Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/AIi5K4pVOAfv1OWjiUNweXeqM_M.roa
File: AIi5K4pVOAfv1OWjiUNweXeqM_M.roa (raw, json)
Hash identifier: R8dKQ0sz2qM4BM8RNX2QO+6+bLOkJlykcgL5Lq5Yx74=
Subject key identifier: 00:88:B9:2B:8A:55:38:07:EF:D4:E5:A3:89:43:70:79:77:AA:33:F3
Certificate issuer: /CN=ac1a0b9cc5ce8bfd9ee26d09d7e91151a42d370d
Certificate serial: 01856E78E1906D97A61FDFDEA437792294C9
Authority key identifier: AC:1A:0B:9C:C5:CE:8B:FD:9E:E2:6D:09:D7:E9:11:51:A4:2D:37:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/AIi5K4pVOAfv1OWjiUNweXeqM_M.roa
Signing time: Sun 01 Jan 2023 17:54:53 +0000
ROA not before: Sun 01 Jan 2023 17:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60645
IP address blocks: 185.32.4.0/22 maxlen: 22
2a04:3dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:e1:90:6d:97:a6:1f:df:de:a4:37:79:22:94:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1a0b9cc5ce8bfd9ee26d09d7e91151a42d370d
Validity
Not Before: Jan 1 17:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0088b92b8a553807efd4e5a38943707977aa33f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3c:8d:74:11:fa:47:bc:31:49:3b:69:7f:d6:
9b:6a:91:5b:44:11:cc:02:1f:df:2f:0b:b2:6e:a2:
37:a3:74:c5:7f:de:31:22:91:15:f8:f9:b4:b8:1a:
9e:09:2a:f6:13:b9:8f:78:35:aa:2c:01:ae:41:e0:
39:26:22:be:0c:7a:50:76:7e:12:17:7e:08:b7:e3:
72:c2:41:14:41:26:40:71:0b:ae:97:b6:93:e2:4d:
25:ab:49:a3:9e:fd:f5:a4:eb:6f:f0:7a:7a:37:54:
63:42:84:c3:19:49:16:f5:f9:83:49:d8:c2:b1:21:
eb:f5:e6:c6:36:0f:c3:bf:38:3a:e9:8b:1d:2a:2e:
29:f4:c5:1d:0d:b4:d1:e2:5e:1f:bf:44:87:8c:e1:
5c:ef:40:b9:05:43:91:38:56:ff:2f:60:99:29:7b:
8b:bb:63:9e:2d:82:27:f3:d5:79:62:5c:98:da:1e:
a5:fb:90:60:c3:9f:d5:79:59:5e:86:a6:fc:1e:40:
c5:eb:f6:d6:58:af:5a:17:ab:59:90:67:fc:e5:26:
9e:ba:68:0e:47:dd:db:b4:ea:6d:f3:78:f7:03:3a:
c7:5a:2b:25:45:c5:33:8a:8d:3f:8f:ab:62:f9:66:
74:e1:2c:e2:40:33:d4:05:4d:50:f2:dc:c9:44:5d:
33:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:88:B9:2B:8A:55:38:07:EF:D4:E5:A3:89:43:70:79:77:AA:33:F3
X509v3 Authority Key Identifier:
keyid:AC:1A:0B:9C:C5:CE:8B:FD:9E:E2:6D:09:D7:E9:11:51:A4:2D:37:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/AIi5K4pVOAfv1OWjiUNweXeqM_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.4.0/22
IPv6:
2a04:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:7d:41:6e:b1:b7:77:e0:04:eb:a4:00:3a:94:8e:0c:95:e8:
1c:03:54:e3:35:90:4d:45:05:f6:69:d5:ec:c5:38:a5:40:90:
c9:06:1e:f1:6f:b2:1a:23:b2:bc:18:5b:e6:d7:10:f6:f6:14:
aa:93:9f:d7:b4:79:8b:f6:2b:25:e4:de:b7:dd:49:80:b2:e8:
08:c9:c6:fa:93:93:4f:c8:f8:ae:57:e4:bd:f6:94:d2:d1:99:
23:b7:e3:e8:70:bc:31:6f:7c:1f:e6:59:2a:e5:43:3a:93:6d:
0d:2e:6d:37:71:1b:19:14:e6:7c:ec:79:b7:8e:52:43:de:b2:
57:18:99:c8:e3:02:08:9c:f0:bd:6c:50:a6:9b:46:91:8d:e7:
a0:f9:a7:84:b5:08:09:fd:e6:b1:28:63:87:04:4a:03:a1:b3:
55:c3:64:37:75:43:0e:4d:9b:c5:cb:99:38:44:47:b3:bd:2d:
d4:70:bb:f9:32:6e:82:4d:3b:d4:b5:2e:5a:b5:77:e1:97:9d:
87:5e:ad:a8:ca:c1:86:6c:da:3f:dd:11:09:8b:fb:36:b4:92:
d6:56:2e:98:86:b8:b9:82:b8:89:54:9b:cf:d3:8c:af:10:a2:
56:20:98:eb:7d:68:e8:5d:35:2b:2d:94:42:a5:cf:8e:fc:40:
e5:74:70:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVueOGQbZemH9/epDd5IpTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWEwYjljYzVjZThiZmQ5ZWUyNmQwOWQ3ZTkxMTUxYTQy
ZDM3MGQwHhcNMjMwMTAxMTc1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDg4YjkyYjhhNTUzODA3ZWZkNGU1YTM4OTQzNzA3OTc3YWEzM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzyNdBH6R7wxSTtpf9abapFbRBHM
Ah/fLwuybqI3o3TFf94xIpEV+Pm0uBqeCSr2E7mPeDWqLAGuQeA5JiK+DHpQdn4S
F34It+NywkEUQSZAcQuul7aT4k0lq0mjnv31pOtv8Hp6N1RjQoTDGUkW9fmDSdjC
sSHr9ebGNg/Dvzg66YsdKi4p9MUdDbTR4l4fv0SHjOFc70C5BUOROFb/L2CZKXuL
u2OeLYIn89V5YlyY2h6l+5Bgw5/VeVlehqb8HkDF6/bWWK9aF6tZkGf85SaeumgO
R93btOpt83j3AzrHWislRcUzio0/j6ti+WZ04SziQDPUBU1Q8tzJRF0zyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFACIuSuKVTgH79Tlo4lDcHl3qjPzMB8GA1UdIwQY
MBaAFKwaC5zFzov9nuJtCdfpEVGkLTcNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9hMzI4NzItODhhMy00ZTg0LTlmODMt
YWE3MzUzZDRkOThmLzEvQUlpNUs0cFZPQWZ2MU9XamlVTndlWGVxTV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9hMzI4NzItODhhMy00ZTg0LTlmODMtYWE3MzUzZDRkOThm
LzEvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSAEMA0E
AgACMAcDBQMqBD3AMA0GCSqGSIb3DQEBCwUAA4IBAQBqfUFusbd34ATrpAA6lI4M
legcA1TjNZBNRQX2adXsxTilQJDJBh7xb7IaI7K8GFvm1xD29hSqk5/XtHmL9isl
5N633UmAsugIycb6k5NPyPiuV+S99pTS0Zkjt+PocLwxb3wf5lkq5UM6k20NLm03
cRsZFOZ87Hm3jlJD3rJXGJnI4wIInPC9bFCmm0aRjeeg+aeEtQgJ/eaxKGOHBEoD
obNVw2Q3dUMOTZvFy5k4REezvS3UcLv5Mm6CTTvUtS5atXfhl52HXq2oysGGbNo/
3REJi/s2tJLWVi6Yhri5griJVJvP04yvEKJWIJjrfWjoXTUrLZRCpc+O/EDldHAd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org