Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/sYqQcsPoQdShLbLuvpU-crLY_CE.roa
File: sYqQcsPoQdShLbLuvpU-crLY_CE.roa (raw, json)
Hash identifier: V2je2JRV48f2Nbz/MmEZWgCZPH0lzoajiiSfpgObjb0=
Subject key identifier: B1:8A:90:72:C3:E8:41:D4:A1:2D:B2:EE:BE:95:3E:72:B2:D8:FC:21
Certificate issuer: /CN=20f0c4ad1c4b0c536ed18723c8a95a348d28bf65
Certificate serial: 01857079B4BCAC45D14D1037B70C9B0DB1D5
Authority key identifier: 20:F0:C4:AD:1C:4B:0C:53:6E:D1:87:23:C8:A9:5A:34:8D:28:BF:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPDErRxLDFNu0YcjyKlaNI0ov2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/sYqQcsPoQdShLbLuvpU-crLY_CE.roa
Signing time: Mon 02 Jan 2023 03:15:02 +0000
ROA not before: Mon 02 Jan 2023 03:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59689
IP address blocks: 185.3.128.0/22 maxlen: 22
2a02:5cc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 03 Dec 2023 14:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:b4:bc:ac:45:d1:4d:10:37:b7:0c:9b:0d:b1:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f0c4ad1c4b0c536ed18723c8a95a348d28bf65
Validity
Not Before: Jan 2 03:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b18a9072c3e841d4a12db2eebe953e72b2d8fc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e4:cc:7c:0f:ff:8b:d7:d1:9e:ec:fb:96:5e:
ab:fb:c6:b6:b5:e5:02:06:07:36:46:fe:77:f1:ef:
44:57:65:07:bb:f6:99:2b:d4:85:60:40:49:07:9a:
9e:c9:4c:ff:bf:cc:db:0e:b1:d8:ae:25:95:c8:2e:
ad:26:f9:16:24:22:b3:d8:f7:8e:2e:30:e0:9a:bc:
42:06:14:f6:f0:8d:a1:b3:be:17:6e:b1:92:1b:be:
e9:c1:59:8d:0b:84:b3:3f:63:b5:a9:32:3c:ac:8d:
e0:b7:30:02:fd:65:25:ff:10:69:35:cd:bc:b8:1e:
b9:a4:ea:3b:38:36:41:4a:a6:13:24:c9:89:d1:35:
57:d5:fa:3a:67:83:90:aa:d2:ff:e6:1d:f8:51:90:
ce:ab:74:f3:37:9e:3e:9b:2b:30:83:b0:b2:e6:6f:
c8:20:14:d7:ff:de:1e:bf:53:d9:67:b4:9f:e1:00:
a8:38:81:0e:f5:fd:0d:0b:ea:e8:76:05:9a:b1:f2:
d8:d1:16:22:15:bf:5a:0b:6f:52:65:0e:5c:cd:cd:
df:cf:b6:bb:0d:9a:ee:45:92:ab:83:ed:74:a8:0a:
e7:64:00:31:c5:17:c7:c7:af:57:c2:d0:05:a1:22:
de:56:ae:15:a8:9d:42:5c:40:86:29:ec:2d:7d:7a:
be:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8A:90:72:C3:E8:41:D4:A1:2D:B2:EE:BE:95:3E:72:B2:D8:FC:21
X509v3 Authority Key Identifier:
keyid:20:F0:C4:AD:1C:4B:0C:53:6E:D1:87:23:C8:A9:5A:34:8D:28:BF:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPDErRxLDFNu0YcjyKlaNI0ov2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/sYqQcsPoQdShLbLuvpU-crLY_CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/IPDErRxLDFNu0YcjyKlaNI0ov2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.128.0/22
IPv6:
2a02:5cc0::/32
Signature Algorithm: sha256WithRSAEncryption
a5:bb:8c:c4:12:28:8c:5b:9a:f6:57:a1:a7:a9:d5:1d:fd:77:
ff:c8:3d:d4:dd:b8:19:ee:eb:7a:87:55:9e:ca:b2:32:c1:33:
81:ee:54:47:9c:10:8a:4e:23:88:91:44:29:6f:fc:7f:be:18:
c1:33:ef:3a:d1:ca:96:fe:84:de:e9:51:1b:1e:ea:f3:01:b5:
da:23:4c:0a:8e:f3:fd:50:a1:5d:b6:ec:fc:c2:01:cc:4c:a3:
9d:26:b0:83:46:23:d4:47:36:5b:2a:7d:f5:b6:85:a3:c5:57:
aa:07:34:06:b7:2a:78:e4:87:d2:61:5a:d7:a3:32:d0:96:78:
d0:6a:13:6b:c5:b9:90:e5:c5:11:0e:c3:ce:ef:3c:27:77:58:
ca:ce:db:e1:57:e0:19:7b:2f:03:01:82:c1:93:45:b1:48:b4:
c2:7e:4b:02:40:a2:d3:0c:53:d3:4b:05:d3:fb:e1:80:42:0e:
03:8c:05:fe:71:05:98:56:5e:98:e0:86:f8:13:33:e0:ad:35:
b8:cc:cf:59:94:5e:e4:e6:1d:67:4d:8a:bb:22:49:c6:30:ac:
18:74:49:b4:4c:6c:92:f2:10:dc:78:a4:05:2a:8a:25:d2:8b:
d4:39:92:57:1f:90:50:6b:77:14:ed:d9:4a:6f:11:22:58:53:
bf:f5:c4:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwebS8rEXRTRA3twybDbHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjBjNGFkMWM0YjBjNTM2ZWQxODcyM2M4YTk1YTM0OGQy
OGJmNjUwHhcNMjMwMTAyMDMxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThhOTA3MmMzZTg0MWQ0YTEyZGIyZWViZTk1M2U3MmIyZDhmYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOTMfA//i9fRnuz7ll6r+8a2teUC
Bgc2Rv538e9EV2UHu/aZK9SFYEBJB5qeyUz/v8zbDrHYriWVyC6tJvkWJCKz2PeO
LjDgmrxCBhT28I2hs74XbrGSG77pwVmNC4SzP2O1qTI8rI3gtzAC/WUl/xBpNc28
uB65pOo7ODZBSqYTJMmJ0TVX1fo6Z4OQqtL/5h34UZDOq3TzN54+myswg7Cy5m/I
IBTX/94ev1PZZ7Sf4QCoOIEO9f0NC+rodgWasfLY0RYiFb9aC29SZQ5czc3fz7a7
DZruRZKrg+10qArnZAAxxRfHx69XwtAFoSLeVq4VqJ1CXECGKewtfXq+RQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLGKkHLD6EHUoS2y7r6VPnKy2PwhMB8GA1UdIwQY
MBaAFCDwxK0cSwxTbtGHI8ipWjSNKL9lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBERXJSeExERk51MFljanlLbGFOSTBvdjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81Y2FhYjctMGViMC00MjlmLWE3YjAt
ZTdkNDU1MWMxOWFiLzEvc1lxUWNzUG9RZFNoTGJMdXZwVS1jckxZX0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81Y2FhYjctMGViMC00MjlmLWE3YjAtZTdkNDU1MWMxOWFi
LzEvSVBERXJSeExERk51MFljanlLbGFOSTBvdjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQOAMA0E
AgACMAcDBQAqAlzAMA0GCSqGSIb3DQEBCwUAA4IBAQClu4zEEiiMW5r2V6GnqdUd
/Xf/yD3U3bgZ7ut6h1WeyrIywTOB7lRHnBCKTiOIkUQpb/x/vhjBM+860cqW/oTe
6VEbHurzAbXaI0wKjvP9UKFdtuz8wgHMTKOdJrCDRiPURzZbKn31toWjxVeqBzQG
typ45IfSYVrXozLQlnjQahNrxbmQ5cURDsPO7zwnd1jKztvhV+AZey8DAYLBk0Wx
SLTCfksCQKLTDFPTSwXT++GAQg4DjAX+cQWYVl6Y4Ib4EzPgrTW4zM9ZlF7k5h1n
TYq7IknGMKwYdEm0TGyS8hDceKQFKool0ovUOZJXH5BQa3cU7dlKbxEiWFO/9cTm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:05 2024 by rpki-client on console-ams.rpki-client.org