Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/6b0e0e-8be5-4bf9-b427-70d63107d05d/1/1-a4hhsTCbR9lHh5IckFMJr4grm8.roa
File: 1-a4hhsTCbR9lHh5IckFMJr4grm8.roa (raw, json)
Hash identifier: q2A3rKgqOA8CNIUSYggFveoek3We2fBV3Pd1UAAjxJM=
Subject key identifier: F9:AE:21:86:C4:C2:6D:1F:65:1E:1E:48:72:41:4C:26:BE:20:AE:6F
Certificate issuer: /CN=9ce22dca2a2db0a59fe56681c8d1c40677a745b5
Certificate serial: 018570B068CC072518758F9EFB3A948EEFBA
Authority key identifier: 9C:E2:2D:CA:2A:2D:B0:A5:9F:E5:66:81:C8:D1:C4:06:77:A7:45:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nOItyiotsKWf5WaByNHEBnenRbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/6b0e0e-8be5-4bf9-b427-70d63107d05d/1/1-a4hhsTCbR9lHh5IckFMJr4grm8.roa
Signing time: Mon 02 Jan 2023 04:14:47 +0000
ROA not before: Mon 02 Jan 2023 04:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47736
IP address blocks: 185.209.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:68:cc:07:25:18:75:8f:9e:fb:3a:94:8e:ef:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ce22dca2a2db0a59fe56681c8d1c40677a745b5
Validity
Not Before: Jan 2 04:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9ae2186c4c26d1f651e1e4872414c26be20ae6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3e:3a:fd:3a:41:01:bb:8c:86:2f:54:60:4a:
29:ce:fc:36:6d:59:47:56:2a:60:09:c4:1f:78:c6:
f0:cb:64:d1:89:66:be:73:72:2a:8c:46:3f:e0:ec:
1d:f5:b1:38:82:1b:36:c6:1a:2b:d8:22:84:3e:52:
5f:32:05:ca:f0:b1:c0:19:e0:ec:1f:51:f4:30:40:
9f:70:98:af:fc:0b:41:35:19:32:63:7f:51:ae:fe:
6b:03:24:80:41:9a:dd:93:d3:9e:bb:e4:45:aa:db:
9e:33:af:fb:cd:f4:9a:5b:19:ac:12:45:f8:dc:77:
bf:74:7a:e7:ed:2d:ce:56:69:8b:4b:d6:df:8e:bf:
01:7e:6d:43:81:81:94:cc:d1:1a:b0:3e:03:82:9b:
77:45:a1:06:94:f7:70:87:18:9e:32:e4:f0:7f:fa:
2e:12:88:de:03:a4:09:63:0b:b1:c5:fc:59:9b:e6:
b4:fe:2a:6b:1e:66:e9:f4:09:1f:df:50:79:fd:c8:
db:a3:c5:c3:10:6a:38:e8:c1:49:5f:1b:ef:10:e8:
b9:0a:97:63:bf:df:ce:d4:39:f6:f6:30:45:82:db:
a5:3b:1b:4a:cf:58:fd:78:71:6f:c7:e0:02:52:f0:
75:8d:a4:b6:49:f9:dd:2a:44:ec:c6:b4:10:7b:65:
34:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AE:21:86:C4:C2:6D:1F:65:1E:1E:48:72:41:4C:26:BE:20:AE:6F
X509v3 Authority Key Identifier:
keyid:9C:E2:2D:CA:2A:2D:B0:A5:9F:E5:66:81:C8:D1:C4:06:77:A7:45:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOItyiotsKWf5WaByNHEBnenRbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/6b0e0e-8be5-4bf9-b427-70d63107d05d/1/1-a4hhsTCbR9lHh5IckFMJr4grm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/6b0e0e-8be5-4bf9-b427-70d63107d05d/1/nOItyiotsKWf5WaByNHEBnenRbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.96.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:83:bc:3d:06:a3:59:92:4e:a5:c6:63:18:f1:2e:4f:89:aa:
90:c1:a9:f9:51:85:dc:d4:bd:e3:e1:f2:9f:b8:0b:3a:73:a4:
50:a4:1e:ff:bb:37:11:92:ca:0e:e0:76:de:7d:a8:0c:4a:80:
ed:01:f1:ed:40:bc:70:87:59:0e:fc:82:d7:41:8f:4c:f2:0b:
8e:b1:39:e7:ee:74:70:d6:87:b7:cb:51:a6:48:d4:f0:8d:c1:
18:21:30:93:04:39:73:a7:c3:33:ed:d0:a3:1d:f0:8d:12:4c:
2a:53:6e:d2:b5:f5:c4:e7:03:56:2d:a6:dd:6f:a9:e8:9c:19:
82:0b:2e:a8:a4:91:c6:4f:19:94:ca:e2:29:f5:55:77:6f:c7:
45:8d:ee:77:b4:e0:ae:65:6b:b3:89:94:de:1f:5b:d1:24:12:
80:02:81:58:40:43:55:bb:e3:c0:84:b8:76:75:73:9d:3a:e0:
bf:db:29:94:90:64:9a:21:45:2f:14:5e:b1:48:28:f9:89:3e:
9b:ed:64:4d:ca:3c:ff:53:fe:4a:87:e7:07:d8:e3:27:75:31:
e9:f0:51:51:2b:28:81:57:b7:a2:a2:0f:aa:12:2a:ba:05:af:
cf:59:43:50:f3:0c:61:35:0e:e9:fa:5a:b3:31:60:e7:33:7b:
ef:36:3c:0f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwsGjMByUYdY+e+zqUju+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZTIyZGNhMmEyZGIwYTU5ZmU1NjY4MWM4ZDFjNDA2Nzdh
NzQ1YjUwHhcNMjMwMTAyMDQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFlMjE4NmM0YzI2ZDFmNjUxZTFlNDg3MjQxNGMyNmJlMjBhZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj46/TpBAbuMhi9UYEopzvw2bVlH
VipgCcQfeMbwy2TRiWa+c3IqjEY/4Owd9bE4ghs2xhor2CKEPlJfMgXK8LHAGeDs
H1H0MECfcJiv/AtBNRkyY39Rrv5rAySAQZrdk9Oeu+RFqtueM6/7zfSaWxmsEkX4
3He/dHrn7S3OVmmLS9bfjr8Bfm1DgYGUzNEasD4Dgpt3RaEGlPdwhxieMuTwf/ou
EojeA6QJYwuxxfxZm+a0/iprHmbp9Akf31B5/cjbo8XDEGo46MFJXxvvEOi5Cpdj
v9/O1Dn29jBFgtulOxtKz1j9eHFvx+ACUvB1jaS2SfndKkTsxrQQe2U09QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmuIYbEwm0fZR4eSHJBTCa+IK5vMB8GA1UdIwQY
MBaAFJziLcoqLbCln+VmgcjRxAZ3p0W1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk9JdHlpb3RzS1dmNVdhQnlOSEVCbmVuUmJVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC82YjBlMGUtOGJlNS00YmY5LWI0Mjct
NzBkNjMxMDdkMDVkLzEvMS1hNGhoc1RDYlI5bEhoNUlja0ZNSnI0Z3JtOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTgvNmIwZTBlLThiZTUtNGJmOS1iNDI3LTcwZDYzMTA3ZDA1
ZC8xL25PSXR5aW90c0tXZjVXYUJ5TkhFQm5lblJiVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnRYDAN
BgkqhkiG9w0BAQsFAAOCAQEApYO8PQajWZJOpcZjGPEuT4mqkMGp+VGF3NS94+Hy
n7gLOnOkUKQe/7s3EZLKDuB23n2oDEqA7QHx7UC8cIdZDvyC10GPTPILjrE55+50
cNaHt8tRpkjU8I3BGCEwkwQ5c6fDM+3Qox3wjRJMKlNu0rX1xOcDVi2m3W+p6JwZ
ggsuqKSRxk8ZlMriKfVVd2/HRY3ud7TgrmVrs4mU3h9b0SQSgAKBWEBDVbvjwIS4
dnVznTrgv9splJBkmiFFLxResUgo+Yk+m+1kTco8/1P+SofnB9jjJ3Ux6fBRUSso
gVe3oqIPqhIqugWvz1lDUPMMYTUO6fpaszFg5zN77zY8Dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:15 2024 by rpki-client on console-ams.rpki-client.org