4d:f7:5c:16:cd:d3:c8:ab:d6:
6f:29:dd:77:c0:01:2f:d9:93:e9:88:5f:04:c5:a3:
95:2e:3e:9f:01:46:71:92:f0:96:52:8b:7b:00:8b:
ea:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9C:C6:53:74:9D:58:9E:0A:88:2A:E0:D8:4D:D3:CE:38:D9:97:B9
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iJzGU3SdWJ4KiCrg2E3TzjjZl7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:37:20:44:cd:0c:cd:f7:a5:58:d8:f3:61:e0:77:e6:ec:54:
30:ec:4d:e4:d9:26:ac:c8:96:c6:71:cf:45:72:b7:0d:46:3a:
f9:95:c6:35:46:f4:8d:42:3b:51:37:cd:ca:ec:99:50:e2:8e:
53:92:b1:bf:ac:f3:8e:e0:51:86:b1:ca:d2:39:4d:9f:8a:58:
f1:db:99:d7:c2:d0:d6:c3:85:b1:00:cd:3d:dc:ef:9f:7c:c4:
b8:6c:85:a7:51:4e:7a:e8:b5:04:ed:e6:f8:74:3b:08:ec:4d:
e3:5c:b2:0d:40:d3:a8:dd:6c:5b:32:b7:c2:cc:d0:03:ef:59:
d6:2a:d2:94:a9:6c:fb:64:8c:34:34:31:78:25:77:8d:01:ca:
20:0b:e6:26:d2:11:db:41:ca:fe:37:22:64:b8:b3:5b:25:d1:
10:ec:d9:6c:12:d6:da:13:eb:65:6d:e7:df:f0:9e:eb:93:ce:
15:25:b6:2a:20:ac:53:9d:cf:68:e6:b8:2a:fd:08:26:95:ad:
62:34:29:26:26:64:51:a4:6c:25:f4:2e:fc:52:bc:5b:ee:8a:
f8:3a:a2:ae:3e:9c:25:c2:3c:e7:a0:b6:86:4b:1d:5d:f0:da:
1e:5a:d9:66:44:9c:4d:44:52:32:72:0d:4e:87:87:76:4d:34:
65:ab:f1:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy4eQKfCbaC0B2bRN5/5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODljYzY1Mzc0OWQ1ODllMGE4ODJhZTBkODRkZDNjZTM4ZDk5N2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjECI5qcyV0U1i9g5fe1U8/BsjSNw
aG/7zdOR1FYvwS0jPQULJjisEkpxufUNpBiWXG6q74/cdrrxWYB6Q/N1LX0CX+GT
05LeY6Xqctr23G3XqeOymxu7j9pXp6LnNVDMpA+Awd+H6v4m5nrZgIqprrapCFau
DEvbIisvN5ZOmVKK1zYAkG1tScrO/oQ+h4JGtCLFidLisExU2lZxHr5Qp1p0K+/z
8q5Yu5Vro3On+FMUrLwYuW0BN1O5e2SQDVxUJsQK6WnmaEA6rLBHZShS54AXhn8n
p2VN91wWzdPIq9ZvKd13wAEv2ZPpiF8ExaOVLj6fAUZxkvCWUot7AIvq4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIicxlN0nVieCogq4NhN08442Ze5MB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvaUp6R1UzU2RXSjRLaUNyZzJFM1R6ampabDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQEoMA0G
CSqGSIb3DQEBCwUAA4IBAQBfNyBEzQzN96VY2PNh4Hfm7FQw7E3k2SasyJbGcc9F
crcNRjr5lcY1RvSNQjtRN83K7JlQ4o5TkrG/rPOO4FGGscrSOU2filjx25nXwtDW
w4WxAM093O+ffMS4bIWnUU566LUE7eb4dDsI7E3jXLINQNOo3WxbMrfCzNAD71nW
KtKUqWz7ZIw0NDF4JXeNAcogC+Ym0hHbQcr+NyJkuLNbJdEQ7NlsEtbaE+tlbeff
8J7rk84VJbYqIKxTnc9o5rgq/Qgmla1iNCkmJmRRpGwl9C78Urxb7or4OqKuPpwl
wjznoLaGSx1d8NoeWtlmRJxNRFIycg1Oh4d2TTRlq/ES
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:29 2024 by rpki-client on console-ams.rpki-client.org