Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c58671-3d4e-4775-af21-20af3d1b8ef9/1/9WkY4O2dPCJOgVgVpSDP-HakYAk.roa
File: 9WkY4O2dPCJOgVgVpSDP-HakYAk.roa (raw, json)
Hash identifier: Xiy/FHOevyGQ+R3+IjuTO5j9r5HsmP1IRh31UZJyPD8=
Subject key identifier: F5:69:18:E0:ED:9D:3C:22:4E:81:58:15:A5:20:CF:F8:76:A4:60:09
Certificate issuer: /CN=97a23bb0aca9d226d05adfac08554181c48ef82e
Certificate serial: 018570150D52B96B2D88C6B5D575E8D7A736
Authority key identifier: 97:A2:3B:B0:AC:A9:D2:26:D0:5A:DF:AC:08:55:41:81:C4:8E:F8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l6I7sKyp0ibQWt-sCFVBgcSO-C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c58671-3d4e-4775-af21-20af3d1b8ef9/1/9WkY4O2dPCJOgVgVpSDP-HakYAk.roa
Signing time: Mon 02 Jan 2023 01:25:05 +0000
ROA not before: Mon 02 Jan 2023 01:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205243
IP address blocks: 185.215.200.0/22 maxlen: 22
185.224.200.0/22 maxlen: 22
2a0d:3c00::/29 maxlen: 29
2a0b:adc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:0d:52:b9:6b:2d:88:c6:b5:d5:75:e8:d7:a7:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97a23bb0aca9d226d05adfac08554181c48ef82e
Validity
Not Before: Jan 2 01:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f56918e0ed9d3c224e815815a520cff876a46009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:79:ab:5e:4c:83:9c:f7:1b:9b:00:1f:56:f0:
96:4c:17:88:8f:b1:fb:33:5b:f0:48:a6:2f:10:a0:
27:62:f9:0e:6d:5e:17:f7:a6:24:70:d7:cf:36:e4:
69:7f:17:4a:42:2b:e3:a0:4e:f7:28:c6:7e:4d:eb:
eb:8b:27:10:92:19:92:0f:a0:f0:2d:02:e1:53:ac:
fa:6c:4b:96:d2:92:36:bc:be:7a:be:8e:0a:78:a5:
e1:67:83:8a:51:16:a8:d4:fa:df:70:d2:bc:5d:c1:
97:ce:3b:56:21:a3:b4:06:ea:1a:d3:8d:f2:22:81:
c2:14:b3:62:2b:08:c7:cd:ec:e1:e4:36:28:33:b5:
cb:e3:1b:9c:46:0e:6f:75:12:57:d9:f4:e4:bf:f9:
ca:39:cb:8c:68:30:2c:07:55:98:fa:b5:dd:f8:82:
6b:35:7b:dd:36:96:4c:1e:d0:db:ff:94:5f:47:f1:
7d:5b:fa:77:1b:4e:c2:9a:f8:3e:43:3b:1d:92:ff:
46:b4:83:1c:e5:74:3a:39:11:9f:3e:6c:28:60:6a:
a1:bd:67:be:d0:85:25:c6:3c:b5:b9:d7:a4:37:22:
d7:16:dd:21:31:b7:8e:5e:2e:ef:aa:47:64:ce:92:
56:fa:52:63:81:d5:9c:1b:51:76:b6:7f:b3:48:f1:
73:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:69:18:E0:ED:9D:3C:22:4E:81:58:15:A5:20:CF:F8:76:A4:60:09
X509v3 Authority Key Identifier:
keyid:97:A2:3B:B0:AC:A9:D2:26:D0:5A:DF:AC:08:55:41:81:C4:8E:F8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l6I7sKyp0ibQWt-sCFVBgcSO-C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c58671-3d4e-4775-af21-20af3d1b8ef9/1/9WkY4O2dPCJOgVgVpSDP-HakYAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c58671-3d4e-4775-af21-20af3d1b8ef9/1/l6I7sKyp0ibQWt-sCFVBgcSO-C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.200.0/22
185.224.200.0/22
IPv6:
2a0b:adc0::/29
2a0d:3c00::/29
Signature Algorithm: sha256WithRSAEncryption
9d:1a:f2:33:5f:56:f6:6a:d1:76:3a:fd:c6:df:c6:a7:2f:ef:
17:c4:87:db:7a:c3:e3:fa:e8:81:54:1b:ca:5c:ce:1a:74:d5:
27:95:b1:52:f1:4f:7f:f3:66:03:0f:d3:f7:9f:03:90:9f:d7:
00:70:2f:fe:cd:fa:09:d1:bc:27:71:d6:87:35:3d:c2:1f:3c:
be:f4:fa:a9:43:ec:8d:ce:dc:3d:38:d1:a3:61:5b:87:8b:98:
82:e6:1a:4c:a7:99:4f:40:28:61:be:b0:b5:9d:c4:72:ba:a8:
db:4a:78:e3:fe:36:53:5c:ea:65:20:29:f9:93:6d:be:a4:1d:
12:89:22:f3:d4:8d:54:7c:ef:67:56:a6:49:85:cf:85:ff:eb:
5e:59:9e:ac:43:dd:06:c9:15:61:f6:b4:0f:67:6c:81:31:eb:
58:b3:44:b4:62:dc:5c:a2:b5:28:59:8c:68:0c:83:69:45:78:
0b:c9:f0:ea:93:cf:cb:e8:56:9d:88:d4:eb:65:47:04:09:aa:
96:0f:82:06:32:69:be:57:70:91:02:23:5c:95:1e:e7:73:c2:
98:f3:a2:c1:a8:ef:70:52:2d:e8:24:3e:ba:34:40:3e:4b:12:
b9:6e:8f:dc:7f:6a:da:eb:f6:e8:ae:ee:9a:9a:41:22:a9:cc:
19:ad:da:cb
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVwFQ1SuWstiMa11XXo16c2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YTIzYmIwYWNhOWQyMjZkMDVhZGZhYzA4NTU0MTgxYzQ4
ZWY4MmUwHhcNMjMwMTAyMDEyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTY5MThlMGVkOWQzYzIyNGU4MTU4MTVhNTIwY2ZmODc2YTQ2MDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHmrXkyDnPcbmwAfVvCWTBeIj7H7
M1vwSKYvEKAnYvkObV4X96YkcNfPNuRpfxdKQivjoE73KMZ+TevriycQkhmSD6Dw
LQLhU6z6bEuW0pI2vL56vo4KeKXhZ4OKURao1PrfcNK8XcGXzjtWIaO0Buoa043y
IoHCFLNiKwjHzezh5DYoM7XL4xucRg5vdRJX2fTkv/nKOcuMaDAsB1WY+rXd+IJr
NXvdNpZMHtDb/5RfR/F9W/p3G07Cmvg+Qzsdkv9GtIMc5XQ6ORGfPmwoYGqhvWe+
0IUlxjy1udekNyLXFt0hMbeOXi7vqkdkzpJW+lJjgdWcG1F2tn+zSPFzxQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPVpGODtnTwiToFYFaUgz/h2pGAJMB8GA1UdIwQY
MBaAFJeiO7CsqdIm0FrfrAhVQYHEjvguMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDZJN3NLeXAwaWJRV3Qtc0NGVkJnY1NPLUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jNTg2NzEtM2Q0ZS00Nzc1LWFmMjEt
MjBhZjNkMWI4ZWY5LzEvOVdrWTRPMmRQQ0pPZ1ZnVnBTRFAtSGFrWUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jNTg2NzEtM2Q0ZS00Nzc1LWFmMjEtMjBhZjNkMWI4ZWY5
LzEvbDZJN3NLeXAwaWJRV3Qtc0NGVkJnY1NPLUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCudfIAwQC
ueDIMBQEAgACMA4DBQMqC63AAwUDKg08ADANBgkqhkiG9w0BAQsFAAOCAQEAnRry
M19W9mrRdjr9xt/Gpy/vF8SH23rD4/rogVQbylzOGnTVJ5WxUvFPf/NmAw/T958D
kJ/XAHAv/s36CdG8J3HWhzU9wh88vvT6qUPsjc7cPTjRo2Fbh4uYguYaTKeZT0Ao
Yb6wtZ3Ecrqo20p44/42U1zqZSAp+ZNtvqQdEoki89SNVHzvZ1amSYXPhf/rXlme
rEPdBskVYfa0D2dsgTHrWLNEtGLcXKK1KFmMaAyDaUV4C8nw6pPPy+hWnYjU62VH
BAmqlg+CBjJpvldwkQIjXJUe53PCmPOiwajvcFIt6CQ+ujRAPksSuW6P3H9q2uv2
6K7umppBIqnMGa3ayw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:41 2024 by rpki-client on console-ams.rpki-client.org