Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/bc2cd4-fd37-4c41-b5dc-9a803f736c4a/1/SUL1RxFz_H722XntQEeY_bwkKso.roa
File: SUL1RxFz_H722XntQEeY_bwkKso.roa (raw, json)
Hash identifier: Vrt7SMt05fcf43m1iFMby9ie3ZMQ3q/4fVd9nJziPOI=
Subject key identifier: 49:42:F5:47:11:73:FC:7E:F6:D9:79:ED:40:47:98:FD:BC:24:2A:CA
Certificate issuer: /CN=588c32027465a29fb84f2dd05f3f0be80427b0c9
Certificate serial: 018B856DD83DE83C9C05FB16624B6D7D7355
Authority key identifier: 58:8C:32:02:74:65:A2:9F:B8:4F:2D:D0:5F:3F:0B:E8:04:27:B0:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIwyAnRlop-4Ty3QXz8L6AQnsMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/bc2cd4-fd37-4c41-b5dc-9a803f736c4a/1/SUL1RxFz_H722XntQEeY_bwkKso.roa
Signing time: Tue 31 Oct 2023 11:10:50 +0000
ROA not before: Tue 31 Oct 2023 11:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201274
IP address blocks: 185.79.14.0/23 maxlen: 24
185.79.12.0/22 maxlen: 23
185.79.12.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:6d:d8:3d:e8:3c:9c:05:fb:16:62:4b:6d:7d:73:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588c32027465a29fb84f2dd05f3f0be80427b0c9
Validity
Not Before: Oct 31 11:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4942f5471173fc7ef6d979ed404798fdbc242aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:83:98:e2:31:b0:06:31:fa:30:89:f1:4c:8f:
52:9f:41:34:94:ca:ab:e9:6d:80:e2:23:a4:e9:30:
e3:ce:f1:29:23:c4:1c:19:ed:0d:4f:08:20:c9:96:
f6:a4:d6:96:5a:61:da:51:ad:3e:73:71:49:0c:e5:
de:40:6f:d8:f6:59:e1:5c:e4:85:98:c6:3a:dc:a4:
19:27:a2:8d:c6:45:24:b8:71:08:c0:6b:d7:7d:24:
0c:ba:64:de:12:f6:be:09:52:a3:5b:4f:02:cf:2f:
58:ce:27:a0:3f:0f:0e:3e:bb:20:2d:87:5c:42:d6:
52:25:9b:8c:a8:ef:e8:37:10:26:47:dd:7b:1c:23:
93:fa:86:86:5e:3f:b5:9b:a9:1b:2b:dc:20:2e:ec:
5c:28:04:d6:82:37:b5:e2:f9:69:4e:b0:aa:9a:30:
dd:60:49:e2:c4:01:60:c6:42:2c:d5:82:1c:71:43:
ab:9a:1e:2d:d2:8d:fb:f5:0e:a8:6e:9d:92:3c:83:
7a:d8:7f:a2:bc:cc:34:b8:19:47:5a:2b:4f:4d:22:
75:4e:79:f1:8f:5c:1b:43:b6:57:97:43:e0:91:ff:
1d:3d:8d:24:39:dc:13:8e:ba:10:97:da:32:f9:23:
46:bc:98:5c:b5:ba:72:97:2e:00:cc:61:6a:45:91:
2e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:42:F5:47:11:73:FC:7E:F6:D9:79:ED:40:47:98:FD:BC:24:2A:CA
X509v3 Authority Key Identifier:
keyid:58:8C:32:02:74:65:A2:9F:B8:4F:2D:D0:5F:3F:0B:E8:04:27:B0:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIwyAnRlop-4Ty3QXz8L6AQnsMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/bc2cd4-fd37-4c41-b5dc-9a803f736c4a/1/SUL1RxFz_H722XntQEeY_bwkKso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/bc2cd4-fd37-4c41-b5dc-9a803f736c4a/1/WIwyAnRlop-4Ty3QXz8L6AQnsMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.12.0/22
Signature Algorithm: sha256WithRSAEncryption
07:48:c4:3f:90:c6:2d:4d:f4:a3:1e:f9:ad:45:42:be:ce:ac:
31:eb:74:cf:d6:f6:e9:45:d7:14:96:66:d6:cb:ad:e4:7d:76:
0c:20:10:5c:19:0e:3b:08:3c:9b:5c:98:b4:89:4e:c4:a4:9f:
1c:99:25:1d:bc:26:41:04:23:9d:c5:3e:1a:b1:d0:39:64:54:
52:62:97:cf:da:b0:59:f2:c5:b3:a0:60:36:45:89:5e:0d:42:
f9:c0:79:9f:c2:72:24:16:ff:dd:36:b8:a9:6a:a6:0d:f4:53:
88:2f:8a:4a:28:7a:c0:36:96:9c:e9:22:ef:a0:99:2c:9b:8f:
f6:1e:c1:0f:fb:1c:94:81:0c:df:94:3f:b8:bc:87:84:5e:ae:
4e:40:25:88:32:b5:02:85:26:ae:30:1c:52:2e:ed:1f:43:d0:
ed:36:7a:94:26:21:a0:2b:2b:46:ae:90:9c:66:9c:07:df:0e:
05:20:83:f2:e6:bd:b9:27:20:af:c7:a6:a2:2a:a3:7a:85:e1:
9d:73:98:b3:dc:f9:5e:70:3b:30:af:74:53:99:17:01:74:4a:
a2:1c:0a:7c:18:73:e6:ce:7f:06:e9:fd:0a:5d:91:99:fb:71:
1a:af:c9:43:68:53:d9:5c:72:2d:23:70:7f:f8:67:3d:a5:57:
0d:25:3b:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuFbdg96DycBfsWYkttfXNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGMzMjAyNzQ2NWEyOWZiODRmMmRkMDVmM2YwYmU4MDQy
N2IwYzkwHhcNMjMxMDMxMTExMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQyZjU0NzExNzNmYzdlZjZkOTc5ZWQ0MDQ3OThmZGJjMjQyYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4OY4jGwBjH6MInxTI9Sn0E0lMqr
6W2A4iOk6TDjzvEpI8QcGe0NTwggyZb2pNaWWmHaUa0+c3FJDOXeQG/Y9lnhXOSF
mMY63KQZJ6KNxkUkuHEIwGvXfSQMumTeEva+CVKjW08Czy9YziegPw8OPrsgLYdc
QtZSJZuMqO/oNxAmR917HCOT+oaGXj+1m6kbK9wgLuxcKATWgje14vlpTrCqmjDd
YEnixAFgxkIs1YIccUOrmh4t0o379Q6obp2SPIN62H+ivMw0uBlHWitPTSJ1Tnnx
j1wbQ7ZXl0Pgkf8dPY0kOdwTjroQl9oy+SNGvJhctbpyly4AzGFqRZEuYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFElC9UcRc/x+9tl57UBHmP28JCrKMB8GA1UdIwQY
MBaAFFiMMgJ0ZaKfuE8t0F8/C+gEJ7DJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0l3eUFuUmxvcC00VHkzUVh6OEw2QVFuc01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iYzJjZDQtZmQzNy00YzQxLWI1ZGMt
OWE4MDNmNzM2YzRhLzEvU1VMMVJ4RnpfSDcyMlhudFFFZVlfYndrS3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iYzJjZDQtZmQzNy00YzQxLWI1ZGMtOWE4MDNmNzM2YzRh
LzEvV0l3eUFuUmxvcC00VHkzUVh6OEw2QVFuc01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuU8MMA0G
CSqGSIb3DQEBCwUAA4IBAQAHSMQ/kMYtTfSjHvmtRUK+zqwx63TP1vbpRdcUlmbW
y63kfXYMIBBcGQ47CDybXJi0iU7EpJ8cmSUdvCZBBCOdxT4asdA5ZFRSYpfP2rBZ
8sWzoGA2RYleDUL5wHmfwnIkFv/dNripaqYN9FOIL4pKKHrANpac6SLvoJksm4/2
HsEP+xyUgQzflD+4vIeEXq5OQCWIMrUChSauMBxSLu0fQ9DtNnqUJiGgKytGrpCc
ZpwH3w4FIIPy5r25JyCvx6aiKqN6heGdc5iz3PlecDswr3RTmRcBdEqiHAp8GHPm
zn8G6f0KXZGZ+3Ear8lDaFPZXHItI3B/+Gc9pVcNJTvd
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:35 2024 by rpki-client on console-fra.rpki-client.org