Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/S_C5RklXHjlkgybMjalxcCY9Rvo.roa
File: S_C5RklXHjlkgybMjalxcCY9Rvo.roa (raw, json)
Hash identifier: Xrk4DQC9hoVx8Zhm4D4hHSTv2Yrw8cuKlSAL8nwvpUQ=
Subject key identifier: 4B:F0:B9:46:49:57:1E:39:64:83:26:CC:8D:A9:71:70:26:3D:46:FA
Certificate issuer: /CN=b7e34f57d007166def4dd881d8f7d5b6ed95e656
Certificate serial: 01857139E1FC6DE85D69038C3813EC314568
Authority key identifier: B7:E3:4F:57:D0:07:16:6D:EF:4D:D8:81:D8:F7:D5:B6:ED:95:E6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t-NPV9AHFm3vTdiB2PfVtu2V5lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/S_C5RklXHjlkgybMjalxcCY9Rvo.roa
Signing time: Mon 02 Jan 2023 06:44:56 +0000
ROA not before: Mon 02 Jan 2023 06:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61157
IP address blocks: 185.171.217.0/24 maxlen: 24
185.171.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:e1:fc:6d:e8:5d:69:03:8c:38:13:ec:31:45:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7e34f57d007166def4dd881d8f7d5b6ed95e656
Validity
Not Before: Jan 2 06:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bf0b94649571e39648326cc8da97170263d46fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f9:ed:b4:bf:93:1f:e1:4d:b7:75:14:cb:34:
71:2e:35:53:5a:1e:49:6f:73:c3:1a:fc:57:4c:f9:
2f:cf:b7:01:d8:0e:d9:08:4c:0d:32:09:19:c4:55:
19:18:d4:61:42:4e:38:e7:66:08:5c:21:20:63:b8:
bc:23:90:c7:92:83:ea:26:08:e3:9a:75:b3:7a:71:
51:cd:82:8b:f8:0b:7a:db:8b:d8:8c:87:26:5e:ca:
db:9b:05:1c:53:31:35:61:10:4b:2a:2e:8a:86:50:
63:46:bf:50:b1:93:86:34:64:fa:c1:78:e1:e3:8c:
19:e7:c1:78:d3:36:fd:93:3a:5b:30:1f:e7:7e:cc:
5f:dc:bc:94:70:e5:f7:6c:c2:66:93:98:1c:1a:da:
50:34:1b:30:18:88:d9:cd:16:b3:a2:a2:66:98:04:
9e:66:0e:ef:b1:85:69:95:de:64:0d:41:36:d4:f2:
f1:f8:1f:0e:41:1a:a8:9f:7f:d1:cf:4f:70:cb:43:
19:5b:84:11:2a:2d:3c:0b:b1:f6:21:8e:21:43:36:
15:7d:9e:f3:49:de:88:a9:cc:9d:31:b9:72:7c:ff:
00:23:6a:1d:8b:d5:4d:2e:d5:33:df:86:0d:29:2c:
24:80:c4:54:b1:7a:67:9a:47:62:c6:de:79:2a:a7:
e5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F0:B9:46:49:57:1E:39:64:83:26:CC:8D:A9:71:70:26:3D:46:FA
X509v3 Authority Key Identifier:
keyid:B7:E3:4F:57:D0:07:16:6D:EF:4D:D8:81:D8:F7:D5:B6:ED:95:E6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t-NPV9AHFm3vTdiB2PfVtu2V5lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/S_C5RklXHjlkgybMjalxcCY9Rvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/t-NPV9AHFm3vTdiB2PfVtu2V5lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.216.0/23
Signature Algorithm: sha256WithRSAEncryption
32:b2:c3:a6:f9:04:e4:b4:ed:63:6a:59:e4:a5:91:96:38:fa:
6b:09:70:74:75:92:7b:c9:a5:bf:50:5b:8b:aa:e8:b5:36:6e:
2f:11:86:b9:a2:0c:d2:76:3f:94:fa:7e:b6:c3:88:8a:99:6b:
59:c0:81:8c:2e:d7:d6:56:04:5f:c1:f4:cc:c7:52:6d:65:43:
5f:2a:40:40:64:38:ef:79:eb:7f:aa:64:a6:df:11:6e:b1:f4:
66:0f:0e:58:a8:93:6c:c9:8e:b0:e4:73:e4:80:0b:b6:f4:ce:
b8:a8:b5:0e:74:da:98:ad:ab:79:70:e8:2c:cc:f9:68:f6:db:
4a:4c:df:c5:35:90:e7:84:c7:8d:ff:ee:04:6a:be:5d:29:dc:
69:bb:d3:77:24:62:f7:eb:d5:37:6b:60:9d:8f:33:8e:7f:dd:
8b:33:ba:1b:5b:38:fb:16:40:18:5e:23:fb:0d:77:5b:7b:68:
32:3c:23:51:35:f6:30:5b:fd:c3:05:9f:1f:62:93:a6:12:19:
ad:63:52:69:13:8a:45:db:5b:dd:f9:46:18:1c:6a:0a:c3:bd:
ea:ca:06:1b:45:76:78:d8:5b:af:41:c0:6f:2e:3e:4e:24:83:
a5:0e:78:a6:e7:39:e1:9f:11:d1:a7:ff:da:7d:60:1c:70:5a:
e6:74:6e:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOeH8behdaQOMOBPsMUVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZTM0ZjU3ZDAwNzE2NmRlZjRkZDg4MWQ4ZjdkNWI2ZWQ5
NWU2NTYwHhcNMjMwMTAyMDY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYwYjk0NjQ5NTcxZTM5NjQ4MzI2Y2M4ZGE5NzE3MDI2M2Q0NmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/nttL+TH+FNt3UUyzRxLjVTWh5J
b3PDGvxXTPkvz7cB2A7ZCEwNMgkZxFUZGNRhQk4452YIXCEgY7i8I5DHkoPqJgjj
mnWzenFRzYKL+At624vYjIcmXsrbmwUcUzE1YRBLKi6KhlBjRr9QsZOGNGT6wXjh
44wZ58F40zb9kzpbMB/nfsxf3LyUcOX3bMJmk5gcGtpQNBswGIjZzRazoqJmmASe
Zg7vsYVpld5kDUE21PLx+B8OQRqon3/Rz09wy0MZW4QRKi08C7H2IY4hQzYVfZ7z
Sd6IqcydMblyfP8AI2odi9VNLtUz34YNKSwkgMRUsXpnmkdixt55KqflYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvwuUZJVx45ZIMmzI2pcXAmPUb6MB8GA1UdIwQY
MBaAFLfjT1fQBxZt703Ygdj31bbtleZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdC1OUFY5QUhGbTN2VGRpQjJQZlZ0dTJWNWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lNWQ1ODAtZWVlOC00NjNlLTg0YTgt
ZWFjY2I4YjQyZGM5LzEvU19DNVJrbFhIamxrZ3liTWphbHhjQ1k5UnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lNWQ1ODAtZWVlOC00NjNlLTg0YTgtZWFjY2I4YjQyZGM5
LzEvdC1OUFY5QUhGbTN2VGRpQjJQZlZ0dTJWNWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuavYMA0G
CSqGSIb3DQEBCwUAA4IBAQAyssOm+QTktO1jalnkpZGWOPprCXB0dZJ7yaW/UFuL
qui1Nm4vEYa5ogzSdj+U+n62w4iKmWtZwIGMLtfWVgRfwfTMx1JtZUNfKkBAZDjv
eet/qmSm3xFusfRmDw5YqJNsyY6w5HPkgAu29M64qLUOdNqYrat5cOgszPlo9ttK
TN/FNZDnhMeN/+4Ear5dKdxpu9N3JGL369U3a2CdjzOOf92LM7obWzj7FkAYXiP7
DXdbe2gyPCNRNfYwW/3DBZ8fYpOmEhmtY1JpE4pF21vd+UYYHGoKw73qygYbRXZ4
2FuvQcBvLj5OJIOlDnim5znhnxHRp//afWAccFrmdG7U
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:29 2024 by rpki-client on console-fra.rpki-client.org