Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/CHblOdO4Yi6o_GQy8CsOH4beGrY.roa
File: CHblOdO4Yi6o_GQy8CsOH4beGrY.roa (raw, json)
Hash identifier: /s9LMer+HIvaYuwgUP8bp+2y3iJB5lYulTXBgUfWIvE=
Subject key identifier: 08:76:E5:39:D3:B8:62:2E:A8:FC:64:32:F0:2B:0E:1F:86:DE:1A:B6
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 01856FF964E963629F3997C86905703E99D5
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/CHblOdO4Yi6o_GQy8CsOH4beGrY.roa
Signing time: Mon 02 Jan 2023 00:54:53 +0000
ROA not before: Mon 02 Jan 2023 00:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 85.28.56.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:64:e9:63:62:9f:39:97:c8:69:05:70:3e:99:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 2 00:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0876e539d3b8622ea8fc6432f02b0e1f86de1ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0f:0e:fe:94:05:d7:81:2c:f2:5d:ec:f6:96:
8e:0c:29:8a:5a:20:34:46:ad:a8:f6:ba:09:02:d0:
9f:df:17:5d:a8:f7:92:ca:06:b2:be:9f:ca:7a:3f:
a4:f3:17:1f:16:db:d6:df:ba:04:9d:e4:79:7b:74:
00:41:df:a9:9d:0a:15:a6:44:be:22:3b:bc:9e:13:
d0:7b:44:18:6a:7e:f7:ee:70:8f:66:cd:46:c1:15:
d1:bb:19:bf:c7:47:63:0e:55:9c:43:00:6f:ba:ca:
11:19:b5:f5:cb:fe:08:e5:f9:53:0d:c6:03:a5:44:
b2:99:0b:c4:26:68:a5:6e:e2:03:e3:68:5f:f6:16:
a8:0f:b7:0e:6a:35:bd:49:e4:9f:ce:9d:61:b4:f1:
1a:6c:2d:f9:04:45:6a:06:0d:a6:00:55:c6:7f:c3:
46:c4:24:0b:1a:6d:21:17:c3:c9:b4:03:21:35:62:
90:b4:6b:08:34:cf:b2:32:c9:28:b5:9e:7a:e2:49:
11:b2:fb:c0:07:13:bd:f3:b9:92:05:d2:64:9f:81:
cb:69:55:4a:18:a5:6e:a6:9d:1a:88:f2:f7:34:1b:
66:0f:bc:93:02:7a:8f:e5:91:aa:ed:57:23:ab:72:
e4:45:44:42:68:70:80:a2:5e:80:8f:ba:09:24:61:
cd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:76:E5:39:D3:B8:62:2E:A8:FC:64:32:F0:2B:0E:1F:86:DE:1A:B6
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/CHblOdO4Yi6o_GQy8CsOH4beGrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.56.0/22
Signature Algorithm: sha256WithRSAEncryption
80:c4:dc:48:64:f5:66:32:29:b9:f4:e6:b9:6b:92:3f:32:44:
32:95:93:2f:fd:d3:b7:32:d9:d3:ee:a1:c5:2f:29:6e:63:c7:
37:97:3d:dc:4d:3b:75:ac:c4:8b:c3:c0:32:97:8d:8b:57:52:
48:9b:8e:1b:90:d5:de:4c:37:14:63:2c:0d:c3:5f:8d:0f:e8:
18:1f:43:bc:5d:7f:84:b1:39:2a:0d:39:f2:f3:ac:53:79:28:
de:13:ba:19:f0:34:72:f7:38:8f:43:11:64:26:d5:44:90:9a:
a1:55:9e:e6:32:4d:05:e6:da:d0:f0:f6:f5:82:d9:06:68:8d:
a0:99:23:1d:3a:49:71:7c:32:58:0c:b4:90:63:7e:d0:1a:fc:
46:b8:d7:40:23:19:2d:85:70:ba:fc:f6:04:fc:b4:9b:3b:19:
a8:9f:3a:11:98:90:9d:4c:0b:02:c3:8c:66:66:90:d7:f0:98:
b5:2d:07:ae:7c:70:21:16:c3:13:21:47:2d:02:81:59:00:8c:
fe:ab:99:ec:f8:b3:52:0c:65:42:e3:e1:af:97:2a:e1:74:4e:
f1:d0:8f:7c:bb:26:98:5e:26:be:ef:a7:15:c8:02:bd:bd:5c:
bc:81:8b:60:30:f8:2a:a6:52:ad:db:f4:a0:46:dd:77:8c:50:
79:d2:de:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+WTpY2KfOZfIaQVwPpnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwMTAyMDA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODc2ZTUzOWQzYjg2MjJlYThmYzY0MzJmMDJiMGUxZjg2ZGUxYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA8O/pQF14Es8l3s9paODCmKWiA0
Rq2o9roJAtCf3xddqPeSygayvp/Kej+k8xcfFtvW37oEneR5e3QAQd+pnQoVpkS+
Iju8nhPQe0QYan737nCPZs1GwRXRuxm/x0djDlWcQwBvusoRGbX1y/4I5flTDcYD
pUSymQvEJmilbuID42hf9haoD7cOajW9SeSfzp1htPEabC35BEVqBg2mAFXGf8NG
xCQLGm0hF8PJtAMhNWKQtGsINM+yMskotZ564kkRsvvABxO987mSBdJkn4HLaVVK
GKVupp0aiPL3NBtmD7yTAnqP5ZGq7Vcjq3LkRURCaHCAol6Aj7oJJGHNZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAh25TnTuGIuqPxkMvArDh+G3hq2MB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvQ0hibE9kTzRZaTZvX0dReThDc09INGJlR3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVRw4MA0G
CSqGSIb3DQEBCwUAA4IBAQCAxNxIZPVmMim59Oa5a5I/MkQylZMv/dO3MtnT7qHF
LyluY8c3lz3cTTt1rMSLw8Ayl42LV1JIm44bkNXeTDcUYywNw1+ND+gYH0O8XX+E
sTkqDTny86xTeSjeE7oZ8DRy9ziPQxFkJtVEkJqhVZ7mMk0F5trQ8Pb1gtkGaI2g
mSMdOklxfDJYDLSQY37QGvxGuNdAIxkthXC6/PYE/LSbOxmonzoRmJCdTAsCw4xm
ZpDX8Ji1LQeufHAhFsMTIUctAoFZAIz+q5ns+LNSDGVC4+GvlyrhdE7x0I98uyaY
Xia+76cVyAK9vVy8gYtgMPgqplKt2/SgRt13jFB50t5N
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-fra.rpki-client.org