Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/p-fBwlXIkfmVgcUSqJeCEbHIOis.roa
File: p-fBwlXIkfmVgcUSqJeCEbHIOis.roa (raw, json)
Hash identifier: BZWV0FmCs/4TYFShe15Gd/iaIkIUqljD5i2PnHujT2Y=
Subject key identifier: A7:E7:C1:C2:55:C8:91:F9:95:81:C5:12:A8:97:82:11:B1:C8:3A:2B
Certificate issuer: /CN=49b2444644c43348d7c50f4e50e74356e9896dbf
Certificate serial: 01856ED4D721F45788F10B0097F6A0CFEC21
Authority key identifier: 49:B2:44:46:44:C4:33:48:D7:C5:0F:4E:50:E7:43:56:E9:89:6D:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SbJERkTEM0jXxQ9OUOdDVumJbb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/p-fBwlXIkfmVgcUSqJeCEbHIOis.roa
Signing time: Sun 01 Jan 2023 19:35:20 +0000
ROA not before: Sun 01 Jan 2023 19:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 185.85.233.0/24 maxlen: 24
185.85.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d7:21:f4:57:88:f1:0b:00:97:f6:a0:cf:ec:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49b2444644c43348d7c50f4e50e74356e9896dbf
Validity
Not Before: Jan 1 19:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7e7c1c255c891f99581c512a8978211b1c83a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:69:d3:d2:c0:1c:f8:04:21:9f:c7:83:0b:a2:
1e:0c:08:99:49:9d:71:9f:a4:2e:8e:18:3f:57:2f:
c9:59:60:15:1e:2d:ae:a5:55:da:bb:6c:d1:d3:00:
4f:00:84:d7:49:6e:a3:a0:ae:66:a7:8b:b4:4b:1f:
75:57:2d:df:3c:80:1d:90:8a:ea:d8:78:4a:af:1c:
0f:26:a6:9e:f1:1e:70:dc:ec:5d:73:66:c9:e7:b1:
82:bb:d9:e2:2b:f1:59:df:06:e4:eb:0b:f0:b5:80:
4f:1a:cc:3a:99:c1:99:ac:59:c8:0b:12:ce:96:95:
a3:92:f7:22:1e:77:2e:c1:29:fc:59:f1:f2:ab:3b:
1e:dd:1a:ef:25:96:c6:20:1c:85:6a:b4:d2:ce:ef:
0e:18:d1:35:44:c1:1b:5a:2c:59:b6:f8:41:e8:be:
16:25:68:3a:0a:0c:de:cd:2b:03:0e:14:51:1f:fa:
f5:04:3f:a6:63:41:73:96:90:08:7d:c1:49:9f:b0:
ea:1a:ac:e1:09:c8:ed:ce:2d:02:08:01:12:37:17:
b3:be:d9:38:7b:14:f8:23:d3:ca:ea:e1:ac:ef:02:
d4:05:b4:bb:a5:51:3b:58:ae:88:99:38:ad:1f:e2:
35:4b:68:05:fc:dc:2f:ac:20:32:6c:40:db:15:58:
8f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:E7:C1:C2:55:C8:91:F9:95:81:C5:12:A8:97:82:11:B1:C8:3A:2B
X509v3 Authority Key Identifier:
keyid:49:B2:44:46:44:C4:33:48:D7:C5:0F:4E:50:E7:43:56:E9:89:6D:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SbJERkTEM0jXxQ9OUOdDVumJbb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/p-fBwlXIkfmVgcUSqJeCEbHIOis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/SbJERkTEM0jXxQ9OUOdDVumJbb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.233.0/24
185.85.235.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ab:59:23:ba:cf:8b:39:08:d7:5c:f0:c9:21:b1:a0:5b:f7:
25:7c:99:84:b5:7d:09:e5:31:65:46:1b:2b:61:1e:c5:a6:70:
f8:19:8b:ba:dd:bb:d8:a9:98:ab:42:62:44:cd:3a:0f:28:06:
0c:63:38:e5:24:84:3c:5a:6e:42:32:26:b0:dd:de:47:6d:19:
b2:01:8b:a1:6f:d1:50:71:4c:01:97:51:ec:5a:53:52:90:dc:
77:3a:c7:e5:04:69:f0:b5:23:4f:2d:f6:01:28:f7:c2:5c:93:
02:43:22:22:dd:08:2f:94:a8:93:d4:f3:ad:3b:95:48:d6:10:
39:26:fc:cc:97:cc:f7:ea:21:e0:40:b3:97:28:78:0b:d7:8e:
9d:5f:6a:9b:09:68:eb:b5:22:6a:4e:68:fe:53:3a:14:a5:84:
ec:e7:51:8f:6c:dd:c4:66:89:6d:fc:28:e9:a2:59:b6:80:67:
1c:32:61:62:e7:10:08:47:94:5e:ab:b4:8e:aa:05:99:d8:8f:
76:81:13:c3:72:14:29:b8:48:3f:ad:95:d2:c8:df:9a:31:79:
e6:84:f6:c3:df:e0:3c:b8:ee:c1:3d:a6:b5:07:7e:f9:8d:db:
32:da:be:ce:6f:01:27:89:14:b9:1b:7c:86:ee:06:46:8a:ae:
9c:cd:b9:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu1Nch9FeI8QsAl/agz+whMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YjI0NDQ2NDRjNDMzNDhkN2M1MGY0ZTUwZTc0MzU2ZTk4
OTZkYmYwHhcNMjMwMTAxMTkzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2U3YzFjMjU1Yzg5MWY5OTU4MWM1MTJhODk3ODIxMWIxYzgzYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmnT0sAc+AQhn8eDC6IeDAiZSZ1x
n6Qujhg/Vy/JWWAVHi2upVXau2zR0wBPAITXSW6joK5mp4u0Sx91Vy3fPIAdkIrq
2HhKrxwPJqae8R5w3Oxdc2bJ57GCu9niK/FZ3wbk6wvwtYBPGsw6mcGZrFnICxLO
lpWjkvciHncuwSn8WfHyqzse3RrvJZbGIByFarTSzu8OGNE1RMEbWixZtvhB6L4W
JWg6CgzezSsDDhRRH/r1BD+mY0FzlpAIfcFJn7DqGqzhCcjtzi0CCAESNxezvtk4
exT4I9PK6uGs7wLUBbS7pVE7WK6ImTitH+I1S2gF/NwvrCAybEDbFViPyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKfnwcJVyJH5lYHFEqiXghGxyDorMB8GA1UdIwQY
MBaAFEmyREZExDNI18UPTlDnQ1bpiW2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2JKRVJrVEVNMGpYeFE5T1VPZERWdW1KYmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi82NGNkYmQtYzg1MS00YjM1LWJiNzkt
NzUzZDk2OWEwNzAyLzEvcC1mQndsWElrZm1WZ2NVU3FKZUNFYkhJT2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi82NGNkYmQtYzg1MS00YjM1LWJiNzktNzUzZDk2OWEwNzAy
LzEvU2JKRVJrVEVNMGpYeFE5T1VPZERWdW1KYmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVXpAwQA
uVXrMA0GCSqGSIb3DQEBCwUAA4IBAQAJq1kjus+LOQjXXPDJIbGgW/clfJmEtX0J
5TFlRhsrYR7FpnD4GYu63bvYqZirQmJEzToPKAYMYzjlJIQ8Wm5CMiaw3d5HbRmy
AYuhb9FQcUwBl1HsWlNSkNx3OsflBGnwtSNPLfYBKPfCXJMCQyIi3QgvlKiT1POt
O5VI1hA5JvzMl8z36iHgQLOXKHgL146dX2qbCWjrtSJqTmj+UzoUpYTs51GPbN3E
Zolt/Cjpolm2gGccMmFi5xAIR5Req7SOqgWZ2I92gRPDchQpuEg/rZXSyN+aMXnm
hPbD3+A8uO7BPaa1B375jdsy2r7ObwEniRS5G3yG7gZGiq6czblE
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:16 2024 by rpki-client on console-fra.rpki-client.org