Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/s1WmZ9uL2dxDgWzXkAE_t_H6aRA.roa
File: s1WmZ9uL2dxDgWzXkAE_t_H6aRA.roa (raw, json)
Hash identifier: 5hj5KiNiDYtQkst3CILqV7q7GKrLCaTkQlQEvVTpuuE=
Subject key identifier: B3:55:A6:67:DB:8B:D9:DC:43:81:6C:D7:90:01:3F:B7:F1:FA:69:10
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6EF8A992B7B133FD5A1F9DC5554F3C
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/s1WmZ9uL2dxDgWzXkAE_t_H6aRA.roa
Signing time: Sun 01 Jan 2023 08:24:50 +0000
ROA not before: Sun 01 Jan 2023 08:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47390
IP address blocks: 185.220.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f8:a9:92:b7:b1:33:fd:5a:1f:9d:c5:55:4f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b355a667db8bd9dc43816cd790013fb7f1fa6910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ca:c8:cf:0b:d9:b3:0e:1e:d2:de:50:77:3c:
5a:4c:26:d5:ab:b2:a4:9c:fd:a7:57:5a:84:c0:cc:
92:bb:2c:95:04:f4:06:1e:49:c2:0e:52:70:36:8a:
14:af:4b:69:12:6a:31:e2:ee:05:48:78:13:bd:22:
50:26:3b:d0:09:10:cb:42:af:33:31:90:2b:3c:26:
0b:3c:31:a5:79:f3:32:c6:f6:00:fb:37:6c:02:73:
c8:91:6f:28:69:0b:6f:c3:06:f5:03:25:3e:fe:a1:
5e:eb:e4:20:3f:91:3d:f8:7f:71:c8:67:05:e2:1c:
bd:5a:97:ff:9c:c7:7d:bc:dc:a1:f8:07:93:a0:e7:
f9:f1:57:54:b5:bf:fa:26:e7:bc:e0:7d:3d:df:ff:
eb:03:89:2b:f4:75:82:37:5f:bf:9f:91:68:fb:2e:
d4:19:d8:25:9c:a3:7f:7f:0c:b6:c3:46:72:6c:b8:
72:27:c8:33:4c:4b:18:aa:ee:fd:ae:36:01:c6:1b:
85:91:85:d9:5b:16:48:0a:0f:a7:24:d3:26:ff:cb:
2e:2f:bb:87:69:49:42:73:16:45:25:cd:df:36:2a:
70:3a:5b:89:74:bd:5c:88:42:d1:17:4c:d4:32:40:
56:15:b0:5a:e9:a8:55:66:ee:f3:66:6c:8a:0d:f5:
f9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:55:A6:67:DB:8B:D9:DC:43:81:6C:D7:90:01:3F:B7:F1:FA:69:10
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/s1WmZ9uL2dxDgWzXkAE_t_H6aRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.187.0/24
Signature Algorithm: sha256WithRSAEncryption
79:4f:52:51:f9:c1:90:f2:0d:3b:25:3a:29:ec:55:b0:4e:6b:
ee:89:d9:91:06:da:9b:11:22:a6:42:15:a5:76:eb:2c:7e:c7:
15:f6:7b:4a:c8:8e:8f:7e:fa:7c:a6:21:fb:be:1d:2f:60:4c:
98:66:af:a9:78:de:d0:44:f3:a3:87:b4:9b:e0:cf:ff:29:41:
ae:16:b7:8b:26:08:54:45:db:ef:35:cb:83:bc:d7:0f:df:f7:
04:c9:d0:97:2f:e5:c6:b7:bf:ac:21:e5:18:6d:32:ba:41:58:
70:e2:d4:59:6f:c5:09:40:42:b5:72:ed:9f:25:aa:71:45:08:
fd:d4:91:4d:fe:27:6e:2e:1e:9d:da:1a:a9:2e:72:72:ca:be:
fd:a1:c9:d7:99:66:a5:5d:ed:d2:97:f0:37:e2:ea:ec:5b:aa:
a2:d3:7d:10:0d:29:1e:af:f3:53:c3:94:ed:fc:ff:f8:4a:d9:
41:0b:ad:41:fb:44:0d:c0:1e:c9:9b:b5:a0:58:f7:f7:7a:a6:
82:8d:35:20:61:0d:25:05:20:cc:19:e9:03:f6:90:e1:03:15:
a2:c6:07:6b:87:8b:df:16:02:ad:27:8e:2e:05:fa:69:7e:bd:
38:57:56:23:e1:7d:e0:0f:db:b9:9f:d8:0e:63:5f:a1:2c:bf:
28:17:7d:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvipkrexM/1aH53FVU88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzU1YTY2N2RiOGJkOWRjNDM4MTZjZDc5MDAxM2ZiN2YxZmE2OTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2crIzwvZsw4e0t5QdzxaTCbVq7Kk
nP2nV1qEwMySuyyVBPQGHknCDlJwNooUr0tpEmox4u4FSHgTvSJQJjvQCRDLQq8z
MZArPCYLPDGlefMyxvYA+zdsAnPIkW8oaQtvwwb1AyU+/qFe6+QgP5E9+H9xyGcF
4hy9Wpf/nMd9vNyh+AeToOf58VdUtb/6Jue84H093//rA4kr9HWCN1+/n5Fo+y7U
GdglnKN/fwy2w0ZybLhyJ8gzTEsYqu79rjYBxhuFkYXZWxZICg+nJNMm/8suL7uH
aUlCcxZFJc3fNipwOluJdL1ciELRF0zUMkBWFbBa6ahVZu7zZmyKDfX57wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNVpmfbi9ncQ4Fs15ABP7fx+mkQMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvczFXbVo5dUwyZHhEZ1d6WGtBRV90X0g2YVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudy7MA0G
CSqGSIb3DQEBCwUAA4IBAQB5T1JR+cGQ8g07JTop7FWwTmvuidmRBtqbESKmQhWl
dussfscV9ntKyI6Pfvp8piH7vh0vYEyYZq+peN7QRPOjh7Sb4M//KUGuFreLJghU
RdvvNcuDvNcP3/cEydCXL+XGt7+sIeUYbTK6QVhw4tRZb8UJQEK1cu2fJapxRQj9
1JFN/iduLh6d2hqpLnJyyr79ocnXmWalXe3Sl/A34ursW6qi030QDSker/NTw5Tt
/P/4StlBC61B+0QNwB7Jm7WgWPf3eqaCjTUgYQ0lBSDMGekD9pDhAxWixgdrh4vf
FgKtJ44uBfppfr04V1Yj4X3gD9u5n9gOY1+hLL8oF31a
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:35 2024 by rpki-client on console-ams.rpki-client.org