Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rZf238M4NNvynX8HG9gcEb-y_1M.roa
File: rZf238M4NNvynX8HG9gcEb-y_1M.roa (raw, json)
Hash identifier: gNNjdTASK775CE+1mPNu19rENPnbUZLnhqsLn/a7Kdc=
Subject key identifier: AD:97:F6:DF:C3:38:34:DB:F2:9D:7F:07:1B:D8:1C:11:BF:B2:FF:53
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53FF21AF10BACD9C3996D3D06DBFB0
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rZf238M4NNvynX8HG9gcEb-y_1M.roa
Signing time: Sun 01 Jan 2023 07:55:22 +0000
ROA not before: Sun 01 Jan 2023 07:55:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59723
IP address blocks: 185.122.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ff:21:af:10:ba:cd:9c:39:96:d3:d0:6d:bf:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad97f6dfc33834dbf29d7f071bd81c11bfb2ff53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e6:aa:4e:d5:13:03:f5:54:80:02:05:bd:7d:
aa:25:e4:f5:26:8f:8f:2f:e4:37:33:2b:bd:65:a1:
ff:c9:0c:c3:91:30:ce:63:c4:18:22:4f:6d:4d:46:
e2:68:7e:5c:a2:a9:f3:b8:9f:91:d7:f0:57:65:ed:
c7:fe:8e:f3:d9:43:43:1d:09:e1:0f:1e:38:a8:a7:
02:30:df:a5:48:de:1c:35:d4:69:7b:53:d0:46:a5:
7c:16:4d:e1:a7:1f:73:1c:ca:85:ab:61:1c:5c:f1:
ec:18:c0:1d:54:f6:9e:91:76:d5:30:5b:18:9a:52:
d3:e0:82:a9:18:f0:b7:17:b0:a6:f6:71:a0:1d:dc:
cb:01:e2:ab:11:65:22:6d:bd:66:4f:61:36:83:36:
3b:64:3a:ce:ba:7e:86:11:99:5c:3e:eb:50:d1:5e:
bc:8f:3c:ba:cf:7c:a5:4a:1b:f4:d5:15:6d:b4:42:
8b:8f:7b:e2:2e:df:1d:33:8b:dd:b3:b3:06:03:dc:
95:10:96:83:ba:13:f0:9f:52:5e:7c:9e:09:94:07:
02:35:c0:c1:4b:b0:33:99:88:dc:8b:64:89:2d:e1:
af:99:5c:87:87:ce:ca:b0:69:a6:2d:67:1e:bd:6b:
5f:db:43:8f:85:0d:f7:bc:48:02:ca:e1:5c:8b:e6:
53:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:97:F6:DF:C3:38:34:DB:F2:9D:7F:07:1B:D8:1C:11:BF:B2:FF:53
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rZf238M4NNvynX8HG9gcEb-y_1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.38.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c5:72:aa:32:bf:2f:e3:b9:67:cf:2a:22:7a:4f:c2:35:e3:
34:1d:16:e5:2f:56:54:74:b3:46:b5:be:1c:41:6d:dd:9d:61:
54:bc:a8:12:e0:17:86:b6:ab:2c:c8:50:b2:d1:71:60:78:77:
30:e6:73:43:ce:0c:3e:18:09:1f:7b:0d:d3:6d:2e:4f:69:8d:
44:3a:e4:ff:94:9a:30:d0:ae:80:27:fd:cf:e5:de:a7:22:e2:
82:64:0d:06:a3:82:a4:9e:2d:96:13:42:81:f2:21:6d:3c:f1:
8d:91:17:ca:37:49:7b:7b:dc:c2:81:ec:15:27:e9:b2:76:1e:
7e:8c:7c:5f:6f:0b:b1:9f:74:66:3e:78:fb:de:d8:09:fb:bf:
d1:ce:95:2e:7e:76:1d:f7:9f:8c:0c:91:d7:f2:c3:95:89:5e:
8f:6e:e9:aa:44:ba:4f:53:e0:cd:2e:32:d7:f2:be:a6:c2:3e:
3f:d4:75:44:8a:b1:27:b3:c9:4c:43:7c:cb:7b:56:a9:57:86:
72:63:4c:6b:4a:93:b7:fe:80:e5:3c:5b:8e:35:95:7c:fc:2a:
93:74:fd:a6:16:da:63:7f:1b:f6:84:3d:be:cb:e9:dd:b3:04:
7d:ea:14:dd:a9:cd:bf:4a:13:39:4a:67:a5:04:23:ed:9b:9c:
af:41:6b:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU/8hrxC6zZw5ltPQbb+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk3ZjZkZmMzMzgzNGRiZjI5ZDdmMDcxYmQ4MWMxMWJmYjJmZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OaqTtUTA/VUgAIFvX2qJeT1Jo+P
L+Q3Myu9ZaH/yQzDkTDOY8QYIk9tTUbiaH5coqnzuJ+R1/BXZe3H/o7z2UNDHQnh
Dx44qKcCMN+lSN4cNdRpe1PQRqV8Fk3hpx9zHMqFq2EcXPHsGMAdVPaekXbVMFsY
mlLT4IKpGPC3F7Cm9nGgHdzLAeKrEWUibb1mT2E2gzY7ZDrOun6GEZlcPutQ0V68
jzy6z3ylShv01RVttEKLj3viLt8dM4vds7MGA9yVEJaDuhPwn1JefJ4JlAcCNcDB
S7AzmYjci2SJLeGvmVyHh87KsGmmLWcevWtf20OPhQ33vEgCyuFci+ZTSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2X9t/DODTb8p1/BxvYHBG/sv9TMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvclpmMjM4TTROTnZ5blg4SEc5Z2NFYi15XzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXomMA0G
CSqGSIb3DQEBCwUAA4IBAQCaxXKqMr8v47lnzyoiek/CNeM0HRblL1ZUdLNGtb4c
QW3dnWFUvKgS4BeGtqssyFCy0XFgeHcw5nNDzgw+GAkfew3TbS5PaY1EOuT/lJow
0K6AJ/3P5d6nIuKCZA0Go4Kkni2WE0KB8iFtPPGNkRfKN0l7e9zCgewVJ+mydh5+
jHxfbwuxn3RmPnj73tgJ+7/RzpUufnYd95+MDJHX8sOViV6PbumqRLpPU+DNLjLX
8r6mwj4/1HVEirEns8lMQ3zLe1apV4ZyY0xrSpO3/oDlPFuONZV8/CqTdP2mFtpj
fxv2hD2+y+ndswR96hTdqc2/ShM5SmelBCPtm5yvQWtu
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org