Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/iGOxgNOESplVk27b3VHT6oZkGvg.roa
File: iGOxgNOESplVk27b3VHT6oZkGvg.roa (raw, json)
Hash identifier: vH6DMJjj4sQrAPiACYiDZVpHTQy44DYD+NNc1mUiWzM=
Subject key identifier: 88:63:B1:80:D3:84:4A:99:55:93:6E:DB:DD:51:D3:EA:86:64:1A:F8
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C541D2490EB41E747C2DED2C5BAD6A1
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/iGOxgNOESplVk27b3VHT6oZkGvg.roa
Signing time: Sun 01 Jan 2023 07:55:29 +0000
ROA not before: Sun 01 Jan 2023 07:55:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213363
IP address blocks: 185.114.226.0/24 maxlen: 32
185.166.236.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:1d:24:90:eb:41:e7:47:c2:de:d2:c5:ba:d6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8863b180d3844a9955936edbdd51d3ea86641af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bc:0f:b3:8a:1d:0b:b7:1e:26:39:97:d0:86:
34:0d:a3:e3:c9:4b:f6:04:44:21:23:94:b1:44:48:
d2:f9:36:bd:21:b5:39:9b:35:0c:c5:f2:d3:86:8a:
4a:4c:1d:f0:3e:42:df:62:c7:48:b6:86:5c:0b:18:
0a:83:c4:fe:a4:e9:79:53:59:d5:dc:a4:0a:41:06:
2d:64:2c:7f:b6:4a:55:93:cd:d6:03:4e:17:e2:46:
7f:12:da:71:c1:13:75:22:4f:63:85:87:f9:d4:8a:
4f:d8:4f:92:fb:c1:f9:f8:db:ae:6e:0b:c3:30:e0:
b0:a5:f0:06:2f:77:b8:69:6f:08:ae:af:29:2a:1e:
42:81:d8:9a:07:80:5d:73:9a:df:4a:81:77:2a:24:
c8:67:71:44:e4:07:4f:48:d2:a8:a3:d7:d0:da:f6:
62:55:52:24:13:95:dc:67:ed:da:07:ad:ff:92:51:
24:74:0f:a1:dd:c9:f1:bb:50:2c:6d:1b:0e:21:df:
50:a7:48:0e:e9:ab:a2:ce:6e:89:ae:b5:64:4d:f7:
57:1a:54:6e:bd:6f:50:eb:e3:3d:0b:5e:c4:f5:65:
62:05:d5:02:3a:28:90:29:9f:1f:90:d3:f2:09:37:
07:0b:16:7e:5e:34:80:13:17:a2:7d:a5:c2:cc:55:
d6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:63:B1:80:D3:84:4A:99:55:93:6E:DB:DD:51:D3:EA:86:64:1A:F8
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/iGOxgNOESplVk27b3VHT6oZkGvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.226.0/24
185.166.236.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ea:b0:5c:81:40:e8:12:18:10:7d:34:7e:64:4b:ce:cb:9c:
88:06:06:37:ba:b2:0d:f0:44:b3:9f:52:cb:a5:71:49:d7:76:
d3:b5:4c:d1:9b:b6:d0:e5:63:6c:c7:a4:e1:ae:98:55:11:10:
9b:53:8f:9f:b9:4a:4e:6e:d7:21:bc:55:a7:2a:cb:28:0f:c7:
b8:59:16:a2:fc:f6:bf:87:dd:44:5a:e7:2e:34:49:ad:2d:f6:
8a:9b:a0:5f:0f:1b:02:62:db:8e:a9:68:30:34:51:d0:05:6a:
71:50:fe:f2:6a:c0:82:7f:c8:d1:b3:6c:5c:25:0a:4a:31:7c:
f2:53:48:95:b8:29:ed:db:8e:ab:fb:e2:0b:d6:12:8b:89:aa:
cf:c8:87:d3:85:04:25:c1:d9:95:6c:26:5e:75:dc:d4:e9:df:
55:59:0a:a2:2b:20:d7:90:fe:01:29:59:73:df:f4:f4:ad:ed:
f6:91:97:02:c7:65:b2:ac:4f:2e:76:e9:2b:27:91:69:bc:4c:
99:21:ca:b3:63:a7:34:8b:cd:60:8e:90:9a:8b:cb:b5:e7:30:
b6:4c:62:28:09:62:52:e7:bc:01:1f:c8:9c:17:fd:72:e9:c0:
44:cc:54:1f:88:0c:2c:40:0f:6a:10:a1:86:f3:0c:69:60:c0:
a6:19:64:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsVB0kkOtB50fC3tLFutahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODYzYjE4MGQzODQ0YTk5NTU5MzZlZGJkZDUxZDNlYTg2NjQxYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbwPs4odC7ceJjmX0IY0DaPjyUv2
BEQhI5SxREjS+Ta9IbU5mzUMxfLThopKTB3wPkLfYsdItoZcCxgKg8T+pOl5U1nV
3KQKQQYtZCx/tkpVk83WA04X4kZ/EtpxwRN1Ik9jhYf51IpP2E+S+8H5+NuubgvD
MOCwpfAGL3e4aW8Irq8pKh5CgdiaB4Bdc5rfSoF3KiTIZ3FE5AdPSNKoo9fQ2vZi
VVIkE5XcZ+3aB63/klEkdA+h3cnxu1AsbRsOId9Qp0gO6auizm6JrrVkTfdXGlRu
vW9Q6+M9C17E9WViBdUCOiiQKZ8fkNPyCTcHCxZ+XjSAExeifaXCzFXW1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIhjsYDThEqZVZNu291R0+qGZBr4MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvaUdPeGdOT0VTcGxWazI3YjNWSFQ2b1prR3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXLiAwQA
uabsMA0GCSqGSIb3DQEBCwUAA4IBAQBL6rBcgUDoEhgQfTR+ZEvOy5yIBgY3urIN
8ESzn1LLpXFJ13bTtUzRm7bQ5WNsx6ThrphVERCbU4+fuUpObtchvFWnKssoD8e4
WRai/Pa/h91EWucuNEmtLfaKm6BfDxsCYtuOqWgwNFHQBWpxUP7yasCCf8jRs2xc
JQpKMXzyU0iVuCnt246r++IL1hKLiarPyIfThQQlwdmVbCZeddzU6d9VWQqiKyDX
kP4BKVlz3/T0re32kZcCx2WyrE8udukrJ5FpvEyZIcqzY6c0i81gjpCai8u15zC2
TGIoCWJS57wBH8icF/1y6cBEzFQfiAwsQA9qEKGG8wxpYMCmGWQj
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org