Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/t7QFKDbTiBoOL_xxVU-02zHPhzw.roa
File: t7QFKDbTiBoOL_xxVU-02zHPhzw.roa (raw, json)
Hash identifier: 3flMjGQZkLWtel6iFFoO50CvwtP2wsrRwehXGBFRUJw=
Subject key identifier: B7:B4:05:28:36:D3:88:1A:0E:2F:FC:71:55:4F:B4:DB:31:CF:87:3C
Certificate issuer: /CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Certificate serial: 01856F66C39F7AAD262CB3144B4EEC55AE25
Authority key identifier: DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/t7QFKDbTiBoOL_xxVU-02zHPhzw.roa
Signing time: Sun 01 Jan 2023 22:14:43 +0000
ROA not before: Sun 01 Jan 2023 22:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203827
IP address blocks: 185.255.220.0/24 maxlen: 24
185.255.223.0/24 maxlen: 24
185.255.221.0/24 maxlen: 24
185.255.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:c3:9f:7a:ad:26:2c:b3:14:4b:4e:ec:55:ae:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Validity
Not Before: Jan 1 22:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7b4052836d3881a0e2ffc71554fb4db31cf873c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:62:07:a5:8a:20:8c:ee:52:ad:3a:58:06:90:
4f:34:58:96:77:71:17:be:ba:18:d7:21:0e:8d:c7:
e2:df:28:14:ed:dd:f6:84:e4:12:59:0e:5c:92:a9:
ee:dc:12:2a:af:80:27:fa:ef:ac:dd:02:fe:8e:75:
ba:13:84:04:2e:92:88:4c:d4:2d:66:70:40:fb:a7:
41:34:fe:01:22:e1:a3:d1:19:22:ca:3d:cd:2a:30:
7e:25:6d:31:3f:05:b9:90:ae:1a:94:c6:17:e7:0c:
d9:c7:43:d6:54:0e:06:c1:cc:53:88:9b:c5:0c:c3:
78:74:42:8c:fb:0d:d7:79:31:f0:da:54:b7:7f:f6:
e7:b8:84:34:3d:29:5d:61:75:02:7b:c2:52:59:b6:
34:fc:4b:56:23:5b:2d:73:e7:ba:f9:f1:47:18:3b:
10:33:a6:9a:e0:51:b2:33:d6:8d:19:02:62:a8:35:
7c:8e:9c:32:e0:51:2b:8a:6f:14:9d:ca:17:68:50:
de:d4:b7:d5:f4:33:0b:b9:09:d0:99:63:78:c4:26:
bf:59:c2:84:46:d6:c7:21:9a:fd:c4:24:b4:68:5b:
65:f5:a2:95:0b:2b:a9:86:8a:e6:ff:06:9e:71:16:
e9:9e:2c:d8:79:67:dd:f0:d0:06:e0:c8:8d:c8:ce:
4c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B4:05:28:36:D3:88:1A:0E:2F:FC:71:55:4F:B4:DB:31:CF:87:3C
X509v3 Authority Key Identifier:
keyid:DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/t7QFKDbTiBoOL_xxVU-02zHPhzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.220.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:c8:d1:01:74:c0:06:80:c4:b9:b2:cd:67:68:a2:93:f0:a9:
37:6e:4b:91:69:d7:e3:55:ae:ae:22:41:c0:90:5d:be:90:a0:
83:43:f5:cd:f7:72:f1:65:32:fa:4b:e3:6a:c9:a0:b1:e2:8d:
b4:91:04:14:35:fe:4e:fa:ea:08:00:ae:58:2d:d2:24:d6:ec:
0c:d3:c6:d3:16:87:9d:5a:4f:c0:60:6c:6f:bf:e8:56:49:92:
9f:42:75:8b:28:b0:6f:a0:ee:2a:62:af:22:03:b9:05:59:d9:
09:c5:da:f3:2f:e2:c8:00:f2:70:9f:ca:ab:f6:ee:48:b2:23:
22:f6:89:83:fd:6e:e1:dc:39:c4:55:1f:d9:6e:d7:f0:fc:22:
ad:00:5c:a8:c6:50:3c:2c:a7:61:5c:61:fb:0c:f8:68:59:5e:
27:c9:81:df:09:bd:a1:46:3d:f5:67:de:54:35:f6:93:45:74:
31:56:8c:fa:e3:de:42:29:15:a3:f0:d5:ff:d4:2f:a4:0f:2f:
58:d4:4d:55:18:ee:60:40:b5:e8:9e:4f:d5:5e:47:9a:c2:5f:
e0:9a:c8:0e:0f:28:28:0e:dc:75:0f:c1:81:d9:fa:09:e3:1f:
83:1b:67:b7:1f:b5:54:a0:b0:3f:b1:9f:02:7c:9e:39:73:b9:
19:86:79:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZsOfeq0mLLMUS07sVa4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYWVmNWMzMmJlYTRiNTRkMTdlMjQxYjVjY2NhZjA3YmMw
YThlZTkwHhcNMjMwMTAxMjIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2I0MDUyODM2ZDM4ODFhMGUyZmZjNzE1NTRmYjRkYjMxY2Y4NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWIHpYogjO5SrTpYBpBPNFiWd3EX
vroY1yEOjcfi3ygU7d32hOQSWQ5ckqnu3BIqr4An+u+s3QL+jnW6E4QELpKITNQt
ZnBA+6dBNP4BIuGj0Rkiyj3NKjB+JW0xPwW5kK4alMYX5wzZx0PWVA4GwcxTiJvF
DMN4dEKM+w3XeTHw2lS3f/bnuIQ0PSldYXUCe8JSWbY0/EtWI1stc+e6+fFHGDsQ
M6aa4FGyM9aNGQJiqDV8jpwy4FErim8UncoXaFDe1LfV9DMLuQnQmWN4xCa/WcKE
RtbHIZr9xCS0aFtl9aKVCyuphorm/waecRbpnizYeWfd8NAG4MiNyM5MMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLe0BSg204gaDi/8cVVPtNsxz4c8MB8GA1UdIwQY
MBaAFNuu9cMr6ktU0X4kG1zMrwe8Co7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmIt
NjQyY2U2NzRmOTc0LzEvdDdRRktEYlRpQm9PTF94eFZVLTAyekhQaHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmItNjQyY2U2NzRmOTc0
LzEvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf/cMA0G
CSqGSIb3DQEBCwUAA4IBAQCKyNEBdMAGgMS5ss1naKKT8Kk3bkuRadfjVa6uIkHA
kF2+kKCDQ/XN93LxZTL6S+NqyaCx4o20kQQUNf5O+uoIAK5YLdIk1uwM08bTFoed
Wk/AYGxvv+hWSZKfQnWLKLBvoO4qYq8iA7kFWdkJxdrzL+LIAPJwn8qr9u5IsiMi
9omD/W7h3DnEVR/Zbtfw/CKtAFyoxlA8LKdhXGH7DPhoWV4nyYHfCb2hRj31Z95U
NfaTRXQxVoz6495CKRWj8NX/1C+kDy9Y1E1VGO5gQLXonk/VXkeawl/gmsgODygo
Dtx1D8GB2foJ4x+DG2e3H7VUoLA/sZ8CfJ45c7kZhnlF
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:17 2024 by rpki-client on console-ams.rpki-client.org