Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XXg8uAYL0jhG4cw2f_hyYyj3nOE.roa
File: XXg8uAYL0jhG4cw2f_hyYyj3nOE.roa (raw, json)
Hash identifier: 63VqUHw1o24iyToIOjbTejub5G/YjumS4Lti5zAOH70=
Subject key identifier: 5D:78:3C:B8:06:0B:D2:38:46:E1:CC:36:7F:F8:72:63:28:F7:9C:E1
Certificate issuer: /CN=5db58c45bee251fc7575a63e5b490dec6114e6ca
Certificate serial: 01856EB9043AF4CE38BB05BCC49E2D31C0B9
Authority key identifier: 5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XXg8uAYL0jhG4cw2f_hyYyj3nOE.roa
Signing time: Sun 01 Jan 2023 19:04:57 +0000
ROA not before: Sun 01 Jan 2023 19:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43231
IP address blocks: 185.188.38.0/24 maxlen: 24
185.188.37.0/24 maxlen: 24
185.188.36.0/24 maxlen: 24
185.188.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:04:3a:f4:ce:38:bb:05:bc:c4:9e:2d:31:c0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5db58c45bee251fc7575a63e5b490dec6114e6ca
Validity
Not Before: Jan 1 19:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d783cb8060bd23846e1cc367ff8726328f79ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0e:b7:5b:7d:7d:ae:4d:5d:b7:d5:9b:63:d1:
7d:9e:69:1e:cd:03:c5:b3:06:7a:89:09:ef:b6:6d:
b8:d0:cf:53:a7:c6:0c:b7:95:a3:3b:93:69:c3:ac:
47:8a:ee:73:1e:e4:4d:5b:85:76:7d:7a:fa:61:03:
38:47:e8:3f:f0:cf:82:90:2d:5f:d7:50:55:5c:a8:
ad:dd:58:fe:c3:56:df:9a:20:de:d3:73:0e:2d:d1:
ac:da:d4:8d:4c:21:00:bf:80:2f:90:85:45:ab:d2:
4c:fd:15:12:27:2e:42:03:17:fc:c1:74:eb:e8:3a:
22:b7:aa:01:d9:09:f7:a7:27:cc:df:89:9a:d4:fc:
4f:85:56:f5:6b:2f:fe:e8:f3:62:43:13:6d:1e:9f:
8a:3b:12:c7:45:32:64:d1:c5:bb:2b:1d:f9:d6:48:
fb:79:bf:8e:15:76:2a:bd:88:97:b6:6e:0d:cd:59:
13:10:1c:21:63:a6:46:88:c7:7f:80:85:f3:f4:ed:
0f:be:4b:4b:3f:ac:3e:82:20:19:a7:89:61:19:93:
bf:10:cd:4d:20:a6:52:f3:d5:7f:70:55:be:33:03:
9c:59:ae:f7:ca:18:1a:86:d1:a3:ce:5c:8f:f8:bb:
03:ac:e1:4a:97:34:d5:d8:a7:69:79:d6:b9:fb:e6:
2c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:78:3C:B8:06:0B:D2:38:46:E1:CC:36:7F:F8:72:63:28:F7:9C:E1
X509v3 Authority Key Identifier:
keyid:5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XXg8uAYL0jhG4cw2f_hyYyj3nOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.36.0/22
Signature Algorithm: sha256WithRSAEncryption
77:49:bf:be:54:02:4e:28:77:c4:2f:bd:00:9e:9e:7e:8a:f3:
f8:0e:13:ad:5f:49:e1:ab:e2:6d:ae:30:16:a4:f1:cc:da:d8:
c3:f3:e2:e6:0a:0b:df:22:eb:34:98:45:78:b3:43:ff:df:91:
fd:00:57:fb:11:98:4c:05:99:7b:e9:35:81:97:0b:c6:0a:ee:
e0:d3:6a:00:0b:12:e9:74:bd:80:8d:2d:77:ea:aa:0d:27:c4:
44:72:a6:c5:5f:c0:cb:79:7f:dd:61:e3:8c:4f:0f:56:30:ef:
b5:9b:45:44:53:be:11:99:5c:d6:9b:4e:2b:10:8e:39:a1:7a:
a0:88:0d:04:7b:40:75:e0:2c:f2:6f:88:31:41:ca:40:4e:4b:
1a:a5:b9:87:1b:f0:9b:e9:a6:7e:c4:8e:8c:c0:f7:fa:22:ae:
99:c2:56:c3:b6:30:e8:07:c2:7f:0a:7d:74:3e:27:26:0b:11:
e4:34:3d:d7:cd:ee:ce:fc:c0:47:fa:63:15:d6:ce:0f:6c:5d:
42:b7:7f:d8:f6:87:3b:c9:b9:2c:c7:9a:1c:b9:11:73:c9:e4:
79:39:11:ab:17:3f:ed:f6:91:c7:25:d5:1d:7e:fe:ba:a7:df:
ed:31:cf:3f:81:56:5a:f0:44:5d:b3:12:38:f2:77:0f:88:00:
42:0a:5e:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuQQ69M44uwW8xJ4tMcC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjU4YzQ1YmVlMjUxZmM3NTc1YTYzZTViNDkwZGVjNjEx
NGU2Y2EwHhcNMjMwMTAxMTkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDc4M2NiODA2MGJkMjM4NDZlMWNjMzY3ZmY4NzI2MzI4Zjc5Y2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g63W319rk1dt9WbY9F9nmkezQPF
swZ6iQnvtm240M9Tp8YMt5WjO5Npw6xHiu5zHuRNW4V2fXr6YQM4R+g/8M+CkC1f
11BVXKit3Vj+w1bfmiDe03MOLdGs2tSNTCEAv4AvkIVFq9JM/RUSJy5CAxf8wXTr
6Doit6oB2Qn3pyfM34ma1PxPhVb1ay/+6PNiQxNtHp+KOxLHRTJk0cW7Kx351kj7
eb+OFXYqvYiXtm4NzVkTEBwhY6ZGiMd/gIXz9O0PvktLP6w+giAZp4lhGZO/EM1N
IKZS89V/cFW+MwOcWa73yhgahtGjzlyP+LsDrOFKlzTV2Kdpeda5++YsrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF14PLgGC9I4RuHMNn/4cmMo95zhMB8GA1UdIwQY
MBaAFF21jEW+4lH8dXWmPltJDexhFObKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJXTVJiN2lVZngxZGFZLVcwa043R0VVNXNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hZGY5M2QtOThkYS00MWNjLThhNmQt
OWMyYWQ0NzVhMjMxLzEvWFhnOHVBWUwwamhHNGN3MmZfaHlZeWozbk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hZGY5M2QtOThkYS00MWNjLThhNmQtOWMyYWQ0NzVhMjMx
LzEvWGJXTVJiN2lVZngxZGFZLVcwa043R0VVNXNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubwkMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Sb++VAJOKHfEL70Anp5+ivP4DhOtX0nhq+JtrjAW
pPHM2tjD8+LmCgvfIus0mEV4s0P/35H9AFf7EZhMBZl76TWBlwvGCu7g02oACxLp
dL2AjS136qoNJ8REcqbFX8DLeX/dYeOMTw9WMO+1m0VEU74RmVzWm04rEI45oXqg
iA0Ee0B14Czyb4gxQcpATksapbmHG/Cb6aZ+xI6MwPf6Iq6ZwlbDtjDoB8J/Cn10
PicmCxHkND3Xze7O/MBH+mMV1s4PbF1Ct3/Y9oc7ybksx5ocuRFzyeR5ORGrFz/t
9pHHJdUdfv66p9/tMc8/gVZa8ERdsxI48ncPiABCCl4T
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:28 2024 by rpki-client on console-ams.rpki-client.org