Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/0FiAfLtj7rBVCO3K1yRy7ukxXCY.roa
File: 0FiAfLtj7rBVCO3K1yRy7ukxXCY.roa (raw, json)
Hash identifier: 8vHTOeUizf/4FwHz4dHYKuVpo38B8Al4WmNwEQxxutI=
Subject key identifier: D0:58:80:7C:BB:63:EE:B0:55:08:ED:CA:D7:24:72:EE:E9:31:5C:26
Certificate issuer: /CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Certificate serial: 018BCD89BBF7AF463BC7DF70FAC9B07A1384
Authority key identifier: 1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/0FiAfLtj7rBVCO3K1yRy7ukxXCY.roa
Signing time: Tue 14 Nov 2023 11:13:57 +0000
ROA not before: Tue 14 Nov 2023 11:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203324
IP address blocks: 185.238.85.0/24 maxlen: 24
185.238.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:89:bb:f7:af:46:3b:c7:df:70:fa:c9:b0:7a:13:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Validity
Not Before: Nov 14 11:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d058807cbb63eeb05508edcad72472eee9315c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:19:b1:47:15:b1:3b:e8:9d:2d:b9:4c:ba:09:
68:1f:44:47:d6:1b:ef:86:75:48:49:8d:e2:67:68:
7c:cf:44:df:b2:13:a7:fb:29:19:3a:b9:df:ec:1e:
a2:af:86:14:ad:b1:4f:04:52:a5:12:59:96:db:ad:
74:4b:b1:8b:90:4c:1b:ff:9d:3d:78:e2:34:34:35:
21:d1:ee:48:6c:c0:ea:c2:85:62:b7:8e:6d:89:0b:
38:66:ed:80:89:af:75:ab:48:0c:a4:7a:f0:3a:84:
96:a6:a4:af:e3:99:cf:a1:7b:2a:bc:a2:86:22:0b:
3f:37:9c:b2:2f:b8:46:00:92:a6:26:ea:fd:b4:31:
ab:af:c0:0a:82:66:c4:f2:95:7a:fe:70:74:09:f4:
15:d5:b9:72:10:4b:12:b1:6e:c3:b7:00:de:52:8f:
b1:92:fc:78:bb:e5:81:41:63:0b:8d:6b:81:f6:47:
43:1e:ad:e5:fd:96:75:0a:dc:a6:67:98:0d:96:97:
41:cf:cc:e1:b6:f8:10:e7:6b:2c:b1:69:cc:fe:4c:
24:d6:c7:2a:b2:f6:95:d2:9f:28:da:fe:29:84:a3:
a2:2c:f7:f5:f8:6a:cb:5c:35:5f:23:0f:8d:8e:24:
7a:ac:89:a0:3c:b9:1b:71:44:bd:bd:a6:2a:d5:04:
5b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:58:80:7C:BB:63:EE:B0:55:08:ED:CA:D7:24:72:EE:E9:31:5C:26
X509v3 Authority Key Identifier:
keyid:1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/0FiAfLtj7rBVCO3K1yRy7ukxXCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.85.0-185.238.86.255
Signature Algorithm: sha256WithRSAEncryption
31:f4:42:cc:3d:99:bb:57:82:5e:fd:78:bc:ad:95:2c:6d:a7:
21:ce:d8:b2:42:d3:59:51:cd:30:88:e0:4c:ab:88:e8:0b:a7:
01:9d:a1:6d:ed:0f:61:2d:cf:11:f2:c9:23:ff:a7:76:3f:52:
9d:ec:eb:f9:2c:8d:15:a5:a1:62:b0:0b:89:f7:93:12:23:2f:
f6:2b:2d:a9:0d:cc:5c:ec:1b:41:da:c3:76:f6:68:16:0d:95:
66:9b:3c:6a:80:83:49:25:69:f3:4a:b1:d0:d4:7e:08:09:86:
f9:37:1b:fe:b4:8a:a4:eb:ad:92:4d:9b:ab:b3:8d:12:84:ab:
64:e2:84:71:28:1c:bb:2a:4b:4e:12:3b:35:0b:f0:98:12:e5:
25:64:7b:a3:ee:4d:f0:21:cd:f9:b0:15:56:8b:15:81:93:05:
83:4e:3f:74:45:c2:0e:ca:91:65:b3:ae:9e:21:2b:b6:bc:dc:
4f:1d:18:38:68:98:5a:bb:1a:fd:75:97:b4:8d:9e:03:1a:c6:
d0:cd:f9:28:0d:46:60:38:31:98:69:fc:08:6e:da:44:74:7d:
32:3b:83:1f:f9:ca:5b:0c:db:45:df:d6:a0:98:ec:25:01:9a:
fc:7e:6f:22:ec:5b:7d:3b:b6:3c:c4:7a:be:95:30:77:7f:b3:
5b:94:09:3d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvNibv3r0Y7x99w+smwehOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGM3ZTdiYjI3YzUzM2E5OTdkMjc3Y2FkZDQxN2VjN2Jk
Mjg0ZjAwHhcNMjMxMTE0MTExMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDU4ODA3Y2JiNjNlZWIwNTUwOGVkY2FkNzI0NzJlZWU5MzE1YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhmxRxWxO+idLblMugloH0RH1hvv
hnVISY3iZ2h8z0TfshOn+ykZOrnf7B6ir4YUrbFPBFKlElmW2610S7GLkEwb/509
eOI0NDUh0e5IbMDqwoVit45tiQs4Zu2Aia91q0gMpHrwOoSWpqSv45nPoXsqvKKG
Igs/N5yyL7hGAJKmJur9tDGrr8AKgmbE8pV6/nB0CfQV1blyEEsSsW7DtwDeUo+x
kvx4u+WBQWMLjWuB9kdDHq3l/ZZ1CtymZ5gNlpdBz8zhtvgQ52sssWnM/kwk1scq
svaV0p8o2v4phKOiLPf1+GrLXDVfIw+NjiR6rImgPLkbcUS9vaYq1QRblQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNBYgHy7Y+6wVQjtytckcu7pMVwmMB8GA1UdIwQY
MBaAFB0MfnuyfFM6mX0nfK3UF+x70oTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEt
YjI4ZjA3YjJmNDViLzEvMEZpQWZMdGo3ckJWQ08zSzF5Unk3dWt4WENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEtYjI4ZjA3YjJmNDVi
LzEvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC57lUD
BAC57lYwDQYJKoZIhvcNAQELBQADggEBADH0Qsw9mbtXgl79eLytlSxtpyHO2LJC
01lRzTCI4EyriOgLpwGdoW3tD2EtzxHyySP/p3Y/Up3s6/ksjRWloWKwC4n3kxIj
L/YrLakNzFzsG0Haw3b2aBYNlWabPGqAg0klafNKsdDUfggJhvk3G/60iqTrrZJN
m6uzjRKEq2TihHEoHLsqS04SOzUL8JgS5SVke6PuTfAhzfmwFVaLFYGTBYNOP3RF
wg7KkWWzrp4hK7a83E8dGDhomFq7Gv11l7SNngMaxtDN+SgNRmA4MZhp/Ahu2kR0
fTI7gx/5ylsM20Xf1qCY7CUBmvx+byLsW307tjzEer6VMHd/s1uUCT0=
-----END CERTIFICATE-----
Generated at Tue Nov 14 12:16:40 2023 by rpki-client on console-ams.rpki-client.org