Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/bda3ef-4a2f-4ccc-b295-b22eb948515c/1/K1wMDO2J-JaNG5KDg72llMBxVcg.roa
File: K1wMDO2J-JaNG5KDg72llMBxVcg.roa (raw, json)
Hash identifier: aQXtZQqG1PHs2I5JsUlKieVcqoye83hZMscoPnLjV44=
Subject key identifier: 2B:5C:0C:0C:ED:89:F8:96:8D:1B:92:83:83:BD:A5:94:C0:71:55:C8
Certificate issuer: /CN=e585baea62f8d60626248738c45dfbd221737f4c
Certificate serial: 0185715549F39C603EB4A83ED17784A56B2A
Authority key identifier: E5:85:BA:EA:62:F8:D6:06:26:24:87:38:C4:5D:FB:D2:21:73:7F:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YW66mL41gYmJIc4xF370iFzf0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/bda3ef-4a2f-4ccc-b295-b22eb948515c/1/K1wMDO2J-JaNG5KDg72llMBxVcg.roa
Signing time: Mon 02 Jan 2023 07:14:52 +0000
ROA not before: Mon 02 Jan 2023 07:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200460
IP address blocks: 185.97.33.0/24 maxlen: 24
185.97.34.0/24 maxlen: 24
185.97.35.0/24 maxlen: 24
185.97.32.0/24 maxlen: 24
2a00:66c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:49:f3:9c:60:3e:b4:a8:3e:d1:77:84:a5:6b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e585baea62f8d60626248738c45dfbd221737f4c
Validity
Not Before: Jan 2 07:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b5c0c0ced89f8968d1b928383bda594c07155c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c1:11:25:53:e1:c4:a5:25:27:7e:02:fa:22:
d8:3d:49:5e:bf:03:15:c0:82:34:2a:ae:34:07:3f:
09:d4:58:c3:44:bf:55:58:59:7e:91:4c:d7:43:c9:
b7:bc:62:b0:43:c0:c9:c1:07:76:3d:16:7f:b8:cc:
44:29:6c:a3:76:50:88:fe:10:73:3a:b9:73:06:01:
e2:b2:37:2a:89:e8:fa:ae:5e:e2:86:ed:a0:83:56:
e7:ee:ba:35:a0:cc:39:5b:8f:0b:78:ae:1e:46:40:
69:a5:f1:16:a0:3c:42:e1:ad:d5:22:f1:14:ba:41:
47:ef:a1:4b:85:40:93:38:39:44:3e:2a:64:01:77:
24:0a:47:ad:cb:e2:86:25:8f:99:03:dd:75:5f:1f:
a0:5d:3d:54:8c:74:44:68:e6:81:fd:1e:b1:dd:28:
8e:f1:76:08:88:22:8b:34:6b:8a:11:81:ed:9f:fd:
29:6d:4a:5b:34:41:9e:71:7f:66:97:ce:5e:a5:71:
a5:0e:54:2d:44:8d:e7:47:4e:66:ed:1f:f1:97:10:
4b:ae:f0:b2:a9:c9:b8:c2:4c:3f:4a:a0:91:c7:b5:
2e:f9:fb:fe:48:9d:5b:b7:a4:d9:97:2a:33:4f:3e:
1e:7c:00:71:a3:fd:25:cd:6e:b0:ee:3d:d6:8c:83:
0b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5C:0C:0C:ED:89:F8:96:8D:1B:92:83:83:BD:A5:94:C0:71:55:C8
X509v3 Authority Key Identifier:
keyid:E5:85:BA:EA:62:F8:D6:06:26:24:87:38:C4:5D:FB:D2:21:73:7F:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YW66mL41gYmJIc4xF370iFzf0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/bda3ef-4a2f-4ccc-b295-b22eb948515c/1/K1wMDO2J-JaNG5KDg72llMBxVcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/bda3ef-4a2f-4ccc-b295-b22eb948515c/1/5YW66mL41gYmJIc4xF370iFzf0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.32.0/22
IPv6:
2a00:66c0::/32
Signature Algorithm: sha256WithRSAEncryption
56:c2:b6:75:10:56:fd:4e:1c:80:da:d2:9d:57:c1:78:35:b5:
2f:b9:e2:e2:d5:a5:49:02:b9:7e:84:68:fe:da:45:36:3c:d8:
66:0a:32:8f:16:7b:8e:3b:34:a2:80:77:f4:8a:11:f8:80:0e:
78:e8:dc:ee:a8:99:bd:a5:43:11:fa:55:dc:97:d0:40:f6:1e:
10:df:19:41:f9:99:49:3b:4d:68:58:13:f9:95:cd:a7:17:b0:
90:56:d0:53:79:0d:ec:3a:b3:d3:d8:a4:48:a2:56:f3:bb:13:
1b:af:44:54:95:16:dd:ac:e4:6c:ed:8b:57:51:b8:28:d1:b2:
4c:ea:d5:d2:4c:9f:d7:0d:da:d1:5f:18:a5:25:e0:2f:6d:f3:
9e:2e:cb:b4:b0:04:05:10:f8:b5:a7:b2:37:29:9c:eb:fa:80:
7d:cb:8d:ce:c4:78:a7:15:98:29:e6:b2:b2:d5:1b:93:21:7f:
11:cb:43:1b:b5:cc:d5:12:68:5c:78:f5:97:a7:2b:2c:e1:12:
eb:48:d8:97:1d:18:12:e3:06:37:6c:98:f8:37:95:02:ff:bf:
93:5f:4c:2f:59:63:c7:3b:aa:ba:61:f7:ab:ca:61:8f:38:ab:
0d:5e:58:a3:0a:36:52:cd:e2:34:ca:41:78:cf:f0:2f:c9:18:
59:ca:9c:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxVUnznGA+tKg+0XeEpWsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODViYWVhNjJmOGQ2MDYyNjI0ODczOGM0NWRmYmQyMjE3
MzdmNGMwHhcNMjMwMTAyMDcxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjVjMGMwY2VkODlmODk2OGQxYjkyODM4M2JkYTU5NGMwNzE1NWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MERJVPhxKUlJ34C+iLYPUlevwMV
wII0Kq40Bz8J1FjDRL9VWFl+kUzXQ8m3vGKwQ8DJwQd2PRZ/uMxEKWyjdlCI/hBz
OrlzBgHisjcqiej6rl7ihu2gg1bn7ro1oMw5W48LeK4eRkBppfEWoDxC4a3VIvEU
ukFH76FLhUCTODlEPipkAXckCkety+KGJY+ZA911Xx+gXT1UjHREaOaB/R6x3SiO
8XYIiCKLNGuKEYHtn/0pbUpbNEGecX9ml85epXGlDlQtRI3nR05m7R/xlxBLrvCy
qcm4wkw/SqCRx7Uu+fv+SJ1bt6TZlyozTz4efABxo/0lzW6w7j3WjIMLowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCtcDAztifiWjRuSg4O9pZTAcVXIMB8GA1UdIwQY
MBaAFOWFuupi+NYGJiSHOMRd+9Ihc39MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlXNjZtTDQxZ1ltSkljNHhGMzcwaUZ6ZjB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9iZGEzZWYtNGEyZi00Y2NjLWIyOTUt
YjIyZWI5NDg1MTVjLzEvSzF3TURPMkotSmFORzVLRGc3MmxsTUJ4VmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9iZGEzZWYtNGEyZi00Y2NjLWIyOTUtYjIyZWI5NDg1MTVj
LzEvNVlXNjZtTDQxZ1ltSkljNHhGMzcwaUZ6ZjB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWEgMA0E
AgACMAcDBQAqAGbAMA0GCSqGSIb3DQEBCwUAA4IBAQBWwrZ1EFb9ThyA2tKdV8F4
NbUvueLi1aVJArl+hGj+2kU2PNhmCjKPFnuOOzSigHf0ihH4gA546NzuqJm9pUMR
+lXcl9BA9h4Q3xlB+ZlJO01oWBP5lc2nF7CQVtBTeQ3sOrPT2KRIolbzuxMbr0RU
lRbdrORs7YtXUbgo0bJM6tXSTJ/XDdrRXxilJeAvbfOeLsu0sAQFEPi1p7I3KZzr
+oB9y43OxHinFZgp5rKy1RuTIX8Ry0MbtczVEmhcePWXpyss4RLrSNiXHRgS4wY3
bJj4N5UC/7+TX0wvWWPHO6q6YferymGPOKsNXlijCjZSzeI0ykF4z/AvyRhZypzW
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:52 2024 by rpki-client on console-fra.rpki-client.org