Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/20b85b-98b1-4169-b71a-61a1bdf24b13/1/aa3zix3BhQblr0HHgNYucAUw82M.roa
File: aa3zix3BhQblr0HHgNYucAUw82M.roa (raw, json)
Hash identifier: J9WrWqgBE7C8zYdGYll/6bQZEBIqlB4zfGCuxlU+sNA=
Subject key identifier: 69:AD:F3:8B:1D:C1:85:06:E5:AF:41:C7:80:D6:2E:70:05:30:F3:63
Certificate issuer: /CN=d344e0134bbfd2e4c681d5995efe42748c4458f7
Certificate serial: 01856C134DCF622AF978902F9940432807A8
Authority key identifier: D3:44:E0:13:4B:BF:D2:E4:C6:81:D5:99:5E:FE:42:74:8C:44:58:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00TgE0u_0uTGgdWZXv5CdIxEWPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/20b85b-98b1-4169-b71a-61a1bdf24b13/1/aa3zix3BhQblr0HHgNYucAUw82M.roa
Signing time: Sun 01 Jan 2023 06:44:42 +0000
ROA not before: Sun 01 Jan 2023 06:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211982
IP address blocks: 185.231.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:4d:cf:62:2a:f9:78:90:2f:99:40:43:28:07:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d344e0134bbfd2e4c681d5995efe42748c4458f7
Validity
Not Before: Jan 1 06:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69adf38b1dc18506e5af41c780d62e700530f363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2d:00:72:ee:80:bd:cf:b7:b3:27:91:31:03:
5c:4f:a0:ce:0e:d1:df:9b:0a:bb:ca:4c:ca:66:9d:
19:59:92:d0:ff:8d:7e:95:8f:18:65:5c:aa:e9:51:
d9:61:e7:4d:5a:74:0e:9f:41:04:2f:54:ba:95:e7:
f2:0a:64:a4:28:6a:bb:c7:f4:15:f3:c2:9d:e9:a2:
07:46:71:23:b9:51:0a:72:06:e3:e9:ca:db:93:d2:
3e:7d:e5:47:b8:f6:17:96:9b:be:15:da:61:51:e8:
00:53:87:e7:0e:53:7f:10:0f:07:1d:a0:17:dc:45:
6d:50:54:92:26:46:c4:a4:51:9a:3b:dd:33:a5:94:
39:03:29:35:80:e2:b3:66:9a:1f:fd:1f:bf:10:3b:
2b:9c:20:43:96:68:21:a9:2e:56:8a:2b:30:90:74:
5b:13:5c:fd:5a:83:bf:b8:0b:95:5d:70:b8:31:9a:
c6:37:fe:c3:18:d5:56:2e:63:b0:82:36:6d:50:d1:
9f:0e:b9:1b:5d:90:ac:a0:f5:ce:92:aa:d3:fe:d0:
4f:92:8d:20:66:7e:a9:c5:a4:1f:fb:b4:a9:60:34:
de:00:53:48:f2:ba:d2:e1:48:22:ae:47:0c:7a:36:
f7:c3:10:2e:4f:e6:6a:a7:4d:2b:91:07:6f:da:54:
2b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AD:F3:8B:1D:C1:85:06:E5:AF:41:C7:80:D6:2E:70:05:30:F3:63
X509v3 Authority Key Identifier:
keyid:D3:44:E0:13:4B:BF:D2:E4:C6:81:D5:99:5E:FE:42:74:8C:44:58:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00TgE0u_0uTGgdWZXv5CdIxEWPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/20b85b-98b1-4169-b71a-61a1bdf24b13/1/aa3zix3BhQblr0HHgNYucAUw82M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/20b85b-98b1-4169-b71a-61a1bdf24b13/1/00TgE0u_0uTGgdWZXv5CdIxEWPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.235.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:3e:82:8f:1c:50:1c:4f:58:c7:9b:ab:17:39:83:b1:aa:b2:
8f:5d:37:b7:12:d7:cc:7c:9e:d9:16:a4:c6:3f:8f:0a:e0:16:
0f:e2:08:e9:34:2e:10:a7:f6:c7:87:0e:35:f4:93:61:a4:89:
2d:12:90:55:f4:8c:27:13:8a:d3:d5:7b:8a:3d:10:07:ee:67:
b1:68:53:5c:22:77:b8:6d:f2:55:1f:5a:2b:a1:53:a2:44:85:
cd:8f:2b:37:82:5f:68:d4:47:af:da:b7:d4:62:0e:e6:1e:42:
5b:df:6e:e3:f4:30:a3:16:00:17:4c:35:77:51:ce:f3:86:e3:
dc:9b:01:23:48:4a:30:02:ee:49:3c:d0:5a:99:31:27:dc:3a:
2f:c4:f6:20:a9:31:c0:a4:ed:cf:25:2c:02:58:5f:94:4d:33:
9b:06:63:d8:a6:16:33:07:fc:ed:50:44:62:99:4c:6b:a2:08:
0e:f2:79:14:5c:5d:4b:c5:75:d6:ec:1e:6f:bd:6a:2b:21:60:
f0:7c:70:aa:e9:a9:a8:14:3b:0c:cc:2c:ad:22:f6:74:0b:73:
33:5b:3d:64:0c:96:fa:42:8f:9d:92:7a:08:7a:e0:6a:e7:13:
f6:2d:11:47:19:14:5e:1e:81:bb:47:81:2f:77:e3:52:26:99:
df:dd:2d:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE03PYir5eJAvmUBDKAeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNDRlMDEzNGJiZmQyZTRjNjgxZDU5OTVlZmU0Mjc0OGM0
NDU4ZjcwHhcNMjMwMTAxMDY0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFkZjM4YjFkYzE4NTA2ZTVhZjQxYzc4MGQ2MmU3MDA1MzBmMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC0Acu6Avc+3syeRMQNcT6DODtHf
mwq7ykzKZp0ZWZLQ/41+lY8YZVyq6VHZYedNWnQOn0EEL1S6lefyCmSkKGq7x/QV
88Kd6aIHRnEjuVEKcgbj6crbk9I+feVHuPYXlpu+FdphUegAU4fnDlN/EA8HHaAX
3EVtUFSSJkbEpFGaO90zpZQ5Ayk1gOKzZpof/R+/EDsrnCBDlmghqS5WiiswkHRb
E1z9WoO/uAuVXXC4MZrGN/7DGNVWLmOwgjZtUNGfDrkbXZCsoPXOkqrT/tBPko0g
Zn6pxaQf+7SpYDTeAFNI8rrS4UgirkcMejb3wxAuT+Zqp00rkQdv2lQrMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmt84sdwYUG5a9Bx4DWLnAFMPNjMB8GA1UdIwQY
MBaAFNNE4BNLv9LkxoHVmV7+QnSMRFj3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBUZ0UwdV8wdVRHZ2RXWlh2NUNkSXhFV1BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8yMGI4NWItOThiMS00MTY5LWI3MWEt
NjFhMWJkZjI0YjEzLzEvYWEzeml4M0JoUWJscjBISGdOWXVjQVV3ODJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8yMGI4NWItOThiMS00MTY5LWI3MWEtNjFhMWJkZjI0YjEz
LzEvMDBUZ0UwdV8wdVRHZ2RXWlh2NUNkSXhFV1BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuefrMA0G
CSqGSIb3DQEBCwUAA4IBAQBOPoKPHFAcT1jHm6sXOYOxqrKPXTe3EtfMfJ7ZFqTG
P48K4BYP4gjpNC4Qp/bHhw419JNhpIktEpBV9IwnE4rT1XuKPRAH7mexaFNcIne4
bfJVH1oroVOiRIXNjys3gl9o1Eev2rfUYg7mHkJb327j9DCjFgAXTDV3Uc7zhuPc
mwEjSEowAu5JPNBamTEn3DovxPYgqTHApO3PJSwCWF+UTTObBmPYphYzB/ztUERi
mUxroggO8nkUXF1LxXXW7B5vvWorIWDwfHCq6amoFDsMzCytIvZ0C3MzWz1kDJb6
Qo+dknoIeuBq5xP2LRFHGRReHoG7R4Evd+NSJpnf3S3M
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:12 2024 by rpki-client on console-ams.rpki-client.org