Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/130d77-c4db-485a-bcbf-329cb516d937/1/g5Ifg-TXO3j36p1cmDUuTQdIs_c.roa
File: g5Ifg-TXO3j36p1cmDUuTQdIs_c.roa (raw, json)
Hash identifier: bYSj6nRvRh50s1mj4Yga8StZ6IVM1sKinuoOs8E6WQM=
Subject key identifier: 83:92:1F:83:E4:D7:3B:78:F7:EA:9D:5C:98:35:2E:4D:07:48:B3:F7
Certificate issuer: /CN=8ee717c2aa961aac4503f1b48464df0233ce3fa9
Certificate serial: 01857042AF7E81DD02F18ECD539F5A200904
Authority key identifier: 8E:E7:17:C2:AA:96:1A:AC:45:03:F1:B4:84:64:DF:02:33:CE:3F:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jucXwqqWGqxFA_G0hGTfAjPOP6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/130d77-c4db-485a-bcbf-329cb516d937/1/g5Ifg-TXO3j36p1cmDUuTQdIs_c.roa
Signing time: Mon 02 Jan 2023 02:14:56 +0000
ROA not before: Mon 02 Jan 2023 02:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198024
IP address blocks: 185.116.32.0/22 maxlen: 22
2a06:7b40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:af:7e:81:dd:02:f1:8e:cd:53:9f:5a:20:09:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ee717c2aa961aac4503f1b48464df0233ce3fa9
Validity
Not Before: Jan 2 02:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83921f83e4d73b78f7ea9d5c98352e4d0748b3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:76:91:4c:14:b6:e4:95:37:65:9a:a1:d5:fa:
bf:a2:68:d3:d6:96:a0:75:ac:5c:6b:d1:55:63:24:
81:0d:bc:77:66:f2:a1:95:61:52:4a:1e:62:99:30:
a0:de:9b:bd:7b:4e:39:c8:ee:4e:84:32:cf:52:b4:
81:b6:30:e7:d3:8e:6f:80:1f:84:04:a9:a2:92:88:
df:c3:2f:9a:dc:98:91:7b:27:c9:32:ff:73:73:2f:
9c:f9:2b:e9:2f:a3:65:4d:1f:7a:4f:f9:9c:88:e4:
e9:84:63:4a:ad:ce:25:b6:20:12:90:67:6d:23:8d:
19:8e:6f:15:71:3e:a3:ab:12:01:31:91:95:3b:30:
b2:d1:ea:05:9e:f2:14:44:02:fb:4c:32:11:30:e4:
c9:af:dc:20:04:5c:ab:de:dc:6b:20:ca:71:ae:73:
65:18:ff:c2:c8:51:f2:47:bb:99:cc:80:bf:a2:24:
d2:0c:e9:59:b6:49:90:05:73:0c:7d:b5:07:13:53:
2b:b1:39:eb:e4:c8:29:bd:14:82:9b:6e:04:00:80:
d9:85:4f:09:a8:20:52:11:d4:79:b3:1e:62:e5:ba:
ed:a2:61:52:16:2b:8a:ae:e3:2e:d9:57:a2:e2:fa:
90:06:4c:fb:4d:92:74:6f:fa:bf:57:c0:50:fb:e4:
8c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:92:1F:83:E4:D7:3B:78:F7:EA:9D:5C:98:35:2E:4D:07:48:B3:F7
X509v3 Authority Key Identifier:
keyid:8E:E7:17:C2:AA:96:1A:AC:45:03:F1:B4:84:64:DF:02:33:CE:3F:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jucXwqqWGqxFA_G0hGTfAjPOP6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/130d77-c4db-485a-bcbf-329cb516d937/1/g5Ifg-TXO3j36p1cmDUuTQdIs_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/130d77-c4db-485a-bcbf-329cb516d937/1/jucXwqqWGqxFA_G0hGTfAjPOP6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.32.0/22
IPv6:
2a06:7b40::/29
Signature Algorithm: sha256WithRSAEncryption
7d:b3:9b:49:9a:0d:24:d1:49:9c:f6:44:dc:c3:6f:1d:4a:37:
d8:51:17:0a:d6:60:51:41:cd:55:38:a0:68:e5:2f:02:ad:e3:
17:50:fc:d2:78:b2:a5:00:40:81:a1:01:92:c6:31:79:4f:31:
b8:47:f5:c2:cb:b9:c2:b5:27:61:df:53:29:af:6d:57:ab:5e:
61:b2:18:cf:42:b0:90:c3:cb:b2:26:c3:6b:61:28:58:66:d3:
2e:25:c4:27:37:69:d8:66:29:5f:b6:27:7f:2b:7a:85:6a:a3:
7e:b2:0d:31:d4:ed:6c:3b:5d:35:c2:62:cb:57:b4:91:23:ba:
55:fa:17:1c:ef:1e:94:6f:a7:ff:44:d1:10:7f:63:99:a2:ef:
4d:ea:62:25:c5:7c:98:89:d5:7a:75:9f:62:5b:6c:d1:14:21:
fd:d4:ed:a7:9e:30:55:a6:9e:a0:9d:2c:16:9e:b5:e0:f7:72:
d3:c2:49:f4:9e:c4:c5:f7:9d:89:0a:f8:e3:16:6d:37:d8:e3:
d7:e1:23:32:72:76:7a:f1:a1:b8:69:6d:7e:70:7e:de:76:5f:
4b:5f:75:5d:ab:7d:b9:1a:ab:4b:d2:5c:51:21:67:54:af:66:
ce:5d:15:fc:0c:d8:e5:d0:3a:d0:46:07:f1:ea:b5:6e:a7:61:
6e:4c:8d:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwQq9+gd0C8Y7NU59aIAkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZTcxN2MyYWE5NjFhYWM0NTAzZjFiNDg0NjRkZjAyMzNj
ZTNmYTkwHhcNMjMwMTAyMDIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzkyMWY4M2U0ZDczYjc4ZjdlYTlkNWM5ODM1MmU0ZDA3NDhiM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknaRTBS25JU3ZZqh1fq/omjT1pag
daxca9FVYySBDbx3ZvKhlWFSSh5imTCg3pu9e045yO5OhDLPUrSBtjDn045vgB+E
BKmikojfwy+a3JiReyfJMv9zcy+c+SvpL6NlTR96T/mciOTphGNKrc4ltiASkGdt
I40Zjm8VcT6jqxIBMZGVOzCy0eoFnvIURAL7TDIRMOTJr9wgBFyr3txrIMpxrnNl
GP/CyFHyR7uZzIC/oiTSDOlZtkmQBXMMfbUHE1MrsTnr5MgpvRSCm24EAIDZhU8J
qCBSEdR5sx5i5brtomFSFiuKruMu2Vei4vqQBkz7TZJ0b/q/V8BQ++SMlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIOSH4Pk1zt49+qdXJg1Lk0HSLP3MB8GA1UdIwQY
MBaAFI7nF8KqlhqsRQPxtIRk3wIzzj+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanVjWHdxcVdHcXhGQV9HMGhHVGZBalBPUDZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8xMzBkNzctYzRkYi00ODVhLWJjYmYt
MzI5Y2I1MTZkOTM3LzEvZzVJZmctVFhPM2ozNnAxY21EVXVUUWRJc19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8xMzBkNzctYzRkYi00ODVhLWJjYmYtMzI5Y2I1MTZkOTM3
LzEvanVjWHdxcVdHcXhGQV9HMGhHVGZBalBPUDZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXQgMA0E
AgACMAcDBQMqBntAMA0GCSqGSIb3DQEBCwUAA4IBAQB9s5tJmg0k0Umc9kTcw28d
SjfYURcK1mBRQc1VOKBo5S8CreMXUPzSeLKlAECBoQGSxjF5TzG4R/XCy7nCtSdh
31Mpr21Xq15hshjPQrCQw8uyJsNrYShYZtMuJcQnN2nYZilftid/K3qFaqN+sg0x
1O1sO101wmLLV7SRI7pV+hcc7x6Ub6f/RNEQf2OZou9N6mIlxXyYidV6dZ9iW2zR
FCH91O2nnjBVpp6gnSwWnrXg93LTwkn0nsTF952JCvjjFm032OPX4SMycnZ68aG4
aW1+cH7edl9LX3Vdq325GqtL0lxRIWdUr2bOXRX8DNjl0DrQRgfx6rVup2FuTI2e
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:14 2024 by rpki-client on console-ams.rpki-client.org