Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/J8_46xo2r0x1kMhB47bM01y609w.roa
File: J8_46xo2r0x1kMhB47bM01y609w.roa (raw, json)
Hash identifier: ii6eNv2R1Mm8K99wj3A0037yLDWXaCtNlOVNn7N5t+E=
Subject key identifier: 27:CF:F8:EB:1A:36:AF:4C:75:90:C8:41:E3:B6:CC:D3:5C:BA:D3:DC
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 0185CF5DEE54F5878A2DC4FAD195BB212FFB
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/J8_46xo2r0x1kMhB47bM01y609w.roa
Signing time: Fri 20 Jan 2023 13:28:37 +0000
ROA not before: Fri 20 Jan 2023 13:28:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 185.128.132.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:5d:ee:54:f5:87:8a:2d:c4:fa:d1:95:bb:21:2f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: Jan 20 13:28:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27cff8eb1a36af4c7590c841e3b6ccd35cbad3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6e:f0:0e:19:85:9e:98:76:42:c6:41:f3:f4:
d4:2b:11:02:a4:b5:f6:1c:f3:1f:9b:a0:49:28:cf:
23:c9:50:76:9a:19:0d:1d:0a:97:00:e8:7a:f1:b1:
c1:ff:4e:b4:da:f5:88:3b:9c:57:d6:ef:8c:e4:94:
9c:90:92:ce:2e:8f:83:d6:8d:e1:f4:43:b2:23:8b:
c7:e6:7b:0c:89:b0:6f:cd:fc:21:dd:65:06:db:89:
5a:1b:3e:ba:14:3d:9f:77:c8:5c:0a:8f:33:0f:8b:
db:4f:a8:79:41:7f:7b:a0:2b:1f:0c:91:06:6a:e8:
3f:b5:87:c7:52:77:c7:78:64:0c:1c:31:00:4f:f9:
ee:6a:b5:65:e2:d5:3e:77:c0:d0:07:dd:61:70:89:
45:87:2d:03:05:2a:b0:bd:e7:c2:d3:89:3a:ec:8a:
a7:d7:c8:8b:af:d6:b4:e1:fb:58:7d:06:6d:57:ca:
ae:a5:d2:1f:ce:e7:9e:7a:dd:7d:bf:b7:1e:50:bb:
32:03:78:44:a3:8c:95:40:de:fc:43:65:2a:39:96:
be:cf:26:01:18:ee:0b:19:11:86:6e:02:b7:e0:4e:
e9:f3:ff:ce:a7:52:9e:08:16:35:f8:ed:aa:0b:03:
cc:04:62:dc:76:79:44:38:a2:46:e1:44:9e:88:ca:
7d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CF:F8:EB:1A:36:AF:4C:75:90:C8:41:E3:B6:CC:D3:5C:BA:D3:DC
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/J8_46xo2r0x1kMhB47bM01y609w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.132.0/23
Signature Algorithm: sha256WithRSAEncryption
c5:d4:65:cc:d7:ab:00:f2:f0:bf:cc:03:6a:64:32:bc:71:dd:
bb:59:98:e7:32:42:bd:28:68:54:e2:e6:6c:37:96:07:24:49:
ae:c7:d0:81:b6:90:b9:7e:22:32:48:ba:99:d2:be:1c:95:bd:
c5:e3:64:a8:3f:00:5c:f8:db:fb:a7:a1:d3:0e:fb:ca:ff:4c:
21:be:38:32:5b:91:10:05:09:30:32:43:f2:4d:f2:b7:40:52:
2a:a5:2c:01:58:cd:98:51:9d:f5:db:b7:ab:83:d6:5d:02:8b:
49:ee:41:48:90:1e:7c:8f:87:a1:54:e7:2c:ec:ba:92:cf:d8:
bc:b0:16:d6:35:99:3e:94:f1:aa:10:eb:a2:69:6b:eb:44:e2:
67:27:a8:31:83:e1:62:80:d2:68:68:6a:3e:28:a4:fd:fd:3f:
08:d3:26:f2:6d:cd:71:d9:cd:fa:2e:c9:07:61:b0:34:24:77:
c2:9b:1e:a1:30:7a:79:5a:95:40:4d:5e:c0:e3:1d:b5:81:70:
84:3a:cf:5c:71:b6:e2:41:08:f1:55:be:aa:28:ed:e1:df:8b:
3c:3c:4c:c2:5d:6f:77:2e:fe:b6:13:09:75:6d:7d:f2:27:c3:
7c:94:ea:92:d7:a6:fe:ca:de:7d:2d:77:b8:84:b1:f4:ef:18:
84:23:86:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXPXe5U9YeKLcT60ZW7IS/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjMwMTIwMTMyODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2NmZjhlYjFhMzZhZjRjNzU5MGM4NDFlM2I2Y2NkMzVjYmFkM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm7wDhmFnph2QsZB8/TUKxECpLX2
HPMfm6BJKM8jyVB2mhkNHQqXAOh68bHB/0602vWIO5xX1u+M5JSckJLOLo+D1o3h
9EOyI4vH5nsMibBvzfwh3WUG24laGz66FD2fd8hcCo8zD4vbT6h5QX97oCsfDJEG
aug/tYfHUnfHeGQMHDEAT/nuarVl4tU+d8DQB91hcIlFhy0DBSqwvefC04k67Iqn
18iLr9a04ftYfQZtV8qupdIfzueeet19v7ceULsyA3hEo4yVQN78Q2UqOZa+zyYB
GO4LGRGGbgK34E7p8//Op1KeCBY1+O2qCwPMBGLcdnlEOKJG4USeiMp9BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCfP+OsaNq9MdZDIQeO2zNNcutPcMB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvSjhfNDZ4bzJyMHgxa01oQjQ3Yk0wMXk2MDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYCEMA0G
CSqGSIb3DQEBCwUAA4IBAQDF1GXM16sA8vC/zANqZDK8cd27WZjnMkK9KGhU4uZs
N5YHJEmux9CBtpC5fiIySLqZ0r4clb3F42SoPwBc+Nv7p6HTDvvK/0whvjgyW5EQ
BQkwMkPyTfK3QFIqpSwBWM2YUZ3127erg9ZdAotJ7kFIkB58j4ehVOcs7LqSz9i8
sBbWNZk+lPGqEOuiaWvrROJnJ6gxg+FigNJoaGo+KKT9/T8I0ybybc1x2c36LskH
YbA0JHfCmx6hMHp5WpVATV7A4x21gXCEOs9ccbbiQQjxVb6qKO3h34s8PEzCXW93
Lv62Ewl1bX3yJ8N8lOqS16b+yt59LXe4hLH07xiEI4Ze
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:50 2023 by rpki-client on console-fra.rpki-client.org