Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/1xM0IM-pIIVk0rkO2zJymaewCLo.roa
File: 1xM0IM-pIIVk0rkO2zJymaewCLo.roa (raw, json)
Hash identifier: eNy8A3oPRr2qG51MHmzga5ZDPIUBWZmmEFVJ0iaSGlE=
Subject key identifier: D7:13:34:20:CF:A9:20:85:64:D2:B9:0E:DB:32:72:99:A7:B0:08:BA
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 018572C3566D0963DCAB77CB404764EF0A0F
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/1xM0IM-pIIVk0rkO2zJymaewCLo.roa
Signing time: Mon 02 Jan 2023 13:54:42 +0000
ROA not before: Mon 02 Jan 2023 13:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56388
IP address blocks: 185.156.200.0/24 maxlen: 24
185.156.203.0/24 maxlen: 24
185.156.201.0/24 maxlen: 24
185.156.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:56:6d:09:63:dc:ab:77:cb:40:47:64:ef:0a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: Jan 2 13:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7133420cfa9208564d2b90edb327299a7b008ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a9:22:d6:08:aa:84:f1:e4:b0:c6:a0:d6:55:
f4:37:a4:7e:d4:6c:dd:39:63:ea:18:da:5c:bd:b6:
af:15:39:45:33:f2:db:2b:f6:76:12:88:3e:5f:1a:
f7:99:f9:34:6a:5f:c9:be:d5:9c:91:d6:85:d7:5d:
7f:2a:33:62:06:6a:9a:df:3b:5a:2d:ca:3b:4b:80:
f4:73:24:3d:9c:8c:15:51:a3:88:c3:2c:59:d9:96:
12:05:04:f4:eb:43:aa:77:6c:be:da:13:5e:ef:84:
ed:e4:18:82:55:be:84:1f:10:da:a7:87:eb:9d:fc:
2d:ec:82:4f:90:5d:d2:5e:b5:0c:dd:cf:ab:72:9b:
2d:ec:e7:9c:4a:20:fc:a0:9b:95:a6:8e:f4:9d:91:
d1:ec:19:54:86:d4:53:cc:a5:bf:41:84:af:d8:83:
01:53:48:af:25:c8:5c:bd:bd:e7:8f:7a:8d:c0:ed:
c5:1c:15:fe:79:1f:f2:59:cf:b3:31:41:3d:ec:c7:
86:d2:8a:3b:5c:ed:46:5b:b5:c6:3e:33:fa:86:d0:
0e:c9:f6:ab:d8:07:76:e7:87:c2:4b:59:b2:5e:50:
2e:9b:a9:90:f8:20:10:63:c1:98:ed:0d:6f:92:9b:
f9:0d:91:37:ae:2b:24:66:b0:1b:6b:09:f9:a0:24:
b8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:13:34:20:CF:A9:20:85:64:D2:B9:0E:DB:32:72:99:A7:B0:08:BA
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/1xM0IM-pIIVk0rkO2zJymaewCLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.200.0/22
Signature Algorithm: sha256WithRSAEncryption
40:1a:90:b2:bf:1f:8f:12:c0:a9:c3:59:b7:10:2c:95:33:c6:
40:03:e3:92:2f:44:61:0f:c0:4b:a9:01:8d:10:1c:17:a8:b4:
58:af:10:9f:13:83:e6:ad:da:0a:18:1d:d2:25:c8:cd:b4:ef:
b6:5e:6c:97:ae:4a:18:f4:c1:3c:d1:9a:21:0c:f3:24:b6:68:
dd:4e:57:93:a0:1d:ba:cf:da:28:59:0f:ff:a9:83:fc:cd:40:
d6:e8:18:7b:f0:f6:86:20:fc:51:d3:f4:0e:b2:0b:84:58:49:
39:33:07:3c:3f:f5:b0:97:ea:07:8f:67:c1:93:d8:1a:73:ca:
a9:ca:48:14:88:e0:d9:49:50:d7:ce:78:a3:12:70:94:1f:b9:
84:4b:b3:7d:96:29:81:3d:ba:a1:38:2b:65:b2:3b:90:cc:ef:
93:22:60:1b:5d:04:4f:bc:21:6a:c1:14:8f:74:d3:c2:43:4a:
e7:e7:fa:5a:3c:2d:af:42:4e:08:25:49:0b:3f:32:e8:3b:5c:
ff:b1:1d:21:19:ab:03:e4:86:29:1a:f3:84:51:5e:5c:1e:d8:
e0:12:8f:48:f0:5b:63:73:97:93:2a:8d:ea:4c:80:2d:66:ea:
e6:36:3f:a4:be:6e:8a:c0:7a:5a:02:88:0f:5b:3b:f6:e2:47:
82:3b:0d:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw1ZtCWPcq3fLQEdk7woPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjMwMTAyMTM1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzEzMzQyMGNmYTkyMDg1NjRkMmI5MGVkYjMyNzI5OWE3YjAwOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaki1giqhPHksMag1lX0N6R+1Gzd
OWPqGNpcvbavFTlFM/LbK/Z2Eog+Xxr3mfk0al/JvtWckdaF111/KjNiBmqa3zta
Lco7S4D0cyQ9nIwVUaOIwyxZ2ZYSBQT060Oqd2y+2hNe74Tt5BiCVb6EHxDap4fr
nfwt7IJPkF3SXrUM3c+rcpst7OecSiD8oJuVpo70nZHR7BlUhtRTzKW/QYSv2IMB
U0ivJchcvb3nj3qNwO3FHBX+eR/yWc+zMUE97MeG0oo7XO1GW7XGPjP6htAOyfar
2Ad254fCS1myXlAum6mQ+CAQY8GY7Q1vkpv5DZE3riskZrAbawn5oCS4kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNcTNCDPqSCFZNK5DtsycpmnsAi6MB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvMXhNMElNLXBJSVZrMHJrTzJ6SnltYWV3Q0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZzIMA0G
CSqGSIb3DQEBCwUAA4IBAQBAGpCyvx+PEsCpw1m3ECyVM8ZAA+OSL0RhD8BLqQGN
EBwXqLRYrxCfE4PmrdoKGB3SJcjNtO+2XmyXrkoY9ME80ZohDPMktmjdTleToB26
z9ooWQ//qYP8zUDW6Bh78PaGIPxR0/QOsguEWEk5Mwc8P/Wwl+oHj2fBk9gac8qp
ykgUiODZSVDXznijEnCUH7mES7N9limBPbqhOCtlsjuQzO+TImAbXQRPvCFqwRSP
dNPCQ0rn5/paPC2vQk4IJUkLPzLoO1z/sR0hGasD5IYpGvOEUV5cHtjgEo9I8Ftj
c5eTKo3qTIAtZurmNj+kvm6KwHpaAogPWzv24keCOw2c
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:18 2024 by rpki-client on console-fra.rpki-client.org