Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/9pkHP3ZVlsXBhGT9g0WOrg9GX90.roa
File: 9pkHP3ZVlsXBhGT9g0WOrg9GX90.roa (raw, json)
Hash identifier: 0cQ6+2Pys4dZg6sb7KPn+cWmBW7Dz0Ns+fUDKUTADEs=
Subject key identifier: F6:99:07:3F:76:55:96:C5:C1:84:64:FD:83:45:8E:AE:0F:46:5F:DD
Certificate issuer: /CN=8d8740799c91c2630a8092178db824f3a889a75f
Certificate serial: 01856E78E86339B033EE27B73F0F67A5607F
Authority key identifier: 8D:87:40:79:9C:91:C2:63:0A:80:92:17:8D:B8:24:F3:A8:89:A7:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/9pkHP3ZVlsXBhGT9g0WOrg9GX90.roa
Signing time: Sun 01 Jan 2023 17:54:55 +0000
ROA not before: Sun 01 Jan 2023 17:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8666
IP address blocks: 185.121.53.0/24 maxlen: 32
185.121.52.0/24 maxlen: 24
2a06:9cc0::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:e8:63:39:b0:33:ee:27:b7:3f:0f:67:a5:60:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d8740799c91c2630a8092178db824f3a889a75f
Validity
Not Before: Jan 1 17:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f699073f765596c5c18464fd83458eae0f465fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ae:3a:02:6e:e9:96:0d:80:44:7f:99:f1:05:
2c:71:03:ed:bb:47:89:d2:59:f7:e7:9a:42:c2:9b:
96:40:80:a4:2e:67:4b:3d:07:51:25:e7:ee:5d:7e:
8d:b6:85:b1:bf:ef:34:9d:ad:06:71:d6:a6:fc:07:
2d:b1:c8:7b:12:b0:b0:17:00:19:88:9c:94:c2:54:
c6:e1:60:33:91:e1:2b:ce:84:0d:6b:c5:b3:7a:be:
6f:c8:4d:cc:cd:cd:41:10:01:fa:92:ad:e6:41:c9:
06:8f:db:4c:2e:4a:72:2f:5e:79:41:05:57:df:a8:
86:30:be:cf:ff:55:9d:99:4a:6b:ef:b9:a6:03:5c:
8b:8b:5e:ac:aa:ef:92:db:14:84:99:94:92:54:6c:
54:41:46:07:88:e0:16:1e:72:26:82:8f:ef:ce:73:
3d:38:c7:fb:5f:b8:a6:60:4f:e5:35:03:a4:91:34:
6f:0b:08:48:59:00:05:89:81:48:8a:a9:ea:50:29:
d6:12:af:96:39:5e:61:7f:ac:88:33:20:c4:ad:b2:
81:27:e0:71:7a:fe:1f:6e:fa:b8:84:af:37:03:7d:
33:43:5f:5c:a9:cb:88:79:53:c1:2e:c7:e8:7a:d3:
f4:88:6b:6f:e7:cd:b8:d5:34:93:f6:01:a1:5f:21:
0a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:99:07:3F:76:55:96:C5:C1:84:64:FD:83:45:8E:AE:0F:46:5F:DD
X509v3 Authority Key Identifier:
keyid:8D:87:40:79:9C:91:C2:63:0A:80:92:17:8D:B8:24:F3:A8:89:A7:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/9pkHP3ZVlsXBhGT9g0WOrg9GX90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/jYdAeZyRwmMKgJIXjbgk86iJp18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.52.0/23
IPv6:
2a06:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:0f:b5:ae:ab:99:77:62:12:2a:e2:13:c2:cd:b3:4e:a1:b9:
90:34:15:24:56:16:1e:01:49:89:52:b6:e2:c1:d9:7f:7e:ab:
62:71:ca:6f:f0:50:70:a2:84:63:f7:8c:2e:c6:b7:78:25:27:
3a:38:89:00:a9:45:48:fc:cb:52:51:eb:12:d0:b0:27:dd:10:
2e:8a:c8:0e:3c:7e:c7:95:af:e0:e4:1b:4c:9a:a3:02:35:cd:
42:36:fd:6f:be:7a:94:68:44:f0:61:c9:a5:dc:37:0e:e1:bc:
70:ae:cc:b2:47:be:41:9e:08:59:15:e9:b3:56:fb:84:c5:73:
4b:df:ad:53:10:2f:c9:ca:b3:45:64:ef:0e:2d:cf:6d:c8:ee:
68:34:ef:8d:11:6d:a3:3e:91:15:9c:13:71:46:85:6a:1f:c3:
05:2d:bb:67:4f:0c:05:c0:be:59:cc:54:a2:eb:28:f9:7f:16:
5c:41:9f:ac:82:fb:70:5e:cc:ca:d8:cb:30:19:98:e2:77:d7:
71:93:7b:78:9f:f8:24:44:15:c8:23:e0:7c:69:62:e2:6a:7d:
69:87:5d:89:f5:ef:c8:32:e6:c6:ae:b4:5c:7c:eb:ce:fe:8a:
d5:1a:8d:5e:e3:02:91:41:61:0e:69:18:05:de:6e:2b:10:b0:
cb:4b:29:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVueOhjObAz7ie3Pw9npWB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODc0MDc5OWM5MWMyNjMwYTgwOTIxNzhkYjgyNGYzYTg4
OWE3NWYwHhcNMjMwMTAxMTc1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjk5MDczZjc2NTU5NmM1YzE4NDY0ZmQ4MzQ1OGVhZTBmNDY1ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK46Am7plg2ARH+Z8QUscQPtu0eJ
0ln355pCwpuWQICkLmdLPQdRJefuXX6NtoWxv+80na0Gcdam/Actsch7ErCwFwAZ
iJyUwlTG4WAzkeErzoQNa8Wzer5vyE3Mzc1BEAH6kq3mQckGj9tMLkpyL155QQVX
36iGML7P/1WdmUpr77mmA1yLi16squ+S2xSEmZSSVGxUQUYHiOAWHnImgo/vznM9
OMf7X7imYE/lNQOkkTRvCwhIWQAFiYFIiqnqUCnWEq+WOV5hf6yIMyDErbKBJ+Bx
ev4fbvq4hK83A30zQ19cqcuIeVPBLsfoetP0iGtv58241TST9gGhXyEKmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPaZBz92VZbFwYRk/YNFjq4PRl/dMB8GA1UdIwQY
MBaAFI2HQHmckcJjCoCSF424JPOoiadfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallkQWVaeVJ3bU1LZ0pJWGpiZ2s4NmlKcDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81YjdjOTQtYTYwZC00Mzk5LTk4Mjkt
NTJiODE2NjgyOWQ3LzEvOXBrSFAzWlZsc1hCaEdUOWcwV09yZzlHWDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81YjdjOTQtYTYwZC00Mzk5LTk4MjktNTJiODE2NjgyOWQ3
LzEvallkQWVaeVJ3bU1LZ0pJWGpiZ2s4NmlKcDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuXk0MA0E
AgACMAcDBQMqBpzAMA0GCSqGSIb3DQEBCwUAA4IBAQBqD7Wuq5l3YhIq4hPCzbNO
obmQNBUkVhYeAUmJUrbiwdl/fqticcpv8FBwooRj94wuxrd4JSc6OIkAqUVI/MtS
UesS0LAn3RAuisgOPH7Hla/g5BtMmqMCNc1CNv1vvnqUaETwYcml3DcO4bxwrsyy
R75BnghZFemzVvuExXNL361TEC/JyrNFZO8OLc9tyO5oNO+NEW2jPpEVnBNxRoVq
H8MFLbtnTwwFwL5ZzFSi6yj5fxZcQZ+sgvtwXszK2MswGZjid9dxk3t4n/gkRBXI
I+B8aWLian1ph12J9e/IMubGrrRcfOvO/orVGo1e4wKRQWEOaRgF3m4rELDLSynK
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:52 2024 by rpki-client on console-ams.rpki-client.org