Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/avl_2heEMhvkTzH_xC3hX6PUXRs.roa
File: avl_2heEMhvkTzH_xC3hX6PUXRs.roa (raw, json)
Hash identifier: VBwoh+ezaboebcz5ECieXxijd0CxhVIDuIRJ0YfiNIo=
Subject key identifier: 6A:F9:7F:DA:17:84:32:1B:E4:4F:31:FF:C4:2D:E1:5F:A3:D4:5D:1B
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018570671F4D0A96BB72C5029D0BB2156558
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/avl_2heEMhvkTzH_xC3hX6PUXRs.roa
Signing time: Mon 02 Jan 2023 02:54:44 +0000
ROA not before: Mon 02 Jan 2023 02:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56503
IP address blocks: 185.177.234.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:1f:4d:0a:96:bb:72:c5:02:9d:0b:b2:15:65:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 2 02:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6af97fda1784321be44f31ffc42de15fa3d45d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:36:50:da:32:59:75:60:88:1b:e0:23:71:6b:
56:8a:d6:6a:4c:d5:87:9c:66:db:e1:e3:73:1c:5b:
14:a7:64:f1:7f:2c:51:b8:36:b8:9a:8e:0d:5d:67:
38:fc:7c:96:7a:5d:9d:af:44:7d:9c:0f:37:00:95:
2f:07:72:45:a0:64:38:ca:db:a9:1b:59:75:b4:16:
79:45:e5:9f:7d:45:2a:75:bb:81:0c:01:c8:3d:7f:
ca:d9:3a:79:73:6b:d8:a1:10:8d:ce:d9:8a:5e:7f:
59:28:95:d8:d0:d1:ab:75:5b:9e:d9:8d:9b:bb:b2:
87:9d:47:32:fc:8d:a5:de:c7:0c:97:c8:76:6c:d3:
33:ac:36:52:a3:f7:cb:3e:c8:81:39:b9:f0:1a:5c:
66:b6:24:96:ec:23:9d:a7:10:92:50:0d:5b:77:e6:
51:e3:04:c5:ea:53:59:62:c2:8b:e2:09:87:e4:0b:
70:60:34:ce:a9:9b:3f:c9:10:8f:bd:f2:b1:4f:7d:
58:38:95:00:f3:ad:5c:cc:bd:c2:e4:ee:c3:04:95:
7b:c7:a3:27:b1:08:39:ba:0f:cf:b5:31:08:20:df:
af:d1:43:36:5e:a8:a2:6e:2b:d7:2a:fb:15:1e:42:
8c:07:e1:cf:e6:6f:49:fa:7d:4b:34:44:4a:36:0f:
fa:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F9:7F:DA:17:84:32:1B:E4:4F:31:FF:C4:2D:E1:5F:A3:D4:5D:1B
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/avl_2heEMhvkTzH_xC3hX6PUXRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.234.0/23
Signature Algorithm: sha256WithRSAEncryption
39:a9:41:c0:39:47:65:2c:ec:fe:ff:33:1a:dc:61:12:fb:21:
d5:2d:72:a8:1d:85:d2:82:a6:83:91:2b:f1:f1:0c:90:74:3f:
20:0a:2a:3d:71:b1:a0:86:0f:92:ed:1d:07:af:2d:1b:2b:13:
34:85:3a:9b:6e:62:6d:aa:3a:f3:08:52:43:1d:76:72:ca:2b:
f0:92:fc:97:3f:19:e3:05:3d:6c:66:41:35:c9:a9:a4:ee:2f:
d3:90:ad:e6:16:25:ac:a6:86:ef:e4:60:10:fe:5d:fa:e5:a9:
97:69:93:93:27:6c:d7:a5:a4:9c:c5:d5:60:eb:00:3c:18:aa:
38:b3:1a:51:fa:c5:45:32:b1:be:48:87:be:40:23:60:08:19:
32:d9:09:2a:22:63:65:da:42:75:7e:4e:1a:83:10:15:dd:26:
b1:c9:0c:f7:c1:57:37:a5:73:c0:6b:6c:aa:19:3f:bc:7f:fe:
6b:59:e8:5d:05:7e:3c:fc:81:2d:61:0a:e0:77:83:e3:b3:10:
c4:79:bc:28:a1:bc:a2:7d:a2:c8:d3:4a:f6:e1:84:63:96:47:
8f:54:70:1c:75:d2:33:48:d7:e0:77:7f:b4:09:a4:dd:4f:62:
43:7e:41:d7:7a:c0:f6:c3:8f:b2:b7:bf:b1:8e:e2:3f:bb:0b:
60:10:ea:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZx9NCpa7csUCnQuyFWVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY5N2ZkYTE3ODQzMjFiZTQ0ZjMxZmZjNDJkZTE1ZmEzZDQ1ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTZQ2jJZdWCIG+AjcWtWitZqTNWH
nGbb4eNzHFsUp2TxfyxRuDa4mo4NXWc4/HyWel2dr0R9nA83AJUvB3JFoGQ4ytup
G1l1tBZ5ReWffUUqdbuBDAHIPX/K2Tp5c2vYoRCNztmKXn9ZKJXY0NGrdVue2Y2b
u7KHnUcy/I2l3scMl8h2bNMzrDZSo/fLPsiBObnwGlxmtiSW7COdpxCSUA1bd+ZR
4wTF6lNZYsKL4gmH5AtwYDTOqZs/yRCPvfKxT31YOJUA861czL3C5O7DBJV7x6Mn
sQg5ug/PtTEIIN+v0UM2XqiibivXKvsVHkKMB+HP5m9J+n1LNERKNg/6NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGr5f9oXhDIb5E8x/8Qt4V+j1F0bMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvYXZsXzJoZUVNaHZrVHpIX3hDM2hYNlBVWFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBubHqMA0G
CSqGSIb3DQEBCwUAA4IBAQA5qUHAOUdlLOz+/zMa3GES+yHVLXKoHYXSgqaDkSvx
8QyQdD8gCio9cbGghg+S7R0Hry0bKxM0hTqbbmJtqjrzCFJDHXZyyivwkvyXPxnj
BT1sZkE1yamk7i/TkK3mFiWspobv5GAQ/l365amXaZOTJ2zXpaScxdVg6wA8GKo4
sxpR+sVFMrG+SIe+QCNgCBky2QkqImNl2kJ1fk4agxAV3SaxyQz3wVc3pXPAa2yq
GT+8f/5rWehdBX48/IEtYQrgd4PjsxDEebwoobyifaLI00r24YRjlkePVHAcddIz
SNfgd3+0CaTdT2JDfkHXesD2w4+yt7+xjuI/uwtgEOqm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org