Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/33b69d-f4ca-43aa-9780-1d55d5929cec/1/CrFkaKHhalgZIao01mm2ACCfqws.roa
File: CrFkaKHhalgZIao01mm2ACCfqws.roa (raw, json)
Hash identifier: ftar9eJ3nAciynoB9OdT38B0e3QC2O4VtJNhhKbB1UE=
Subject key identifier: 0A:B1:64:68:A1:E1:6A:58:19:21:AA:34:D6:69:B6:00:20:9F:AB:0B
Certificate issuer: /CN=c7ab6b2254e45730aafa45ab51973203614bb6cc
Certificate serial: 01856ECB6FF6A262F7879D529EB028519C28
Authority key identifier: C7:AB:6B:22:54:E4:57:30:AA:FA:45:AB:51:97:32:03:61:4B:B6:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6trIlTkVzCq-kWrUZcyA2FLtsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/33b69d-f4ca-43aa-9780-1d55d5929cec/1/CrFkaKHhalgZIao01mm2ACCfqws.roa
Signing time: Sun 01 Jan 2023 19:25:04 +0000
ROA not before: Sun 01 Jan 2023 19:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205118
IP address blocks: 185.229.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:6f:f6:a2:62:f7:87:9d:52:9e:b0:28:51:9c:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7ab6b2254e45730aafa45ab51973203614bb6cc
Validity
Not Before: Jan 1 19:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ab16468a1e16a581921aa34d669b600209fab0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ef:f9:33:71:f6:ed:cb:3d:89:28:f5:25:bd:
f4:7b:9a:d3:42:96:04:03:20:cd:15:29:80:cc:87:
92:9c:b5:a7:49:f1:f1:51:80:12:cb:d2:59:02:3e:
cb:2e:98:0e:75:ac:d0:aa:21:ff:af:27:25:46:51:
06:06:83:cd:1a:e9:a3:d4:cf:32:73:7f:23:6b:9d:
e1:b2:02:5f:33:c7:24:7e:4c:ad:62:b0:94:c5:7e:
c2:70:0c:99:28:b3:e7:83:be:52:dc:bf:09:e2:75:
5b:a0:9a:4d:07:c8:89:61:85:06:d2:04:13:ea:63:
f1:a6:1a:b2:3d:9f:13:56:ee:e5:50:e4:51:11:51:
26:5e:36:06:71:17:b2:e9:45:55:09:91:99:fb:74:
c0:a3:b5:7e:ad:a2:eb:65:48:05:03:8d:ad:7c:76:
6d:a8:24:2a:29:95:3a:cf:27:29:b5:cd:2e:8c:a9:
54:90:eb:89:c7:26:7a:94:d4:68:fa:63:49:0b:8b:
71:35:f2:1c:ab:c7:f4:5c:ed:b9:eb:35:e1:57:d0:
8e:43:e9:97:10:f3:89:8c:bc:98:13:28:ad:14:69:
ef:08:fa:83:e3:d3:8f:2a:b8:c6:e6:d8:1d:4b:3d:
06:ab:13:83:ab:43:ef:2b:92:5b:da:0c:a1:bc:fb:
41:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B1:64:68:A1:E1:6A:58:19:21:AA:34:D6:69:B6:00:20:9F:AB:0B
X509v3 Authority Key Identifier:
keyid:C7:AB:6B:22:54:E4:57:30:AA:FA:45:AB:51:97:32:03:61:4B:B6:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6trIlTkVzCq-kWrUZcyA2FLtsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/33b69d-f4ca-43aa-9780-1d55d5929cec/1/CrFkaKHhalgZIao01mm2ACCfqws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/33b69d-f4ca-43aa-9780-1d55d5929cec/1/x6trIlTkVzCq-kWrUZcyA2FLtsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:e9:ae:eb:e6:d7:88:70:f8:b9:71:b9:c8:c0:63:e0:40:24:
6b:df:c6:2f:b9:1a:80:7e:d9:b2:05:42:8a:94:e4:a8:11:84:
1e:63:a0:bc:a9:52:48:6b:94:b6:68:c9:96:1e:3f:9d:85:3d:
b5:82:b8:6e:2e:0c:a3:76:03:cb:ff:89:c0:4a:05:a4:a0:a5:
11:0a:c2:d3:20:ab:2d:42:36:2f:9d:44:60:56:ce:04:de:42:
9c:75:15:dc:f0:b1:61:ce:bd:15:23:5b:11:35:6a:19:b6:70:
fe:67:ce:41:b6:e9:07:8f:a8:8b:2e:b0:2b:6d:ed:6e:5a:da:
af:06:ef:35:32:e7:22:39:20:c9:f9:c3:09:d2:c6:eb:2a:18:
45:db:41:64:63:97:63:3e:02:df:c4:94:23:16:ee:f3:5f:36:
bc:65:de:76:23:fa:8b:99:40:ab:b9:a0:10:b0:c1:60:a6:c2:
5f:5b:2c:a7:76:e4:f4:eb:f5:fa:6a:4b:f9:9c:0a:b2:31:3b:
f2:4f:dd:cf:b0:15:fa:ae:be:db:46:a4:67:43:79:2c:8a:bc:
7a:69:64:38:87:5f:01:76:9f:e4:0f:68:8f:6e:bf:64:d1:02:
53:03:4f:ef:5b:a1:f5:f1:86:fa:bf:eb:ed:94:bd:31:d2:a3:
e1:b2:1d:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy2/2omL3h51SnrAoUZwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YWI2YjIyNTRlNDU3MzBhYWZhNDVhYjUxOTczMjAzNjE0
YmI2Y2MwHhcNMjMwMTAxMTkyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWIxNjQ2OGExZTE2YTU4MTkyMWFhMzRkNjY5YjYwMDIwOWZhYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO/5M3H27cs9iSj1Jb30e5rTQpYE
AyDNFSmAzIeSnLWnSfHxUYASy9JZAj7LLpgOdazQqiH/ryclRlEGBoPNGumj1M8y
c38ja53hsgJfM8ckfkytYrCUxX7CcAyZKLPng75S3L8J4nVboJpNB8iJYYUG0gQT
6mPxphqyPZ8TVu7lUORREVEmXjYGcRey6UVVCZGZ+3TAo7V+raLrZUgFA42tfHZt
qCQqKZU6zycptc0ujKlUkOuJxyZ6lNRo+mNJC4txNfIcq8f0XO256zXhV9COQ+mX
EPOJjLyYEyitFGnvCPqD49OPKrjG5tgdSz0GqxODq0PvK5Jb2gyhvPtBnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqxZGih4WpYGSGqNNZptgAgn6sLMB8GA1UdIwQY
MBaAFMerayJU5FcwqvpFq1GXMgNhS7bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDZ0cklsVGtWekNxLWtXclVaY3lBMkZMdHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zM2I2OWQtZjRjYS00M2FhLTk3ODAt
MWQ1NWQ1OTI5Y2VjLzEvQ3JGa2FLSGhhbGdaSWFvMDFtbTJBQ0NmcXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8zM2I2OWQtZjRjYS00M2FhLTk3ODAtMWQ1NWQ1OTI5Y2Vj
LzEveDZ0cklsVGtWekNxLWtXclVaY3lBMkZMdHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueUDMA0G
CSqGSIb3DQEBCwUAA4IBAQCc6a7r5teIcPi5cbnIwGPgQCRr38YvuRqAftmyBUKK
lOSoEYQeY6C8qVJIa5S2aMmWHj+dhT21grhuLgyjdgPL/4nASgWkoKURCsLTIKst
QjYvnURgVs4E3kKcdRXc8LFhzr0VI1sRNWoZtnD+Z85BtukHj6iLLrArbe1uWtqv
Bu81MuciOSDJ+cMJ0sbrKhhF20FkY5djPgLfxJQjFu7zXza8Zd52I/qLmUCruaAQ
sMFgpsJfWyynduT06/X6akv5nAqyMTvyT93PsBX6rr7bRqRnQ3ksirx6aWQ4h18B
dp/kD2iPbr9k0QJTA0/vW6H18Yb6v+vtlL0x0qPhsh15
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:40 2024 by rpki-client on console-ams.rpki-client.org