Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/29cb2e-4680-4a36-b0a5-985182001e92/1/DRBLm9thNy0A398vGxxtVjxfdWE.roa
File: DRBLm9thNy0A398vGxxtVjxfdWE.roa (raw, json)
Hash identifier: Ny+WdXGSTlLIy9BWQ2E+WDqnmQfwYHfTseL/ifkimZo=
Subject key identifier: 0D:10:4B:9B:DB:61:37:2D:00:DF:DF:2F:1B:1C:6D:56:3C:5F:75:61
Certificate issuer: /CN=067dcf577654dca17a610b9af4f2ca7421dcbb81
Certificate serial: 01856F14EBE708710B251C58DD15E2D64D19
Authority key identifier: 06:7D:CF:57:76:54:DC:A1:7A:61:0B:9A:F4:F2:CA:74:21:DC:BB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bn3PV3ZU3KF6YQua9PLKdCHcu4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/29cb2e-4680-4a36-b0a5-985182001e92/1/DRBLm9thNy0A398vGxxtVjxfdWE.roa
Signing time: Sun 01 Jan 2023 20:45:20 +0000
ROA not before: Sun 01 Jan 2023 20:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205160
IP address blocks: 185.237.167.0/24 maxlen: 24
2a11:9940::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:eb:e7:08:71:0b:25:1c:58:dd:15:e2:d6:4d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=067dcf577654dca17a610b9af4f2ca7421dcbb81
Validity
Not Before: Jan 1 20:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d104b9bdb61372d00dfdf2f1b1c6d563c5f7561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d3:1a:6a:bd:f0:21:cb:6c:a1:84:f9:1b:dc:
20:7a:3a:25:74:f8:d8:df:2d:77:88:48:70:59:07:
b0:c2:fe:43:d3:b9:e5:82:11:fb:82:78:a1:8e:3c:
66:f9:7c:cb:c8:de:54:c6:46:17:a0:16:16:3b:d4:
2f:de:b9:bf:4c:1c:94:f9:8c:5a:d4:02:fb:f3:76:
67:12:40:79:f3:0e:ec:8a:f4:4c:0c:1b:a4:a5:36:
0a:e1:65:b3:51:74:a9:db:b5:9e:0d:cd:e2:f0:fe:
e5:a9:a2:49:ce:77:99:61:49:19:a1:c5:93:44:b8:
23:5d:32:fa:fe:0a:2e:5e:0a:38:d2:0f:cf:39:ee:
8e:60:f8:a2:c4:f3:02:23:5c:73:a3:30:45:31:94:
00:1b:24:15:8d:9e:73:1a:1b:fe:ae:c8:6f:55:48:
86:ef:56:7b:77:55:ba:10:d9:a2:3d:bd:23:95:d5:
eb:90:ab:81:e6:04:7b:49:61:b7:0d:a3:0e:fd:a1:
e0:01:35:20:68:72:56:ec:46:2c:21:e5:5a:ee:8a:
b5:ea:64:88:c7:82:d8:84:2d:16:13:47:8c:dd:8e:
01:cf:60:13:4c:eb:8e:56:9f:97:cf:bb:cb:27:03:
70:7a:41:65:85:f4:ef:55:04:0a:ab:1e:df:84:c9:
aa:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:10:4B:9B:DB:61:37:2D:00:DF:DF:2F:1B:1C:6D:56:3C:5F:75:61
X509v3 Authority Key Identifier:
keyid:06:7D:CF:57:76:54:DC:A1:7A:61:0B:9A:F4:F2:CA:74:21:DC:BB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bn3PV3ZU3KF6YQua9PLKdCHcu4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/29cb2e-4680-4a36-b0a5-985182001e92/1/DRBLm9thNy0A398vGxxtVjxfdWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/29cb2e-4680-4a36-b0a5-985182001e92/1/Bn3PV3ZU3KF6YQua9PLKdCHcu4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.167.0/24
IPv6:
2a11:9940::/32
Signature Algorithm: sha256WithRSAEncryption
62:2e:6f:f7:3f:09:c2:4b:12:bd:c0:2c:e4:4b:23:82:27:c4:
8c:8e:15:57:fe:01:ff:36:d3:32:1c:62:29:3d:c8:d7:a2:c6:
72:d4:41:40:84:70:a5:fe:2d:f2:b9:36:4c:73:f8:9c:9f:0c:
66:e5:84:8a:49:33:c5:37:b2:c9:8d:5f:eb:90:91:0e:c4:3a:
24:9b:ea:89:f1:68:a3:d3:40:e8:11:c2:7a:ce:bb:c2:f2:6a:
cc:33:5e:ec:68:54:3e:fc:74:e4:66:98:17:c1:77:a2:2c:a3:
04:2b:1d:5c:06:a3:ef:dd:f8:28:81:37:48:79:7d:bd:9e:47:
66:2d:12:7b:dd:5b:4d:fa:d1:e7:a6:19:b3:52:51:fa:a3:19:
66:9a:c1:52:49:a1:6b:8e:60:20:9a:7f:44:8c:56:35:4d:ea:
31:6d:a7:0b:02:71:8a:30:b4:05:42:e6:ee:4d:6f:fb:34:b7:
32:e0:30:ee:db:01:a7:46:fa:41:d2:a6:c4:a8:f0:2d:c7:a3:
88:5e:be:69:9f:3a:0d:8f:f9:b3:44:e3:84:fe:36:68:dc:07:
91:7c:d0:c2:01:6f:f4:d1:e8:df:28:b9:17:bf:53:83:09:8c:
86:d8:8b:d2:7f:5d:53:ab:f5:b3:fa:85:8e:8d:99:9b:97:2c:
21:1e:90:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFOvnCHELJRxY3RXi1k0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2N2RjZjU3NzY1NGRjYTE3YTYxMGI5YWY0ZjJjYTc0MjFk
Y2JiODEwHhcNMjMwMTAxMjA0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDEwNGI5YmRiNjEzNzJkMDBkZmRmMmYxYjFjNmQ1NjNjNWY3NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9Maar3wIctsoYT5G9wgejoldPjY
3y13iEhwWQewwv5D07nlghH7gnihjjxm+XzLyN5UxkYXoBYWO9Qv3rm/TByU+Yxa
1AL783ZnEkB58w7sivRMDBukpTYK4WWzUXSp27WeDc3i8P7lqaJJzneZYUkZocWT
RLgjXTL6/gouXgo40g/POe6OYPiixPMCI1xzozBFMZQAGyQVjZ5zGhv+rshvVUiG
71Z7d1W6ENmiPb0jldXrkKuB5gR7SWG3DaMO/aHgATUgaHJW7EYsIeVa7oq16mSI
x4LYhC0WE0eM3Y4Bz2ATTOuOVp+Xz7vLJwNwekFlhfTvVQQKqx7fhMmq7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA0QS5vbYTctAN/fLxscbVY8X3VhMB8GA1UdIwQY
MBaAFAZ9z1d2VNyhemELmvTyynQh3LuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm4zUFYzWlUzS0Y2WVF1YTlQTEtkQ0hjdTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8yOWNiMmUtNDY4MC00YTM2LWIwYTUt
OTg1MTgyMDAxZTkyLzEvRFJCTG05dGhOeTBBMzk4dkd4eHRWanhmZFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8yOWNiMmUtNDY4MC00YTM2LWIwYTUtOTg1MTgyMDAxZTky
LzEvQm4zUFYzWlUzS0Y2WVF1YTlQTEtkQ0hjdTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAue2nMA0E
AgACMAcDBQAqEZlAMA0GCSqGSIb3DQEBCwUAA4IBAQBiLm/3PwnCSxK9wCzkSyOC
J8SMjhVX/gH/NtMyHGIpPcjXosZy1EFAhHCl/i3yuTZMc/icnwxm5YSKSTPFN7LJ
jV/rkJEOxDokm+qJ8Wij00DoEcJ6zrvC8mrMM17saFQ+/HTkZpgXwXeiLKMEKx1c
BqPv3fgogTdIeX29nkdmLRJ73VtN+tHnphmzUlH6oxlmmsFSSaFrjmAgmn9EjFY1
TeoxbacLAnGKMLQFQubuTW/7NLcy4DDu2wGnRvpB0qbEqPAtx6OIXr5pnzoNj/mz
ROOE/jZo3AeRfNDCAW/00ejfKLkXv1ODCYyG2IvSf11Tq/Wz+oWOjZmblywhHpCf
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:43 2024 by rpki-client on console-ams.rpki-client.org