Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/IeiCkdj-6m9tOHOsQ14h0AhZnBg.roa
File: IeiCkdj-6m9tOHOsQ14h0AhZnBg.roa (raw, json)
Hash identifier: J3UNKv+Qut0PZ4/zNJF1BvxbvKvaDopmAT9GkfJXjYo=
Subject key identifier: 21:E8:82:91:D8:FE:EA:6F:6D:38:73:AC:43:5E:21:D0:08:59:9C:18
Certificate issuer: /CN=afe6f8cae7492d064e03071c9147392eedd45bc7
Certificate serial: 018570D5446C61DB9FD175CBD2CD40745C94
Authority key identifier: AF:E6:F8:CA:E7:49:2D:06:4E:03:07:1C:91:47:39:2E:ED:D4:5B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-b4yudJLQZOAwcckUc5Lu3UW8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/IeiCkdj-6m9tOHOsQ14h0AhZnBg.roa
Signing time: Mon 02 Jan 2023 04:55:02 +0000
ROA not before: Mon 02 Jan 2023 04:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213329
IP address blocks: 185.220.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:44:6c:61:db:9f:d1:75:cb:d2:cd:40:74:5c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe6f8cae7492d064e03071c9147392eedd45bc7
Validity
Not Before: Jan 2 04:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21e88291d8feea6f6d3873ac435e21d008599c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ab:df:aa:db:6f:c2:0b:00:58:7d:5a:81:e7:
95:f4:80:f6:c4:8b:af:f0:3a:8f:9b:b7:a1:54:23:
b0:a5:6e:4a:3f:94:b1:a8:dc:4e:20:72:98:3c:28:
3f:1b:55:17:b6:76:7a:da:d5:d6:db:70:a6:5c:70:
94:7c:e7:d3:b2:3d:3b:2d:ba:bd:10:04:7c:be:ff:
b6:63:b0:79:3b:e6:06:98:d2:99:7e:66:ba:35:b7:
1b:e3:b7:df:7c:ef:62:65:29:e2:38:44:f2:42:13:
bb:22:d3:dc:d0:fc:a1:cb:91:bd:69:4c:8d:37:50:
10:91:92:54:1b:f6:8f:a9:fe:d6:d2:23:31:26:ae:
c2:66:7e:58:88:36:29:f9:63:85:46:09:41:7a:bc:
00:ee:b3:5c:a3:bc:2b:c5:66:f6:78:55:cc:9d:a3:
d1:b5:1a:f4:cb:13:b7:b3:33:b3:37:b4:e7:de:3d:
d9:19:e3:4e:f6:4a:c4:cc:37:58:a8:45:44:30:e1:
d0:7e:5d:15:cb:ff:ce:4c:0e:d9:82:68:0c:51:1e:
e6:7e:61:7f:16:3e:4e:e9:e2:23:30:87:15:cb:c3:
9b:f5:f8:fa:66:0b:41:b3:a3:d6:5b:30:1b:67:24:
fe:84:28:53:f8:ce:2d:e3:3e:5e:d0:da:f3:27:57:
cc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E8:82:91:D8:FE:EA:6F:6D:38:73:AC:43:5E:21:D0:08:59:9C:18
X509v3 Authority Key Identifier:
keyid:AF:E6:F8:CA:E7:49:2D:06:4E:03:07:1C:91:47:39:2E:ED:D4:5B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-b4yudJLQZOAwcckUc5Lu3UW8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/IeiCkdj-6m9tOHOsQ14h0AhZnBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/r-b4yudJLQZOAwcckUc5Lu3UW8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.221.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:95:2d:39:9f:23:74:52:a5:d9:d5:60:56:fd:75:e5:f6:a1:
90:1a:0f:23:31:25:fd:df:1c:57:3a:6c:7d:30:86:51:f5:d3:
09:3f:8c:e2:2b:4c:48:d3:20:b3:a8:32:25:d0:31:e4:e4:bc:
9a:76:58:94:22:dc:94:81:4e:5f:02:c9:05:02:f4:2a:7e:94:
50:ab:fc:74:e6:c8:e2:93:5e:ef:5c:39:d2:b5:11:87:d1:1d:
60:4d:df:92:9f:ad:d6:05:49:dc:88:fa:ab:d3:04:a7:bf:12:
be:cd:36:24:72:e1:19:f0:b7:e0:c9:37:ad:8f:03:69:6b:47:
40:77:9b:9d:27:83:e9:98:45:e2:74:84:5c:11:68:9c:3f:37:
93:3d:84:bc:51:bc:5a:17:52:92:db:97:39:ed:65:69:a7:9f:
cf:0f:5d:98:da:95:b2:23:6f:0d:0e:89:05:9f:5f:27:5b:e7:
66:9e:54:50:f5:34:ec:ca:29:f8:e4:ae:0e:4b:dc:b6:e3:69:
a4:2e:90:37:01:4b:5a:4e:3f:bb:ed:93:c6:7e:9f:a4:bb:fb:
20:1c:59:84:b1:2e:af:cf:d2:0c:53:e6:2a:e4:88:99:e9:e5:
7c:43:3f:7d:34:ce:43:37:e6:e3:72:91:59:0e:0b:10:53:c1:
3c:a7:b0:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1URsYduf0XXL0s1AdFyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZTZmOGNhZTc0OTJkMDY0ZTAzMDcxYzkxNDczOTJlZWRk
NDViYzcwHhcNMjMwMTAyMDQ1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWU4ODI5MWQ4ZmVlYTZmNmQzODczYWM0MzVlMjFkMDA4NTk5YzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKvfqttvwgsAWH1ageeV9ID2xIuv
8DqPm7ehVCOwpW5KP5SxqNxOIHKYPCg/G1UXtnZ62tXW23CmXHCUfOfTsj07Lbq9
EAR8vv+2Y7B5O+YGmNKZfma6Nbcb47fffO9iZSniOETyQhO7ItPc0Pyhy5G9aUyN
N1AQkZJUG/aPqf7W0iMxJq7CZn5YiDYp+WOFRglBerwA7rNco7wrxWb2eFXMnaPR
tRr0yxO3szOzN7Tn3j3ZGeNO9krEzDdYqEVEMOHQfl0Vy//OTA7ZgmgMUR7mfmF/
Fj5O6eIjMIcVy8Ob9fj6ZgtBs6PWWzAbZyT+hChT+M4t4z5e0NrzJ1fMzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHogpHY/upvbThzrENeIdAIWZwYMB8GA1UdIwQY
MBaAFK/m+MrnSS0GTgMHHJFHOS7t1FvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci1iNHl1ZEpMUVpPQXdjY2tVYzVMdTNVVzhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jOTg3YjYtZWYwMC00ZDI4LWE0YWUt
NjU0OWNkNTlhYTRmLzEvSWVpQ2tkai02bTl0T0hPc1ExNGgwQWhabkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jOTg3YjYtZWYwMC00ZDI4LWE0YWUtNjU0OWNkNTlhYTRm
LzEvci1iNHl1ZEpMUVpPQXdjY2tVYzVMdTNVVzhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudzdMA0G
CSqGSIb3DQEBCwUAA4IBAQC1lS05nyN0UqXZ1WBW/XXl9qGQGg8jMSX93xxXOmx9
MIZR9dMJP4ziK0xI0yCzqDIl0DHk5LyadliUItyUgU5fAskFAvQqfpRQq/x05sji
k17vXDnStRGH0R1gTd+Sn63WBUnciPqr0wSnvxK+zTYkcuEZ8LfgyTetjwNpa0dA
d5udJ4PpmEXidIRcEWicPzeTPYS8UbxaF1KS25c57WVpp5/PD12Y2pWyI28NDokF
n18nW+dmnlRQ9TTsyin45K4OS9y242mkLpA3AUtaTj+77ZPGfp+ku/sgHFmEsS6v
z9IMU+Yq5IiZ6eV8Qz99NM5DN+bjcpFZDgsQU8E8p7DG
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:17:06 2024 by rpki-client on console-ams.rpki-client.org