Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/i_Iwm69dprMZI7prfv-ROjBLm6U.roa
File: i_Iwm69dprMZI7prfv-ROjBLm6U.roa (raw, json)
Hash identifier: UssfFNC2Tnt5gZvT8FQAvZzyphf2I145XLxRpcyRG20=
Subject key identifier: 8B:F2:30:9B:AF:5D:A6:B3:19:23:BA:6B:7E:FF:91:3A:30:4B:9B:A5
Certificate issuer: /CN=52e02224ffb971172e4935ed7dd965d1155089b6
Certificate serial: 01856F301FF5DC6FA19D7ABCA2B1A616DCB0
Authority key identifier: 52:E0:22:24:FF:B9:71:17:2E:49:35:ED:7D:D9:65:D1:15:50:89:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuAiJP-5cRcuSTXtfdll0RVQibY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/i_Iwm69dprMZI7prfv-ROjBLm6U.roa
Signing time: Sun 01 Jan 2023 21:15:02 +0000
ROA not before: Sun 01 Jan 2023 21:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 185.121.16.0/24 maxlen: 24
185.121.16.0/22 maxlen: 22
185.121.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:1f:f5:dc:6f:a1:9d:7a:bc:a2:b1:a6:16:dc:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e02224ffb971172e4935ed7dd965d1155089b6
Validity
Not Before: Jan 1 21:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bf2309baf5da6b31923ba6b7eff913a304b9ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:60:2c:a6:ab:ac:ab:79:25:0b:b1:7f:b7:f6:
fa:6a:1a:68:8f:9e:79:85:d0:37:e3:58:d4:79:b5:
74:23:57:ca:25:44:8b:cc:4d:7c:ed:1e:c8:73:4d:
8c:f4:41:3e:83:68:15:82:d9:88:4f:8f:4e:a6:73:
42:6d:39:2d:72:69:ff:11:ae:09:69:4b:f8:03:67:
67:cd:23:f9:19:ad:b6:32:33:f0:13:14:69:f4:96:
81:b0:35:74:a7:41:58:83:b5:a9:6e:d1:16:2e:1f:
e8:d1:23:fa:68:6d:16:2d:96:97:f1:7d:ec:0f:54:
dc:c4:18:98:69:dd:79:61:a9:34:33:4b:57:90:f4:
50:4a:cd:05:f5:21:4f:90:ab:fa:95:ad:d9:0b:91:
84:e6:45:6d:90:74:9a:58:cf:07:48:61:e4:04:d7:
1a:53:81:8b:2f:aa:21:26:21:62:c5:ea:7c:0c:c7:
91:20:29:70:0f:3b:b0:04:d6:c7:7e:53:9d:26:b0:
b2:d2:76:50:e5:3f:eb:f7:0a:48:25:c2:00:c3:bd:
d4:a1:c8:cc:f1:9b:af:22:ee:22:24:5a:1b:41:da:
1a:74:37:d1:e9:c5:92:c6:59:e2:20:98:54:fa:3a:
f8:26:f8:7d:4e:64:51:e5:09:dd:f5:ab:67:6d:d3:
99:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F2:30:9B:AF:5D:A6:B3:19:23:BA:6B:7E:FF:91:3A:30:4B:9B:A5
X509v3 Authority Key Identifier:
keyid:52:E0:22:24:FF:B9:71:17:2E:49:35:ED:7D:D9:65:D1:15:50:89:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuAiJP-5cRcuSTXtfdll0RVQibY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/i_Iwm69dprMZI7prfv-ROjBLm6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/UuAiJP-5cRcuSTXtfdll0RVQibY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.16.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:e2:02:fb:df:aa:d0:67:31:d2:57:15:5f:43:c6:be:2b:cb:
a5:10:81:35:25:c0:5a:35:4c:24:62:3a:85:1a:4e:23:62:18:
fd:15:6a:ff:d3:f6:fe:88:0f:ff:a0:2b:50:48:d2:0d:ec:e3:
e5:13:7b:f5:63:27:49:dd:1e:d1:40:2b:20:64:d4:3c:45:f1:
08:98:b6:82:52:8c:27:71:98:cc:17:0c:b2:4e:bb:44:84:06:
fd:d5:ed:b2:45:14:f3:a1:0c:cc:af:5e:1a:8a:34:7d:99:d8:
a9:40:83:e4:df:f8:8c:d0:7c:9c:e8:74:46:8c:2e:b8:5a:23:
09:b8:c4:79:bc:6e:28:fa:d3:8f:57:c1:a5:79:d7:c4:cb:94:
18:a3:99:77:ca:4f:2c:ac:a1:39:6c:d4:c9:c1:de:68:f6:b9:
81:f8:52:fd:1f:ce:28:be:35:58:7f:c8:4e:ab:77:6a:dd:ce:
27:7e:86:97:ad:98:b0:b6:a3:40:0f:63:3f:54:fa:07:2e:92:
86:7d:c4:a4:6a:38:0c:07:b6:6c:48:ff:a4:77:0e:ad:1d:22:
23:03:26:83:d2:d9:a4:d0:05:24:0f:df:a2:78:8c:b5:36:e1:
30:08:a3:cb:e6:6e:5b:60:4f:9c:c6:a8:a8:75:d4:a7:fc:dc:
58:c4:a5:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMB/13G+hnXq8orGmFtywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZTAyMjI0ZmZiOTcxMTcyZTQ5MzVlZDdkZDk2NWQxMTU1
MDg5YjYwHhcNMjMwMTAxMjExNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYyMzA5YmFmNWRhNmIzMTkyM2JhNmI3ZWZmOTEzYTMwNGI5YmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWAspqusq3klC7F/t/b6ahpoj555
hdA341jUebV0I1fKJUSLzE187R7Ic02M9EE+g2gVgtmIT49OpnNCbTktcmn/Ea4J
aUv4A2dnzSP5Ga22MjPwExRp9JaBsDV0p0FYg7WpbtEWLh/o0SP6aG0WLZaX8X3s
D1TcxBiYad15Yak0M0tXkPRQSs0F9SFPkKv6la3ZC5GE5kVtkHSaWM8HSGHkBNca
U4GLL6ohJiFixep8DMeRIClwDzuwBNbHflOdJrCy0nZQ5T/r9wpIJcIAw73UocjM
8ZuvIu4iJFobQdoadDfR6cWSxlniIJhU+jr4Jvh9TmRR5Qnd9atnbdOZFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIvyMJuvXaazGSO6a37/kTowS5ulMB8GA1UdIwQY
MBaAFFLgIiT/uXEXLkk17X3ZZdEVUIm2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVBaUpQLTVjUmN1U1RYdGZkbGwwUlZRaWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zMTFiYzUtM2YzNi00ZDVlLWFiZGUt
YjhkYTg5NDA2YmVkLzEvaV9Jd202OWRwck1aSTdwcmZ2LVJPakJMbTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zMTFiYzUtM2YzNi00ZDVlLWFiZGUtYjhkYTg5NDA2YmVk
LzEvVXVBaUpQLTVjUmN1U1RYdGZkbGwwUlZRaWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXkQMA0G
CSqGSIb3DQEBCwUAA4IBAQA64gL736rQZzHSVxVfQ8a+K8ulEIE1JcBaNUwkYjqF
Gk4jYhj9FWr/0/b+iA//oCtQSNIN7OPlE3v1YydJ3R7RQCsgZNQ8RfEImLaCUown
cZjMFwyyTrtEhAb91e2yRRTzoQzMr14aijR9mdipQIPk3/iM0Hyc6HRGjC64WiMJ
uMR5vG4o+tOPV8GledfEy5QYo5l3yk8srKE5bNTJwd5o9rmB+FL9H84ovjVYf8hO
q3dq3c4nfoaXrZiwtqNAD2M/VPoHLpKGfcSkajgMB7ZsSP+kdw6tHSIjAyaD0tmk
0AUkD9+ieIy1NuEwCKPL5m5bYE+cxqioddSn/NxYxKUv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:53 2024 by rpki-client on console-fra.rpki-client.org