Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/L9wEGtzZmvvoiRGtvu0ZFXG8kgY.roa
File: L9wEGtzZmvvoiRGtvu0ZFXG8kgY.roa (raw, json)
Hash identifier: fK1uaUJEs4g3mEuusas3Labmn0lenZKHwMKA7sUPzj0=
Subject key identifier: 2F:DC:04:1A:DC:D9:9A:FB:E8:89:11:AD:BE:ED:19:15:71:BC:92:06
Certificate issuer: /CN=656b53255e6c8fb76fac1ccb848fee45600b55f7
Certificate serial: 01856F0B399845F5A251BD07DD044C42199C
Authority key identifier: 65:6B:53:25:5E:6C:8F:B7:6F:AC:1C:CB:84:8F:EE:45:60:0B:55:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWtTJV5sj7dvrBzLhI_uRWALVfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/L9wEGtzZmvvoiRGtvu0ZFXG8kgY.roa
Signing time: Sun 01 Jan 2023 20:34:44 +0000
ROA not before: Sun 01 Jan 2023 20:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205718
IP address blocks: 185.229.196.0/22 maxlen: 22
2a09:c5c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:39:98:45:f5:a2:51:bd:07:dd:04:4c:42:19:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656b53255e6c8fb76fac1ccb848fee45600b55f7
Validity
Not Before: Jan 1 20:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fdc041adcd99afbe88911adbeed191571bc9206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e2:88:e6:1c:e7:6a:d6:bb:07:4b:55:6f:e3:
96:d7:1d:90:c5:01:7d:67:c9:58:f3:77:80:af:75:
1e:ae:b2:30:7c:ec:97:30:bb:6c:20:74:68:1c:cf:
3c:53:8d:0e:1e:81:90:07:74:e9:8a:06:36:cc:1b:
d8:02:50:de:52:d1:9b:80:2b:99:71:42:10:48:03:
c8:e6:c0:80:92:82:6a:2b:ab:ea:ce:21:49:c6:a3:
6d:97:c0:35:95:7b:6e:04:b7:5a:0b:f9:08:79:19:
0b:00:0d:8e:f0:17:a9:be:89:c6:47:11:ab:e5:b8:
c4:f1:ca:8e:0b:ff:ef:a6:f8:88:01:86:1c:5d:fa:
6d:19:69:3b:a7:29:78:e3:f8:6d:95:28:92:48:34:
84:9f:6e:29:bc:f6:6b:7a:bc:0b:6f:41:a3:00:ac:
f6:77:55:b1:14:71:49:27:06:bf:3b:fb:c1:a9:fa:
2c:39:f0:6c:b2:7c:28:e9:a0:a8:7a:d0:73:75:3a:
b2:d1:38:21:74:62:9a:ea:db:1c:50:d2:98:8d:df:
47:2a:a9:c2:3d:c4:ca:51:75:dc:65:21:03:e5:d0:
35:f2:28:7f:5e:44:d8:9b:bd:bf:b1:7d:42:d7:99:
50:f9:c4:02:f8:e7:05:6a:e8:98:94:49:5b:67:67:
2d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DC:04:1A:DC:D9:9A:FB:E8:89:11:AD:BE:ED:19:15:71:BC:92:06
X509v3 Authority Key Identifier:
keyid:65:6B:53:25:5E:6C:8F:B7:6F:AC:1C:CB:84:8F:EE:45:60:0B:55:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWtTJV5sj7dvrBzLhI_uRWALVfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/L9wEGtzZmvvoiRGtvu0ZFXG8kgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/ZWtTJV5sj7dvrBzLhI_uRWALVfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.196.0/22
IPv6:
2a09:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:cb:3a:62:3b:af:19:c6:7f:67:94:3b:af:5f:27:39:23:5a:
f2:55:09:d0:30:f6:88:cc:04:a0:f7:e5:63:6c:6c:fd:83:a1:
bb:00:a8:60:c8:a3:b5:22:49:53:2c:c9:6f:d5:04:ce:04:4f:
57:bb:45:b2:4d:22:3f:74:83:54:86:d1:43:3e:00:bb:24:68:
83:df:72:54:27:5b:0f:be:7e:13:ff:9f:58:b7:ef:6b:a9:d4:
21:c3:1d:d1:26:2f:6a:fe:91:3c:80:ce:9a:aa:0d:83:1e:f6:
17:c6:66:aa:91:8e:e4:07:6c:9f:87:fe:80:14:0f:a3:a6:49:
02:88:aa:1f:da:9c:57:aa:a3:c5:35:fc:70:fb:ab:2a:70:f9:
29:c8:49:99:78:44:a2:77:da:73:9b:2c:a9:ce:51:e9:84:ef:
19:08:da:7f:7c:08:88:2e:7d:1a:b1:ce:b4:1b:cc:28:9d:87:
77:93:88:7e:d3:29:d2:c9:3a:7f:3e:d2:98:36:b6:d7:24:ec:
ab:33:02:f1:00:d2:20:37:c1:fa:13:04:ee:17:77:be:16:90:
19:9d:ac:61:7c:6f:ac:64:c4:0e:7e:ee:40:dc:46:3e:f1:5f:
72:c3:a2:ee:84:05:3a:f8:66:fb:17:94:2e:4b:2a:4e:ea:25:
28:b7:5c:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvCzmYRfWiUb0H3QRMQhmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmI1MzI1NWU2YzhmYjc2ZmFjMWNjYjg0OGZlZTQ1NjAw
YjU1ZjcwHhcNMjMwMTAxMjAzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmRjMDQxYWRjZDk5YWZiZTg4OTExYWRiZWVkMTkxNTcxYmM5MjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+KI5hznata7B0tVb+OW1x2QxQF9
Z8lY83eAr3UerrIwfOyXMLtsIHRoHM88U40OHoGQB3TpigY2zBvYAlDeUtGbgCuZ
cUIQSAPI5sCAkoJqK6vqziFJxqNtl8A1lXtuBLdaC/kIeRkLAA2O8BepvonGRxGr
5bjE8cqOC//vpviIAYYcXfptGWk7pyl44/htlSiSSDSEn24pvPZrerwLb0GjAKz2
d1WxFHFJJwa/O/vBqfosOfBssnwo6aCoetBzdTqy0TghdGKa6tscUNKYjd9HKqnC
PcTKUXXcZSED5dA18ih/XkTYm72/sX1C15lQ+cQC+OcFauiYlElbZ2ct8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC/cBBrc2Zr76IkRrb7tGRVxvJIGMB8GA1UdIwQY
MBaAFGVrUyVebI+3b6wcy4SP7kVgC1X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWld0VEpWNXNqN2R2ckJ6TGhJX3VSV0FMVmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YzhlYWMtYmRjYi00ZjBkLWIyZDgt
ZWE0MTgzMmFkMTcyLzEvTDl3RUd0elptdnZvaVJHdHZ1MFpGWEc4a2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YzhlYWMtYmRjYi00ZjBkLWIyZDgtZWE0MTgzMmFkMTcy
LzEvWld0VEpWNXNqN2R2ckJ6TGhJX3VSV0FMVmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueXEMA0E
AgACMAcDBQAqCcXAMA0GCSqGSIb3DQEBCwUAA4IBAQBuyzpiO68Zxn9nlDuvXyc5
I1ryVQnQMPaIzASg9+VjbGz9g6G7AKhgyKO1IklTLMlv1QTOBE9Xu0WyTSI/dINU
htFDPgC7JGiD33JUJ1sPvn4T/59Yt+9rqdQhwx3RJi9q/pE8gM6aqg2DHvYXxmaq
kY7kB2yfh/6AFA+jpkkCiKof2pxXqqPFNfxw+6sqcPkpyEmZeESid9pzmyypzlHp
hO8ZCNp/fAiILn0asc60G8wonYd3k4h+0ynSyTp/PtKYNrbXJOyrMwLxANIgN8H6
EwTuF3e+FpAZnaxhfG+sZMQOfu5A3EY+8V9yw6LuhAU6+Gb7F5QuSypO6iUot1y3
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:50 2024 by rpki-client on console-ams.rpki-client.org