Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/IqGWtAWKjqfLowd9lURQ3UPUUyQ.roa
File: IqGWtAWKjqfLowd9lURQ3UPUUyQ.roa (raw, json)
Hash identifier: 0dwHSlTHz8fDxM2yfefFVqi+5hKEK6nK5xX+T2MOuXw=
Subject key identifier: 22:A1:96:B4:05:8A:8E:A7:CB:A3:07:7D:95:44:50:DD:43:D4:53:24
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53F129383C38A81338F0C816C01D55
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/IqGWtAWKjqfLowd9lURQ3UPUUyQ.roa
Signing time: Sun 01 Jan 2023 07:55:18 +0000
ROA not before: Sun 01 Jan 2023 07:55:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42495
IP address blocks: 185.115.241.0/24 maxlen: 24
2a06:7242::/48 maxlen: 48
2a06:7242::/43 maxlen: 43
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f1:29:38:3c:38:a8:13:38:f0:c8:16:c0:1d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22a196b4058a8ea7cba3077d954450dd43d45324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:88:b0:35:2e:ed:47:c7:d2:93:f4:69:83:12:
61:05:c7:c8:2c:ac:3d:d1:49:4c:94:c8:31:60:d8:
e8:d7:3f:e8:10:86:e0:6e:ea:49:bc:0f:e5:cd:18:
86:6d:a5:8f:1a:ca:45:57:75:f5:42:a9:88:81:d6:
e2:63:73:1f:87:83:53:48:56:4e:4f:48:c5:95:b2:
f7:6e:f8:d4:38:ca:3a:88:21:eb:5d:bf:54:c4:91:
ac:e0:9b:d3:41:a2:6c:68:cf:d4:7a:fd:1b:45:a0:
bd:7e:c6:27:76:97:d7:73:4e:41:bc:1f:7a:69:c8:
86:df:aa:ec:b8:a6:af:3c:a2:8a:3c:c9:af:f1:05:
47:fd:5b:b1:f3:57:e4:9e:5f:4f:50:18:00:54:01:
62:2a:25:b4:ee:b0:67:8b:ce:2a:ec:ec:db:46:8c:
64:7c:51:02:5f:a3:f5:a5:c0:fb:9f:c8:9e:a8:8d:
1a:ac:78:9e:c7:f5:38:68:d8:96:c7:a7:50:27:a1:
38:27:36:0f:da:f9:44:21:75:91:5c:32:36:a7:2b:
5b:61:20:5c:21:30:93:77:58:4d:08:a4:59:21:99:
e3:c1:c3:8e:f2:17:a6:62:70:09:98:f4:c9:98:f0:
d9:35:dd:dd:02:37:93:93:bc:9f:6c:75:18:42:69:
8e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A1:96:B4:05:8A:8E:A7:CB:A3:07:7D:95:44:50:DD:43:D4:53:24
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/IqGWtAWKjqfLowd9lURQ3UPUUyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.241.0/24
IPv6:
2a06:7242::/43
Signature Algorithm: sha256WithRSAEncryption
01:22:a4:a5:34:45:ac:fd:1f:39:ca:ac:16:ca:e6:f6:cc:4e:
ea:f4:ec:73:19:3b:df:32:ca:ba:e6:d7:01:da:82:11:61:cf:
ef:ee:ff:b2:8a:4f:5c:6f:ed:87:c8:4b:52:01:1a:5a:22:04:
be:9d:07:e8:3c:d6:1d:24:9b:3f:11:10:11:0e:b3:10:a3:6a:
61:d1:75:e7:3f:dc:c8:24:5c:1f:c5:7b:50:63:7f:23:2c:f5:
15:8f:0d:d7:68:d3:20:3a:d9:68:6e:f6:55:53:e7:a3:2f:d3:
a0:d5:a8:38:02:45:f2:7b:f6:7f:04:b4:b3:d3:89:f0:17:ca:
91:ac:4b:52:61:af:f3:27:a6:c0:e1:d0:12:01:33:70:70:f7:
a8:da:c5:a9:18:0a:4e:64:e0:fd:81:a2:a3:d8:3a:6d:e9:fb:
c1:7a:ab:27:29:cb:93:e6:cd:5a:bc:da:4c:d8:c5:da:ea:0f:
f9:aa:95:54:24:0d:7d:37:45:ba:c6:69:01:dc:9d:29:3f:8b:
d5:c0:12:2b:0d:0b:2d:b7:4e:86:af:dc:7a:31:b8:b3:be:52:
20:61:35:45:7d:82:e1:ee:6b:9b:0f:06:1c:8c:2a:02:05:e6:
29:3c:30:3d:b4:84:ef:43:bf:b3:ed:2b:fc:0e:14:0c:73:93:
3d:8e:61:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsU/EpODw4qBM48MgWwB1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmExOTZiNDA1OGE4ZWE3Y2JhMzA3N2Q5NTQ0NTBkZDQzZDQ1MzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoiwNS7tR8fSk/RpgxJhBcfILKw9
0UlMlMgxYNjo1z/oEIbgbupJvA/lzRiGbaWPGspFV3X1QqmIgdbiY3Mfh4NTSFZO
T0jFlbL3bvjUOMo6iCHrXb9UxJGs4JvTQaJsaM/Uev0bRaC9fsYndpfXc05BvB96
aciG36rsuKavPKKKPMmv8QVH/Vux81fknl9PUBgAVAFiKiW07rBni84q7OzbRoxk
fFECX6P1pcD7n8ieqI0arHiex/U4aNiWx6dQJ6E4JzYP2vlEIXWRXDI2pytbYSBc
ITCTd1hNCKRZIZnjwcOO8hemYnAJmPTJmPDZNd3dAjeTk7yfbHUYQmmObQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCKhlrQFio6ny6MHfZVEUN1D1FMkMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvSXFHV3RBV0tqcWZMb3dkOWxVUlEzVVBVVXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuXPxMA8E
AgACMAkDBwUqBnJCAAAwDQYJKoZIhvcNAQELBQADggEBAAEipKU0Raz9HznKrBbK
5vbMTur07HMZO98yyrrm1wHaghFhz+/u/7KKT1xv7YfIS1IBGloiBL6dB+g81h0k
mz8REBEOsxCjamHRdec/3MgkXB/Fe1BjfyMs9RWPDddo0yA62Whu9lVT56Mv06DV
qDgCRfJ79n8EtLPTifAXypGsS1Jhr/MnpsDh0BIBM3Bw96jaxakYCk5k4P2BoqPY
Om3p+8F6qycpy5PmzVq82kzYxdrqD/mqlVQkDX03RbrGaQHcnSk/i9XAEisNCy23
Toav3HoxuLO+UiBhNUV9guHua5sPBhyMKgIF5ik8MD20hO9Dv7PtK/wOFAxzkz2O
Yfw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org