Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/iiiBLW1JUCqR7u3z7BWMW7en6FU.roa
File: iiiBLW1JUCqR7u3z7BWMW7en6FU.roa (raw, json)
Hash identifier: KwRCVCPkebXC9KrGcyXqpyoREdNTcXZMT2eFS0UF7uw=
Subject key identifier: 8A:28:81:2D:6D:49:50:2A:91:EE:ED:F3:EC:15:8C:5B:B7:A7:E8:55
Certificate issuer: /CN=a3a82ee9aa1106ed720d63c3844e666440e34438
Certificate serial: 018996922453253B381FE6D64E2396FE1973
Authority key identifier: A3:A8:2E:E9:AA:11:06:ED:72:0D:63:C3:84:4E:66:64:40:E3:44:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o6gu6aoRBu1yDWPDhE5mZEDjRDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/iiiBLW1JUCqR7u3z7BWMW7en6FU.roa
Signing time: Thu 27 Jul 2023 08:58:27 +0000
ROA not before: Thu 27 Jul 2023 08:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12826
IP address blocks: 185.23.132.0/24 maxlen: 24
185.23.132.0/23 maxlen: 23
185.23.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:92:24:53:25:3b:38:1f:e6:d6:4e:23:96:fe:19:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3a82ee9aa1106ed720d63c3844e666440e34438
Validity
Not Before: Jul 27 08:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a28812d6d49502a91eeedf3ec158c5bb7a7e855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:af:e3:f8:a5:e2:c0:98:f9:b8:be:47:ad:1a:
19:d1:60:47:40:c1:4b:0b:fa:f1:47:a9:6e:4a:16:
d3:e3:de:2b:8b:e7:71:8f:c5:61:22:c5:34:46:bb:
59:d4:14:04:db:9e:8a:41:37:77:b5:70:bd:3b:bb:
2f:35:65:d8:22:e0:22:7c:5f:e9:b0:41:fe:10:66:
b8:ad:10:4e:6d:fb:7e:ad:12:d8:05:68:9f:0d:0e:
7f:4d:d7:4a:1e:62:28:11:ed:ac:c8:f2:19:9e:39:
94:33:8d:49:49:f6:f1:7f:bb:78:b4:f4:d8:2d:be:
2f:92:b9:45:52:ba:44:19:37:e3:9f:e4:07:cc:ca:
ce:37:1f:2b:aa:96:a5:62:27:95:56:38:e3:41:53:
60:ab:61:e0:a9:e0:63:e6:c2:6b:96:01:01:40:fb:
65:b5:28:0c:75:1e:0e:17:17:7f:f9:9a:97:37:cc:
d4:15:72:c7:f7:60:57:62:a1:5d:c6:17:fc:ab:a8:
15:46:ad:9a:22:48:a1:a0:a5:5c:9e:7b:8b:14:bb:
ac:22:c7:bf:f7:3c:c7:fb:23:0a:41:2a:57:2a:f1:
52:e0:94:7e:47:d8:52:02:1e:bd:85:6b:41:df:5d:
2e:c3:13:be:33:2e:67:9a:e4:ce:19:b5:e3:96:53:
81:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:28:81:2D:6D:49:50:2A:91:EE:ED:F3:EC:15:8C:5B:B7:A7:E8:55
X509v3 Authority Key Identifier:
keyid:A3:A8:2E:E9:AA:11:06:ED:72:0D:63:C3:84:4E:66:64:40:E3:44:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6gu6aoRBu1yDWPDhE5mZEDjRDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/iiiBLW1JUCqR7u3z7BWMW7en6FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/o6gu6aoRBu1yDWPDhE5mZEDjRDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.132.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:fd:78:bf:44:4e:21:c9:22:c4:04:2c:1e:24:b6:5b:36:86:
bc:a8:10:7b:9d:1a:54:8a:f5:02:b5:65:56:60:5c:64:3d:2b:
7d:9d:78:44:67:05:03:ff:9a:11:5d:46:df:6a:04:b9:99:22:
d1:ba:d8:9e:03:ab:36:20:1b:09:3d:90:a5:74:d6:65:a9:5e:
b3:20:2b:9d:91:18:70:e4:14:d4:09:ac:f1:28:6f:f0:c5:5f:
94:2c:d1:c5:7c:6f:b5:07:03:c1:45:92:69:6e:38:aa:e9:0f:
a2:24:be:46:9f:cb:93:58:4a:16:7f:e1:10:26:d5:2f:64:70:
ef:f6:93:d9:c2:1c:23:4a:07:b4:2e:71:11:6e:d0:db:1a:62:
5f:d1:51:9f:29:4a:32:56:2d:68:a4:6e:5e:60:23:64:dd:c4:
82:22:2e:23:5e:d0:58:ec:18:76:33:ca:b8:6a:9b:25:47:ae:
78:40:1c:9c:1c:ca:6a:5b:47:d0:33:53:72:a3:57:9b:f7:81:
5e:e5:0c:31:f3:18:94:84:b3:1b:98:5d:52:9a:42:2e:4a:42:
49:0c:b2:3d:2b:46:25:b2:ca:89:82:b3:5e:2f:cf:5f:fd:5b:
42:f8:26:a3:7b:6a:e8:97:cd:d9:f0:e6:c5:02:1b:ff:85:55:
c8:b3:4a:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmWkiRTJTs4H+bWTiOW/hlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYTgyZWU5YWExMTA2ZWQ3MjBkNjNjMzg0NGU2NjY0NDBl
MzQ0MzgwHhcNMjMwNzI3MDg1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI4ODEyZDZkNDk1MDJhOTFlZWVkZjNlYzE1OGM1YmI3YTdlODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2q/j+KXiwJj5uL5HrRoZ0WBHQMFL
C/rxR6luShbT494ri+dxj8VhIsU0RrtZ1BQE256KQTd3tXC9O7svNWXYIuAifF/p
sEH+EGa4rRBObft+rRLYBWifDQ5/TddKHmIoEe2syPIZnjmUM41JSfbxf7t4tPTY
Lb4vkrlFUrpEGTfjn+QHzMrONx8rqpalYieVVjjjQVNgq2HgqeBj5sJrlgEBQPtl
tSgMdR4OFxd/+ZqXN8zUFXLH92BXYqFdxhf8q6gVRq2aIkihoKVcnnuLFLusIse/
9zzH+yMKQSpXKvFS4JR+R9hSAh69hWtB310uwxO+My5nmuTOGbXjllOBWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoogS1tSVAqke7t8+wVjFu3p+hVMB8GA1UdIwQY
MBaAFKOoLumqEQbtcg1jw4ROZmRA40Q4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZndTZhb1JCdTF5RFdQRGhFNW1aRURqUkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9jNzIwYjQtMWFjYi00NzAzLWJjMjQt
NDY3ZTAwOWRhZWQwLzEvaWlpQkxXMUpVQ3FSN3UzejdCV01XN2VuNkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9jNzIwYjQtMWFjYi00NzAzLWJjMjQtNDY3ZTAwOWRhZWQw
LzEvbzZndTZhb1JCdTF5RFdQRGhFNW1aRURqUkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuReEMA0G
CSqGSIb3DQEBCwUAA4IBAQB7/Xi/RE4hySLEBCweJLZbNoa8qBB7nRpUivUCtWVW
YFxkPSt9nXhEZwUD/5oRXUbfagS5mSLRutieA6s2IBsJPZCldNZlqV6zICudkRhw
5BTUCazxKG/wxV+ULNHFfG+1BwPBRZJpbjiq6Q+iJL5Gn8uTWEoWf+EQJtUvZHDv
9pPZwhwjSge0LnERbtDbGmJf0VGfKUoyVi1opG5eYCNk3cSCIi4jXtBY7Bh2M8q4
apslR654QBycHMpqW0fQM1Nyo1eb94Fe5Qwx8xiUhLMbmF1SmkIuSkJJDLI9K0Yl
ssqJgrNeL89f/VtC+Caje2rol83Z8ObFAhv/hVXIs0r6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:37 2024 by rpki-client on console-fra.rpki-client.org