Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/f4PI9VxuHGWr17yJ3onacWRMyw0.roa
File: f4PI9VxuHGWr17yJ3onacWRMyw0.roa (raw, json)
Hash identifier: n4v8bZIKo+4ZmFW9fkJmnYf6XuK0Zss55G887V8NDbo=
Subject key identifier: 7F:83:C8:F5:5C:6E:1C:65:AB:D7:BC:89:DE:89:DA:71:64:4C:CB:0D
Certificate issuer: /CN=677b43f538f0ae720e527b2a6c0b8a876d96c947
Certificate serial: 01856FCBA026C4022C93504773AB10EECE29
Authority key identifier: 67:7B:43:F5:38:F0:AE:72:0E:52:7B:2A:6C:0B:8A:87:6D:96:C9:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/f4PI9VxuHGWr17yJ3onacWRMyw0.roa
Signing time: Mon 02 Jan 2023 00:04:53 +0000
ROA not before: Mon 02 Jan 2023 00:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205235
IP address blocks: 185.38.175.0/24 maxlen: 24
2a01:4262:1ab::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:a0:26:c4:02:2c:93:50:47:73:ab:10:ee:ce:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=677b43f538f0ae720e527b2a6c0b8a876d96c947
Validity
Not Before: Jan 2 00:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f83c8f55c6e1c65abd7bc89de89da71644ccb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f3:c3:d4:61:b9:56:e8:87:3a:8a:59:ff:e1:
75:91:ef:58:29:67:bf:40:e1:e3:d0:51:8f:45:93:
76:26:36:80:da:8d:cd:6a:99:65:f5:16:2b:a5:0d:
94:68:4a:82:6c:d6:7e:fd:e6:c8:5a:3a:55:9c:ed:
a2:79:fe:21:ee:f5:3a:b8:5b:2a:a1:d5:80:5c:be:
fa:08:42:fa:4d:b3:28:84:d5:23:f1:28:d9:0b:55:
db:bf:95:69:5d:c8:95:e0:af:1e:80:a2:14:93:5e:
66:15:55:d3:a9:17:c4:bd:bd:77:7c:50:66:03:2f:
b8:f1:ea:8d:68:fd:01:11:b7:7d:92:2c:91:dd:c2:
33:2c:41:21:ba:91:fc:39:c4:40:e3:18:36:36:8a:
b0:b7:43:7e:3e:a7:14:e0:0a:71:8a:5d:a8:e0:42:
28:56:9e:be:e8:e7:99:bd:42:d5:41:81:1f:3e:9d:
37:48:5e:06:ad:9d:9a:7b:ea:ab:b5:21:fa:e7:a0:
26:96:8f:cc:96:1d:4d:c3:59:5f:e1:67:a8:bb:9c:
64:d8:15:7f:8d:9f:00:27:1f:d5:c9:e7:d6:04:4b:
6b:87:c7:29:6e:13:eb:d3:78:72:1c:4e:b4:1d:f5:
e1:1e:c7:a2:c5:a8:57:e0:5c:b7:02:d0:fa:ca:73:
2b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:83:C8:F5:5C:6E:1C:65:AB:D7:BC:89:DE:89:DA:71:64:4C:CB:0D
X509v3 Authority Key Identifier:
keyid:67:7B:43:F5:38:F0:AE:72:0E:52:7B:2A:6C:0B:8A:87:6D:96:C9:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/f4PI9VxuHGWr17yJ3onacWRMyw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/Z3tD9TjwrnIOUnsqbAuKh22WyUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.175.0/24
IPv6:
2a01:4262:1ab::/48
Signature Algorithm: sha256WithRSAEncryption
1d:fc:05:84:ec:1f:c3:a1:55:5b:1e:52:8d:51:19:b3:05:07:
ae:fc:f7:fd:b2:83:ab:ea:91:d8:43:58:47:ed:c3:b3:4e:76:
d8:8b:10:d2:94:9e:07:23:43:57:a7:8b:66:47:7b:4e:17:f8:
c2:a7:25:3e:18:22:e6:25:c6:d4:42:0c:e3:14:8b:0c:bc:51:
b5:8b:ce:a6:1f:24:19:0e:db:9a:bb:70:dd:d6:47:d1:81:d7:
03:91:d5:70:09:df:40:28:30:8a:97:b0:87:ba:aa:ef:fc:ac:
2f:ca:7f:bb:be:3d:d9:54:91:ba:aa:7b:4e:02:92:a2:75:e5:
e4:c5:c1:2c:52:51:91:b3:ca:57:32:f0:08:ad:04:45:17:ba:
e8:a0:a4:17:c5:2b:b2:7a:da:bd:26:3b:29:93:ed:6e:7f:dd:
ee:37:77:eb:eb:56:a5:f2:be:c6:f0:e1:43:30:14:38:80:68:
fc:ee:7a:1a:3f:a4:64:a0:8e:64:9e:f0:b6:77:cc:00:78:e6:
5f:2c:e0:63:39:fd:cc:ee:d0:df:d2:20:15:46:d9:41:5d:69:
0d:08:5e:dc:75:cc:9b:b4:92:84:26:5f:38:44:82:56:d3:04:
f5:65:b7:47:15:72:be:19:7c:1d:58:41:ba:bc:ab:4b:b5:26:
e5:63:17:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvy6AmxAIsk1BHc6sQ7s4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3N2I0M2Y1MzhmMGFlNzIwZTUyN2IyYTZjMGI4YTg3NmQ5
NmM5NDcwHhcNMjMwMTAyMDAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjgzYzhmNTVjNmUxYzY1YWJkN2JjODlkZTg5ZGE3MTY0NGNjYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPPD1GG5VuiHOopZ/+F1ke9YKWe/
QOHj0FGPRZN2JjaA2o3Napll9RYrpQ2UaEqCbNZ+/ebIWjpVnO2ief4h7vU6uFsq
odWAXL76CEL6TbMohNUj8SjZC1Xbv5VpXciV4K8egKIUk15mFVXTqRfEvb13fFBm
Ay+48eqNaP0BEbd9kiyR3cIzLEEhupH8OcRA4xg2Noqwt0N+PqcU4Apxil2o4EIo
Vp6+6OeZvULVQYEfPp03SF4GrZ2ae+qrtSH656Amlo/Mlh1Nw1lf4Weou5xk2BV/
jZ8AJx/VyefWBEtrh8cpbhPr03hyHE60HfXhHseixahX4Fy3AtD6ynMr8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH+DyPVcbhxlq9e8id6J2nFkTMsNMB8GA1UdIwQY
MBaAFGd7Q/U48K5yDlJ7KmwLiodtlslHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjN0RDlUandybklPVW5zcWJBdUtoMjJXeVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YTZlZWUtYTA5YS00NGUxLTg4ZGIt
Mjg3ODIwM2EwMDlkLzEvZjRQSTlWeHVIR1dyMTd5SjNvbmFjV1JNeXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YTZlZWUtYTA5YS00NGUxLTg4ZGItMjg3ODIwM2EwMDlk
LzEvWjN0RDlUandybklPVW5zcWJBdUtoMjJXeVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuSavMA8E
AgACMAkDBwAqAUJiAaswDQYJKoZIhvcNAQELBQADggEBAB38BYTsH8OhVVseUo1R
GbMFB6789/2yg6vqkdhDWEftw7NOdtiLENKUngcjQ1eni2ZHe04X+MKnJT4YIuYl
xtRCDOMUiwy8UbWLzqYfJBkO25q7cN3WR9GB1wOR1XAJ30AoMIqXsIe6qu/8rC/K
f7u+PdlUkbqqe04CkqJ15eTFwSxSUZGzylcy8AitBEUXuuigpBfFK7J62r0mOymT
7W5/3e43d+vrVqXyvsbw4UMwFDiAaPzueho/pGSgjmSe8LZ3zAB45l8s4GM5/czu
0N/SIBVG2UFdaQ0IXtx1zJu0koQmXzhEglbTBPVlt0cVcr4ZfB1YQbq8q0u1JuVj
Fxc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:59 2024 by rpki-client on console-ams.rpki-client.org