Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/httIZ2U6ouLA_2HCeGV2X-vh1fw.roa
File: httIZ2U6ouLA_2HCeGV2X-vh1fw.roa (raw, json)
Hash identifier: 9SFWtv1B4AhV8fRTE6ZQVP1jj+NAr+I0d44K6Po5/dw=
Subject key identifier: 86:DB:48:67:65:3A:A2:E2:C0:FF:61:C2:78:65:76:5F:EB:E1:D5:FC
Certificate issuer: /CN=8562f4a8936593cdec6dad7e2ecf1b79bf65c05a
Certificate serial: 01856F4B6D18FE1C69C6E85B45835DC859E3
Authority key identifier: 85:62:F4:A8:93:65:93:CD:EC:6D:AD:7E:2E:CF:1B:79:BF:65:C0:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/httIZ2U6ouLA_2HCeGV2X-vh1fw.roa
Signing time: Sun 01 Jan 2023 21:44:52 +0000
ROA not before: Sun 01 Jan 2023 21:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60405
IP address blocks: 185.172.34.0/24 maxlen: 24
185.172.32.0/24 maxlen: 24
185.172.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:6d:18:fe:1c:69:c6:e8:5b:45:83:5d:c8:59:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8562f4a8936593cdec6dad7e2ecf1b79bf65c05a
Validity
Not Before: Jan 1 21:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86db4867653aa2e2c0ff61c27865765febe1d5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bc:b7:f6:a4:ac:a8:f5:c5:73:c0:e3:b2:89:
ca:1c:4e:f5:51:98:ea:54:42:b8:65:4e:c5:7c:7a:
10:a7:ae:be:71:e3:23:ad:26:49:ae:13:64:d4:bc:
a5:0d:5a:f2:3b:5b:f8:01:b6:f7:78:4b:c4:40:b2:
e7:5f:87:a5:11:8d:64:5d:72:03:17:f2:b1:47:c1:
ac:ac:dc:be:30:e7:71:ce:0d:e1:18:c3:83:aa:e0:
ec:b6:00:62:aa:88:a4:ea:be:47:d9:81:9f:37:d6:
91:d1:f8:eb:c8:bb:fd:d7:fd:8d:55:18:24:bc:a1:
0c:5c:54:91:e3:73:2d:fe:bc:c4:0c:0f:d5:a9:25:
a7:58:d2:0b:de:a9:59:ec:5f:f6:7e:7f:f3:3b:91:
af:a8:b0:a3:94:8e:44:4d:f2:2f:dd:88:2b:8d:50:
3a:9d:9d:f0:63:58:70:d9:16:1b:38:ea:bd:a3:69:
4b:ae:bf:b3:db:94:35:51:d9:6d:8e:11:b7:9c:a5:
5c:2d:d7:55:1e:d3:91:f7:e5:ce:6b:5d:9c:65:c2:
cd:63:fa:ac:6f:87:78:76:69:33:eb:29:dd:e8:83:
20:f3:e9:7d:97:a2:63:ef:6a:b2:b3:28:ed:f2:4a:
4b:1c:7d:aa:d1:05:5b:35:75:88:5b:9b:7d:c1:0c:
ca:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:DB:48:67:65:3A:A2:E2:C0:FF:61:C2:78:65:76:5F:EB:E1:D5:FC
X509v3 Authority Key Identifier:
keyid:85:62:F4:A8:93:65:93:CD:EC:6D:AD:7E:2E:CF:1B:79:BF:65:C0:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/httIZ2U6ouLA_2HCeGV2X-vh1fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.32.0/24
185.172.34.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:14:65:c5:1b:fb:4a:02:90:49:18:05:4d:2e:55:3b:26:aa:
ac:a7:32:4c:45:a4:24:72:96:35:f5:91:10:6c:cb:f3:5a:61:
af:9d:5b:fb:61:87:b5:4b:df:3f:53:af:f6:78:2b:4d:39:81:
cd:f5:0f:dd:43:ce:c1:59:43:46:82:7f:55:e9:b7:68:b3:d3:
e2:ca:49:38:8a:1e:cb:ed:a7:66:92:65:1f:a0:e4:30:05:1e:
49:92:e5:ea:a0:34:3f:5d:35:fb:d9:bd:b9:27:7e:11:ee:91:
e4:4d:2f:f4:d5:ce:18:50:de:bd:9e:fa:49:ce:dc:a5:51:ba:
36:56:0e:77:18:ee:b2:7c:48:3b:39:d6:cd:c1:e2:25:20:9d:
98:9a:60:bb:23:f4:2c:57:59:72:a3:17:5c:46:38:29:57:9f:
65:58:dd:8e:9c:3d:ac:06:53:23:df:02:af:05:f3:a3:1c:11:
c8:dc:64:f5:08:17:ff:0c:a3:58:f2:18:1b:44:a9:40:c1:66:
3a:ab:4f:79:23:3f:04:fe:af:fb:75:36:e5:67:44:d2:2c:62:
03:0b:9d:11:0c:91:6f:41:00:ce:bc:57:ed:c3:72:fc:d6:29:
a4:06:a4:93:30:50:95:3f:df:78:59:93:0f:c5:fe:e2:cc:b7:
c1:08:ec:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvS20Y/hxpxuhbRYNdyFnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjJmNGE4OTM2NTkzY2RlYzZkYWQ3ZTJlY2YxYjc5YmY2
NWMwNWEwHhcNMjMwMTAxMjE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmRiNDg2NzY1M2FhMmUyYzBmZjYxYzI3ODY1NzY1ZmViZTFkNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7y39qSsqPXFc8DjsonKHE71UZjq
VEK4ZU7FfHoQp66+ceMjrSZJrhNk1LylDVryO1v4Abb3eEvEQLLnX4elEY1kXXID
F/KxR8GsrNy+MOdxzg3hGMODquDstgBiqoik6r5H2YGfN9aR0fjryLv91/2NVRgk
vKEMXFSR43Mt/rzEDA/VqSWnWNIL3qlZ7F/2fn/zO5GvqLCjlI5ETfIv3YgrjVA6
nZ3wY1hw2RYbOOq9o2lLrr+z25Q1UdltjhG3nKVcLddVHtOR9+XOa12cZcLNY/qs
b4d4dmkz6ynd6IMg8+l9l6Jj72qysyjt8kpLHH2q0QVbNXWIW5t9wQzK7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIbbSGdlOqLiwP9hwnhldl/r4dX8MB8GA1UdIwQY
MBaAFIVi9KiTZZPN7G2tfi7PG3m/ZcBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wMWU3MGItOTQ1Yy00ODE3LTgxODkt
N2UxNzk0NjYyOThjLzEvaHR0SVoyVTZvdUxBXzJIQ2VHVjJYLXZoMWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wMWU3MGItOTQ1Yy00ODE3LTgxODktN2UxNzk0NjYyOThj
LzEvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuawgAwQB
uawiMA0GCSqGSIb3DQEBCwUAA4IBAQC9FGXFG/tKApBJGAVNLlU7JqqspzJMRaQk
cpY19ZEQbMvzWmGvnVv7YYe1S98/U6/2eCtNOYHN9Q/dQ87BWUNGgn9V6bdos9Pi
ykk4ih7L7admkmUfoOQwBR5JkuXqoDQ/XTX72b25J34R7pHkTS/01c4YUN69nvpJ
ztylUbo2Vg53GO6yfEg7OdbNweIlIJ2YmmC7I/QsV1lyoxdcRjgpV59lWN2OnD2s
BlMj3wKvBfOjHBHI3GT1CBf/DKNY8hgbRKlAwWY6q095Iz8E/q/7dTblZ0TSLGID
C50RDJFvQQDOvFftw3L81imkBqSTMFCVP994WZMPxf7izLfBCOyj
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:15:01 2024 by rpki-client on console-ams.rpki-client.org