Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/tCXYkIPXPw-l-s3knxvfke6bclw.roa
File: tCXYkIPXPw-l-s3knxvfke6bclw.roa (raw, json)
Hash identifier: QwyipvNB8/pTnHvriqMkRipoCj+j5vEqkq6nFwbAj/U=
Subject key identifier: B4:25:D8:90:83:D7:3F:0F:A5:FA:CD:E4:9F:1B:DF:91:EE:9B:72:5C
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C540DD5832F9F62FB7B81A790C26DFA
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/tCXYkIPXPw-l-s3knxvfke6bclw.roa
Signing time: Sun 01 Jan 2023 07:55:25 +0000
ROA not before: Sun 01 Jan 2023 07:55:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205512
IP address blocks: 185.122.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:0d:d5:83:2f:9f:62:fb:7b:81:a7:90:c2:6d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b425d89083d73f0fa5facde49f1bdf91ee9b725c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6c:c5:db:74:90:62:d5:27:61:8d:90:65:b1:
02:d9:fb:46:d3:97:0a:11:e2:8e:bd:05:70:9d:de:
5e:84:e5:8d:6c:44:8f:14:5d:ea:aa:48:de:52:06:
92:58:32:95:d9:26:0c:20:13:17:8d:df:84:ee:3c:
66:81:73:b4:a2:bd:a0:b8:79:df:a2:43:19:40:8e:
f2:29:70:3e:a4:74:64:f4:6c:02:43:c5:86:b3:90:
d7:9a:6c:f3:b3:2d:67:c8:85:ef:0c:ef:35:5b:62:
f6:2e:0a:f9:67:5f:8f:b4:b5:44:7c:12:fe:aa:2c:
92:10:a0:19:ab:a9:00:41:a1:36:eb:6f:52:f4:88:
50:a9:06:36:d7:e5:3f:a9:fd:5a:fc:a5:3f:2b:c8:
ea:23:0b:e1:dc:06:54:f0:ec:44:09:4b:f0:4b:38:
d4:4a:e5:6d:9f:50:ef:94:54:71:0f:1e:49:41:ea:
d3:6e:97:78:6e:89:1e:2a:2c:07:66:c3:8b:de:04:
51:70:91:ab:c4:f4:d3:70:0c:76:ee:86:0d:47:39:
60:2f:31:d8:94:64:cd:9e:36:2a:bb:6e:11:71:7a:
2e:06:c7:2f:24:89:68:87:2d:b3:5b:a7:02:a9:05:
cc:28:aa:49:b5:a3:79:db:c0:ad:6d:64:b4:c7:fb:
71:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:25:D8:90:83:D7:3F:0F:A5:FA:CD:E4:9F:1B:DF:91:EE:9B:72:5C
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/tCXYkIPXPw-l-s3knxvfke6bclw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.38.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:18:12:fb:c0:80:ae:c3:8c:43:63:22:6a:61:43:0e:b3:aa:
c9:da:17:32:c8:d5:02:cc:7b:98:9c:d4:15:28:7d:6f:ca:f4:
b5:9a:d0:97:cf:26:a4:81:21:f5:84:da:c6:dd:cd:87:4a:df:
59:0f:44:bd:ce:53:96:72:81:78:73:59:70:14:e2:22:79:7d:
88:64:12:22:8e:98:9c:76:8d:55:8f:f4:9b:3c:2b:d1:59:57:
40:cf:dd:9b:80:ce:2c:f8:b1:c2:c6:12:34:db:40:76:c5:09:
c8:c2:f8:ef:c4:ca:e1:fd:d0:77:57:5d:c3:38:db:36:9b:7f:
0c:4d:25:93:78:e4:01:d2:4d:ee:7b:b4:36:97:19:5d:18:14:
be:11:8d:19:99:57:32:f6:3d:09:c4:60:10:8d:75:f8:68:34:
67:f3:1b:a9:29:61:8d:9f:8b:11:5e:2f:8b:0c:88:2d:df:5e:
94:46:54:5a:04:1a:fe:9c:e9:22:ad:15:bf:04:9e:08:bc:55:
ac:a3:a4:db:a0:20:c7:72:a5:d7:2e:e7:0b:a3:a0:d7:93:ed:
bd:e8:57:91:f7:f7:f0:0b:6d:77:8a:72:3f:b9:df:d1:cb:64:
a0:dd:a2:b0:a3:44:da:e2:59:f2:37:b9:78:ff:73:4a:48:01:
da:f0:a5:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVA3Vgy+fYvt7gaeQwm36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDI1ZDg5MDgzZDczZjBmYTVmYWNkZTQ5ZjFiZGY5MWVlOWI3MjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWzF23SQYtUnYY2QZbEC2ftG05cK
EeKOvQVwnd5ehOWNbESPFF3qqkjeUgaSWDKV2SYMIBMXjd+E7jxmgXO0or2guHnf
okMZQI7yKXA+pHRk9GwCQ8WGs5DXmmzzsy1nyIXvDO81W2L2Lgr5Z1+PtLVEfBL+
qiySEKAZq6kAQaE2629S9IhQqQY21+U/qf1a/KU/K8jqIwvh3AZU8OxECUvwSzjU
SuVtn1DvlFRxDx5JQerTbpd4bokeKiwHZsOL3gRRcJGrxPTTcAx27oYNRzlgLzHY
lGTNnjYqu24RcXouBscvJIlohy2zW6cCqQXMKKpJtaN528CtbWS0x/txUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQl2JCD1z8PpfrN5J8b35Hum3JcMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvdENYWWtJUFhQdy1sLXMza254dmZrZTZiY2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXomMA0G
CSqGSIb3DQEBCwUAA4IBAQA6GBL7wICuw4xDYyJqYUMOs6rJ2hcyyNUCzHuYnNQV
KH1vyvS1mtCXzyakgSH1hNrG3c2HSt9ZD0S9zlOWcoF4c1lwFOIieX2IZBIijpic
do1Vj/SbPCvRWVdAz92bgM4s+LHCxhI020B2xQnIwvjvxMrh/dB3V13DONs2m38M
TSWTeOQB0k3ue7Q2lxldGBS+EY0ZmVcy9j0JxGAQjXX4aDRn8xupKWGNn4sRXi+L
DIgt316URlRaBBr+nOkirRW/BJ4IvFWso6TboCDHcqXXLucLo6DXk+296FeR9/fw
C213inI/ud/Ry2Sg3aKwo0Ta4lnyN7l4/3NKSAHa8KWN
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org