Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/1qHp_0RpjcUBG8YBtxSqxXRHHWg.roa
File: 1qHp_0RpjcUBG8YBtxSqxXRHHWg.roa (raw, json)
Hash identifier: 5yf86UBwKPSDR3Z3d8Bdp1bDNRmWgx0m5JleK+Lg/E8=
Subject key identifier: D6:A1:E9:FF:44:69:8D:C5:01:1B:C6:01:B7:14:AA:C5:74:47:1D:68
Certificate issuer: /CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Certificate serial: 01856FCBA5655BB347C63D1B1A7E6BE34327
Authority key identifier: 20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/1qHp_0RpjcUBG8YBtxSqxXRHHWg.roa
Signing time: Mon 02 Jan 2023 00:04:54 +0000
ROA not before: Mon 02 Jan 2023 00:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24867
IP address blocks: 185.180.216.0/22 maxlen: 22
2a0a:af80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:a5:65:5b:b3:47:c6:3d:1b:1a:7e:6b:e3:43:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Validity
Not Before: Jan 2 00:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6a1e9ff44698dc5011bc601b714aac574471d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a1:a0:cc:72:56:e3:09:6f:cb:c6:bf:b3:58:
58:ae:55:0c:42:44:13:bc:38:04:1e:3c:7c:35:90:
a7:cc:63:53:6f:d7:64:62:f3:cf:f0:f2:29:a7:c2:
87:29:b3:4b:53:ba:f5:b5:aa:87:51:bf:85:79:e5:
12:a9:ae:7f:fa:6f:c8:01:0d:fa:fd:64:94:85:dd:
c9:b9:b7:ba:ee:de:0c:37:0d:3e:a5:9d:7e:0f:a4:
fa:7d:ef:e4:c0:23:ea:48:9a:a9:15:a8:8e:c5:52:
3e:fb:7e:ae:46:d3:dd:70:98:c8:98:78:06:5c:62:
42:1a:4f:3e:cc:a1:45:8c:2b:4a:2b:63:36:05:e2:
58:e0:4d:8e:73:90:2b:54:e9:76:e0:cc:e0:d2:a7:
27:b9:9c:70:e7:48:4e:05:09:ea:a8:c1:43:6e:d5:
27:6a:03:a5:68:29:29:84:35:5f:1b:00:0b:78:c5:
76:e1:42:ec:2f:8d:10:56:b2:36:f6:62:50:f0:53:
35:ae:45:14:fe:79:b6:67:bf:bd:fb:f9:91:59:a2:
f8:ad:eb:e8:cb:5b:56:2d:01:fa:ce:6b:69:d4:c0:
a9:b4:b2:11:0d:1f:03:f9:b5:2b:3d:44:3b:97:ef:
11:d0:70:e0:2b:e8:00:cb:ac:2e:10:99:49:eb:d0:
36:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A1:E9:FF:44:69:8D:C5:01:1B:C6:01:B7:14:AA:C5:74:47:1D:68
X509v3 Authority Key Identifier:
keyid:20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/1qHp_0RpjcUBG8YBtxSqxXRHHWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.216.0/22
IPv6:
2a0a:af80::/29
Signature Algorithm: sha256WithRSAEncryption
16:ce:51:62:b3:67:e9:ed:8f:2b:96:b4:66:61:35:b2:e6:28:
87:ea:2d:20:a7:11:7c:20:ae:13:39:e0:11:b9:74:93:05:40:
a5:24:69:20:67:d2:cc:3c:9b:0a:14:e5:1d:84:0a:5f:9f:a3:
2d:c5:c1:17:2f:46:c3:67:84:2c:47:85:ba:0d:cc:30:cb:bb:
9d:2b:5a:c5:6f:6d:50:77:ca:72:72:54:7d:d6:02:42:7f:2c:
46:5d:41:74:c9:21:14:f4:a4:12:0a:fb:64:40:0c:0f:3d:fe:
1a:76:86:43:1a:c4:1e:8c:a4:f5:d8:87:d0:39:cf:2d:8d:ba:
6b:ef:ce:4b:2a:cf:d6:c3:46:3a:64:8f:90:26:f4:4b:c8:bd:
90:ab:b9:bf:f9:6f:1f:cd:ec:1a:34:0e:a3:eb:e2:5d:45:5f:
52:ba:e4:b3:25:d5:87:0e:f1:33:7c:9b:57:5c:af:86:f9:fd:
56:88:8b:db:47:38:c5:69:cc:0e:0c:e7:ff:f4:19:04:87:bc:
8f:34:e7:43:c2:a1:d6:d2:c4:7c:20:82:ae:f1:87:03:ed:db:
09:ac:ff:f5:5b:22:a2:4e:e8:0d:5b:19:23:8a:4a:1f:ce:71:
9f:c5:87:53:26:40:3f:67:92:46:e3:b0:cb:18:ca:2e:22:50:
7e:40:85:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy6VlW7NHxj0bGn5r40MnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmY2ODA4ZTA2MDQ2OTcyNzBmYWEzYzNkYjE1OWY3ZmU5
OGVjZGQwHhcNMjMwMTAyMDAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmExZTlmZjQ0Njk4ZGM1MDExYmM2MDFiNzE0YWFjNTc0NDcxZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKGgzHJW4wlvy8a/s1hYrlUMQkQT
vDgEHjx8NZCnzGNTb9dkYvPP8PIpp8KHKbNLU7r1taqHUb+FeeUSqa5/+m/IAQ36
/WSUhd3Jube67t4MNw0+pZ1+D6T6fe/kwCPqSJqpFaiOxVI++36uRtPdcJjImHgG
XGJCGk8+zKFFjCtKK2M2BeJY4E2Oc5ArVOl24Mzg0qcnuZxw50hOBQnqqMFDbtUn
agOlaCkphDVfGwALeMV24ULsL40QVrI29mJQ8FM1rkUU/nm2Z7+9+/mRWaL4revo
y1tWLQH6zmtp1MCptLIRDR8D+bUrPUQ7l+8R0HDgK+gAy6wuEJlJ69A2JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNah6f9EaY3FARvGAbcUqsV0Rx1oMB8GA1UdIwQY
MBaAFCBvaAjgYEaXJw+qPD2xWff+mOzdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc5b0NPQmdScGNuRDZvOFBiRlo5XzZZN04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yNjVkM2EtYWVkNi00YmUyLWI0MmUt
ZWI2MmU4YzRkZmE5LzEvMXFIcF8wUnBqY1VCRzhZQnR4U3F4WFJISFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8yNjVkM2EtYWVkNi00YmUyLWI0MmUtZWI2MmU4YzRkZmE5
LzEvSUc5b0NPQmdScGNuRDZvOFBiRlo5XzZZN04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubTYMA0E
AgACMAcDBQMqCq+AMA0GCSqGSIb3DQEBCwUAA4IBAQAWzlFis2fp7Y8rlrRmYTWy
5iiH6i0gpxF8IK4TOeARuXSTBUClJGkgZ9LMPJsKFOUdhApfn6MtxcEXL0bDZ4Qs
R4W6Dcwwy7udK1rFb21Qd8pyclR91gJCfyxGXUF0ySEU9KQSCvtkQAwPPf4adoZD
GsQejKT12IfQOc8tjbpr785LKs/Ww0Y6ZI+QJvRLyL2Qq7m/+W8fzewaNA6j6+Jd
RV9SuuSzJdWHDvEzfJtXXK+G+f1WiIvbRzjFacwODOf/9BkEh7yPNOdDwqHW0sR8
IIKu8YcD7dsJrP/1WyKiTugNWxkjikofznGfxYdTJkA/Z5JG47DLGMouIlB+QIWv
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:33 2024 by rpki-client on console-fra.rpki-client.org