Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/22e49d-6953-4fc8-a896-c5c358837a84/1/iWpud7kgZnVVdvvPfQlZy7IbVCg.roa
File: iWpud7kgZnVVdvvPfQlZy7IbVCg.roa (raw, json)
Hash identifier: N236SDwrXZnj9DyVNGqYNQIdhkdcHm/8lFT+qcu2D30=
Subject key identifier: 89:6A:6E:77:B9:20:66:75:55:76:FB:CF:7D:09:59:CB:B2:1B:54:28
Certificate issuer: /CN=c9cd38d1d1c4a23053cd997163318d649a7b2a57
Certificate serial: 01857094F49E03ADC60FA2C5E9944C7E117E
Authority key identifier: C9:CD:38:D1:D1:C4:A2:30:53:CD:99:71:63:31:8D:64:9A:7B:2A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yc040dHEojBTzZlxYzGNZJp7Klc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/22e49d-6953-4fc8-a896-c5c358837a84/1/iWpud7kgZnVVdvvPfQlZy7IbVCg.roa
Signing time: Mon 02 Jan 2023 03:44:48 +0000
ROA not before: Mon 02 Jan 2023 03:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206063
IP address blocks: 185.39.252.0/24 maxlen: 24
185.39.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:f4:9e:03:ad:c6:0f:a2:c5:e9:94:4c:7e:11:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9cd38d1d1c4a23053cd997163318d649a7b2a57
Validity
Not Before: Jan 2 03:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=896a6e77b92066755576fbcf7d0959cbb21b5428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:36:39:92:73:7c:f7:69:80:e4:75:06:b2:20:
07:66:26:61:b2:df:b1:8b:2d:0f:2d:54:c8:bb:0e:
95:54:a2:65:a0:4c:7c:81:90:8f:18:40:b5:64:3b:
f3:82:d4:31:d2:8a:4d:bc:7f:8a:4e:13:9b:7e:19:
32:e8:f4:f2:5e:3d:e8:ad:41:d3:c3:a4:60:b8:b8:
75:ec:46:15:b0:54:6c:c1:42:c1:12:b5:6b:24:38:
26:a1:e8:df:ee:5f:b3:79:1a:b0:8a:22:2c:d6:c6:
58:84:39:8d:4c:c7:c8:3d:34:56:69:79:6f:6c:10:
6b:b7:65:35:2a:b5:c4:d8:dd:21:0b:51:40:c1:d1:
f2:c9:fc:00:f5:0c:57:79:95:7b:ed:0b:55:d7:a5:
94:62:d0:11:be:cd:f9:c7:0b:e7:ee:6e:9f:88:38:
1e:7f:21:d3:4e:97:04:59:0b:18:a0:22:8b:10:81:
fc:9c:09:b1:ac:87:3c:02:4f:2b:1c:ee:3a:f4:ff:
15:29:1b:4f:83:e9:b0:b1:bf:24:11:af:c1:88:3b:
40:62:6b:bd:f0:7a:82:3c:da:87:ea:49:e7:07:7e:
6f:55:2a:7e:f2:d6:d6:a1:de:e3:24:38:6b:92:8b:
24:2f:5b:3a:1e:b2:81:a1:9f:c7:eb:bb:7b:8c:fa:
15:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6A:6E:77:B9:20:66:75:55:76:FB:CF:7D:09:59:CB:B2:1B:54:28
X509v3 Authority Key Identifier:
keyid:C9:CD:38:D1:D1:C4:A2:30:53:CD:99:71:63:31:8D:64:9A:7B:2A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yc040dHEojBTzZlxYzGNZJp7Klc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/22e49d-6953-4fc8-a896-c5c358837a84/1/iWpud7kgZnVVdvvPfQlZy7IbVCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/22e49d-6953-4fc8-a896-c5c358837a84/1/yc040dHEojBTzZlxYzGNZJp7Klc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.252.0/24
185.39.254.0/23
Signature Algorithm: sha256WithRSAEncryption
83:2e:29:03:c7:5c:3a:07:d2:17:2c:72:92:0a:35:24:ae:a1:
3f:60:5f:c1:5c:24:ac:ee:e8:dd:e5:32:fd:5e:48:48:5a:95:
01:d4:87:fa:80:e9:93:e4:b1:8d:34:df:fa:5d:eb:a2:7f:5d:
37:36:f2:6c:70:f5:1a:f9:a9:47:f0:c5:8b:96:18:7c:ad:b9:
63:9f:d3:0c:f8:59:9b:7b:1e:a8:d5:cb:33:4d:8e:55:29:7d:
7e:1c:e5:92:aa:3d:e8:aa:49:21:eb:6f:e9:41:d0:75:06:ab:
c6:2a:6c:6e:0b:f7:42:b6:31:b5:dd:15:53:1f:ef:ea:5a:bf:
ac:38:e8:43:87:fb:32:e4:f0:76:15:6a:52:c7:03:60:8c:6d:
0b:5b:69:29:5c:e8:e5:64:67:dd:e7:43:a4:fa:2c:7c:32:59:
79:d8:b9:8c:ad:ac:75:d2:2a:56:ca:fb:71:90:61:8e:42:a2:
f5:db:92:7b:7f:1b:7b:08:35:22:04:11:b2:2e:17:0a:7b:69:
e7:73:cd:2b:6d:7a:91:b5:9b:8a:48:dc:55:2a:ff:8e:7b:02:
7c:ac:60:00:a9:d1:fd:16:dd:8e:e5:ea:f2:f6:9e:b1:39:45:
13:2f:bf:8b:b4:d7:5e:8c:e6:a3:7d:96:1f:6c:6f:d9:14:b5:
30:4b:33:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlPSeA63GD6LF6ZRMfhF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5Y2QzOGQxZDFjNGEyMzA1M2NkOTk3MTYzMzE4ZDY0OWE3
YjJhNTcwHhcNMjMwMTAyMDM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZhNmU3N2I5MjA2Njc1NTU3NmZiY2Y3ZDA5NTljYmIyMWI1NDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTY5knN892mA5HUGsiAHZiZhst+x
iy0PLVTIuw6VVKJloEx8gZCPGEC1ZDvzgtQx0opNvH+KThObfhky6PTyXj3orUHT
w6RguLh17EYVsFRswULBErVrJDgmoejf7l+zeRqwiiIs1sZYhDmNTMfIPTRWaXlv
bBBrt2U1KrXE2N0hC1FAwdHyyfwA9QxXeZV77QtV16WUYtARvs35xwvn7m6fiDge
fyHTTpcEWQsYoCKLEIH8nAmxrIc8Ak8rHO469P8VKRtPg+mwsb8kEa/BiDtAYmu9
8HqCPNqH6knnB35vVSp+8tbWod7jJDhrkoskL1s6HrKBoZ/H67t7jPoVowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIlqbne5IGZ1VXb7z30JWcuyG1QoMB8GA1UdIwQY
MBaAFMnNONHRxKIwU82ZcWMxjWSaeypXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWMwNDBkSEVvakJUelpseFl6R05aSnA3S2xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8yMmU0OWQtNjk1My00ZmM4LWE4OTYt
YzVjMzU4ODM3YTg0LzEvaVdwdWQ3a2dablZWZHZ2UGZRbFp5N0liVkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8yMmU0OWQtNjk1My00ZmM4LWE4OTYtYzVjMzU4ODM3YTg0
LzEveWMwNDBkSEVvakJUelpseFl6R05aSnA3S2xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSf8AwQB
uSf+MA0GCSqGSIb3DQEBCwUAA4IBAQCDLikDx1w6B9IXLHKSCjUkrqE/YF/BXCSs
7ujd5TL9XkhIWpUB1If6gOmT5LGNNN/6Xeuif103NvJscPUa+alH8MWLlhh8rblj
n9MM+Fmbex6o1cszTY5VKX1+HOWSqj3oqkkh62/pQdB1BqvGKmxuC/dCtjG13RVT
H+/qWr+sOOhDh/sy5PB2FWpSxwNgjG0LW2kpXOjlZGfd50Ok+ix8Mll52LmMrax1
0ipWyvtxkGGOQqL125J7fxt7CDUiBBGyLhcKe2nnc80rbXqRtZuKSNxVKv+OewJ8
rGAAqdH9Ft2O5ery9p6xOUUTL7+LtNdejOajfZYfbG/ZFLUwSzNT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:34 2024 by rpki-client on console-fra.rpki-client.org