Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/887620-f385-43f4-9be2-a99c39090db4/1/ERjV_2535ntPPJexjf1DyckfYl8.roa
File: ERjV_2535ntPPJexjf1DyckfYl8.roa (raw, json)
Hash identifier: ST+GtAUWjTddEnaNH0Eq31XkYT9M2HpR+Jq5P2X8xkY=
Subject key identifier: 11:18:D5:FF:6E:77:E6:7B:4F:3C:97:B1:8D:FD:43:C9:C9:1F:62:5F
Certificate issuer: /CN=1d28b18df244db89f2b97a6c72629733b388602f
Certificate serial: 018570427B4A208669CA82E9A5B4B9B126F9
Authority key identifier: 1D:28:B1:8D:F2:44:DB:89:F2:B9:7A:6C:72:62:97:33:B3:88:60:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSixjfJE24nyuXpscmKXM7OIYC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/887620-f385-43f4-9be2-a99c39090db4/1/ERjV_2535ntPPJexjf1DyckfYl8.roa
Signing time: Mon 02 Jan 2023 02:14:43 +0000
ROA not before: Mon 02 Jan 2023 02:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33856
IP address blocks: 185.98.252.0/22 maxlen: 24
2a04:6600::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:7b:4a:20:86:69:ca:82:e9:a5:b4:b9:b1:26:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d28b18df244db89f2b97a6c72629733b388602f
Validity
Not Before: Jan 2 02:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1118d5ff6e77e67b4f3c97b18dfd43c9c91f625f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:bc:bd:20:09:7a:cf:fe:ab:5f:57:79:0a:
c2:4e:c3:ac:8a:12:18:64:f0:06:ab:0e:cc:be:7d:
04:88:39:a2:80:69:4e:b9:e5:6e:1d:3b:c7:5a:ca:
a0:b4:4d:be:c4:2f:0d:fa:d8:e4:e4:12:b7:6b:8c:
a8:6d:77:2e:ec:e4:e5:bb:c1:08:a4:01:1f:06:79:
c2:24:32:f5:5a:70:e5:ab:a8:b3:d0:be:86:66:1d:
06:1f:d9:1b:31:ad:2d:8d:f1:28:d5:26:73:25:f3:
50:e1:3c:05:9a:2f:82:d3:fc:48:17:23:cb:05:8a:
9b:f1:22:07:b6:5c:f2:c2:0b:51:68:58:6b:d7:7d:
85:3e:ed:98:ff:3b:ad:8d:66:e9:db:50:23:57:43:
a3:77:97:36:62:5f:bb:9b:49:28:24:4a:b2:9d:88:
4d:c1:3b:64:28:22:d5:b8:44:ef:a8:be:31:f2:25:
49:da:fb:01:a0:3d:c8:98:ae:78:13:31:c6:bf:70:
16:ff:c1:ea:cb:30:be:ac:4c:1f:db:9d:f0:65:59:
9a:42:bb:f5:1e:da:37:55:1e:20:f1:c1:4e:8d:91:
34:1f:76:fd:dd:8d:db:12:e0:e4:9d:fd:de:c6:63:
64:e7:71:70:b9:f3:ee:d3:1f:e9:95:a4:f0:3e:8b:
9f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:18:D5:FF:6E:77:E6:7B:4F:3C:97:B1:8D:FD:43:C9:C9:1F:62:5F
X509v3 Authority Key Identifier:
keyid:1D:28:B1:8D:F2:44:DB:89:F2:B9:7A:6C:72:62:97:33:B3:88:60:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSixjfJE24nyuXpscmKXM7OIYC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/887620-f385-43f4-9be2-a99c39090db4/1/ERjV_2535ntPPJexjf1DyckfYl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/887620-f385-43f4-9be2-a99c39090db4/1/HSixjfJE24nyuXpscmKXM7OIYC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.252.0/22
IPv6:
2a04:6600::/29
Signature Algorithm: sha256WithRSAEncryption
07:4d:f1:f1:4c:83:14:4c:52:cb:d2:6c:cb:56:9f:b0:bf:1d:
0f:e7:03:6c:a1:89:6f:bb:a7:8f:2b:e5:b3:9a:92:b5:f4:5c:
bd:2c:b6:45:50:5d:df:d2:98:49:a9:cf:06:3b:35:39:c4:de:
d3:05:aa:34:64:0b:43:69:9b:fc:50:66:fe:3c:01:3d:e4:24:
0a:86:9e:20:e8:19:d7:74:49:63:fe:58:f4:35:aa:fd:67:be:
19:71:43:92:e7:9c:b0:75:68:b6:9e:db:b6:f1:e5:15:7f:a3:
a8:13:10:37:41:4d:74:65:a2:a2:79:22:b6:98:9a:3f:a0:08:
8d:27:cd:1d:1b:2a:f7:51:41:58:39:1f:85:92:89:b4:5c:ff:
45:a5:cf:f6:99:5b:11:cf:79:98:9f:1f:e7:1f:af:f7:54:a5:
81:38:d6:e2:f5:7b:47:9c:da:78:7f:e1:87:6b:06:aa:46:03:
83:2a:e9:ae:38:70:1b:24:bc:d9:b8:b1:85:94:0f:88:ba:b3:
5e:0d:dd:65:f8:e0:22:b1:ef:9e:23:20:56:44:87:3a:75:08:
d2:50:ef:e9:69:d2:90:df:ea:92:c5:86:be:d2:de:b6:4d:12:
82:5c:30:fc:83:02:49:05:93:38:ac:49:1c:e0:57:c4:08:99:
d0:8e:86:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwQntKIIZpyoLppbS5sSb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjhiMThkZjI0NGRiODlmMmI5N2E2YzcyNjI5NzMzYjM4
ODYwMmYwHhcNMjMwMTAyMDIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTE4ZDVmZjZlNzdlNjdiNGYzYzk3YjE4ZGZkNDNjOWM5MWY2MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgC8vSAJes/+q19XeQrCTsOsihIY
ZPAGqw7Mvn0EiDmigGlOueVuHTvHWsqgtE2+xC8N+tjk5BK3a4yobXcu7OTlu8EI
pAEfBnnCJDL1WnDlq6iz0L6GZh0GH9kbMa0tjfEo1SZzJfNQ4TwFmi+C0/xIFyPL
BYqb8SIHtlzywgtRaFhr132FPu2Y/zutjWbp21AjV0Ojd5c2Yl+7m0koJEqynYhN
wTtkKCLVuETvqL4x8iVJ2vsBoD3ImK54EzHGv3AW/8HqyzC+rEwf253wZVmaQrv1
Hto3VR4g8cFOjZE0H3b93Y3bEuDknf3exmNk53FwufPu0x/plaTwPoufhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBEY1f9ud+Z7TzyXsY39Q8nJH2JfMB8GA1UdIwQY
MBaAFB0osY3yRNuJ8rl6bHJilzOziGAvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNpeGpmSkUyNG55dVhwc2NtS1hNN09JWUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84ODc2MjAtZjM4NS00M2Y0LTliZTIt
YTk5YzM5MDkwZGI0LzEvRVJqVl8yNTM1bnRQUEpleGpmMUR5Y2tmWWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84ODc2MjAtZjM4NS00M2Y0LTliZTItYTk5YzM5MDkwZGI0
LzEvSFNpeGpmSkUyNG55dVhwc2NtS1hNN09JWUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWL8MA0E
AgACMAcDBQMqBGYAMA0GCSqGSIb3DQEBCwUAA4IBAQAHTfHxTIMUTFLL0mzLVp+w
vx0P5wNsoYlvu6ePK+WzmpK19Fy9LLZFUF3f0phJqc8GOzU5xN7TBao0ZAtDaZv8
UGb+PAE95CQKhp4g6BnXdElj/lj0Nar9Z74ZcUOS55ywdWi2ntu28eUVf6OoExA3
QU10ZaKieSK2mJo/oAiNJ80dGyr3UUFYOR+Fkom0XP9Fpc/2mVsRz3mYnx/nH6/3
VKWBONbi9XtHnNp4f+GHawaqRgODKumuOHAbJLzZuLGFlA+IurNeDd1l+OAise+e
IyBWRIc6dQjSUO/padKQ3+qSxYa+0t62TRKCXDD8gwJJBZM4rEkc4FfECJnQjoYR
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:35 2024 by rpki-client on console-fra.rpki-client.org