Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/9I89I2OFN8DXrP_AzaensQuo3FY.roa
File: 9I89I2OFN8DXrP_AzaensQuo3FY.roa (raw, json)
Hash identifier: pcD6eyKJUAbZDSbI8cwZTz8SVCp+Fp1lCc23F64WqTI=
Subject key identifier: F4:8F:3D:23:63:85:37:C0:D7:AC:FF:C0:CD:A7:A7:B1:0B:A8:DC:56
Certificate issuer: /CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Certificate serial: 018CC50054DCA14AF3C9AA5BD8B89DCB2728
Authority key identifier: C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/9I89I2OFN8DXrP_AzaensQuo3FY.roa
Signing time: Mon 01 Jan 2024 12:29:42 +0000
ROA not before: Mon 01 Jan 2024 12:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203523
IP address blocks: 185.122.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 12:57:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:54:dc:a1:4a:f3:c9:aa:5b:d8:b8:9d:cb:27:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Validity
Not Before: Jan 1 12:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f48f3d23638537c0d7acffc0cda7a7b10ba8dc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:55:6b:a8:ae:2b:54:ef:7b:de:2e:58:97:2c:
4f:d6:96:67:b7:f7:05:9d:3d:d6:69:9d:96:90:31:
8e:2c:9d:fa:5b:80:20:9f:64:35:21:d3:f5:3a:c8:
f1:40:8c:47:b2:b9:53:c3:0a:de:68:81:19:8b:c3:
99:af:ca:1e:bb:55:f1:ea:df:ea:9b:9d:8c:85:1d:
0e:27:a2:58:bc:40:b6:ce:3d:80:66:d4:02:b3:6d:
b7:5f:da:8d:e8:76:ea:70:54:dc:00:41:0c:5c:3b:
9f:7b:7e:58:f7:5b:b6:e3:2a:71:11:95:c2:ae:cf:
36:22:ec:2a:e5:0f:4b:02:a9:95:14:6f:36:77:88:
a7:45:70:dc:a6:d4:85:7d:47:35:50:d4:e5:6a:a6:
2d:de:b8:2f:e0:76:2e:a4:58:35:7a:fe:68:e6:18:
00:a2:39:3b:78:d7:63:c2:c9:32:e0:af:91:74:48:
a5:d7:54:63:31:64:ee:e9:17:45:ed:e3:36:7e:94:
95:7a:05:ad:f8:d8:e4:b4:07:15:1c:32:c9:7c:d0:
95:a3:06:65:b7:f9:84:ac:6c:0a:47:4b:6c:52:eb:
75:9c:a2:bb:21:b1:19:21:cb:b4:a1:9d:40:4b:c7:
d8:35:34:f5:70:38:f8:8f:9d:32:21:3d:ef:90:67:
4c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:8F:3D:23:63:85:37:C0:D7:AC:FF:C0:CD:A7:A7:B1:0B:A8:DC:56
X509v3 Authority Key Identifier:
keyid:C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/9I89I2OFN8DXrP_AzaensQuo3FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:60:dc:b8:f9:6c:e6:74:82:c5:1d:34:dc:05:aa:d9:2c:05:
45:93:71:87:7f:96:9a:3e:3d:d1:52:ae:06:07:74:ce:3e:74:
dd:94:82:6a:3a:77:53:9e:43:1e:2a:fc:b3:08:53:29:c7:0b:
fb:5d:4e:a7:49:18:7a:da:83:60:95:f5:6e:31:41:40:4f:58:
99:e8:8b:1b:84:8c:1e:5c:50:40:3a:ce:cb:2f:86:da:a1:84:
88:c6:7f:4b:f1:1f:c9:2d:8a:e2:4e:9e:b2:ff:55:43:1f:35:
61:1e:2d:b6:4b:bd:18:b5:6e:94:02:29:e3:bd:59:73:8b:7c:
5a:53:40:df:64:16:1a:43:98:d0:40:dc:e8:d8:53:dd:41:7d:
55:1f:c3:9c:f9:b3:19:c3:59:33:40:3c:b7:d2:8b:34:ac:6f:
9e:c3:26:c6:fa:4f:3a:dd:fe:9b:d2:11:f8:53:fb:cb:6f:90:
14:ab:d3:78:7c:ff:09:40:0d:a8:a6:7d:ef:1a:81:ad:98:1d:
14:56:42:cd:7e:7d:ee:db:62:2b:a9:a3:fd:50:45:6e:33:16:
19:3d:30:ab:5a:2a:02:52:58:27:99:ca:d8:04:0e:4d:66:a3:
0c:60:b7:0f:d6:86:10:ab:7d:eb:6d:21:10:d3:c6:50:9a:03:
0e:0d:a4:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAFTcoUrzyapb2LidyycoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzA1OTFlMmViNDlkMDU1OWU2ZmNlN2VlMmFhODFmMGY1
OWJhNmYwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDhmM2QyMzYzODUzN2MwZDdhY2ZmYzBjZGE3YTdiMTBiYThkYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1VrqK4rVO973i5YlyxP1pZnt/cF
nT3WaZ2WkDGOLJ36W4Agn2Q1IdP1OsjxQIxHsrlTwwreaIEZi8OZr8oeu1Xx6t/q
m52MhR0OJ6JYvEC2zj2AZtQCs223X9qN6HbqcFTcAEEMXDufe35Y91u24ypxEZXC
rs82Iuwq5Q9LAqmVFG82d4inRXDcptSFfUc1UNTlaqYt3rgv4HYupFg1ev5o5hgA
ojk7eNdjwsky4K+RdEil11RjMWTu6RdF7eM2fpSVegWt+NjktAcVHDLJfNCVowZl
t/mErGwKR0tsUut1nKK7IbEZIcu0oZ1AS8fYNTT1cDj4j50yIT3vkGdMMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSPPSNjhTfA16z/wM2np7ELqNxWMB8GA1UdIwQY
MBaAFMPAWR4utJ0FWeb85+4qqB8PWbpvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQt
ZTM0MDcxNzQ2NjNiLzEvOUk4OUkyT0ZOOERYclBfQXphZW5zUXVvM0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQtZTM0MDcxNzQ2NjNi
LzEvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXrcMA0G
CSqGSIb3DQEBCwUAA4IBAQCLYNy4+WzmdILFHTTcBarZLAVFk3GHf5aaPj3RUq4G
B3TOPnTdlIJqOndTnkMeKvyzCFMpxwv7XU6nSRh62oNglfVuMUFAT1iZ6IsbhIwe
XFBAOs7LL4baoYSIxn9L8R/JLYriTp6y/1VDHzVhHi22S70YtW6UAinjvVlzi3xa
U0DfZBYaQ5jQQNzo2FPdQX1VH8Oc+bMZw1kzQDy30os0rG+ewybG+k863f6b0hH4
U/vLb5AUq9N4fP8JQA2opn3vGoGtmB0UVkLNfn3u22IrqaP9UEVuMxYZPTCrWioC
UlgnmcrYBA5NZqMMYLcP1oYQq33rbSEQ08ZQmgMODaSA
-----END CERTIFICATE-----
Generated at Mon Jul 22 16:02:47 2024 by rpki-client on console-fra.rpki-client.org