Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/dikJpJccjGXbjIyc3DuZ15ne4vw.roa
File: dikJpJccjGXbjIyc3DuZ15ne4vw.roa (raw, json)
Hash identifier: gNnvf8JXGSBnqaY/9+7vxgF77ycJxlA9ynQh4b5kG0I=
Subject key identifier: 76:29:09:A4:97:1C:8C:65:DB:8C:8C:9C:DC:3B:99:D7:99:DE:E2:FC
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 01856D0AD24FCC35415705BD8E1EB011C437
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/dikJpJccjGXbjIyc3DuZ15ne4vw.roa
Signing time: Sun 01 Jan 2023 11:15:03 +0000
ROA not before: Sun 01 Jan 2023 11:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61144
IP address blocks: 185.172.197.0/24 maxlen: 24
185.172.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d2:4f:cc:35:41:57:05:bd:8e:1e:b0:11:c4:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: Jan 1 11:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=762909a4971c8c65db8c8c9cdc3b99d799dee2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0d:1e:56:bf:af:c7:5b:6c:18:6f:53:2b:c1:
e7:c7:ba:bd:b6:18:04:f8:4a:91:2b:73:d0:f5:c5:
d0:f1:52:5d:91:af:9c:b0:1c:86:3e:fe:5b:38:db:
57:7a:c2:3b:f3:44:67:9b:c6:e8:90:e9:38:03:fc:
0d:b4:63:94:4b:24:05:ca:6d:bb:89:e4:c6:4a:e7:
d3:7c:c4:e2:b8:f4:e1:81:a0:88:de:71:f9:6a:af:
a3:6c:ae:c3:d0:c6:76:86:86:72:2f:70:d7:c5:3c:
de:e7:4d:55:6b:11:94:73:df:0e:38:4c:e7:0c:72:
da:fd:16:7e:5e:76:a6:ad:19:65:d0:dc:6e:39:26:
f5:47:9c:a4:d1:13:3d:1b:9c:94:d3:7f:15:73:3e:
d4:fe:d6:23:52:47:4b:88:9c:34:46:d9:4a:48:46:
4d:a3:f4:a9:3c:47:a6:a5:1d:06:54:67:a0:cc:2e:
15:3e:0f:0b:80:87:53:e2:02:99:4e:28:0a:e3:3e:
0a:8d:6d:c5:da:6e:e8:d0:55:5b:e5:3a:4b:f2:54:
f6:00:55:75:d8:90:0e:0b:5c:39:c0:f8:d1:ee:1e:
6f:0b:44:15:6b:c8:71:09:6f:d9:0c:93:15:47:9f:
9b:4e:d7:1b:67:52:2c:f6:86:1b:9e:a8:c6:c2:db:
69:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:29:09:A4:97:1C:8C:65:DB:8C:8C:9C:DC:3B:99:D7:99:DE:E2:FC
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/dikJpJccjGXbjIyc3DuZ15ne4vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.196.0/23
Signature Algorithm: sha256WithRSAEncryption
74:bc:80:a3:6e:4d:ce:ed:e1:9f:2e:d4:79:bb:f6:3d:8c:00:
51:01:30:16:11:a1:29:ee:aa:f2:16:c3:c6:ca:dc:50:d6:a2:
d8:82:d5:de:49:62:6b:dd:e0:79:44:c4:4e:5b:aa:95:9a:cc:
f3:22:66:01:5c:f1:b7:c4:42:6e:2b:6a:13:ee:90:c8:a4:cf:
70:ca:00:1d:cb:70:8a:3a:da:4f:b3:5d:b0:3a:f3:a2:33:80:
54:19:18:f8:93:dc:4c:58:e1:33:42:23:cf:c6:e1:be:5a:aa:
83:7d:56:47:93:6b:f9:f5:1d:65:be:97:7f:dc:72:30:89:ec:
53:11:d1:c8:03:0d:4b:fc:29:0c:97:9e:ca:c5:98:8a:af:c0:
6f:42:2c:32:1b:61:20:da:be:c6:98:0c:8a:29:ae:16:ea:e5:
4f:93:6d:6a:b9:90:6d:4d:07:9c:e4:cf:44:7d:3e:32:27:e9:
bc:d2:8a:f8:e2:28:bf:e6:f4:e9:7e:e9:a8:94:3d:16:92:0b:
26:d0:04:0a:08:96:0a:bb:67:2e:c1:a0:5e:78:5e:5e:5c:a7:
f1:bb:a9:56:3d:dd:ca:4f:50:dd:d0:19:c2:56:21:9c:25:f2:
9d:3b:fa:b5:d9:c3:60:bd:ed:c2:45:40:7c:48:ba:b8:0a:60:
a7:29:68:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCtJPzDVBVwW9jh6wEcQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjViZDIxYzY4MzIwN2RhMGMzOWZiMzc5ODUzNWFmNDll
MGJmZjUwHhcNMjMwMTAxMTExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjI5MDlhNDk3MWM4YzY1ZGI4YzhjOWNkYzNiOTlkNzk5ZGVlMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw0eVr+vx1tsGG9TK8Hnx7q9thgE
+EqRK3PQ9cXQ8VJdka+csByGPv5bONtXesI780Rnm8bokOk4A/wNtGOUSyQFym27
ieTGSufTfMTiuPThgaCI3nH5aq+jbK7D0MZ2hoZyL3DXxTze501VaxGUc98OOEzn
DHLa/RZ+XnamrRll0NxuOSb1R5yk0RM9G5yU038Vcz7U/tYjUkdLiJw0RtlKSEZN
o/SpPEempR0GVGegzC4VPg8LgIdT4gKZTigK4z4KjW3F2m7o0FVb5TpL8lT2AFV1
2JAOC1w5wPjR7h5vC0QVa8hxCW/ZDJMVR5+bTtcbZ1Is9oYbnqjGwttpzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYpCaSXHIxl24yMnNw7mdeZ3uL8MB8GA1UdIwQY
MBaAFA9lvSHGgyB9oMOfs3mFNa9J4L/1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgt
ZTIzZjEwZTRiOTFjLzEvZGlrSnBKY2NqR1hiakl5YzNEdVoxNW5lNHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgtZTIzZjEwZTRiOTFj
LzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuazEMA0G
CSqGSIb3DQEBCwUAA4IBAQB0vICjbk3O7eGfLtR5u/Y9jABRATAWEaEp7qryFsPG
ytxQ1qLYgtXeSWJr3eB5RMROW6qVmszzImYBXPG3xEJuK2oT7pDIpM9wygAdy3CK
OtpPs12wOvOiM4BUGRj4k9xMWOEzQiPPxuG+WqqDfVZHk2v59R1lvpd/3HIwiexT
EdHIAw1L/CkMl57KxZiKr8BvQiwyG2Eg2r7GmAyKKa4W6uVPk21quZBtTQec5M9E
fT4yJ+m80or44ii/5vTpfumolD0Wkgsm0AQKCJYKu2cuwaBeeF5eXKfxu6lWPd3K
T1Dd0BnCViGcJfKdO/q12cNgve3CRUB8SLq4CmCnKWhF
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:16 2024 by rpki-client on console-fra.rpki-client.org