Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/885dIvQNVjOl3rvplagBDOlUo8c.roa
File: 885dIvQNVjOl3rvplagBDOlUo8c.roa (raw, json)
Hash identifier: YiXAvIVDY6IBvNM7ujw++1Q3FabYtVusGcQDS/7eQzU=
Subject key identifier: F3:CE:5D:22:F4:0D:56:33:A5:DE:BB:E9:95:A8:01:0C:E9:54:A3:C7
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBBA1BAEC382F2EC3E3DE5045D6CFA
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/885dIvQNVjOl3rvplagBDOlUo8c.roa
Signing time: Mon 02 Jan 2023 05:37:03 +0000
ROA not before: Mon 02 Jan 2023 05:37:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44103
IP address blocks: 185.150.96.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:ba:1b:ae:c3:82:f2:ec:3e:3d:e5:04:5d:6c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3ce5d22f40d5633a5debbe995a8010ce954a3c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a9:67:dc:32:23:13:c9:0a:64:6a:44:c9:95:
77:7c:7d:8b:ab:d4:72:d0:1e:6e:64:d8:ff:86:bc:
8f:51:8f:0a:f3:07:50:0b:25:9c:8a:5c:0c:44:5b:
c7:81:f2:8c:40:73:7c:93:a7:84:67:3c:38:4a:44:
d2:2e:01:fe:54:c4:7a:65:2b:96:0d:0c:f5:b0:9d:
20:7c:f9:a1:ed:bd:b6:b3:21:57:c0:0c:d3:5a:9a:
e9:7e:26:96:18:ba:59:1e:9e:d0:8b:e9:0c:45:34:
45:48:64:ba:d8:5b:e8:2b:34:dd:e2:5b:bd:82:9d:
74:9a:51:7e:34:95:69:96:4d:12:a4:1c:f7:82:36:
47:ca:34:14:89:fa:c8:0e:22:b9:cc:19:79:c2:aa:
43:eb:44:b6:4f:d3:90:a9:7d:f6:a3:1b:ac:44:a4:
5b:b8:f9:b2:8d:fe:1f:eb:cc:be:47:0f:c8:a3:c8:
5c:23:5c:7d:0a:c1:69:cb:63:3c:3a:11:fa:e8:20:
4b:21:b3:5d:18:31:42:a5:b6:4e:dc:0c:45:86:e6:
14:66:03:2a:23:4a:af:e9:82:ec:4c:73:6c:a8:0e:
6b:e9:c1:d5:fe:bf:48:a9:ff:93:12:04:5f:29:6a:
e8:95:26:1a:d0:f4:34:44:d9:d7:52:5c:b0:03:7a:
fd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CE:5D:22:F4:0D:56:33:A5:DE:BB:E9:95:A8:01:0C:E9:54:A3:C7
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/885dIvQNVjOl3rvplagBDOlUo8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.96.0/24
Signature Algorithm: sha256WithRSAEncryption
19:16:1f:df:c3:d4:0c:ed:f2:9f:b6:07:2f:2d:78:08:59:ae:
d3:4a:f0:f1:97:79:33:27:5c:71:44:76:8a:54:39:d1:d6:e7:
e6:20:63:9a:c1:fa:b4:8e:90:91:ed:2d:d3:a8:3c:14:bc:12:
ff:c3:bb:1d:56:d2:8d:79:3d:6e:6e:75:8f:5a:65:50:3a:10:
fc:d8:8f:e2:47:31:c4:d8:39:53:16:d3:66:c1:94:82:bd:6d:
00:10:66:38:8e:2e:b2:d1:97:fb:9f:29:fb:1c:a9:a1:b8:ff:
49:43:f7:f3:79:0c:bc:40:1e:84:75:5f:b5:59:87:25:27:86:
bc:1e:32:70:dd:90:3e:85:6a:a7:eb:8b:e5:0d:fd:2e:9b:eb:
6b:ca:cb:f0:56:b3:32:41:2d:73:1c:42:93:48:fe:e2:b4:7a:
7c:9e:1a:3f:94:be:5a:0b:60:89:bb:38:4d:37:fd:53:f4:d4:
d6:41:6c:3a:97:78:b5:8c:d1:f9:d7:72:66:c4:79:32:d8:6e:
8d:3a:f0:6b:41:61:a0:f9:bd:6f:2e:d6:dc:0e:e3:77:db:77:
94:2a:10:2a:77:26:2c:d0:bf:a4:49:3d:ff:39:f9:70:b0:a1:
f9:ae:09:36:50:d8:4c:71:ea:2e:98:22:30:8f:eb:4b:04:d0:
32:60:3b:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7obrsOC8uw+PeUEXWz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NlNWQyMmY0MGQ1NjMzYTVkZWJiZTk5NWE4MDEwY2U5NTRhM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaln3DIjE8kKZGpEyZV3fH2Lq9Ry
0B5uZNj/hryPUY8K8wdQCyWcilwMRFvHgfKMQHN8k6eEZzw4SkTSLgH+VMR6ZSuW
DQz1sJ0gfPmh7b22syFXwAzTWprpfiaWGLpZHp7Qi+kMRTRFSGS62FvoKzTd4lu9
gp10mlF+NJVplk0SpBz3gjZHyjQUifrIDiK5zBl5wqpD60S2T9OQqX32oxusRKRb
uPmyjf4f68y+Rw/Io8hcI1x9CsFpy2M8OhH66CBLIbNdGDFCpbZO3AxFhuYUZgMq
I0qv6YLsTHNsqA5r6cHV/r9Iqf+TEgRfKWrolSYa0PQ0RNnXUlywA3r9UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPPOXSL0DVYzpd676ZWoAQzpVKPHMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvODg1ZEl2UU5Wak9sM3J2cGxhZ0JET2xVbzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZZgMA0G
CSqGSIb3DQEBCwUAA4IBAQAZFh/fw9QM7fKftgcvLXgIWa7TSvDxl3kzJ1xxRHaK
VDnR1ufmIGOawfq0jpCR7S3TqDwUvBL/w7sdVtKNeT1ubnWPWmVQOhD82I/iRzHE
2DlTFtNmwZSCvW0AEGY4ji6y0Zf7nyn7HKmhuP9JQ/fzeQy8QB6EdV+1WYclJ4a8
HjJw3ZA+hWqn64vlDf0um+trysvwVrMyQS1zHEKTSP7itHp8nho/lL5aC2CJuzhN
N/1T9NTWQWw6l3i1jNH513JmxHky2G6NOvBrQWGg+b1vLtbcDuN323eUKhAqdyYs
0L+kST3/OflwsKH5rgk2UNhMceoumCIwj+tLBNAyYDv+
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:57 2024 by rpki-client on console-ams.rpki-client.org