Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iDNbvhgy9JaSYQPDMJYMkVWf9ps.roa
File: iDNbvhgy9JaSYQPDMJYMkVWf9ps.roa (raw, json)
Hash identifier: hV+ZOpnPUUYSznZdIHDHnfqx981dr3VdJriKplpRtCw=
Subject key identifier: 88:33:5B:BE:18:32:F4:96:92:61:03:C3:30:96:0C:91:55:9F:F6:9B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185EA6553F118E14DFB93E172EC1388F0EF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iDNbvhgy9JaSYQPDMJYMkVWf9ps.roa
Signing time: Wed 25 Jan 2023 19:26:27 +0000
ROA not before: Wed 25 Jan 2023 19:26:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 185.135.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Jan 2023 06:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ea:65:53:f1:18:e1:4d:fb:93:e1:72:ec:13:88:f0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 25 19:26:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88335bbe1832f496926103c330960c91559ff69b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:34:34:bb:7e:01:3b:3e:1b:a3:3f:78:91:9e:
f4:1c:fc:77:b6:37:4c:14:f8:d8:9e:7e:b1:14:28:
06:ad:b9:e8:b8:77:c4:c4:de:71:90:ed:4d:42:86:
df:18:f8:f7:ec:2b:de:5d:27:ce:22:53:9c:62:6a:
9a:84:c3:82:54:52:21:3f:17:2f:63:bc:de:28:fb:
63:9c:c5:15:53:5c:a0:3f:a3:6f:1e:cb:9c:45:df:
02:ff:41:50:21:99:88:54:cd:91:df:79:2d:c9:6f:
7a:b6:4a:d9:9b:87:0e:85:21:b3:19:6f:91:2d:cd:
af:2c:9b:de:1c:a2:86:c2:5c:a5:bf:e2:5f:5b:6a:
81:cc:43:9d:0a:17:32:fe:d3:3a:6e:cd:24:6e:50:
35:ec:1a:05:47:da:82:99:56:fa:9b:ed:ea:8f:7c:
35:f4:c2:c7:29:75:81:50:33:d2:de:c2:d0:d5:ec:
7a:5e:a6:3b:f2:6d:6b:00:da:e8:13:bf:26:fb:98:
ab:24:b0:fd:d4:61:4c:cd:ec:13:60:e5:65:57:61:
5a:88:9b:50:5a:1d:e4:fc:b5:b5:c9:99:f1:99:a1:
84:ea:10:c9:35:ee:67:c2:b4:a6:80:c5:88:51:dc:
af:df:b3:47:d1:c3:5e:db:06:0f:9d:b0:24:47:3c:
9f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:33:5B:BE:18:32:F4:96:92:61:03:C3:30:96:0C:91:55:9F:F6:9B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iDNbvhgy9JaSYQPDMJYMkVWf9ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.143.0/24
Signature Algorithm: sha256WithRSAEncryption
68:f2:79:d2:83:2e:bc:01:15:0b:7a:71:bd:e1:a1:96:7b:62:
1f:53:ef:92:52:90:bb:fe:43:de:06:76:21:47:60:1e:e0:ac:
bc:3b:a8:ea:8b:9a:02:f2:3b:cf:ec:ea:d5:cc:15:26:cc:44:
47:85:82:96:d3:df:6d:7b:b2:56:01:08:cf:0e:5b:e4:3e:34:
b0:80:c3:6c:4b:9e:08:32:5d:bc:d0:75:5b:99:65:2c:21:de:
49:26:c1:38:3b:27:e0:32:04:75:43:c4:e0:31:69:ca:83:91:
1f:75:bc:17:27:58:60:27:ae:8d:05:94:63:44:b3:10:07:1e:
f4:9c:f2:cc:aa:6b:f9:24:43:19:c1:41:3b:c5:ad:07:e8:47:
e5:e3:ed:dd:06:0b:b4:83:6c:42:1e:26:71:65:3d:3b:26:55:
39:c2:82:a3:a5:4a:8e:e4:0e:1c:8f:f5:17:e4:34:dd:1a:ba:
f4:12:ba:56:fa:ea:75:06:8f:c5:83:3f:33:b9:23:c8:d5:23:
12:d0:9b:90:81:82:0d:46:45:35:35:c7:9c:be:c3:82:70:e2:
b3:f0:aa:ac:ae:6e:33:58:0c:0b:25:8f:9e:c8:3a:3d:a9:76:
43:c2:83:41:e0:37:2f:40:a5:a7:56:14:6f:ce:b9:0a:d3:82:
d5:f9:1e:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXqZVPxGOFN+5PhcuwTiPDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI1MTkyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODMzNWJiZTE4MzJmNDk2OTI2MTAzYzMzMDk2MGM5MTU1OWZmNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDQ0u34BOz4boz94kZ70HPx3tjdM
FPjYnn6xFCgGrbnouHfExN5xkO1NQobfGPj37CveXSfOIlOcYmqahMOCVFIhPxcv
Y7zeKPtjnMUVU1ygP6NvHsucRd8C/0FQIZmIVM2R33ktyW96tkrZm4cOhSGzGW+R
Lc2vLJveHKKGwlylv+JfW2qBzEOdChcy/tM6bs0kblA17BoFR9qCmVb6m+3qj3w1
9MLHKXWBUDPS3sLQ1ex6XqY78m1rANroE78m+5irJLD91GFMzewTYOVlV2FaiJtQ
Wh3k/LW1yZnxmaGE6hDJNe5nwrSmgMWIUdyv37NH0cNe2wYPnbAkRzyfQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgzW74YMvSWkmEDwzCWDJFVn/abMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaUROYnZoZ3k5SmFTWVFQRE1KWU1rVldmOXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYePMA0G
CSqGSIb3DQEBCwUAA4IBAQBo8nnSgy68ARULenG94aGWe2IfU++SUpC7/kPeBnYh
R2Ae4Ky8O6jqi5oC8jvP7OrVzBUmzERHhYKW099te7JWAQjPDlvkPjSwgMNsS54I
Ml280HVbmWUsId5JJsE4OyfgMgR1Q8TgMWnKg5EfdbwXJ1hgJ66NBZRjRLMQBx70
nPLMqmv5JEMZwUE7xa0H6Efl4+3dBgu0g2xCHiZxZT07JlU5woKjpUqO5A4cj/UX
5DTdGrr0ErpW+up1Bo/Fgz8zuSPI1SMS0JuQgYINRkU1NcecvsOCcOKz8Kqsrm4z
WAwLJY+eyDo9qXZDwoNB4DcvQKWnVhRvzrkK04LV+R6j
-----END CERTIFICATE-----