Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/awzhqxrjDAoqoYeKOBrfltV2KE0.roa
File: awzhqxrjDAoqoYeKOBrfltV2KE0.roa (raw, json)
Hash identifier: 2Jx/dOBsPvqbcMptwdkXQ+/hzcpV8y6Xo4etGqXY+zw=
Subject key identifier: 6B:0C:E1:AB:1A:E3:0C:0A:2A:A1:87:8A:38:1A:DF:96:D5:76:28:4D
Certificate issuer: /CN=232af36b9c079da091827da3d07c9c8a5236cb54
Certificate serial: 018572BA591FFE378B653AC87EF4765F6892
Authority key identifier: 23:2A:F3:6B:9C:07:9D:A0:91:82:7D:A3:D0:7C:9C:8A:52:36:CB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyrza5wHnaCRgn2j0HycilI2y1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/awzhqxrjDAoqoYeKOBrfltV2KE0.roa
Signing time: Mon 02 Jan 2023 13:44:53 +0000
ROA not before: Mon 02 Jan 2023 13:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200984
IP address blocks: 185.89.180.0/22 maxlen: 24
2a05:da00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:59:1f:fe:37:8b:65:3a:c8:7e:f4:76:5f:68:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232af36b9c079da091827da3d07c9c8a5236cb54
Validity
Not Before: Jan 2 13:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b0ce1ab1ae30c0a2aa1878a381adf96d576284d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1c:1f:e3:ce:14:c7:ba:d3:1a:72:96:65:63:
7f:9a:ad:48:5f:0c:b3:04:4d:81:53:43:01:e0:00:
cb:e8:59:8b:52:02:dd:49:b8:8c:94:13:77:a9:99:
07:97:75:b1:a5:70:76:e0:eb:13:8c:93:49:d3:59:
fb:06:38:ca:c1:52:c6:7a:d2:55:e6:a7:c5:05:aa:
60:9a:86:85:af:10:26:0b:e1:81:65:27:5e:e5:7c:
96:11:d0:07:3f:7e:78:8b:ad:56:69:9b:fa:3a:0e:
ba:0d:f2:f3:a0:1f:a7:f6:c5:dc:0c:c8:04:e9:c3:
fe:25:3a:79:f2:66:f5:ba:49:ad:fd:25:20:b7:a1:
ed:2d:12:a0:87:61:64:ce:81:57:4e:c7:5a:c5:1a:
f2:37:8f:53:08:2c:30:0e:3c:64:75:e7:3d:f2:d8:
bc:f2:7f:78:c8:94:73:bf:78:50:2b:ba:14:85:a6:
ae:cc:bd:ea:bb:c1:a0:cb:e8:ea:e8:18:83:16:fd:
65:c9:c1:89:7f:97:fa:59:06:54:06:41:99:22:c7:
6c:24:52:37:b7:78:48:db:50:5d:61:f2:20:7f:ef:
9b:63:50:04:c4:64:ad:ad:57:31:dc:71:02:de:87:
75:ca:d4:91:4f:48:f4:d7:13:d8:1f:35:05:7a:ee:
a3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:0C:E1:AB:1A:E3:0C:0A:2A:A1:87:8A:38:1A:DF:96:D5:76:28:4D
X509v3 Authority Key Identifier:
keyid:23:2A:F3:6B:9C:07:9D:A0:91:82:7D:A3:D0:7C:9C:8A:52:36:CB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyrza5wHnaCRgn2j0HycilI2y1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/awzhqxrjDAoqoYeKOBrfltV2KE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/Iyrza5wHnaCRgn2j0HycilI2y1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.180.0/22
IPv6:
2a05:da00::/29
Signature Algorithm: sha256WithRSAEncryption
26:1b:7b:24:d7:3f:d6:5d:6f:43:82:67:90:ee:7f:3f:c7:70:
ad:30:d5:b3:90:1e:56:8d:54:98:32:0b:9e:04:2b:02:62:c9:
a7:0c:b7:e2:60:cc:16:02:d1:7e:91:b1:16:6c:b9:d1:e2:f2:
e3:dd:7e:00:27:35:6f:c6:b9:59:e1:22:78:e3:2d:8e:24:81:
e1:28:f9:48:d8:c0:3c:97:3d:34:dd:38:77:27:50:f8:86:24:
ee:9d:6e:99:6f:9e:3b:c1:f9:1e:54:84:01:51:6c:5a:d0:87:
e0:73:78:45:8d:17:3a:6e:50:bf:1b:e5:97:c5:ee:a7:d5:89:
a0:7a:07:67:28:5c:b2:6e:5c:7b:37:dd:75:a7:eb:5f:39:a1:
3b:ea:3f:1c:c4:92:ec:c2:e4:3e:06:b8:bb:7d:79:40:38:d6:
51:11:0c:81:b2:ed:5e:75:98:3c:61:85:bb:c5:15:85:d8:0b:
26:f5:3a:cb:12:53:1e:61:c8:05:aa:98:39:72:bb:89:0f:66:
b9:45:03:8b:f7:21:58:ab:34:38:86:35:80:e9:3e:82:2e:27:
3c:eb:33:6f:f6:6b:ec:f2:60:29:af:1d:1b:69:2b:93:02:ef:
67:0d:c7:8c:e2:d6:23:83:65:af:53:e9:f6:ff:58:e7:f3:47:
4d:53:5b:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyulkf/jeLZTrIfvR2X2iSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMmFmMzZiOWMwNzlkYTA5MTgyN2RhM2QwN2M5YzhhNTIz
NmNiNTQwHhcNMjMwMTAyMTM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjBjZTFhYjFhZTMwYzBhMmFhMTg3OGEzODFhZGY5NmQ1NzYyODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBwf484Ux7rTGnKWZWN/mq1IXwyz
BE2BU0MB4ADL6FmLUgLdSbiMlBN3qZkHl3WxpXB24OsTjJNJ01n7BjjKwVLGetJV
5qfFBapgmoaFrxAmC+GBZSde5XyWEdAHP354i61WaZv6Og66DfLzoB+n9sXcDMgE
6cP+JTp58mb1ukmt/SUgt6HtLRKgh2FkzoFXTsdaxRryN49TCCwwDjxkdec98ti8
8n94yJRzv3hQK7oUhaauzL3qu8Ggy+jq6BiDFv1lycGJf5f6WQZUBkGZIsdsJFI3
t3hI21BdYfIgf++bY1AExGStrVcx3HEC3od1ytSRT0j01xPYHzUFeu6j8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGsM4asa4wwKKqGHijga35bVdihNMB8GA1UdIwQY
MBaAFCMq82ucB52gkYJ9o9B8nIpSNstUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlyemE1d0huYUNSZ24yajBIeWNpbEkyeTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jMmZkMzMtZmQ0NC00ZTA4LWI0MjQt
YWExMDQ1MjIwYjViLzEvYXd6aHF4cmpEQW9xb1llS09CcmZsdFYyS0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jMmZkMzMtZmQ0NC00ZTA4LWI0MjQtYWExMDQ1MjIwYjVi
LzEvSXlyemE1d0huYUNSZ24yajBIeWNpbEkyeTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVm0MA0E
AgACMAcDBQMqBdoAMA0GCSqGSIb3DQEBCwUAA4IBAQAmG3sk1z/WXW9DgmeQ7n8/
x3CtMNWzkB5WjVSYMgueBCsCYsmnDLfiYMwWAtF+kbEWbLnR4vLj3X4AJzVvxrlZ
4SJ44y2OJIHhKPlI2MA8lz003Th3J1D4hiTunW6Zb547wfkeVIQBUWxa0Ifgc3hF
jRc6blC/G+WXxe6n1YmgegdnKFyyblx7N911p+tfOaE76j8cxJLswuQ+Bri7fXlA
ONZREQyBsu1edZg8YYW7xRWF2Asm9TrLElMeYcgFqpg5cruJD2a5RQOL9yFYqzQ4
hjWA6T6CLic86zNv9mvs8mAprx0baSuTAu9nDceM4tYjg2WvU+n2/1jn80dNU1sJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:36 2024 by rpki-client on console-fra.rpki-client.org