Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/KbhqY49gdKWrEZmLZr1EwU4CebA.roa
File: KbhqY49gdKWrEZmLZr1EwU4CebA.roa (raw, json)
Hash identifier: MpXrIDlUDdL71ZyZhtvEEjb+9pjytLLTN6lh0Kgi4Y4=
Subject key identifier: 29:B8:6A:63:8F:60:74:A5:AB:11:99:8B:66:BD:44:C1:4E:02:79:B0
Certificate issuer: /CN=23c02af4f58f11320af3196946e1fce9d050c906
Certificate serial: 01856D81C38A8D14E30DD01FFD46831ED229
Authority key identifier: 23:C0:2A:F4:F5:8F:11:32:0A:F3:19:69:46:E1:FC:E9:D0:50:C9:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/KbhqY49gdKWrEZmLZr1EwU4CebA.roa
Signing time: Sun 01 Jan 2023 13:24:58 +0000
ROA not before: Sun 01 Jan 2023 13:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199229
IP address blocks: 185.85.144.0/22 maxlen: 22
2a05:ae80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c3:8a:8d:14:e3:0d:d0:1f:fd:46:83:1e:d2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23c02af4f58f11320af3196946e1fce9d050c906
Validity
Not Before: Jan 1 13:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29b86a638f6074a5ab11998b66bd44c14e0279b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3b:64:bb:0b:e1:18:46:88:f2:18:7e:46:e1:
a6:9b:16:3d:bd:14:9d:d4:c5:25:54:ab:e6:0d:64:
24:14:27:0d:bf:87:ba:cf:1e:5d:ea:b7:bb:17:1d:
e6:b2:4f:09:0a:70:64:2f:18:df:8e:8d:a6:98:11:
b6:b1:70:82:b3:6e:42:84:2c:b3:cb:b7:96:ad:c0:
4e:0b:84:69:ab:df:49:7e:cd:73:f9:da:0e:17:80:
18:11:41:ce:1c:e9:ff:55:0d:fc:16:c5:62:4b:0f:
b9:45:e0:c7:96:3b:36:67:3d:e8:13:b2:a3:72:17:
2e:ee:8a:55:83:31:52:71:ea:f2:e7:8f:ce:c4:cf:
e0:10:66:a4:dc:e4:97:60:d9:55:e5:5f:3c:bb:aa:
c9:1b:1b:5e:2f:8c:41:bd:31:eb:85:e7:b9:9e:ad:
2a:16:63:f5:b7:bc:89:ec:6a:66:d0:5e:ea:5e:e1:
de:57:1f:e6:26:b6:aa:9a:83:8e:e8:d6:da:5d:a7:
6a:4e:4f:ba:a9:d8:a7:e5:d9:df:b8:ce:73:28:4a:
7a:51:d1:52:35:0a:8c:2a:7b:18:24:b7:d9:50:8f:
0c:59:2d:69:e7:5a:9f:9c:1d:2c:d6:b0:e7:8f:f8:
eb:3f:18:b7:e0:0c:db:e2:56:ea:da:43:bd:af:e9:
06:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B8:6A:63:8F:60:74:A5:AB:11:99:8B:66:BD:44:C1:4E:02:79:B0
X509v3 Authority Key Identifier:
keyid:23:C0:2A:F4:F5:8F:11:32:0A:F3:19:69:46:E1:FC:E9:D0:50:C9:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/KbhqY49gdKWrEZmLZr1EwU4CebA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.144.0/22
IPv6:
2a05:ae80::/29
Signature Algorithm: sha256WithRSAEncryption
98:cb:d8:8f:21:7b:87:48:2f:04:12:b8:9d:10:d3:28:e9:1b:
5b:6e:cf:11:c4:04:3b:f2:3a:d3:52:30:de:c2:82:58:49:13:
ed:9e:c1:a8:5e:69:5e:18:ab:2e:50:4e:21:63:a6:00:7e:43:
fc:92:67:fd:95:14:d2:af:0e:28:7c:f6:1d:66:05:e9:11:07:
61:6d:71:46:05:24:41:cb:05:f6:c4:49:e0:e3:1c:12:10:b2:
90:a9:24:16:a3:37:9b:00:d1:9f:b9:c2:64:3b:66:b5:a5:64:
c3:c8:2b:a7:2d:85:08:20:be:c9:64:ea:97:98:61:5d:fe:1e:
0c:79:ed:00:51:1c:25:32:a9:a2:3f:cb:f7:6d:18:d5:94:7d:
84:6a:4f:06:8b:03:d5:16:8e:a1:7c:4a:84:a1:1b:a6:50:76:
d8:27:0f:dc:f5:d5:9e:fd:d8:2e:0f:50:2f:ef:c3:1d:e8:83:
08:90:40:ff:8a:45:8c:5e:64:97:74:49:67:1d:c2:ee:e0:5f:
89:73:cf:af:21:3a:6e:34:7c:19:72:49:c4:b9:a0:7a:07:53:
a6:f1:9e:a9:40:46:47:19:af:9e:5c:32:71:4e:b4:51:23:56:
1e:97:eb:e5:e3:60:41:b8:b4:91:f0:90:67:19:2c:15:28:00:
e4:30:8e:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtgcOKjRTjDdAf/UaDHtIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYzAyYWY0ZjU4ZjExMzIwYWYzMTk2OTQ2ZTFmY2U5ZDA1
MGM5MDYwHhcNMjMwMTAxMTMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWI4NmE2MzhmNjA3NGE1YWIxMTk5OGI2NmJkNDRjMTRlMDI3OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnztkuwvhGEaI8hh+RuGmmxY9vRSd
1MUlVKvmDWQkFCcNv4e6zx5d6re7Fx3msk8JCnBkLxjfjo2mmBG2sXCCs25ChCyz
y7eWrcBOC4Rpq99Jfs1z+doOF4AYEUHOHOn/VQ38FsViSw+5ReDHljs2Zz3oE7Kj
chcu7opVgzFScery54/OxM/gEGak3OSXYNlV5V88u6rJGxteL4xBvTHrhee5nq0q
FmP1t7yJ7Gpm0F7qXuHeVx/mJraqmoOO6NbaXadqTk+6qdin5dnfuM5zKEp6UdFS
NQqMKnsYJLfZUI8MWS1p51qfnB0s1rDnj/jrPxi34Azb4lbq2kO9r+kGjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCm4amOPYHSlqxGZi2a9RMFOAnmwMB8GA1UdIwQY
MBaAFCPAKvT1jxEyCvMZaUbh/OnQUMkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSThBcTlQV1BFVElLOHhscFJ1SDg2ZEJReVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84MTA2OGMtYWVkNy00MTI3LTg4ZTQt
NjJjYjhhY2E5NjE4LzEvS2JocVk0OWdkS1dyRVptTFpyMUV3VTRDZWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84MTA2OGMtYWVkNy00MTI3LTg4ZTQtNjJjYjhhY2E5NjE4
LzEvSThBcTlQV1BFVElLOHhscFJ1SDg2ZEJReVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVWQMA0E
AgACMAcDBQMqBa6AMA0GCSqGSIb3DQEBCwUAA4IBAQCYy9iPIXuHSC8EEridENMo
6Rtbbs8RxAQ78jrTUjDewoJYSRPtnsGoXmleGKsuUE4hY6YAfkP8kmf9lRTSrw4o
fPYdZgXpEQdhbXFGBSRBywX2xEng4xwSELKQqSQWozebANGfucJkO2a1pWTDyCun
LYUIIL7JZOqXmGFd/h4Mee0AURwlMqmiP8v3bRjVlH2Eak8GiwPVFo6hfEqEoRum
UHbYJw/c9dWe/dguD1Av78Md6IMIkED/ikWMXmSXdElnHcLu4F+Jc8+vITpuNHwZ
cknEuaB6B1Om8Z6pQEZHGa+eXDJxTrRRI1Yel+vl42BBuLSR8JBnGSwVKADkMI6j
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:17 2024 by rpki-client on console-fra.rpki-client.org