Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/1b0ded-d592-4645-a3e1-d42f11df80cc/1/_1iw4p3_DT_-NYIoJI1qMh87zxk.roa
File: _1iw4p3_DT_-NYIoJI1qMh87zxk.roa (raw, json)
Hash identifier: 9LhfxuchiOyYcBH6sEvbmELgFKOVoOLvZvKuAa0rAB0=
Subject key identifier: FF:58:B0:E2:9D:FF:0D:3F:FE:35:82:28:24:8D:6A:32:1F:3B:CF:19
Certificate issuer: /CN=e9d61587d6fd7c816b71014d73d397883cde2aba
Certificate serial: 01856CCAB3DBFF34D6064A686C6A01D86BD5
Authority key identifier: E9:D6:15:87:D6:FD:7C:81:6B:71:01:4D:73:D3:97:88:3C:DE:2A:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6dYVh9b9fIFrcQFNc9OXiDzeKro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/1b0ded-d592-4645-a3e1-d42f11df80cc/1/_1iw4p3_DT_-NYIoJI1qMh87zxk.roa
Signing time: Sun 01 Jan 2023 10:05:01 +0000
ROA not before: Sun 01 Jan 2023 10:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61981
IP address blocks: 185.53.4.0/22 maxlen: 22
185.53.6.0/23 maxlen: 23
2a01:bda0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:b3:db:ff:34:d6:06:4a:68:6c:6a:01:d8:6b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9d61587d6fd7c816b71014d73d397883cde2aba
Validity
Not Before: Jan 1 10:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff58b0e29dff0d3ffe358228248d6a321f3bcf19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bb:0c:7f:67:8a:15:2d:ba:30:95:60:a4:57:
15:2b:e4:d5:4d:e8:26:f4:55:03:94:30:c3:3b:a0:
29:1b:6a:c2:c5:ea:2f:99:e2:29:48:f8:50:e3:b0:
62:3a:6d:ea:ea:ec:45:6b:70:8c:e3:92:eb:a3:1e:
3e:1b:19:5c:6c:c1:fa:d8:b6:b5:bc:92:d7:53:29:
b6:6a:d0:0e:2a:63:c7:f8:3b:bb:c6:86:28:f6:f8:
a3:39:d4:09:b3:59:2d:78:a4:0d:74:6e:30:c8:85:
d2:8a:9d:90:b0:30:87:bd:09:75:ef:5e:84:85:45:
88:18:8a:cb:be:41:91:e2:c5:99:51:d7:6f:20:be:
6f:fb:aa:16:74:e6:d5:89:c7:60:62:b3:92:5b:c3:
8a:ce:08:a1:f3:19:07:2e:f6:de:56:53:35:87:20:
b6:35:6b:e9:b8:74:6b:e6:9b:db:29:98:3a:11:75:
72:2d:d9:5c:9c:51:c3:0e:12:6b:62:f6:74:f2:80:
2d:68:0a:3b:04:58:3d:00:5c:28:d5:ce:bf:07:c4:
c0:48:1a:77:4e:35:cd:ed:56:39:5a:c4:17:c5:66:
22:c7:51:d9:c9:f3:3e:d7:df:49:eb:3a:19:ff:df:
c7:cf:05:e9:8c:02:b8:17:22:54:72:26:90:3d:54:
e2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:58:B0:E2:9D:FF:0D:3F:FE:35:82:28:24:8D:6A:32:1F:3B:CF:19
X509v3 Authority Key Identifier:
keyid:E9:D6:15:87:D6:FD:7C:81:6B:71:01:4D:73:D3:97:88:3C:DE:2A:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dYVh9b9fIFrcQFNc9OXiDzeKro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1b0ded-d592-4645-a3e1-d42f11df80cc/1/_1iw4p3_DT_-NYIoJI1qMh87zxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1b0ded-d592-4645-a3e1-d42f11df80cc/1/6dYVh9b9fIFrcQFNc9OXiDzeKro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.4.0/22
IPv6:
2a01:bda0::/32
Signature Algorithm: sha256WithRSAEncryption
69:05:6a:56:78:41:18:e0:6b:91:9c:05:37:c8:43:64:8d:95:
94:63:30:1d:02:eb:1e:9e:bc:25:39:ac:84:c2:b1:5c:df:79:
e9:ea:6c:05:9b:73:52:75:4a:3a:d6:59:49:d4:43:fd:05:78:
77:2b:29:cf:3c:a3:ae:f9:2c:b2:0c:ce:78:f2:86:ec:44:9b:
e1:07:e5:14:2f:90:0c:3c:60:f3:99:b0:d2:10:9a:98:63:76:
8b:f0:bb:93:9b:e6:de:46:ca:4e:8b:a1:c4:df:83:38:92:6f:
79:a0:e0:2b:57:17:47:2c:0e:a4:1a:54:a5:ca:c1:3e:77:3f:
5e:a1:0a:57:af:88:aa:cc:03:b2:64:63:af:fd:9e:c6:28:10:
bb:34:56:4d:12:81:8b:21:c6:bd:44:63:ff:9e:89:76:36:23:
a3:2d:ef:92:7e:cb:c2:06:43:41:51:7c:2f:0e:61:ed:25:30:
cd:4a:d3:5b:68:f5:cc:bc:c1:6f:ad:de:50:3d:ef:7e:ad:96:
d5:e5:c1:b6:12:8d:da:63:a0:85:80:4b:6a:dc:d5:b2:5a:fb:
85:b5:f3:b8:09:ff:0a:43:ae:57:91:3d:07:3b:24:78:13:be:
df:37:9d:61:23:96:83:7f:c1:9f:00:47:c0:c1:fb:5f:6c:b8:
0d:88:d2:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsyrPb/zTWBkpobGoB2GvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDYxNTg3ZDZmZDdjODE2YjcxMDE0ZDczZDM5Nzg4M2Nk
ZTJhYmEwHhcNMjMwMTAxMTAwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU4YjBlMjlkZmYwZDNmZmUzNTgyMjgyNDhkNmEzMjFmM2JjZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7sMf2eKFS26MJVgpFcVK+TVTegm
9FUDlDDDO6ApG2rCxeovmeIpSPhQ47BiOm3q6uxFa3CM45Lrox4+GxlcbMH62La1
vJLXUym2atAOKmPH+Du7xoYo9vijOdQJs1kteKQNdG4wyIXSip2QsDCHvQl1716E
hUWIGIrLvkGR4sWZUddvIL5v+6oWdObVicdgYrOSW8OKzgih8xkHLvbeVlM1hyC2
NWvpuHRr5pvbKZg6EXVyLdlcnFHDDhJrYvZ08oAtaAo7BFg9AFwo1c6/B8TASBp3
TjXN7VY5WsQXxWYix1HZyfM+199J6zoZ/9/HzwXpjAK4FyJUciaQPVTilQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP9YsOKd/w0//jWCKCSNajIfO88ZMB8GA1UdIwQY
MBaAFOnWFYfW/XyBa3EBTXPTl4g83iq6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRZVmg5YjlmSUZyY1FGTmM5T1hpRHplS3JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xYjBkZWQtZDU5Mi00NjQ1LWEzZTEt
ZDQyZjExZGY4MGNjLzEvXzFpdzRwM19EVF8tTllJb0pJMXFNaDg3enhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xYjBkZWQtZDU5Mi00NjQ1LWEzZTEtZDQyZjExZGY4MGNj
LzEvNmRZVmg5YjlmSUZyY1FGTmM5T1hpRHplS3JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTUEMA0E
AgACMAcDBQAqAb2gMA0GCSqGSIb3DQEBCwUAA4IBAQBpBWpWeEEY4GuRnAU3yENk
jZWUYzAdAusenrwlOayEwrFc33np6mwFm3NSdUo61llJ1EP9BXh3KynPPKOu+Syy
DM548obsRJvhB+UUL5AMPGDzmbDSEJqYY3aL8LuTm+beRspOi6HE34M4km95oOAr
VxdHLA6kGlSlysE+dz9eoQpXr4iqzAOyZGOv/Z7GKBC7NFZNEoGLIca9RGP/nol2
NiOjLe+SfsvCBkNBUXwvDmHtJTDNStNbaPXMvMFvrd5QPe9+rZbV5cG2Eo3aY6CF
gEtq3NWyWvuFtfO4Cf8KQ65XkT0HOyR4E77fN51hI5aDf8GfAEfAwftfbLgNiNJP
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:11 2024 by rpki-client on console-ams.rpki-client.org