Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/bJRPmmuLvovggetZqzD-r0JBYdk.roa
File: bJRPmmuLvovggetZqzD-r0JBYdk.roa (raw, json)
Hash identifier: RBMK2W1Seypdgm2UeERgLre4DS1GB4c3N9Hgdh62nBY=
Subject key identifier: 6C:94:4F:9A:6B:8B:BE:8B:E0:81:EB:59:AB:30:FE:AF:42:41:61:D9
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 01857328171B0FF061A0ACDB28204229DCA7
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/bJRPmmuLvovggetZqzD-r0JBYdk.roa
Signing time: Mon 02 Jan 2023 15:44:45 +0000
ROA not before: Mon 02 Jan 2023 15:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211701
IP address blocks: 185.131.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:17:1b:0f:f0:61:a0:ac:db:28:20:42:29:dc:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 2 15:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c944f9a6b8bbe8be081eb59ab30feaf424161d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8a:9d:f1:02:fd:e2:a3:4f:67:65:fe:d2:a9:
3d:83:e0:cb:74:8a:dd:fb:ed:0a:b8:7f:1c:48:bd:
15:71:63:f7:de:36:2f:9c:35:1f:29:05:72:67:37:
cb:84:0f:3b:bc:a8:38:d6:1c:5f:9c:d6:9c:c2:6a:
bb:be:c0:81:ea:dc:ca:ab:f9:15:e6:cc:87:a0:ec:
39:51:92:bc:00:42:86:2e:0b:cc:e5:5a:0a:f4:3d:
04:c1:b0:a9:ce:4d:61:1e:71:6e:f5:91:0a:fd:36:
17:98:69:fa:f4:78:eb:73:51:c3:d3:6d:43:3b:cb:
c2:29:35:cf:cc:fd:21:2f:a3:b4:ee:63:ec:13:4b:
b4:5c:75:e3:3e:b1:87:6b:86:3e:7f:0d:65:5f:a1:
65:85:b5:a5:2c:37:ef:9d:56:d1:37:bb:f8:0b:c9:
93:45:93:35:53:7f:02:e5:18:cd:1d:8c:8e:f0:a8:
ff:8c:a1:a3:14:e2:2c:8f:d0:32:b6:4f:a8:4f:dc:
89:9a:45:66:b4:c9:1f:dd:8b:70:e6:a6:5a:cd:8f:
4e:e9:72:5f:20:d0:d8:d4:dd:cb:71:b7:e5:3e:0d:
98:cb:11:a0:37:66:b7:32:65:7a:c9:2f:19:d2:73:
44:e1:63:6a:09:31:8a:0d:14:f0:22:0d:64:65:6a:
9e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:94:4F:9A:6B:8B:BE:8B:E0:81:EB:59:AB:30:FE:AF:42:41:61:D9
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/bJRPmmuLvovggetZqzD-r0JBYdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.223.0/24
Signature Algorithm: sha256WithRSAEncryption
53:59:0c:1f:a5:ef:3c:00:32:80:d5:e7:f8:de:9e:d7:31:39:
5d:ef:ac:fe:ab:18:cb:e1:76:16:4f:d9:f5:6a:63:90:02:1f:
52:ec:65:60:34:88:07:c1:46:33:b6:88:a7:6d:61:8e:93:ad:
16:87:06:57:1e:7c:21:b6:79:a3:3d:8e:28:d0:df:ae:6c:23:
dc:dc:81:50:a1:0e:46:ef:bf:e0:67:2e:bd:9b:87:73:68:77:
f1:3f:f6:3e:3e:ef:c3:8c:f4:89:ef:3b:9f:25:f0:6c:38:f7:
e7:cb:42:22:75:fd:97:7d:5b:b8:79:b4:09:28:c1:98:ac:05:
67:b3:70:30:fc:0a:e4:f5:95:70:a1:25:75:d0:81:4f:e1:fe:
f0:04:0c:27:98:e2:44:78:e9:7f:3c:83:1e:7e:a3:2a:ba:6f:
d4:e7:80:20:9b:18:80:75:97:bb:a4:c2:4a:34:eb:6b:df:53:
dd:11:52:11:cc:fb:87:b7:b9:f0:d1:10:6f:a1:26:73:b0:ff:
b2:90:6a:ae:85:6a:96:2f:9e:19:c9:be:9f:b5:f8:80:ff:92:
54:03:39:f3:e1:2c:9e:32:93:b4:60:a5:71:b7:a0:29:cb:12:
5b:41:51:53:e3:f4:38:7f:f9:1a:b0:83:70:2a:99:5e:d5:d0:
cf:e6:aa:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzKBcbD/BhoKzbKCBCKdynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjMwMTAyMTU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk0NGY5YTZiOGJiZThiZTA4MWViNTlhYjMwZmVhZjQyNDE2MWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoqd8QL94qNPZ2X+0qk9g+DLdIrd
++0KuH8cSL0VcWP33jYvnDUfKQVyZzfLhA87vKg41hxfnNacwmq7vsCB6tzKq/kV
5syHoOw5UZK8AEKGLgvM5VoK9D0EwbCpzk1hHnFu9ZEK/TYXmGn69Hjrc1HD021D
O8vCKTXPzP0hL6O07mPsE0u0XHXjPrGHa4Y+fw1lX6FlhbWlLDfvnVbRN7v4C8mT
RZM1U38C5RjNHYyO8Kj/jKGjFOIsj9Aytk+oT9yJmkVmtMkf3Ytw5qZazY9O6XJf
INDY1N3LcbflPg2YyxGgN2a3MmV6yS8Z0nNE4WNqCTGKDRTwIg1kZWqeRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyUT5pri76L4IHrWasw/q9CQWHZMB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvYkpSUG1tdUx2b3ZnZ2V0WnF6RC1yMEpCWWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYPfMA0G
CSqGSIb3DQEBCwUAA4IBAQBTWQwfpe88ADKA1ef43p7XMTld76z+qxjL4XYWT9n1
amOQAh9S7GVgNIgHwUYztoinbWGOk60WhwZXHnwhtnmjPY4o0N+ubCPc3IFQoQ5G
77/gZy69m4dzaHfxP/Y+Pu/DjPSJ7zufJfBsOPfny0Iidf2XfVu4ebQJKMGYrAVn
s3Aw/Ark9ZVwoSV10IFP4f7wBAwnmOJEeOl/PIMefqMqum/U54AgmxiAdZe7pMJK
NOtr31PdEVIRzPuHt7nw0RBvoSZzsP+ykGquhWqWL54Zyb6ftfiA/5JUAznz4Sye
MpO0YKVxt6ApyxJbQVFT4/Q4f/kasINwKple1dDP5qpl
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:39 2024 by rpki-client on console-ams.rpki-client.org