Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/Czv-qaZR9PzQHqwEwpQ_Vp1q-Kg.roa
File: Czv-qaZR9PzQHqwEwpQ_Vp1q-Kg.roa (raw, json)
Hash identifier: jGhWuC1aw3pZoDa5sWW25S6/tp+vc+31rhLtZ1j6t2Q=
Subject key identifier: 0B:3B:FE:A9:A6:51:F4:FC:D0:1E:AC:04:C2:94:3F:56:9D:6A:F8:A8
Certificate issuer: /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial: 01856F5DEB83F091863DBDDCF98A7CF3BA89
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/Czv-qaZR9PzQHqwEwpQ_Vp1q-Kg.roa
Signing time: Sun 01 Jan 2023 22:05:03 +0000
ROA not before: Sun 01 Jan 2023 22:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35545
IP address blocks: 185.42.222.0/24 maxlen: 24
2a06:bdc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:eb:83:f0:91:86:3d:bd:dc:f9:8a:7c:f3:ba:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Validity
Not Before: Jan 1 22:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b3bfea9a651f4fcd01eac04c2943f569d6af8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:55:4a:5f:d4:6c:0a:8b:e8:f8:20:26:43:d3:
46:26:e7:74:c8:7c:2b:fe:b4:61:df:fb:21:6a:38:
68:89:09:96:0f:2f:f1:b5:3b:66:43:65:ba:09:34:
60:25:3d:0e:98:9c:c9:70:91:90:21:9f:93:af:8b:
9c:7d:fc:e4:9a:44:81:49:f4:cd:0e:e3:b3:13:7b:
97:be:10:af:00:9d:a3:fe:f1:fa:c1:cb:05:c3:08:
7b:08:3d:35:33:c6:d3:f5:24:e4:f2:43:3d:50:ea:
14:b0:93:ff:29:a8:87:1a:20:be:8f:a0:6f:16:8a:
09:46:ed:b5:1c:c9:9a:09:9d:d7:d1:38:e3:2a:d2:
6d:2a:e5:49:62:a0:29:b1:ae:e8:24:85:38:3c:b0:
ab:16:bc:14:90:e1:89:a6:b8:38:a7:40:23:d3:a3:
7d:95:8a:70:db:c4:17:d6:57:15:d5:ed:af:32:ed:
a3:b8:a9:96:e1:50:fc:b8:2e:72:b1:ec:21:5d:b7:
c9:cc:a6:28:78:85:9f:c0:f1:03:f1:e8:f8:96:c3:
d7:40:ce:12:08:b7:b0:33:98:b8:dc:78:91:f6:b8:
b8:e5:e5:f6:6a:e7:0c:1a:e1:36:4e:84:74:db:ca:
a8:6e:b8:48:2a:32:0a:1b:38:08:02:21:07:28:59:
3d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3B:FE:A9:A6:51:F4:FC:D0:1E:AC:04:C2:94:3F:56:9D:6A:F8:A8
X509v3 Authority Key Identifier:
keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/Czv-qaZR9PzQHqwEwpQ_Vp1q-Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.222.0/24
IPv6:
2a06:bdc7::/32
Signature Algorithm: sha256WithRSAEncryption
b8:85:6d:07:d3:ff:26:51:f7:a4:24:7f:45:ea:1b:96:54:c7:
be:6f:8c:6b:13:d1:ee:5d:c6:31:26:1c:aa:23:3b:0b:81:f0:
42:bb:26:8e:a4:e0:c6:af:16:74:e4:bd:ee:3d:da:3c:10:fc:
81:3b:39:ef:07:d2:0b:91:b8:13:a9:b8:1d:cd:a8:9c:f9:d8:
0d:a8:78:c5:f7:b6:03:be:19:14:d0:09:ed:00:da:3f:57:5e:
2d:2b:8e:1e:98:f2:00:32:c4:42:59:74:2f:50:5f:e2:8f:93:
1d:99:93:8a:c4:8a:d7:d8:98:14:ad:d4:9e:d7:b3:48:2c:ed:
af:02:35:91:42:14:bc:aa:01:27:7b:f0:51:14:1f:30:8e:d0:
36:de:81:69:18:a5:b0:ef:4b:a3:b2:63:e2:fc:bb:61:17:bd:
17:2a:86:c2:64:8c:09:cf:9b:d5:0a:9e:25:5e:3e:3e:f8:d2:
7b:d5:1d:7b:ee:10:4e:17:8f:9d:33:15:eb:29:18:ae:61:b3:
98:5b:4b:11:5a:bc:9a:39:2c:7a:b9:9d:ef:69:7a:94:f5:1b:
a0:85:1d:6d:85:b4:70:2e:7d:10:39:0d:01:67:6c:93:28:68:
56:31:ef:e3:ce:90:61:60:09:2f:ff:58:51:8a:f6:a6:66:39:
1c:8a:28:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvXeuD8JGGPb3c+Yp887qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGVjNGE0NmE2ZTZlNGY5YTkyZDBiYTJlMGIzYWI1NjU4
YmUxYmQwHhcNMjMwMTAxMjIwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNiZmVhOWE2NTFmNGZjZDAxZWFjMDRjMjk0M2Y1NjlkNmFmOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1VKX9RsCovo+CAmQ9NGJud0yHwr
/rRh3/shajhoiQmWDy/xtTtmQ2W6CTRgJT0OmJzJcJGQIZ+Tr4ucffzkmkSBSfTN
DuOzE3uXvhCvAJ2j/vH6wcsFwwh7CD01M8bT9STk8kM9UOoUsJP/KaiHGiC+j6Bv
FooJRu21HMmaCZ3X0TjjKtJtKuVJYqApsa7oJIU4PLCrFrwUkOGJprg4p0Aj06N9
lYpw28QX1lcV1e2vMu2juKmW4VD8uC5ysewhXbfJzKYoeIWfwPED8ej4lsPXQM4S
CLewM5i43HiR9ri45eX2aucMGuE2ToR028qobrhIKjIKGzgIAiEHKFk9CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAs7/qmmUfT80B6sBMKUP1adavioMB8GA1UdIwQY
MBaAFP/exKRqbm5PmpLQui4LOrVli+G9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEt
N2U4YzZkNGQ5YmVmLzEvQ3p2LXFhWlI5UHpRSHF3RXdwUV9WcDFxLUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEtN2U4YzZkNGQ5YmVm
LzEvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSreMA0E
AgACMAcDBQAqBr3HMA0GCSqGSIb3DQEBCwUAA4IBAQC4hW0H0/8mUfekJH9F6huW
VMe+b4xrE9HuXcYxJhyqIzsLgfBCuyaOpODGrxZ05L3uPdo8EPyBOznvB9ILkbgT
qbgdzaic+dgNqHjF97YDvhkU0AntANo/V14tK44emPIAMsRCWXQvUF/ij5MdmZOK
xIrX2JgUrdSe17NILO2vAjWRQhS8qgEne/BRFB8wjtA23oFpGKWw70ujsmPi/Lth
F70XKobCZIwJz5vVCp4lXj4++NJ71R177hBOF4+dMxXrKRiuYbOYW0sRWryaOSx6
uZ3vaXqU9RughR1thbRwLn0QOQ0BZ2yTKGhWMe/jzpBhYAkv/1hRivamZjkciijA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:52 2024 by rpki-client on console-ams.rpki-client.org