Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/arKx-KIgjIW4BnyZPmXzQByMJhI.roa
File: arKx-KIgjIW4BnyZPmXzQByMJhI.roa (raw, json)
Hash identifier: uaivK5o5ZpIs9h1UcC5Ygy+AIEnajdtRahwwQf/VFVg=
Subject key identifier: 6A:B2:B1:F8:A2:20:8C:85:B8:06:7C:99:3E:65:F3:40:1C:8C:26:12
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 018570DE65E28DC69A8747531907B0526B0F
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/arKx-KIgjIW4BnyZPmXzQByMJhI.roa
Signing time: Mon 02 Jan 2023 05:05:01 +0000
ROA not before: Mon 02 Jan 2023 05:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203954
IP address blocks: 185.118.240.0/24 maxlen: 24
2a06:9681::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:65:e2:8d:c6:9a:87:47:53:19:07:b0:52:6b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 2 05:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ab2b1f8a2208c85b8067c993e65f3401c8c2612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ec:54:0b:20:8e:7b:2b:0d:6f:b0:e9:24:f2:
a9:c5:49:02:fd:96:99:8a:e9:3f:7f:3d:6d:8a:81:
c4:b8:8b:e8:7f:b4:67:7e:16:de:1b:91:a3:97:03:
9f:0e:9f:8f:b9:67:1c:61:db:23:c5:a3:c7:a7:4d:
00:79:ff:fa:88:1e:cb:38:1a:22:84:aa:5b:ed:69:
01:46:0a:5e:12:29:c3:dc:31:e3:83:96:af:9e:a9:
7c:ad:25:6a:3b:62:25:76:e2:27:90:34:6f:d2:b1:
21:d2:22:61:41:4d:a8:af:34:07:94:25:e6:9a:1e:
e0:23:1a:0c:48:52:73:4b:a6:60:ae:41:3f:18:ca:
71:14:08:3c:78:ac:62:db:f6:93:dc:a0:05:22:08:
5a:8a:7f:fc:89:07:b6:a5:82:90:a5:0f:40:e9:d9:
2e:64:d0:5b:e5:62:d0:12:b4:8a:8b:92:57:24:ce:
b8:01:d0:9c:f5:1c:0b:90:0d:2e:82:71:61:21:5a:
0a:2a:2d:ae:cd:5f:c6:2e:e0:ee:eb:44:cc:42:1c:
9a:9e:2a:8b:e1:90:dc:6e:57:c7:65:58:25:85:24:
31:fd:ae:06:c3:c4:7c:9e:0c:5d:2a:eb:9f:bc:19:
a9:42:fa:57:3e:44:52:b1:8d:1b:a1:38:28:d2:b6:
3b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B2:B1:F8:A2:20:8C:85:B8:06:7C:99:3E:65:F3:40:1C:8C:26:12
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/arKx-KIgjIW4BnyZPmXzQByMJhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.240.0/24
IPv6:
2a06:9681::/32
Signature Algorithm: sha256WithRSAEncryption
82:8d:b8:9a:6e:ae:bb:22:cb:bf:a8:e8:a3:d3:8b:71:d0:e3:
01:b1:66:b7:32:ff:b5:b5:77:cd:24:1f:35:05:ea:ed:30:f2:
58:69:39:f7:d5:9a:d1:3c:17:81:c2:e0:66:b4:ed:eb:5e:40:
48:ae:04:14:90:3c:5c:a3:b7:93:f6:8e:31:4b:52:29:98:f0:
2d:f7:1f:4f:8c:8e:3c:a7:9f:e4:a1:20:ca:b1:50:ac:ce:17:
6c:40:fe:cf:04:1d:1a:33:2e:ab:0d:b5:5b:77:5d:52:7e:c6:
d8:60:84:d6:f2:c6:b9:a6:3e:8a:31:9b:ea:5a:bd:b6:a0:f5:
f8:08:60:7c:df:87:8a:92:80:ca:ad:d4:d9:cd:b6:69:30:39:
22:c6:a6:56:07:25:cd:05:93:b8:da:57:45:4b:4b:94:10:df:
62:c7:26:c0:32:a7:ab:84:df:a3:f2:da:92:42:bd:a6:20:ba:
ab:91:b9:0f:f7:98:82:3f:bf:7f:44:9d:15:f2:71:db:fc:ca:
97:b9:97:74:2c:77:d1:f7:81:d8:75:22:43:c1:2a:d7:21:8f:
50:5a:d3:11:3d:a3:0d:88:03:f5:b3:3e:52:33:cc:8a:9f:f2:
17:1c:f2:ed:7a:20:f7:1f:4d:be:e1:7e:23:da:4b:8d:16:6a:
53:06:73:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw3mXijcaah0dTGQewUmsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjMwMTAyMDUwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWIyYjFmOGEyMjA4Yzg1YjgwNjdjOTkzZTY1ZjM0MDFjOGMyNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuxUCyCOeysNb7DpJPKpxUkC/ZaZ
iuk/fz1tioHEuIvof7RnfhbeG5GjlwOfDp+PuWccYdsjxaPHp00Aef/6iB7LOBoi
hKpb7WkBRgpeEinD3DHjg5avnql8rSVqO2IlduInkDRv0rEh0iJhQU2orzQHlCXm
mh7gIxoMSFJzS6ZgrkE/GMpxFAg8eKxi2/aT3KAFIghain/8iQe2pYKQpQ9A6dku
ZNBb5WLQErSKi5JXJM64AdCc9RwLkA0ugnFhIVoKKi2uzV/GLuDu60TMQhyaniqL
4ZDcblfHZVglhSQx/a4Gw8R8ngxdKuufvBmpQvpXPkRSsY0boTgo0rY7FwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGqysfiiIIyFuAZ8mT5l80AcjCYSMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvYXJLeC1LSWdqSVc0Qm55WlBtWHpRQnlNSmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXbwMA0E
AgACMAcDBQAqBpaBMA0GCSqGSIb3DQEBCwUAA4IBAQCCjbiabq67Isu/qOij04tx
0OMBsWa3Mv+1tXfNJB81BertMPJYaTn31ZrRPBeBwuBmtO3rXkBIrgQUkDxco7eT
9o4xS1IpmPAt9x9PjI48p5/koSDKsVCszhdsQP7PBB0aMy6rDbVbd11SfsbYYITW
8sa5pj6KMZvqWr22oPX4CGB834eKkoDKrdTZzbZpMDkixqZWByXNBZO42ldFS0uU
EN9ixybAMqerhN+j8tqSQr2mILqrkbkP95iCP79/RJ0V8nHb/MqXuZd0LHfR94HY
dSJDwSrXIY9QWtMRPaMNiAP1sz5SM8yKn/IXHPLteiD3H02+4X4j2kuNFmpTBnNR
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:58 2024 by rpki-client on console-fra.rpki-client.org