Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jTZcxo-aE0xRZGXM_HbNIsgs-Go.roa
File: jTZcxo-aE0xRZGXM_HbNIsgs-Go.roa (raw, json)
Hash identifier: emlK5vlQrpcX7B6N8gKpDQLXYRoUH/LvTvh83jFugp4=
Subject key identifier: 8D:36:5C:C6:8F:9A:13:4C:51:64:65:CC:FC:76:CD:22:C8:2C:F8:6A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018820C1755B10F1A5C2D7134797BA22E87F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jTZcxo-aE0xRZGXM_HbNIsgs-Go.roa
Signing time: Mon 15 May 2023 18:52:09 +0000
ROA not before: Mon 15 May 2023 18:52:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 185.255.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:c1:75:5b:10:f1:a5:c2:d7:13:47:97:ba:22:e8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 15 18:52:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d365cc68f9a134c516465ccfc76cd22c82cf86a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:08:6a:8a:99:87:5a:fa:71:53:e4:8a:28:f2:
22:4a:5d:62:2c:7c:cf:35:c8:86:cc:78:67:d8:bf:
3c:4a:1a:b1:4d:c4:19:8c:c0:40:9a:7a:5a:06:b3:
39:01:12:18:f6:a9:b1:53:06:07:df:4d:ae:70:57:
d3:cb:a6:52:e0:aa:0a:97:01:13:ff:1f:7a:89:96:
eb:50:5f:77:0b:38:75:73:20:f8:f0:d6:a8:dd:8c:
ad:3b:1d:5a:fc:55:d3:86:42:f0:ea:58:1c:14:a7:
3f:55:9e:28:2b:64:db:d7:ed:b9:d7:43:84:c1:48:
97:61:75:50:f1:db:4a:ea:67:09:7d:a2:02:f4:7f:
e9:55:4b:01:b5:83:20:cb:93:87:69:3d:16:5f:8a:
b8:e8:27:b2:4b:35:e9:7c:84:d8:1c:5c:13:d4:97:
68:ed:37:87:a7:cd:f1:b9:35:05:05:cd:75:b4:2e:
98:8d:e4:d4:e9:34:28:60:11:f3:dc:51:6d:27:9c:
80:47:0e:1a:dd:5a:f2:ca:62:1a:09:ce:16:fc:70:
44:ad:f7:e9:4a:a2:92:60:a1:3c:d7:2b:e6:f3:02:
73:5e:ba:52:f6:e7:92:1e:cd:e5:4e:22:a7:4c:e7:
01:46:a9:8a:89:24:26:ba:dc:c3:8f:31:15:9f:c8:
40:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:36:5C:C6:8F:9A:13:4C:51:64:65:CC:FC:76:CD:22:C8:2C:F8:6A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jTZcxo-aE0xRZGXM_HbNIsgs-Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.171.0/24
Signature Algorithm: sha256WithRSAEncryption
61:98:19:6b:6e:57:c9:0f:30:35:4e:89:96:ac:3c:6e:00:e5:
85:cd:a1:a2:cc:a0:e5:e3:4b:fd:1a:ca:1c:a9:4d:f3:f5:26:
8a:bd:4f:55:bf:15:8e:67:a6:c3:86:a5:0d:a3:9d:17:0d:de:
04:e6:2b:de:c2:92:a2:ef:d8:0e:fc:8d:95:ff:ad:db:78:f0:
c7:35:0c:db:ef:e7:9c:70:b3:26:f2:89:f7:a2:c2:2f:1b:02:
aa:be:5a:a9:f9:03:b6:94:66:cb:36:0e:bf:99:2c:4f:90:dd:
3e:24:5c:72:f6:18:79:e3:d6:c6:be:d3:8e:61:c6:05:d3:17:
61:e3:f7:d0:a4:b6:00:89:a7:f7:aa:7e:17:2b:ff:b0:ba:e7:
db:a9:a3:f3:be:75:e1:3a:3d:91:5a:e0:2b:d5:a3:f6:63:37:
6c:48:fd:82:4f:60:58:4a:a9:c3:a3:61:8c:d7:46:d0:97:ac:
98:01:41:7b:1a:83:97:2f:3e:8f:04:d8:a1:66:fe:d3:43:fc:
42:39:8b:52:64:4a:4a:21:c9:b6:a7:56:43:c3:bf:3a:34:f7:
1f:60:99:ed:45:a5:ef:30:bb:8f:03:ff:a3:2a:f1:66:04:5f:
8b:22:65:d4:80:dd:6f:b7:83:4b:3a:f8:dd:b2:bc:cd:2a:cf:
a9:95:3c:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYggwXVbEPGlwtcTR5e6Iuh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTE1MTg1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM2NWNjNjhmOWExMzRjNTE2NDY1Y2NmYzc2Y2QyMmM4MmNmODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQhqipmHWvpxU+SKKPIiSl1iLHzP
NciGzHhn2L88ShqxTcQZjMBAmnpaBrM5ARIY9qmxUwYH302ucFfTy6ZS4KoKlwET
/x96iZbrUF93Czh1cyD48Nao3YytOx1a/FXThkLw6lgcFKc/VZ4oK2Tb1+2510OE
wUiXYXVQ8dtK6mcJfaIC9H/pVUsBtYMgy5OHaT0WX4q46CeySzXpfITYHFwT1Jdo
7TeHp83xuTUFBc11tC6YjeTU6TQoYBHz3FFtJ5yARw4a3VryymIaCc4W/HBErffp
SqKSYKE81yvm8wJzXrpS9ueSHs3lTiKnTOcBRqmKiSQmutzDjzEVn8hACQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI02XMaPmhNMUWRlzPx2zSLILPhqMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvalRaY3hvLWFFMHhSWkdYTV9IYk5Jc2dzLUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf+rMA0G
CSqGSIb3DQEBCwUAA4IBAQBhmBlrblfJDzA1TomWrDxuAOWFzaGizKDl40v9Gsoc
qU3z9SaKvU9VvxWOZ6bDhqUNo50XDd4E5ivewpKi79gO/I2V/63bePDHNQzb7+ec
cLMm8on3osIvGwKqvlqp+QO2lGbLNg6/mSxPkN0+JFxy9hh549bGvtOOYcYF0xdh
4/fQpLYAiaf3qn4XK/+wuufbqaPzvnXhOj2RWuAr1aP2YzdsSP2CT2BYSqnDo2GM
10bQl6yYAUF7GoOXLz6PBNihZv7TQ/xCOYtSZEpKIcm2p1ZDw786NPcfYJntRaXv
MLuPA/+jKvFmBF+LImXUgN1vt4NLOvjdsrzNKs+plTza
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org