Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/AiKRwOfjsBu1i8Gg0742ueFNo3s.roa
File: AiKRwOfjsBu1i8Gg0742ueFNo3s.roa (raw, json)
Hash identifier: KzlRB4hFh3vWDY5J69CNc6RTUdIVwX+DMAtjN+LKLns=
Subject key identifier: 02:22:91:C0:E7:E3:B0:1B:B5:8B:C1:A0:D3:BE:36:B9:E1:4D:A3:7B
Certificate issuer: /CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Certificate serial: 01856E5D6AA44D38C7E655B84EEBFD98D99C
Authority key identifier: EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/AiKRwOfjsBu1i8Gg0742ueFNo3s.roa
Signing time: Sun 01 Jan 2023 17:24:53 +0000
ROA not before: Sun 01 Jan 2023 17:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209082
IP address blocks: 185.128.220.0/22 maxlen: 24
2a03:9ba0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:6a:a4:4d:38:c7:e6:55:b8:4e:eb:fd:98:d9:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Validity
Not Before: Jan 1 17:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=022291c0e7e3b01bb58bc1a0d3be36b9e14da37b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b4:88:1e:d3:15:ba:f1:59:ce:28:36:5a:3e:
46:f9:34:1a:7d:f3:15:fc:d8:de:a7:fd:68:07:be:
6f:bc:45:c2:60:82:1d:32:ca:a2:10:29:dd:f6:0b:
1a:64:25:d2:1e:d3:de:bc:f9:0e:3b:89:77:ef:07:
d4:66:0c:f8:ef:ef:1e:0c:ed:39:cf:58:ee:a1:08:
6b:42:68:4c:2a:20:03:b4:00:2a:5c:0a:69:ef:c6:
9d:b9:6b:1d:d3:be:61:ef:8e:e8:c9:c5:3b:ae:77:
80:b9:b1:2b:4c:7e:4f:c8:7b:16:93:1f:22:32:76:
78:48:ac:b7:61:cc:e2:31:b3:99:84:f9:ec:da:76:
67:d0:74:c4:dd:9a:51:b7:4e:d6:b0:a4:fe:4c:23:
a2:16:47:0a:b0:2a:c1:6e:3e:c7:70:4b:cb:66:13:
03:f7:61:e2:0b:15:d1:16:3f:c8:5c:5b:74:61:42:
9f:5c:64:bc:ce:81:c2:a5:40:50:5b:e7:37:5d:a2:
00:45:dd:a9:9a:99:e1:9d:0e:82:59:e3:f0:40:33:
5a:66:c2:5e:4d:90:b2:95:70:e9:0b:ad:9f:89:6d:
22:b8:32:6b:fd:59:15:b0:96:8d:a3:59:23:6b:f3:
27:62:2e:08:8c:65:b4:37:fc:93:0b:73:d3:9a:8b:
a6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:22:91:C0:E7:E3:B0:1B:B5:8B:C1:A0:D3:BE:36:B9:E1:4D:A3:7B
X509v3 Authority Key Identifier:
keyid:EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/AiKRwOfjsBu1i8Gg0742ueFNo3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/74Zp5wzqlJc6_TT7COtZ6dhrV_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.220.0/22
IPv6:
2a03:9ba0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:75:1e:fa:9d:41:e1:19:25:33:b3:b2:25:37:73:ae:33:c7:
ad:b9:0d:35:c2:04:6d:41:f7:c4:12:86:fd:24:e4:28:82:9f:
14:ee:5a:a9:b3:8a:12:de:4b:5a:8b:cd:d9:8c:c8:c2:25:4e:
c4:10:05:b2:68:e4:b3:a5:2c:ab:1e:64:e7:3c:32:88:ae:d4:
08:4a:83:a5:99:8c:5e:a0:ed:0e:2b:39:26:5e:ce:ad:1b:93:
88:3b:fe:c1:ae:6b:df:ea:88:4e:19:93:2c:3a:1e:01:4f:27:
cb:69:ca:b7:9b:cb:a8:fd:c4:ec:6c:25:e1:0a:1d:e8:9c:4a:
23:f2:d1:ce:71:82:81:7a:9d:38:ef:39:4b:53:85:48:7b:1b:
60:81:e0:32:82:f3:3f:99:ee:39:0c:75:ca:7d:ae:f4:a1:2b:
3a:7a:18:68:86:94:65:bc:95:77:e2:f7:a1:09:aa:f8:fc:47:
0b:06:dd:7a:c7:21:3e:d3:94:28:e8:2f:84:2e:44:df:56:11:
89:5c:8e:0b:18:01:0e:1f:09:20:2e:9c:26:51:28:5f:49:a2:
23:95:b5:93:59:55:d1:ec:de:4a:f6:00:ce:59:de:d9:46:c3:
ab:49:50:5e:50:f0:2e:c6:7d:01:b3:e5:75:71:b5:47:ee:f1:
b7:d5:75:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuXWqkTTjH5lW4Tuv9mNmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmODY2OWU3MGNlYTk0OTczYWZkMzRmYjA4ZWI1OWU5ZDg2
YjU3ZmMwHhcNMjMwMTAxMTcyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjIyOTFjMGU3ZTNiMDFiYjU4YmMxYTBkM2JlMzZiOWUxNGRhMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LSIHtMVuvFZzig2Wj5G+TQaffMV
/Njep/1oB75vvEXCYIIdMsqiECnd9gsaZCXSHtPevPkOO4l37wfUZgz47+8eDO05
z1juoQhrQmhMKiADtAAqXApp78aduWsd075h747oycU7rneAubErTH5PyHsWkx8i
MnZ4SKy3YcziMbOZhPns2nZn0HTE3ZpRt07WsKT+TCOiFkcKsCrBbj7HcEvLZhMD
92HiCxXRFj/IXFt0YUKfXGS8zoHCpUBQW+c3XaIARd2pmpnhnQ6CWePwQDNaZsJe
TZCylXDpC62fiW0iuDJr/VkVsJaNo1kja/MnYi4IjGW0N/yTC3PTmoumCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAIikcDn47AbtYvBoNO+NrnhTaN7MB8GA1UdIwQY
MBaAFO+GaecM6pSXOv00+wjrWenYa1f8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzRacDV3enFsSmM2X1RUN0NPdFo2ZGhyVl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zOTdjMWUtNTFhNy00MTZmLWE0NWMt
MmEwMjEzMTc5YzA3LzEvQWlLUndPZmpzQnUxaThHZzA3NDJ1ZUZObzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zOTdjMWUtNTFhNy00MTZmLWE0NWMtMmEwMjEzMTc5YzA3
LzEvNzRacDV3enFsSmM2X1RUN0NPdFo2ZGhyVl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYDcMA0E
AgACMAcDBQAqA5ugMA0GCSqGSIb3DQEBCwUAA4IBAQAvdR76nUHhGSUzs7IlN3Ou
M8etuQ01wgRtQffEEob9JOQogp8U7lqps4oS3ktai83ZjMjCJU7EEAWyaOSzpSyr
HmTnPDKIrtQISoOlmYxeoO0OKzkmXs6tG5OIO/7Brmvf6ohOGZMsOh4BTyfLacq3
m8uo/cTsbCXhCh3onEoj8tHOcYKBep047zlLU4VIextggeAygvM/me45DHXKfa70
oSs6ehhohpRlvJV34vehCar4/EcLBt16xyE+05Qo6C+ELkTfVhGJXI4LGAEOHwkg
LpwmUShfSaIjlbWTWVXR7N5K9gDOWd7ZRsOrSVBeUPAuxn0Bs+V1cbVH7vG31XX1
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:53:01 2024 by rpki-client on console-fra.rpki-client.org