Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/9T_ALMC1r3vGLI69H1rAN-tUJIU.roa
File: 9T_ALMC1r3vGLI69H1rAN-tUJIU.roa (raw, json)
Hash identifier: cHadaBZ+76CSn7rBJQA++O1AM5UeY788PTsGq6d9zME=
Subject key identifier: F5:3F:C0:2C:C0:B5:AF:7B:C6:2C:8E:BD:1F:5A:C0:37:EB:54:24:85
Certificate issuer: /CN=ad2cdf27d9de65eb24e5cfc9d310e4c8a0301460
Certificate serial: 01856C1C9022747185EFD037C16D6DFC5B2F
Authority key identifier: AD:2C:DF:27:D9:DE:65:EB:24:E5:CF:C9:D3:10:E4:C8:A0:30:14:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSzfJ9neZesk5c_J0xDkyKAwFGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/9T_ALMC1r3vGLI69H1rAN-tUJIU.roa
Signing time: Sun 01 Jan 2023 06:54:49 +0000
ROA not before: Sun 01 Jan 2023 06:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202526
IP address blocks: 185.161.152.0/22 maxlen: 22
2a07:c5c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:90:22:74:71:85:ef:d0:37:c1:6d:6d:fc:5b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2cdf27d9de65eb24e5cfc9d310e4c8a0301460
Validity
Not Before: Jan 1 06:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f53fc02cc0b5af7bc62c8ebd1f5ac037eb542485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:61:2a:0c:7e:26:76:b3:08:04:de:80:19:e0:
26:d6:43:88:f3:54:43:93:08:49:14:5e:49:6b:68:
a7:12:8b:0e:e5:5e:f9:1f:c9:a4:d2:b4:6f:4d:79:
97:fd:f0:19:4d:5d:95:77:85:72:a8:59:fc:1f:86:
5a:a4:06:16:bd:7f:31:e2:60:fa:36:c0:57:ed:b7:
c9:3c:47:d8:5c:01:f0:3b:e6:4b:c5:b7:d5:1a:d1:
af:29:a3:75:10:1d:02:5a:49:f9:4f:5c:1b:32:dd:
47:bd:77:24:d6:d1:6e:d0:b8:f4:f4:dc:ef:c7:30:
5e:ab:43:89:26:07:00:11:06:83:fd:71:bd:b7:ff:
ba:7a:34:7d:15:99:99:f7:07:fd:01:fd:87:81:92:
35:b6:64:e3:a0:89:94:f8:ff:cd:8d:3d:fd:f0:25:
5b:8c:2e:d6:48:7b:8f:75:39:c3:37:69:de:a3:a8:
bc:34:95:9e:7f:17:72:6e:81:46:0c:67:c3:40:90:
7f:78:da:74:32:6f:af:5b:f3:16:04:09:fe:ac:66:
08:0e:5e:49:67:da:78:d0:33:a5:c2:17:08:45:6c:
09:44:57:cc:b6:7c:81:6a:57:35:4e:bc:65:47:76:
34:e1:99:6e:9d:76:70:8b:6b:61:4a:f7:e8:3b:90:
c5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3F:C0:2C:C0:B5:AF:7B:C6:2C:8E:BD:1F:5A:C0:37:EB:54:24:85
X509v3 Authority Key Identifier:
keyid:AD:2C:DF:27:D9:DE:65:EB:24:E5:CF:C9:D3:10:E4:C8:A0:30:14:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzfJ9neZesk5c_J0xDkyKAwFGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/9T_ALMC1r3vGLI69H1rAN-tUJIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/rSzfJ9neZesk5c_J0xDkyKAwFGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.152.0/22
IPv6:
2a07:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:b9:18:c6:9d:50:7a:8c:33:2a:6b:9e:22:4e:b4:c6:bd:80:
52:38:90:06:be:53:f9:d8:73:eb:55:4f:57:c0:a2:55:4d:d9:
0b:46:d9:1d:b4:44:32:3d:8b:e1:78:bd:d0:52:84:35:82:f8:
3a:a6:b0:0c:e5:89:40:7a:00:67:7f:c9:9f:0b:1e:c8:56:e1:
cd:35:57:4e:a2:70:d9:b0:13:9d:92:e1:8d:42:d8:fa:98:79:
f5:90:07:6f:fa:3d:4f:c4:7d:c4:8f:05:6b:95:9c:d3:6d:da:
5d:90:90:39:00:2f:d0:08:9f:2c:68:8d:6e:de:ee:70:3f:2b:
ad:6c:e6:df:40:3e:3a:ac:73:b6:4e:64:b6:98:21:0f:a0:d6:
e6:7a:a4:6a:e0:f1:9d:3c:77:81:21:d5:f7:53:e9:54:4e:a8:
2f:85:f6:9a:ca:5a:2e:1f:87:ff:fe:7d:a6:08:0c:3a:ac:91:
61:11:88:2d:fd:39:1f:1d:4c:ce:0c:f7:08:fc:41:ef:34:82:
13:50:c1:9d:9d:8b:72:21:7a:fe:c5:6c:56:1d:56:e4:e4:06:
e4:ef:76:bc:6a:28:2f:2b:12:94:e1:66:42:e3:3e:ff:78:09:
e7:fc:23:fe:60:4d:9d:d1:ba:e3:19:5d:3c:6e:fc:99:9a:8b:
8e:b1:fb:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsHJAidHGF79A3wW1t/FsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmNkZjI3ZDlkZTY1ZWIyNGU1Y2ZjOWQzMTBlNGM4YTAz
MDE0NjAwHhcNMjMwMTAxMDY1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNmYzAyY2MwYjVhZjdiYzYyYzhlYmQxZjVhYzAzN2ViNTQyNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2EqDH4mdrMIBN6AGeAm1kOI81RD
kwhJFF5Ja2inEosO5V75H8mk0rRvTXmX/fAZTV2Vd4VyqFn8H4ZapAYWvX8x4mD6
NsBX7bfJPEfYXAHwO+ZLxbfVGtGvKaN1EB0CWkn5T1wbMt1HvXck1tFu0Lj09Nzv
xzBeq0OJJgcAEQaD/XG9t/+6ejR9FZmZ9wf9Af2HgZI1tmTjoImU+P/NjT398CVb
jC7WSHuPdTnDN2neo6i8NJWefxdyboFGDGfDQJB/eNp0Mm+vW/MWBAn+rGYIDl5J
Z9p40DOlwhcIRWwJRFfMtnyBalc1TrxlR3Y04ZlunXZwi2thSvfoO5DFtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPU/wCzAta97xiyOvR9awDfrVCSFMB8GA1UdIwQY
MBaAFK0s3yfZ3mXrJOXPydMQ5MigMBRgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclN6Zko5bmVaZXNrNWNfSjB4RGt5S0F3RkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lZDYzNGItMzlmNy00YjljLTg2ZTQt
MWU5MjM4Y2YwMjhjLzEvOVRfQUxNQzFyM3ZHTEk2OUgxckFOLXRVSklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lZDYzNGItMzlmNy00YjljLTg2ZTQtMWU5MjM4Y2YwMjhj
LzEvclN6Zko5bmVaZXNrNWNfSjB4RGt5S0F3RkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGYMA0E
AgACMAcDBQMqB8XAMA0GCSqGSIb3DQEBCwUAA4IBAQCbuRjGnVB6jDMqa54iTrTG
vYBSOJAGvlP52HPrVU9XwKJVTdkLRtkdtEQyPYvheL3QUoQ1gvg6prAM5YlAegBn
f8mfCx7IVuHNNVdOonDZsBOdkuGNQtj6mHn1kAdv+j1PxH3EjwVrlZzTbdpdkJA5
AC/QCJ8saI1u3u5wPyutbObfQD46rHO2TmS2mCEPoNbmeqRq4PGdPHeBIdX3U+lU
TqgvhfaaylouH4f//n2mCAw6rJFhEYgt/TkfHUzODPcI/EHvNIITUMGdnYtyIXr+
xWxWHVbk5Abk73a8aigvKxKU4WZC4z7/eAnn/CP+YE2d0brjGV08bvyZmouOsfux
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:59 2024 by rpki-client on console-ams.rpki-client.org