Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e5a814-16a5-403b-93f3-cf32a0d92825/1/9kA4DIehjG-KGuxNNmv9KmkKLzw.roa
File: 9kA4DIehjG-KGuxNNmv9KmkKLzw.roa (raw, json)
Hash identifier: w7SkZ+wXiaoeDj6T9UihZst93TT7eE9/Wfd8EegJy5Q=
Subject key identifier: F6:40:38:0C:87:A1:8C:6F:8A:1A:EC:4D:36:6B:FD:2A:69:0A:2F:3C
Certificate issuer: /CN=c256d25f1fdd00dc80dd6d225b21119bf2121e89
Certificate serial: 018572BA72060C6C61C4DD128C59E65F82E2
Authority key identifier: C2:56:D2:5F:1F:DD:00:DC:80:DD:6D:22:5B:21:11:9B:F2:12:1E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wlbSXx_dANyA3W0iWyERm_ISHok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/e5a814-16a5-403b-93f3-cf32a0d92825/1/9kA4DIehjG-KGuxNNmv9KmkKLzw.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202757
IP address blocks: 185.255.217.0/24 maxlen: 24
185.255.216.0/24 maxlen: 24
185.255.219.0/24 maxlen: 24
185.255.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:72:06:0c:6c:61:c4:dd:12:8c:59:e6:5f:82:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c256d25f1fdd00dc80dd6d225b21119bf2121e89
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f640380c87a18c6f8a1aec4d366bfd2a690a2f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:13:5f:fb:2a:43:5a:6c:bf:29:7f:a7:40:7b:
c9:f2:2d:8b:26:17:73:90:67:cf:b6:93:fe:d3:1a:
33:9b:1a:03:10:55:8d:77:8b:75:f9:d7:f3:7c:82:
12:c0:85:29:c3:53:b0:a5:b4:5a:bc:1d:d2:a0:e6:
9a:47:70:de:43:e1:61:ea:03:5c:85:0c:13:4c:5d:
f0:8e:a8:99:45:dc:aa:bb:86:a3:2c:30:de:72:50:
bd:96:07:de:d5:d5:5a:95:c9:56:aa:20:3a:10:2e:
08:a7:ba:51:7c:ae:70:d5:6f:1b:8d:5d:05:53:f8:
95:92:9d:40:7b:3a:d3:e3:69:5c:4b:ff:2b:6f:7f:
f5:6d:22:95:89:c5:40:db:d2:10:06:99:a7:ee:96:
1b:75:9b:41:99:bd:64:c7:91:45:6d:bc:f1:0b:0a:
75:93:37:a9:54:66:f5:dc:81:cb:00:f9:68:39:c3:
07:99:8e:24:bc:d3:06:68:d1:3d:61:e7:21:b0:6f:
a7:9b:a7:0a:e2:b8:08:0a:eb:1c:4a:bf:54:3e:c9:
62:d1:24:0f:28:88:ff:86:81:07:8b:24:49:88:b7:
e0:95:c2:3a:84:4e:98:0e:a6:99:83:30:33:e5:c2:
7d:6e:e9:a4:cf:27:7b:2e:fb:78:7a:68:22:cc:83:
d3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:40:38:0C:87:A1:8C:6F:8A:1A:EC:4D:36:6B:FD:2A:69:0A:2F:3C
X509v3 Authority Key Identifier:
keyid:C2:56:D2:5F:1F:DD:00:DC:80:DD:6D:22:5B:21:11:9B:F2:12:1E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wlbSXx_dANyA3W0iWyERm_ISHok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e5a814-16a5-403b-93f3-cf32a0d92825/1/9kA4DIehjG-KGuxNNmv9KmkKLzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e5a814-16a5-403b-93f3-cf32a0d92825/1/wlbSXx_dANyA3W0iWyERm_ISHok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.216.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:66:52:1d:b0:fd:46:f7:71:b2:ff:e1:65:d9:46:4e:48:53:
51:b8:78:00:ef:1b:1d:dc:3a:b2:49:cb:3b:f0:a4:03:39:ff:
84:c2:52:aa:31:62:d8:63:50:01:f6:93:2d:f4:ef:0d:a1:ac:
01:e9:56:f4:c9:2c:4c:66:e5:af:21:d5:5e:fd:8b:04:c3:ce:
03:5c:1f:de:69:20:dc:bf:e1:a2:2e:4c:fc:27:4e:eb:10:5b:
ee:1b:b3:39:f5:c1:61:05:e8:78:c0:4f:51:d9:d8:7d:61:b4:
25:d8:c8:dc:92:51:b3:25:b1:2f:ac:38:c9:e2:1e:67:2e:84:
b9:a9:2d:fb:bb:75:6b:f1:b6:e5:47:14:95:ab:65:3a:6e:c9:
56:0b:9d:66:c0:d1:ef:84:62:9d:21:8d:58:95:59:c8:97:51:
cc:1e:6b:a4:66:37:89:dc:81:1f:90:24:b8:4b:42:24:a9:1a:
8b:bd:54:1d:de:49:ad:d4:8d:05:67:0c:f1:69:d9:6d:e2:36:
46:29:b7:fe:6c:d3:45:6a:52:98:d0:1f:17:f9:e7:0a:30:4d:
39:7f:6e:de:5d:16:5e:ec:70:e9:9c:85:26:78:59:6c:8d:47:
93:55:55:db:2b:86:6c:1e:05:d9:cf:8d:77:de:04:54:4d:2b:
28:43:08:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyunIGDGxhxN0SjFnmX4LiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNTZkMjVmMWZkZDAwZGM4MGRkNmQyMjViMjExMTliZjIx
MjFlODkwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjQwMzgwYzg3YTE4YzZmOGExYWVjNGQzNjZiZmQyYTY5MGEyZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxNf+ypDWmy/KX+nQHvJ8i2LJhdz
kGfPtpP+0xozmxoDEFWNd4t1+dfzfIISwIUpw1OwpbRavB3SoOaaR3DeQ+Fh6gNc
hQwTTF3wjqiZRdyqu4ajLDDeclC9lgfe1dValclWqiA6EC4Ip7pRfK5w1W8bjV0F
U/iVkp1AezrT42lcS/8rb3/1bSKVicVA29IQBpmn7pYbdZtBmb1kx5FFbbzxCwp1
kzepVGb13IHLAPloOcMHmY4kvNMGaNE9YechsG+nm6cK4rgICuscSr9UPsli0SQP
KIj/hoEHiyRJiLfglcI6hE6YDqaZgzAz5cJ9bumkzyd7Lvt4emgizIPTMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZAOAyHoYxvihrsTTZr/SppCi88MB8GA1UdIwQY
MBaAFMJW0l8f3QDcgN1tIlshEZvyEh6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2xiU1h4X2RBTnlBM1cwaVd5RVJtX0lTSG9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNWE4MTQtMTZhNS00MDNiLTkzZjMt
Y2YzMmEwZDkyODI1LzEvOWtBNERJZWhqRy1LR3V4Tk5tdjlLbWtLTHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNWE4MTQtMTZhNS00MDNiLTkzZjMtY2YzMmEwZDkyODI1
LzEvd2xiU1h4X2RBTnlBM1cwaVd5RVJtX0lTSG9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf/YMA0G
CSqGSIb3DQEBCwUAA4IBAQAfZlIdsP1G93Gy/+Fl2UZOSFNRuHgA7xsd3DqyScs7
8KQDOf+EwlKqMWLYY1AB9pMt9O8NoawB6Vb0ySxMZuWvIdVe/YsEw84DXB/eaSDc
v+GiLkz8J07rEFvuG7M59cFhBeh4wE9R2dh9YbQl2MjcklGzJbEvrDjJ4h5nLoS5
qS37u3Vr8bblRxSVq2U6bslWC51mwNHvhGKdIY1YlVnIl1HMHmukZjeJ3IEfkCS4
S0IkqRqLvVQd3kmt1I0FZwzxadlt4jZGKbf+bNNFalKY0B8X+ecKME05f27eXRZe
7HDpnIUmeFlsjUeTVVXbK4ZsHgXZz4133gRUTSsoQwgS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:29 2024 by rpki-client on console-ams.rpki-client.org