Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c626d5-d405-406e-8c81-5c01817fb822/1/T6d8EBNs2XQUv9oJteVBfretIec.roa
File: T6d8EBNs2XQUv9oJteVBfretIec.roa (raw, json)
Hash identifier: 1JZwLoWmoAY42BGxKjOZ9K3FXTZWeihH1onLKIC2f2c=
Subject key identifier: 4F:A7:7C:10:13:6C:D9:74:14:BF:DA:09:B5:E5:41:7E:B7:AD:21:E7
Certificate issuer: /CN=6e83251661b0b774271c5cf526aab884b1fa7c7e
Certificate serial: 01856B4A361DCB38B9C2591B2DA689B8A4E4
Authority key identifier: 6E:83:25:16:61:B0:B7:74:27:1C:5C:F5:26:AA:B8:84:B1:FA:7C:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/boMlFmGwt3QnHFz1Jqq4hLH6fH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c626d5-d405-406e-8c81-5c01817fb822/1/T6d8EBNs2XQUv9oJteVBfretIec.roa
Signing time: Sun 01 Jan 2023 03:05:03 +0000
ROA not before: Sun 01 Jan 2023 03:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42764
IP address blocks: 185.43.16.0/23 maxlen: 23
185.43.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:36:1d:cb:38:b9:c2:59:1b:2d:a6:89:b8:a4:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e83251661b0b774271c5cf526aab884b1fa7c7e
Validity
Not Before: Jan 1 03:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fa77c10136cd97414bfda09b5e5417eb7ad21e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:31:27:4a:bb:f2:ef:20:60:50:c6:fc:71:e5:
a0:27:0d:1a:8c:49:95:5e:33:6f:e6:8b:84:1c:3e:
02:08:c5:30:92:71:02:73:7b:53:7b:f4:02:7c:8e:
6e:85:74:17:b4:17:d9:44:94:24:07:51:d1:ff:83:
64:95:c4:b3:4e:f8:e4:32:6d:3e:25:17:07:b2:2f:
25:74:02:e0:13:65:f9:01:f6:87:22:81:67:1a:09:
d9:37:37:39:a3:33:31:2a:83:27:7c:dc:cd:85:9b:
5c:2a:6e:11:bb:c8:b4:41:16:7e:2c:37:60:a6:53:
34:5d:38:21:35:0b:2d:eb:fa:15:38:01:e5:6c:92:
0b:a9:bb:df:b2:80:52:d3:f4:93:64:c1:ec:f0:7b:
23:ba:11:3d:40:19:22:0b:7d:73:5f:11:23:6b:af:
6c:e8:7d:82:f9:f4:a7:6c:23:8d:e3:8a:fc:56:39:
a8:13:0b:62:94:02:62:c1:b5:e3:62:4c:f9:4e:25:
42:cb:49:e8:1d:b5:fd:7a:b1:c7:de:c3:5c:63:36:
f8:66:1f:f3:03:50:be:aa:8a:11:b4:3c:90:48:ed:
b1:55:fb:3f:77:9c:d4:10:ec:d8:9f:eb:51:27:d7:
5b:20:58:ec:55:7f:05:b5:4e:38:a3:5e:a7:eb:0f:
55:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A7:7C:10:13:6C:D9:74:14:BF:DA:09:B5:E5:41:7E:B7:AD:21:E7
X509v3 Authority Key Identifier:
keyid:6E:83:25:16:61:B0:B7:74:27:1C:5C:F5:26:AA:B8:84:B1:FA:7C:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/boMlFmGwt3QnHFz1Jqq4hLH6fH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c626d5-d405-406e-8c81-5c01817fb822/1/T6d8EBNs2XQUv9oJteVBfretIec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c626d5-d405-406e-8c81-5c01817fb822/1/boMlFmGwt3QnHFz1Jqq4hLH6fH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.16.0-185.43.18.255
Signature Algorithm: sha256WithRSAEncryption
7f:4d:57:ad:2b:62:98:71:fb:33:2c:a6:f3:5d:08:a0:f0:d0:
4f:cb:22:82:24:82:d9:4c:8c:d9:5d:b9:7d:30:d4:0d:f8:35:
67:76:bd:fe:37:a2:a5:94:21:b5:9d:74:9c:99:4c:96:68:b3:
63:90:85:f5:dc:a6:07:1e:49:83:91:8b:6e:ad:65:58:ff:e8:
ee:34:e6:92:18:03:56:69:01:cc:38:08:a6:68:ef:75:31:89:
6d:65:47:4e:e6:99:28:eb:cb:9c:f2:d2:fa:6a:64:21:f8:a7:
bd:ea:43:b8:4e:de:f6:f8:da:ff:ef:50:47:67:49:4a:2b:7e:
84:a3:12:1a:cc:97:81:af:ce:10:76:53:c8:e5:90:53:02:55:
3a:ce:47:d9:5d:c0:ba:d8:3d:76:38:0d:ae:16:e1:81:50:ac:
cf:55:7a:94:37:5c:5a:54:66:4f:65:21:8d:6b:5b:8d:1f:a5:
d2:de:0c:4b:6c:1f:c2:b9:f0:20:0a:2b:f2:df:2d:8d:0b:32:
f2:4b:20:8b:ba:da:4e:5c:c1:00:26:6e:1f:34:5b:d1:85:5b:
3c:23:e5:84:4d:41:38:94:16:b6:c3:07:6e:77:4e:8f:a1:f4:
67:f1:f6:49:b2:60:0e:61:f4:28:79:b2:13:d0:96:eb:21:35:
1d:f3:48:07
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVrSjYdyzi5wlkbLaaJuKTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODMyNTE2NjFiMGI3NzQyNzFjNWNmNTI2YWFiODg0YjFm
YTdjN2UwHhcNMjMwMTAxMDMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmE3N2MxMDEzNmNkOTc0MTRiZmRhMDliNWU1NDE3ZWI3YWQyMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDEnSrvy7yBgUMb8ceWgJw0ajEmV
XjNv5ouEHD4CCMUwknECc3tTe/QCfI5uhXQXtBfZRJQkB1HR/4NklcSzTvjkMm0+
JRcHsi8ldALgE2X5AfaHIoFnGgnZNzc5ozMxKoMnfNzNhZtcKm4Ru8i0QRZ+LDdg
plM0XTghNQst6/oVOAHlbJILqbvfsoBS0/STZMHs8HsjuhE9QBkiC31zXxEja69s
6H2C+fSnbCON44r8VjmoEwtilAJiwbXjYkz5TiVCy0noHbX9erHH3sNcYzb4Zh/z
A1C+qooRtDyQSO2xVfs/d5zUEOzYn+tRJ9dbIFjsVX8FtU44o16n6w9VrQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE+nfBATbNl0FL/aCbXlQX63rSHnMB8GA1UdIwQY
MBaAFG6DJRZhsLd0Jxxc9SaquISx+nx+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9NbEZtR3d0M1FuSEZ6MUpxcTRoTEg2Zkg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jNjI2ZDUtZDQwNS00MDZlLThjODEt
NWMwMTgxN2ZiODIyLzEvVDZkOEVCTnMyWFFVdjlvSnRlVkJmcmV0SWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jNjI2ZDUtZDQwNS00MDZlLThjODEtNWMwMTgxN2ZiODIy
LzEvYm9NbEZtR3d0M1FuSEZ6MUpxcTRoTEg2Zkg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAS5KxAD
BAC5KxIwDQYJKoZIhvcNAQELBQADggEBAH9NV60rYphx+zMspvNdCKDw0E/LIoIk
gtlMjNlduX0w1A34NWd2vf43oqWUIbWddJyZTJZos2OQhfXcpgceSYORi26tZVj/
6O405pIYA1ZpAcw4CKZo73UxiW1lR07mmSjry5zy0vpqZCH4p73qQ7hO3vb42v/v
UEdnSUorfoSjEhrMl4GvzhB2U8jlkFMCVTrOR9ldwLrYPXY4Da4W4YFQrM9VepQ3
XFpUZk9lIY1rW40fpdLeDEtsH8K58CAKK/LfLY0LMvJLIIu62k5cwQAmbh80W9GF
Wzwj5YRNQTiUFrbDB253To+h9Gfx9kmyYA5h9Ch5shPQlushNR3zSAc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:25 2024 by rpki-client on console-fra.rpki-client.org