Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/xWtzBnVGayzGGoODa1UIFXrGdo0.roa
File: xWtzBnVGayzGGoODa1UIFXrGdo0.roa (raw, json)
Hash identifier: oTfd6T+YHjA2Yq+384Z3/kyqQY3B9//gmxNfvH2IWkU=
Subject key identifier: C5:6B:73:06:75:46:6B:2C:C6:1A:83:83:6B:55:08:15:7A:C6:76:8D
Certificate issuer: /CN=1ba8ea3a2288a6af8f64a8383002c74085579a07
Certificate serial: 018571DE903655E53256AD9A027A797A0855
Authority key identifier: 1B:A8:EA:3A:22:88:A6:AF:8F:64:A8:38:30:02:C7:40:85:57:9A:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/xWtzBnVGayzGGoODa1UIFXrGdo0.roa
Signing time: Mon 02 Jan 2023 09:44:49 +0000
ROA not before: Mon 02 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212975
IP address blocks: 185.115.72.0/23 maxlen: 23
185.115.74.0/23 maxlen: 23
2a01:9647::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:90:36:55:e5:32:56:ad:9a:02:7a:79:7a:08:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba8ea3a2288a6af8f64a8383002c74085579a07
Validity
Not Before: Jan 2 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c56b730675466b2cc61a83836b5508157ac6768d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bc:0e:d9:93:36:0e:31:ac:27:4f:c4:33:d3:
e4:1b:0f:9b:9a:1f:60:40:4e:fb:78:93:01:21:69:
67:5b:2f:de:35:cf:f2:7b:12:c9:50:40:7a:c2:77:
77:9a:15:e5:8f:de:70:24:61:63:79:ee:41:aa:e9:
8e:59:50:8d:7e:b5:4e:de:ed:6d:4c:76:f0:65:94:
55:b6:82:be:6c:31:9d:7d:08:82:7b:9f:40:56:2d:
be:93:fd:2f:cf:aa:d4:9b:c3:88:6f:56:b2:83:0a:
18:a3:f9:31:1a:fa:44:71:1b:d9:ef:2c:0c:ce:23:
0f:5e:93:7d:41:19:09:92:f2:eb:10:5c:d6:b6:26:
b5:9a:f7:ef:ab:f9:ac:c7:ad:ca:43:85:8e:68:93:
4a:ca:12:46:c5:8a:7c:de:6f:4c:2d:b7:63:92:34:
7c:35:f3:5e:0f:ff:4b:e5:fe:96:0c:77:12:09:fe:
d9:84:c1:f8:62:23:26:c1:55:6e:1d:be:21:c8:49:
13:5d:11:27:ba:53:3d:14:20:8c:4c:06:2e:71:9d:
16:a6:97:6e:24:f2:65:a8:ea:04:c3:32:04:69:bd:
9c:7d:b1:e0:07:a0:22:b3:55:d0:94:0a:2c:50:ee:
73:4a:13:26:82:a4:b9:e1:d9:34:3a:46:f1:c7:9c:
27:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6B:73:06:75:46:6B:2C:C6:1A:83:83:6B:55:08:15:7A:C6:76:8D
X509v3 Authority Key Identifier:
keyid:1B:A8:EA:3A:22:88:A6:AF:8F:64:A8:38:30:02:C7:40:85:57:9A:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/xWtzBnVGayzGGoODa1UIFXrGdo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/G6jqOiKIpq-PZKg4MALHQIVXmgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.72.0/22
IPv6:
2a01:9647::/32
Signature Algorithm: sha256WithRSAEncryption
3c:75:9d:01:56:6d:1d:c2:e9:5c:05:02:09:3b:40:be:1f:a5:
3c:bb:3f:43:91:b4:87:b7:07:2a:9f:ce:e3:ee:8f:9a:96:75:
c6:f4:64:b5:e1:04:c6:92:d6:02:cb:8a:89:46:e1:8e:11:1b:
40:29:47:cd:e9:3e:76:cb:90:c9:f5:e3:b6:b6:50:62:41:a8:
15:e9:da:33:40:9b:27:db:e2:64:7e:1f:0b:d9:90:e2:ec:44:
21:41:43:c6:be:e2:9d:02:00:45:4a:8f:16:2f:a3:ea:0e:75:
f3:49:d6:a9:1a:98:39:a4:2d:5c:a2:34:44:31:84:cd:49:95:
0a:c8:87:71:a0:ac:a7:44:9c:c9:39:86:01:08:2c:da:d2:33:
9f:2b:3e:e1:ca:6a:38:6a:e1:39:f9:ef:73:bf:3c:93:64:f1:
f7:f2:e4:3a:9b:c2:87:09:83:39:f0:d6:dd:67:6f:85:14:05:
b3:cd:76:57:72:1a:42:3d:91:85:8d:2d:8a:10:2f:89:e1:79:
ff:be:6c:70:78:32:33:e4:0b:14:96:6d:e1:f7:30:f1:d5:b9:
e2:d0:22:bb:3b:45:0a:3d:89:17:a1:00:bc:96:65:1e:4b:0e:
47:da:6a:a1:36:e5:7a:4f:58:84:ed:44:ee:bf:c3:24:c9:73:
71:fa:47:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx3pA2VeUyVq2aAnp5eghVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYThlYTNhMjI4OGE2YWY4ZjY0YTgzODMwMDJjNzQwODU1
NzlhMDcwHhcNMjMwMTAyMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTZiNzMwNjc1NDY2YjJjYzYxYTgzODM2YjU1MDgxNTdhYzY3NjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLwO2ZM2DjGsJ0/EM9PkGw+bmh9g
QE77eJMBIWlnWy/eNc/yexLJUEB6wnd3mhXlj95wJGFjee5BqumOWVCNfrVO3u1t
THbwZZRVtoK+bDGdfQiCe59AVi2+k/0vz6rUm8OIb1aygwoYo/kxGvpEcRvZ7ywM
ziMPXpN9QRkJkvLrEFzWtia1mvfvq/msx63KQ4WOaJNKyhJGxYp83m9MLbdjkjR8
NfNeD/9L5f6WDHcSCf7ZhMH4YiMmwVVuHb4hyEkTXREnulM9FCCMTAYucZ0Wppdu
JPJlqOoEwzIEab2cfbHgB6Ais1XQlAosUO5zShMmgqS54dk0Okbxx5wnMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVrcwZ1RmssxhqDg2tVCBV6xnaNMB8GA1UdIwQY
MBaAFBuo6joiiKavj2SoODACx0CFV5oHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZqcU9pS0lwcS1QWktnNE1BTEhRSVZYbWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9jMGIyODMtODhiOS00M2NkLWIwOGYt
YThlYTQzMjUzZWQ1LzEveFd0ekJuVkdheXpHR29PRGExVUlGWHJHZG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9jMGIyODMtODhiOS00M2NkLWIwOGYtYThlYTQzMjUzZWQ1
LzEvRzZqcU9pS0lwcS1QWktnNE1BTEhRSVZYbWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXNIMA0E
AgACMAcDBQAqAZZHMA0GCSqGSIb3DQEBCwUAA4IBAQA8dZ0BVm0dwulcBQIJO0C+
H6U8uz9DkbSHtwcqn87j7o+alnXG9GS14QTGktYCy4qJRuGOERtAKUfN6T52y5DJ
9eO2tlBiQagV6dozQJsn2+Jkfh8L2ZDi7EQhQUPGvuKdAgBFSo8WL6PqDnXzSdap
Gpg5pC1cojREMYTNSZUKyIdxoKynRJzJOYYBCCza0jOfKz7hymo4auE5+e9zvzyT
ZPH38uQ6m8KHCYM58NbdZ2+FFAWzzXZXchpCPZGFjS2KEC+J4Xn/vmxweDIz5AsU
lm3h9zDx1bni0CK7O0UKPYkXoQC8lmUeSw5H2mqhNuV6T1iE7UTuv8MkyXNx+ke4
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:33 2024 by rpki-client on console-fra.rpki-client.org