Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oCiUomCGKb5PqMAoB9sx3j_Y-D4.roa
File: oCiUomCGKb5PqMAoB9sx3j_Y-D4.roa (raw, json)
Hash identifier: GXtO54XA1IDYGcUPl/1ENAWaVNALvAgvmA7n7LY0Aec=
Subject key identifier: A0:28:94:A2:60:86:29:BE:4F:A8:C0:28:07:DB:31:DE:3F:D8:F8:3E
Certificate issuer: /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial: 018BF06967DFD2B8D145F0B3F55EA75FF7F2
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oCiUomCGKb5PqMAoB9sx3j_Y-D4.roa
Signing time: Tue 21 Nov 2023 05:45:21 +0000
ROA not before: Tue 21 Nov 2023 05:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.220.146.0/23 maxlen: 24
185.255.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:69:67:df:d2:b8:d1:45:f0:b3:f5:5e:a7:5f:f7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
Validity
Not Before: Nov 21 05:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a02894a2608629be4fa8c02807db31de3fd8f83e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0c:99:a6:a6:c4:99:27:42:fe:c9:26:48:bf:
08:2e:c3:b3:ad:c2:e3:0d:ac:d4:2d:4b:b9:43:76:
19:07:e7:4c:2b:04:b4:0a:28:d8:3b:0a:dd:53:e8:
ef:60:23:1b:80:af:a3:5c:ea:f1:3e:29:36:ec:57:
0d:84:bc:45:d5:13:32:00:23:4b:94:7f:e7:1e:3f:
9e:a7:64:58:c3:eb:4a:ae:39:95:7a:3d:77:f2:f3:
ad:35:9f:54:87:55:20:ca:96:00:61:fe:0e:ef:82:
47:22:48:63:fd:9d:ac:3d:d4:39:20:19:5d:3b:04:
0f:3b:94:38:40:75:fe:72:76:7f:5a:88:4d:bb:fb:
15:ac:13:73:85:6f:8b:6c:51:01:87:59:95:31:83:
7f:7b:ab:3c:f9:b8:c5:81:dc:8d:74:c5:04:a4:b1:
81:a2:9a:6b:03:00:b4:7f:30:26:0e:2f:c5:eb:41:
7f:95:f2:d7:95:fa:6f:d0:8d:4b:08:3d:01:90:59:
e4:25:b2:de:d9:21:46:99:13:c2:9d:72:cb:1c:3c:
a5:b1:8c:0f:9c:2c:5b:5f:cd:ba:b3:91:38:ea:3f:
d0:24:dc:af:ad:0d:ce:cb:dd:89:d8:10:e2:84:b4:
5b:ad:b7:08:db:db:7a:43:b7:3b:59:63:b5:67:8f:
10:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:28:94:A2:60:86:29:BE:4F:A8:C0:28:07:DB:31:DE:3F:D8:F8:3E
X509v3 Authority Key Identifier:
keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oCiUomCGKb5PqMAoB9sx3j_Y-D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.146.0/23
185.255.198.0/24
Signature Algorithm: sha256WithRSAEncryption
78:72:4a:fa:65:59:41:f1:19:fa:16:53:3a:2c:5f:92:07:d1:
64:82:f5:a5:a4:42:e9:13:c4:f2:0a:1d:e6:6e:b0:4c:e1:90:
5b:5b:43:5b:42:6d:b7:1c:6a:af:b0:89:2f:5c:c2:59:81:cc:
32:8e:aa:23:62:2b:52:d7:ae:c9:43:00:ad:fb:13:e0:79:50:
a2:81:d3:c0:6a:da:cd:fe:08:d9:b5:09:f3:d0:30:da:95:fe:
65:83:62:33:83:1c:ac:08:51:ed:d9:6b:b2:85:12:a1:71:c6:
41:78:ed:f2:81:5f:b0:ba:ea:ba:98:82:ba:4d:18:31:ff:c0:
07:55:d1:0e:47:d6:41:36:18:55:22:98:82:77:da:de:e7:e4:
a4:fd:55:95:1e:4d:25:e0:de:09:4e:b5:c5:48:62:e4:27:d5:
a3:89:9e:b1:fb:64:3e:c1:bf:24:a9:bc:8f:cc:16:90:92:88:
96:38:2f:c3:ca:f0:3d:bd:32:2b:75:d8:6e:8f:24:5d:fb:a8:
bc:43:62:03:f3:2c:a2:25:25:0a:8b:17:33:9f:60:76:37:29:
e8:d4:4c:6e:0a:85:74:d6:4a:a2:98:99:53:31:05:a3:7c:c4:
c9:6a:5c:40:97:03:57:fe:30:8e:93:6b:e6:18:ef:99:60:55:
bb:99:13:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvwaWff0rjRRfCz9V6nX/fyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMxMTIxMDU0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI4OTRhMjYwODYyOWJlNGZhOGMwMjgwN2RiMzFkZTNmZDhmODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAyZpqbEmSdC/skmSL8ILsOzrcLj
DazULUu5Q3YZB+dMKwS0CijYOwrdU+jvYCMbgK+jXOrxPik27FcNhLxF1RMyACNL
lH/nHj+ep2RYw+tKrjmVej138vOtNZ9Uh1UgypYAYf4O74JHIkhj/Z2sPdQ5IBld
OwQPO5Q4QHX+cnZ/WohNu/sVrBNzhW+LbFEBh1mVMYN/e6s8+bjFgdyNdMUEpLGB
opprAwC0fzAmDi/F60F/lfLXlfpv0I1LCD0BkFnkJbLe2SFGmRPCnXLLHDylsYwP
nCxbX826s5E46j/QJNyvrQ3Oy92J2BDihLRbrbcI29t6Q7c7WWO1Z48QnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKAolKJghim+T6jAKAfbMd4/2Pg+MB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvb0NpVW9tQ0dLYjVQcU1Bb0I5c3gzal9ZLUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudySAwQA
uf/GMA0GCSqGSIb3DQEBCwUAA4IBAQB4ckr6ZVlB8Rn6FlM6LF+SB9FkgvWlpELp
E8TyCh3mbrBM4ZBbW0NbQm23HGqvsIkvXMJZgcwyjqojYitS167JQwCt+xPgeVCi
gdPAatrN/gjZtQnz0DDalf5lg2IzgxysCFHt2WuyhRKhccZBeO3ygV+wuuq6mIK6
TRgx/8AHVdEOR9ZBNhhVIpiCd9re5+Sk/VWVHk0l4N4JTrXFSGLkJ9WjiZ6x+2Q+
wb8kqbyPzBaQkoiWOC/DyvA9vTIrddhujyRd+6i8Q2ID8yyiJSUKixczn2B2Nyno
1ExuCoV01kqimJlTMQWjfMTJalxAlwNX/jCOk2vmGO+ZYFW7mRMJ
-----END CERTIFICATE-----
Generated at Fri Nov 24 07:10:28 2023 by rpki-client on console-ams.rpki-client.org