Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/1-i1zXRByTXLky4Sb2UMikvb0YsM.roa
File: 1-i1zXRByTXLky4Sb2UMikvb0YsM.roa (raw, json)
Hash identifier: h7jPN4aipGA8EDZW0hps+loH9NXEn670yw/mQrP3znM=
Subject key identifier: FA:2D:73:5D:10:72:4D:72:E4:CB:84:9B:D9:43:22:92:F6:F4:62:C3
Certificate issuer: /CN=f278acbcc46f133efd393f51160fdbb7607e1e16
Certificate serial: 01856F54A7B5EBF70224C93A1F282CAED7A2
Authority key identifier: F2:78:AC:BC:C4:6F:13:3E:FD:39:3F:51:16:0F:DB:B7:60:7E:1E:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nisvMRvEz79OT9RFg_bt2B-HhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/1-i1zXRByTXLky4Sb2UMikvb0YsM.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203936
IP address blocks: 185.191.250.0/23 maxlen: 23
185.191.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 28 Dec 2023 09:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a7:b5:eb:f7:02:24:c9:3a:1f:28:2c:ae:d7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f278acbcc46f133efd393f51160fdbb7607e1e16
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa2d735d10724d72e4cb849bd9432292f6f462c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1c:9f:3f:53:c8:37:e3:0e:6d:90:43:71:52:
9f:97:76:31:37:36:77:bc:54:71:29:29:f2:2e:ce:
3f:d8:99:cf:da:af:61:e4:39:f4:9b:49:ea:96:44:
75:5f:a9:19:33:d2:6d:fc:d6:e3:13:52:f8:04:2b:
25:b3:88:ce:ac:3b:f5:96:30:3e:2c:d8:20:f5:0b:
6f:e5:f7:04:df:23:27:76:65:49:ca:f2:43:26:de:
89:17:78:20:82:eb:7a:b1:a7:79:c8:ec:c0:4d:8d:
17:84:cf:9e:0e:b5:ca:bd:7d:28:be:9d:8e:66:2f:
c4:72:71:90:a9:94:19:ee:d3:a7:04:53:c7:3f:bb:
ff:b8:bd:4f:29:ce:d6:86:1b:87:eb:b8:3a:4b:f3:
ba:05:8c:11:c1:df:4f:18:33:b1:7e:a7:0e:62:2e:
42:8e:a4:a9:eb:23:a0:d8:43:99:c6:74:3d:e4:02:
c5:bd:2e:f2:cf:11:e7:b8:8d:27:e9:13:8b:19:29:
54:98:0a:c3:e3:69:7b:41:fd:c5:26:31:a6:93:dc:
62:b9:59:b5:f6:86:e4:40:2f:fa:1b:60:1c:36:03:
d8:1d:f9:60:cb:84:8f:b5:63:0b:72:64:cc:5c:6b:
b4:60:33:d0:4a:b5:ed:b2:4b:bc:58:6d:0b:98:af:
9b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2D:73:5D:10:72:4D:72:E4:CB:84:9B:D9:43:22:92:F6:F4:62:C3
X509v3 Authority Key Identifier:
keyid:F2:78:AC:BC:C4:6F:13:3E:FD:39:3F:51:16:0F:DB:B7:60:7E:1E:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nisvMRvEz79OT9RFg_bt2B-HhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/1-i1zXRByTXLky4Sb2UMikvb0YsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/8nisvMRvEz79OT9RFg_bt2B-HhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.248.0/22
Signature Algorithm: sha256WithRSAEncryption
72:0d:8c:e9:ce:f3:11:6e:7c:e9:e2:4a:7a:1a:11:a4:f2:11:
ad:59:27:b1:a2:8b:6c:bc:03:25:16:f7:3e:1b:04:35:53:d3:
c9:a4:28:c4:f3:60:a1:09:68:dd:fc:4d:de:65:e2:7a:63:e3:
ff:2b:2b:44:26:63:b0:3f:0e:0e:ab:86:b2:22:c2:e1:78:52:
fc:39:a1:16:93:79:d3:97:73:f9:4c:d3:02:94:02:1e:f9:67:
30:40:3c:68:40:56:87:70:e7:08:a2:0d:12:7c:5f:da:79:4a:
e7:dc:10:5a:77:ce:87:0a:4c:1e:44:49:92:4c:87:ac:13:2f:
bc:09:8d:f1:3e:28:e7:83:75:eb:e5:c4:ff:b6:85:23:8e:24:
a9:36:97:77:30:8f:51:b9:dc:34:9b:39:b7:5e:1d:f0:f3:7a:
ab:e5:fd:61:a6:08:7c:df:5d:16:96:5c:d7:be:32:2a:1e:bb:
47:b2:30:2b:0b:89:72:7c:b2:3d:5e:a4:ec:27:51:d1:ea:8f:
69:6b:e4:8b:8c:18:6b:f7:a6:3f:27:a5:f7:04:ab:e0:85:6d:
1f:6c:9f:75:56:31:02:a0:46:03:c1:63:2d:0c:3d:32:45:3e:
74:48:80:68:39:05:69:ba:bd:df:44:97:09:ec:b2:a1:34:33:
b1:40:4d:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvVKe16/cCJMk6HygsrteiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNzhhY2JjYzQ2ZjEzM2VmZDM5M2Y1MTE2MGZkYmI3NjA3
ZTFlMTYwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJkNzM1ZDEwNzI0ZDcyZTRjYjg0OWJkOTQzMjI5MmY2ZjQ2MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xyfP1PIN+MObZBDcVKfl3YxNzZ3
vFRxKSnyLs4/2JnP2q9h5Dn0m0nqlkR1X6kZM9Jt/NbjE1L4BCsls4jOrDv1ljA+
LNgg9Qtv5fcE3yMndmVJyvJDJt6JF3gggut6sad5yOzATY0XhM+eDrXKvX0ovp2O
Zi/EcnGQqZQZ7tOnBFPHP7v/uL1PKc7WhhuH67g6S/O6BYwRwd9PGDOxfqcOYi5C
jqSp6yOg2EOZxnQ95ALFvS7yzxHnuI0n6ROLGSlUmArD42l7Qf3FJjGmk9xiuVm1
9obkQC/6G2AcNgPYHflgy4SPtWMLcmTMXGu0YDPQSrXtsku8WG0LmK+bgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPotc10Qck1y5MuEm9lDIpL29GLDMB8GA1UdIwQY
MBaAFPJ4rLzEbxM+/Tk/URYP27dgfh4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5pc3ZNUnZFejc5T1Q5UkZnX2J0MkItSGhZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MzcyNjctYjI0My00NjU3LTk5ZmYt
OTRiNTE0NDMzYzExLzEvMS1pMXpYUkJ5VFhMa3k0U2IyVU1pa3ZiMFlzTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWEvNTM3MjY3LWIyNDMtNDY1Ny05OWZmLTk0YjUxNDQzM2Mx
MS8xLzhuaXN2TVJ2RXo3OU9UOVJGZ19idDJCLUhoWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm/+DAN
BgkqhkiG9w0BAQsFAAOCAQEAcg2M6c7zEW586eJKehoRpPIRrVknsaKLbLwDJRb3
PhsENVPTyaQoxPNgoQlo3fxN3mXiemPj/ysrRCZjsD8ODquGsiLC4XhS/DmhFpN5
05dz+UzTApQCHvlnMEA8aEBWh3DnCKINEnxf2nlK59wQWnfOhwpMHkRJkkyHrBMv
vAmN8T4o54N16+XE/7aFI44kqTaXdzCPUbncNJs5t14d8PN6q+X9YaYIfN9dFpZc
174yKh67R7IwKwuJcnyyPV6k7CdR0eqPaWvki4wYa/emPyel9wSr4IVtH2yfdVYx
AqBGA8FjLQw9MkU+dEiAaDkFabq930SXCeyyoTQzsUBNiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:38 2024 by rpki-client on console-ams.rpki-client.org