Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/sWVm7cT9EuRW1Lja1waYJoeoTFU.roa
File: sWVm7cT9EuRW1Lja1waYJoeoTFU.roa (raw, json)
Hash identifier: AjmAcXBSLt9rM/C6iIMFRtk5/NZtGukHXuiXE8gXu60=
Subject key identifier: B1:65:66:ED:C4:FD:12:E4:56:D4:B8:DA:D7:06:98:26:87:A8:4C:55
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185710C2DE1B42439149A4A4B55FD1FC363
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/sWVm7cT9EuRW1Lja1waYJoeoTFU.roa
Signing time: Mon 02 Jan 2023 05:55:01 +0000
ROA not before: Mon 02 Jan 2023 05:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16247
IP address blocks: 185.201.42.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:2d:e1:b4:24:39:14:9a:4a:4b:55:fd:1f:c3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 05:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b16566edc4fd12e456d4b8dad706982687a84c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ef:92:e9:1a:22:e0:21:69:1b:97:c7:7b:f3:
a8:31:40:45:0f:6d:b6:27:84:77:dd:9b:a4:a9:0b:
d5:de:f5:26:20:3f:28:47:f5:31:54:86:78:37:33:
bf:3b:1c:49:6c:2a:42:bc:6e:6a:09:1e:22:7a:83:
26:6b:d4:74:37:64:7c:f5:42:7d:83:f9:e5:e1:4b:
e4:84:d5:16:a5:ee:23:7a:20:b6:f4:32:8b:39:43:
de:50:ae:78:cb:b6:90:94:31:3f:22:10:eb:43:ef:
91:aa:e4:f8:d6:19:26:8e:a3:61:05:9d:18:da:47:
7e:55:e2:f3:55:6e:52:4d:e1:03:fb:a1:77:c6:03:
41:22:00:d0:00:fa:b4:bd:69:57:b1:03:32:36:a8:
88:e9:b7:c3:94:93:bb:30:16:f7:2d:aa:41:08:03:
30:c3:30:8e:45:08:54:2f:42:86:c1:6b:b2:05:7a:
a7:95:0b:41:5b:e9:d3:99:0a:6a:ee:5d:e6:19:85:
94:eb:ea:be:7b:75:6d:19:60:ad:77:c6:d8:d9:73:
b3:e3:e2:45:89:c5:0f:04:e9:5a:ae:f0:95:f8:a8:
b5:16:52:78:2b:6e:d3:42:72:b8:a6:cd:b5:10:90:
79:90:f0:24:44:54:f7:5a:cc:cf:52:7a:5e:60:93:
a9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:65:66:ED:C4:FD:12:E4:56:D4:B8:DA:D7:06:98:26:87:A8:4C:55
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/sWVm7cT9EuRW1Lja1waYJoeoTFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.42.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:f7:61:a7:53:a6:25:0c:ec:6e:f2:2b:9e:dd:bf:91:9b:60:
d3:00:0c:5e:f1:ae:33:7f:26:cf:46:da:dc:72:81:1f:43:28:
f5:29:87:59:0c:07:31:08:1e:b6:d8:2e:d7:44:a2:78:98:a2:
d4:12:a8:4d:5c:d5:48:b3:71:ac:b5:70:80:d8:f3:2b:8b:1b:
bd:98:6d:44:3b:c2:03:10:e5:5a:d3:32:40:dc:f8:de:ea:d0:
9b:7c:ab:38:6b:61:b6:ca:44:82:46:61:25:63:a8:75:44:d4:
94:88:f7:8c:41:c5:5e:3c:64:38:9c:dc:2e:da:de:50:df:e4:
a8:3d:77:6e:4b:85:01:3a:e5:4a:4d:75:50:32:37:fe:97:8c:
3d:61:dc:c0:56:62:68:39:f8:23:81:5a:9c:64:8e:cb:9b:98:
9b:82:4a:ac:03:01:43:17:1c:81:53:3d:7e:6b:92:b9:9e:7e:
d0:49:24:fb:5a:f5:50:aa:7a:2e:f9:45:59:66:77:c8:b9:ea:
0d:fc:b4:37:c3:2c:2e:96:c0:52:df:04:37:11:3b:c4:e5:aa:
f2:c3:70:85:c1:49:19:0d:d5:0f:37:a3:e2:64:90:80:f7:e5:
ef:47:70:c7:71:6f:de:3e:3e:6c:20:44:9f:ed:ae:31:d8:b5:
49:53:6b:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDC3htCQ5FJpKS1X9H8NjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTY1NjZlZGM0ZmQxMmU0NTZkNGI4ZGFkNzA2OTgyNjg3YTg0YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve+S6Roi4CFpG5fHe/OoMUBFD222
J4R33ZukqQvV3vUmID8oR/UxVIZ4NzO/OxxJbCpCvG5qCR4ieoMma9R0N2R89UJ9
g/nl4UvkhNUWpe4jeiC29DKLOUPeUK54y7aQlDE/IhDrQ++RquT41hkmjqNhBZ0Y
2kd+VeLzVW5STeED+6F3xgNBIgDQAPq0vWlXsQMyNqiI6bfDlJO7MBb3LapBCAMw
wzCORQhUL0KGwWuyBXqnlQtBW+nTmQpq7l3mGYWU6+q+e3VtGWCtd8bY2XOz4+JF
icUPBOlarvCV+Ki1FlJ4K27TQnK4ps21EJB5kPAkRFT3WszPUnpeYJOpLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFlZu3E/RLkVtS42tcGmCaHqExVMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvc1dWbTdjVDlFdVJXMUxqYTF3YVlKb2VvVEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuckqMA0G
CSqGSIb3DQEBCwUAA4IBAQCd92GnU6YlDOxu8iue3b+Rm2DTAAxe8a4zfybPRtrc
coEfQyj1KYdZDAcxCB622C7XRKJ4mKLUEqhNXNVIs3GstXCA2PMrixu9mG1EO8ID
EOVa0zJA3Pje6tCbfKs4a2G2ykSCRmElY6h1RNSUiPeMQcVePGQ4nNwu2t5Q3+So
PXduS4UBOuVKTXVQMjf+l4w9YdzAVmJoOfgjgVqcZI7Lm5ibgkqsAwFDFxyBUz1+
a5K5nn7QSST7WvVQqnou+UVZZnfIueoN/LQ3wywulsBS3wQ3ETvE5aryw3CFwUkZ
DdUPN6PiZJCA9+XvR3DHcW/ePj5sIESf7a4x2LVJU2si
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:40 2024 by rpki-client on console-fra.rpki-client.org