Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/sP5R9TvxqJP0xAyGd95IjUHiehI.roa
File: sP5R9TvxqJP0xAyGd95IjUHiehI.roa (raw, json)
Hash identifier: lfC2Oxk0rQtAuImSVHgwQFMrkiUoZOb+gZODFMeU1SU=
Subject key identifier: B0:FE:51:F5:3B:F1:A8:93:F4:C4:0C:86:77:DE:48:8D:41:E2:7A:12
Certificate issuer: /CN=a316c7659af1d56bc718faf614f092758f5edc7f
Certificate serial: 01856EEFE21D1AB1BE59BD319907B7101AF4
Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/sP5R9TvxqJP0xAyGd95IjUHiehI.roa
Signing time: Sun 01 Jan 2023 20:04:52 +0000
ROA not before: Sun 01 Jan 2023 20:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206998
IP address blocks: 185.221.85.0/24 maxlen: 24
185.221.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Dec 2023 16:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e2:1d:1a:b1:be:59:bd:31:99:07:b7:10:1a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f
Validity
Not Before: Jan 1 20:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0fe51f53bf1a893f4c40c8677de488d41e27a12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d3:65:2c:be:0b:6a:2a:05:a3:1c:68:0a:9b:
f9:b5:ea:f4:45:19:e8:b6:d4:5d:b1:e5:cb:ce:88:
18:e3:90:19:58:b0:0b:61:53:6c:29:7d:d5:6d:22:
13:23:d9:6a:34:6b:96:b6:0a:14:8a:a4:a6:07:98:
f4:d5:75:09:4a:46:ff:e9:ef:ef:0b:24:37:02:d3:
54:0f:48:5e:1f:fe:9e:c6:26:24:f4:42:72:9b:f1:
dc:3b:27:e4:4c:46:76:9f:88:d0:dc:ac:e2:ec:1b:
dd:ea:ce:f4:31:95:30:93:b1:35:01:7d:62:16:31:
ae:bc:e3:32:1e:7f:5c:ab:5a:1f:8d:d0:28:ae:76:
fb:8f:e4:4c:43:34:03:45:06:6e:4d:61:3e:15:44:
5f:44:87:78:f2:1d:7b:b8:06:ca:0f:4c:6f:90:e5:
44:84:12:a0:79:07:3e:25:0c:87:d0:96:51:89:3d:
d7:1d:41:9e:a0:b7:3f:8e:b7:d9:6d:5a:0f:f6:a8:
d4:e4:d2:35:5e:11:fa:48:5b:15:1d:c4:c7:47:39:
55:f5:e0:3b:da:c9:2c:87:86:a9:a1:a9:e8:f2:05:
46:44:58:a1:a8:4c:39:40:5f:65:25:b5:31:52:df:
cf:8f:6b:86:d1:8f:a5:ad:b7:a1:c9:ae:f8:ce:a8:
a8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FE:51:F5:3B:F1:A8:93:F4:C4:0C:86:77:DE:48:8D:41:E2:7A:12
X509v3 Authority Key Identifier:
keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/sP5R9TvxqJP0xAyGd95IjUHiehI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.85.0-185.221.86.255
Signature Algorithm: sha256WithRSAEncryption
37:59:d1:64:ec:2b:53:33:64:73:80:98:85:dd:d5:bd:b9:75:
49:be:a7:f5:d0:07:a8:d9:3b:ee:a5:13:1f:38:94:f0:2a:bd:
2f:88:d9:6a:62:b2:1c:a5:5f:8a:a7:52:c4:ef:1e:45:56:75:
d1:f6:f8:18:35:aa:5c:bd:92:1d:a1:80:50:12:15:a6:62:e1:
19:15:39:0a:c2:b8:55:00:ce:03:50:87:fa:03:d8:1b:f1:17:
bc:99:c5:be:4e:dc:03:c7:0c:b8:c7:7f:e7:74:29:2c:02:cd:
39:25:10:b2:1f:10:3f:fb:6d:6c:09:72:2c:48:7c:6c:83:39:
02:ff:1d:42:79:b8:b1:54:90:03:6a:31:8e:a3:34:ca:49:83:
d6:19:55:75:9d:aa:76:69:bc:41:e5:0d:64:75:f4:83:7f:df:
31:f5:7d:c9:e3:54:cf:38:0c:83:55:d5:90:ab:cf:8f:20:56:
23:af:c6:f8:6e:74:17:bb:29:33:77:2c:23:6b:d4:89:7d:66:
56:ac:c6:98:89:b4:9c:ff:df:bd:b3:00:7b:16:13:d7:a6:3c:
76:d5:d5:d0:99:b7:96:60:0b:10:3e:20:3a:17:94:b7:3d:7b:
86:a6:33:43:3e:28:13:c5:b6:5a:08:f2:be:13:7d:fd:a0:da:
45:fd:51:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVu7+IdGrG+Wb0xmQe3EBr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1
ZWRjN2YwHhcNMjMwMTAxMjAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGZlNTFmNTNiZjFhODkzZjRjNDBjODY3N2RlNDg4ZDQxZTI3YTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9NlLL4LaioFoxxoCpv5ter0RRno
ttRdseXLzogY45AZWLALYVNsKX3VbSITI9lqNGuWtgoUiqSmB5j01XUJSkb/6e/v
CyQ3AtNUD0heH/6exiYk9EJym/HcOyfkTEZ2n4jQ3Kzi7Bvd6s70MZUwk7E1AX1i
FjGuvOMyHn9cq1ofjdAornb7j+RMQzQDRQZuTWE+FURfRId48h17uAbKD0xvkOVE
hBKgeQc+JQyH0JZRiT3XHUGeoLc/jrfZbVoP9qjU5NI1XhH6SFsVHcTHRzlV9eA7
2sksh4apoano8gVGRFihqEw5QF9lJbUxUt/Pj2uG0Y+lrbehya74zqioTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLD+UfU78aiT9MQMhnfeSI1B4noSMB8GA1UdIwQY
MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt
MzY4N2M4MThlZGU1LzEvc1A1UjlUdnhxSlAweEF5R2Q5NUlqVUhpZWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUtMzY4N2M4MThlZGU1
LzEvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC53VUD
BAC53VYwDQYJKoZIhvcNAQELBQADggEBADdZ0WTsK1MzZHOAmIXd1b25dUm+p/XQ
B6jZO+6lEx84lPAqvS+I2WpishylX4qnUsTvHkVWddH2+Bg1qly9kh2hgFASFaZi
4RkVOQrCuFUAzgNQh/oD2BvxF7yZxb5O3APHDLjHf+d0KSwCzTklELIfED/7bWwJ
cixIfGyDOQL/HUJ5uLFUkANqMY6jNMpJg9YZVXWdqnZpvEHlDWR19IN/3zH1fcnj
VM84DINV1ZCrz48gViOvxvhudBe7KTN3LCNr1Il9ZlasxpiJtJz/372zAHsWE9em
PHbV1dCZt5ZgCxA+IDoXlLc9e4amM0M+KBPFtloI8r4Tff2g2kX9Uf4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org