Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/oA4IOKisK7HjBhTvDIM2nSUwt38.roa
File: oA4IOKisK7HjBhTvDIM2nSUwt38.roa (raw, json)
Hash identifier: YMAcOmUIkjn5dVRi+abVamMMOmzxO16M+zAJHZpQPGc=
Subject key identifier: A0:0E:08:38:A8:AC:2B:B1:E3:06:14:EF:0C:83:36:9D:25:30:B7:7F
Certificate issuer: /CN=3787b324b0d32fb1a3678b02c482286d4c26ba0f
Certificate serial: 018776C604A69D9B06869F4F3FB60DED6588
Authority key identifier: 37:87:B3:24:B0:D3:2F:B1:A3:67:8B:02:C4:82:28:6D:4C:26:BA:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4ezJLDTL7GjZ4sCxIIobUwmug8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/oA4IOKisK7HjBhTvDIM2nSUwt38.roa
Signing time: Wed 12 Apr 2023 18:41:41 +0000
ROA not before: Wed 12 Apr 2023 18:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205315
IP address blocks: 185.222.116.0/24 maxlen: 24
2a0c:3800:ff::/48 maxlen: 48
2a0c:3800::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:c6:04:a6:9d:9b:06:86:9f:4f:3f:b6:0d:ed:65:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3787b324b0d32fb1a3678b02c482286d4c26ba0f
Validity
Not Before: Apr 12 18:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a00e0838a8ac2bb1e30614ef0c83369d2530b77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a5:52:a3:65:7d:28:65:8e:37:40:c7:fa:a0:
a4:ea:65:c2:9c:01:c8:65:e8:2e:90:f1:eb:f1:c0:
ce:3c:2b:ce:bc:08:c2:ff:f6:16:e1:3f:e5:58:e1:
6b:06:13:27:75:4d:af:7a:e6:10:e6:32:13:09:cf:
f2:57:50:c5:b7:64:d4:0e:51:e3:a6:7b:43:1c:70:
bd:19:af:fb:f4:2f:fa:a0:68:06:21:a7:69:fe:d0:
fb:77:c6:04:2b:00:0d:86:f0:95:5a:67:a9:3a:ed:
e1:f6:39:77:44:f0:4e:59:49:ef:65:67:8e:d9:ad:
17:ba:b4:c2:cb:d1:f7:0d:d9:06:db:93:60:da:15:
49:70:d3:97:dc:4a:72:98:21:8a:ac:19:d9:75:9c:
10:08:27:f3:2f:08:f5:52:49:c1:8a:92:52:65:2c:
c5:75:e2:da:b6:4a:8c:6b:26:f4:00:76:af:5c:0b:
d9:6b:78:89:b7:86:4d:c5:7c:a2:c5:f4:df:16:01:
4f:0d:18:be:53:f6:fe:d8:93:77:37:f2:82:c9:df:
c6:2d:61:2b:db:10:cc:09:ea:43:a6:99:d0:89:00:
22:4a:eb:b0:d9:e7:a3:5a:8e:3f:d9:38:45:e0:48:
04:98:e2:0e:9c:b5:97:da:f2:4b:ca:5a:e4:2d:7d:
e5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0E:08:38:A8:AC:2B:B1:E3:06:14:EF:0C:83:36:9D:25:30:B7:7F
X509v3 Authority Key Identifier:
keyid:37:87:B3:24:B0:D3:2F:B1:A3:67:8B:02:C4:82:28:6D:4C:26:BA:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4ezJLDTL7GjZ4sCxIIobUwmug8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/oA4IOKisK7HjBhTvDIM2nSUwt38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/N4ezJLDTL7GjZ4sCxIIobUwmug8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.116.0/24
IPv6:
2a0c:3800::/40
Signature Algorithm: sha256WithRSAEncryption
36:9e:dd:e3:2f:c2:32:5d:83:da:dc:1e:c2:a6:1d:7b:45:e4:
27:91:0c:ef:9f:d9:b8:84:cf:0e:bf:77:75:7b:06:a6:6f:77:
f8:39:e5:f9:c8:33:6a:83:42:7f:7f:24:7a:ca:44:57:01:26:
bc:97:97:49:18:42:18:0a:27:71:4e:02:38:49:fb:ec:e1:93:
5c:b0:15:3f:7b:1d:68:74:5a:37:ab:98:3a:0e:4f:d1:9f:b8:
dc:6b:36:10:54:ed:b4:e1:74:ff:47:5b:b5:46:63:f6:c0:ca:
ae:98:ec:07:8d:12:cb:c5:70:c4:5e:70:d1:ae:0b:4c:b0:08:
7f:67:bb:ca:32:ef:d7:cf:8e:a2:15:96:15:8d:6a:46:8f:d4:
75:46:ee:2e:ef:65:61:9d:b9:0c:6f:a0:64:52:f6:5d:29:05:
8e:62:43:01:07:02:31:fc:19:e1:1e:97:10:3e:b7:bb:cd:75:
2a:b7:43:0a:c7:f6:07:43:de:69:d9:74:2d:82:72:ca:aa:ad:
74:35:9b:81:9c:6e:57:ce:a9:cc:d7:2c:ca:ff:f4:41:3b:5d:
b5:c9:cd:ea:18:4f:a0:64:76:3d:cf:fa:1f:68:49:2d:58:28:
5d:74:c9:6f:0c:d9:8c:7c:a1:74:13:79:62:22:18:e7:62:9f:
30:11:98:73
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYd2xgSmnZsGhp9PP7YN7WWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ODdiMzI0YjBkMzJmYjFhMzY3OGIwMmM0ODIyODZkNGMy
NmJhMGYwHhcNMjMwNDEyMTg0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDBlMDgzOGE4YWMyYmIxZTMwNjE0ZWYwYzgzMzY5ZDI1MzBiNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaVSo2V9KGWON0DH+qCk6mXCnAHI
ZegukPHr8cDOPCvOvAjC//YW4T/lWOFrBhMndU2veuYQ5jITCc/yV1DFt2TUDlHj
pntDHHC9Ga/79C/6oGgGIadp/tD7d8YEKwANhvCVWmepOu3h9jl3RPBOWUnvZWeO
2a0XurTCy9H3DdkG25Ng2hVJcNOX3EpymCGKrBnZdZwQCCfzLwj1UknBipJSZSzF
deLatkqMayb0AHavXAvZa3iJt4ZNxXyixfTfFgFPDRi+U/b+2JN3N/KCyd/GLWEr
2xDMCepDppnQiQAiSuuw2eejWo4/2ThF4EgEmOIOnLWX2vJLylrkLX3l9wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKAOCDiorCux4wYU7wyDNp0lMLd/MB8GA1UdIwQY
MBaAFDeHsySw0y+xo2eLAsSCKG1MJroPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjRlekpMRFRMN0dqWjRzQ3hJSW9iVXdtdWc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82MDIyNDQtNzY5OS00MTAzLWJjN2Ut
YzQ3MTE0ODIzODBlLzEvb0E0SU9LaXNLN0hqQmhUdkRJTTJuU1V3dDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82MDIyNDQtNzY5OS00MTAzLWJjN2UtYzQ3MTE0ODIzODBl
LzEvTjRlekpMRFRMN0dqWjRzQ3hJSW9iVXdtdWc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAud50MA4E
AgACMAgDBgAqDDgAADANBgkqhkiG9w0BAQsFAAOCAQEANp7d4y/CMl2D2twewqYd
e0XkJ5EM75/ZuITPDr93dXsGpm93+Dnl+cgzaoNCf38kespEVwEmvJeXSRhCGAon
cU4COEn77OGTXLAVP3sdaHRaN6uYOg5P0Z+43Gs2EFTttOF0/0dbtUZj9sDKrpjs
B40Sy8VwxF5w0a4LTLAIf2e7yjLv18+OohWWFY1qRo/UdUbuLu9lYZ25DG+gZFL2
XSkFjmJDAQcCMfwZ4R6XED63u811KrdDCsf2B0Peadl0LYJyyqqtdDWbgZxuV86p
zNcsyv/0QTtdtcnN6hhPoGR2Pc/6H2hJLVgoXXTJbwzZjHyhdBN5YiIY52KfMBGY
cw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:46 2024 by rpki-client on console-ams.rpki-client.org