Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/ibR_wnES2bphFbOOPeVRwzrMGcA.roa
File: ibR_wnES2bphFbOOPeVRwzrMGcA.roa (raw, json)
Hash identifier: vEOxAOrUKlQmlRUsE6LJhmHJVbuobcOrnuMf+tGELzE=
Subject key identifier: 89:B4:7F:C2:71:12:D9:BA:61:15:B3:8E:3D:E5:51:C3:3A:CC:19:C0
Certificate issuer: /CN=230d311fc19463fdd30adecc917b5f0298741b44
Certificate serial: 018571275EA983BACD5967D1AE91D05B4065
Authority key identifier: 23:0D:31:1F:C1:94:63:FD:D3:0A:DE:CC:91:7B:5F:02:98:74:1B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/ibR_wnES2bphFbOOPeVRwzrMGcA.roa
Signing time: Mon 02 Jan 2023 06:24:43 +0000
ROA not before: Mon 02 Jan 2023 06:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49121
IP address blocks: 185.65.69.0/24 maxlen: 24
2a0d:3180:7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:5e:a9:83:ba:cd:59:67:d1:ae:91:d0:5b:40:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=230d311fc19463fdd30adecc917b5f0298741b44
Validity
Not Before: Jan 2 06:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89b47fc27112d9ba6115b38e3de551c33acc19c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:76:6d:93:02:d7:4b:a4:88:05:08:ad:d1:7b:
9e:73:94:d8:6d:58:03:06:fb:64:4c:51:ab:ad:4c:
c4:d3:e3:31:ce:1d:18:0f:5e:73:7e:6a:cb:3d:4a:
0a:02:96:e5:1b:52:50:40:06:27:f7:96:13:d5:a8:
d5:b6:bb:ea:53:ec:26:92:92:b0:2d:16:8b:1a:1b:
66:bd:35:0b:1b:ae:c8:07:7b:ca:a1:c5:80:e3:ec:
2d:42:22:a2:d9:d7:36:76:39:2d:e1:8c:9f:0d:db:
50:56:d7:35:5f:5c:13:bd:62:9e:98:a6:c6:81:4e:
bb:cd:69:5e:e3:b4:c5:b7:16:13:88:21:f8:9e:50:
25:df:6a:55:1b:d9:24:29:66:9d:fa:21:26:48:d5:
7d:17:7c:90:97:37:26:fa:63:e2:55:17:0d:75:7f:
1b:29:bb:5f:11:3b:39:22:d4:a3:aa:59:85:b0:4a:
c9:a3:cd:71:5e:0d:8a:ca:3b:81:8e:9a:d7:df:41:
38:dc:28:c9:22:69:44:68:3e:d9:4c:13:4d:12:e8:
c5:55:1c:8e:0d:d1:a4:83:ab:15:1b:e9:15:56:78:
65:28:4a:f0:a4:41:94:31:4e:4b:67:d8:d0:7c:0c:
69:30:14:c7:83:df:0e:91:a1:aa:d0:b7:d5:76:f8:
c4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B4:7F:C2:71:12:D9:BA:61:15:B3:8E:3D:E5:51:C3:3A:CC:19:C0
X509v3 Authority Key Identifier:
keyid:23:0D:31:1F:C1:94:63:FD:D3:0A:DE:CC:91:7B:5F:02:98:74:1B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/ibR_wnES2bphFbOOPeVRwzrMGcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.69.0/24
IPv6:
2a0d:3180:7::/48
Signature Algorithm: sha256WithRSAEncryption
99:29:b4:fb:02:1c:c1:f9:03:00:2b:b7:6c:7f:ff:bd:91:a7:
cd:2c:8a:2f:85:2b:1a:9b:17:d3:b3:ca:64:ed:56:98:ac:24:
84:4e:a7:5d:03:91:18:6d:f6:f9:d2:88:e2:2e:ce:18:e3:aa:
0e:48:85:a2:16:46:d9:18:3f:07:9f:f2:8b:4c:ff:ae:bf:c1:
80:a1:68:3f:14:27:dc:67:cd:48:f5:e4:77:cc:8f:64:33:72:
25:c2:7c:a4:89:40:ef:0b:c1:7f:6e:3d:a5:d3:a8:c3:55:ce:
84:3c:3e:f5:45:5e:df:06:2d:54:28:13:60:b2:b6:46:3a:39:
c5:bf:e5:65:41:3a:fa:0a:f5:60:ee:fb:87:a1:d5:3a:4b:a9:
d2:06:3e:8a:fd:55:41:e4:4f:ac:71:b7:7a:92:a0:90:4c:28:
8d:73:b0:99:99:78:76:bf:ef:2e:74:1d:6d:4a:42:69:09:ec:
17:d4:14:17:25:1c:ed:20:7a:c0:ac:6c:09:11:db:fd:b4:7b:
23:5d:02:ae:18:f2:d8:e2:ba:03:b4:9d:2c:45:d3:c9:a9:0e:
c4:10:56:c7:56:a1:9b:2d:46:38:34:6d:aa:df:68:df:c2:07:
3f:6e:0b:f0:b8:90:05:b2:dc:13:af:d6:66:63:d2:6a:87:94:
77:d7:26:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxJ16pg7rNWWfRrpHQW0BlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMGQzMTFmYzE5NDYzZmRkMzBhZGVjYzkxN2I1ZjAyOTg3
NDFiNDQwHhcNMjMwMTAyMDYyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI0N2ZjMjcxMTJkOWJhNjExNWIzOGUzZGU1NTFjMzNhY2MxOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnZtkwLXS6SIBQit0Xuec5TYbVgD
BvtkTFGrrUzE0+Mxzh0YD15zfmrLPUoKApblG1JQQAYn95YT1ajVtrvqU+wmkpKw
LRaLGhtmvTULG67IB3vKocWA4+wtQiKi2dc2djkt4YyfDdtQVtc1X1wTvWKemKbG
gU67zWle47TFtxYTiCH4nlAl32pVG9kkKWad+iEmSNV9F3yQlzcm+mPiVRcNdX8b
KbtfETs5ItSjqlmFsErJo81xXg2KyjuBjprX30E43CjJImlEaD7ZTBNNEujFVRyO
DdGkg6sVG+kVVnhlKErwpEGUMU5LZ9jQfAxpMBTHg98OkaGq0LfVdvjEgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIm0f8JxEtm6YRWzjj3lUcM6zBnAMB8GA1UdIwQY
MBaAFCMNMR/BlGP90wrezJF7XwKYdBtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yODFkZmItMzI5My00YmFiLWJhMjIt
MWJlY2I1ZGNkN2FhLzEvaWJSX3duRVMyYnBoRmJPT1BlVlJ3enJNR2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yODFkZmItMzI5My00YmFiLWJhMjItMWJlY2I1ZGNkN2Fh
LzEvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuUFFMA8E
AgACMAkDBwAqDTGAAAcwDQYJKoZIhvcNAQELBQADggEBAJkptPsCHMH5AwArt2x/
/72Rp80sii+FKxqbF9OzymTtVpisJIROp10DkRht9vnSiOIuzhjjqg5IhaIWRtkY
Pwef8otM/66/wYChaD8UJ9xnzUj15HfMj2QzciXCfKSJQO8LwX9uPaXTqMNVzoQ8
PvVFXt8GLVQoE2CytkY6OcW/5WVBOvoK9WDu+4eh1TpLqdIGPor9VUHkT6xxt3qS
oJBMKI1zsJmZeHa/7y50HW1KQmkJ7BfUFBclHO0gesCsbAkR2/20eyNdAq4Y8tji
ugO0nSxF08mpDsQQVsdWoZstRjg0barfaN/CBz9uC/C4kAWy3BOv1mZj0mqHlHfX
JnM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:20 2024 by rpki-client on console-ams.rpki-client.org