Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/A1Jx3XbKKZUWlMPvnyKYJdeG-Hs.roa
File: A1Jx3XbKKZUWlMPvnyKYJdeG-Hs.roa (raw, json)
Hash identifier: 2mTu/hK5rQHzEuu9H3bYRK/kOICoDq8fiZYWYUvO7qA=
Subject key identifier: 03:52:71:DD:76:CA:29:95:16:94:C3:EF:9F:22:98:25:D7:86:F8:7B
Certificate issuer: /CN=df3b76d3c0c60d663506a252671c528e3439ff75
Certificate serial: 018570B08D5B0A83FC4AF80E3678BD70F9B4
Authority key identifier: DF:3B:76:D3:C0:C6:0D:66:35:06:A2:52:67:1C:52:8E:34:39:FF:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zt208DGDWY1BqJSZxxSjjQ5_3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/A1Jx3XbKKZUWlMPvnyKYJdeG-Hs.roa
Signing time: Mon 02 Jan 2023 04:14:56 +0000
ROA not before: Mon 02 Jan 2023 04:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198288
IP address blocks: 185.208.252.0/22 maxlen: 22
2a0b:5dc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:8d:5b:0a:83:fc:4a:f8:0e:36:78:bd:70:f9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3b76d3c0c60d663506a252671c528e3439ff75
Validity
Not Before: Jan 2 04:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=035271dd76ca29951694c3ef9f229825d786f87b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:86:a8:bb:72:ed:cb:c1:1c:8a:d7:4a:cb:42:
05:3e:c4:60:25:a9:fe:f2:12:d9:23:13:30:55:60:
55:cf:fc:35:e8:a8:64:e1:2b:ce:80:f7:25:b7:4e:
66:3f:30:95:5e:2b:be:52:2e:92:26:d5:48:fc:60:
80:e6:dd:89:58:a9:92:6f:93:d9:48:8d:e9:2e:74:
da:25:99:f3:56:bc:cd:92:01:cf:f4:7a:4e:48:0d:
bd:70:86:79:0e:f0:27:f5:b0:83:a9:42:81:69:84:
b6:37:dd:6c:0a:65:0b:e3:7d:a9:38:8e:85:2b:12:
55:f4:94:14:ac:d5:14:56:38:b5:08:fc:14:8c:ef:
40:46:60:63:d6:7a:76:6f:3d:59:a2:46:11:87:27:
95:d7:49:e9:95:31:d8:e8:02:b4:90:42:96:b3:25:
ce:08:66:7a:5f:29:61:6e:54:aa:11:45:5d:e5:f3:
93:47:66:3e:45:41:f2:be:87:43:1b:5c:f7:27:23:
51:01:4d:e1:ce:49:c1:95:a4:81:a9:c4:48:c6:22:
da:4e:90:d7:65:c2:24:34:55:97:bf:92:65:77:db:
1d:39:cc:ff:76:49:59:de:fb:dc:dd:90:37:cf:91:
28:28:52:9d:d9:a1:9a:ed:d0:17:29:f4:f5:90:86:
3b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:52:71:DD:76:CA:29:95:16:94:C3:EF:9F:22:98:25:D7:86:F8:7B
X509v3 Authority Key Identifier:
keyid:DF:3B:76:D3:C0:C6:0D:66:35:06:A2:52:67:1C:52:8E:34:39:FF:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zt208DGDWY1BqJSZxxSjjQ5_3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/A1Jx3XbKKZUWlMPvnyKYJdeG-Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a2c9ac-f3ca-4adc-9586-d9e1137f02b5/1/3zt208DGDWY1BqJSZxxSjjQ5_3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.252.0/22
IPv6:
2a0b:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
bc:2a:13:89:ad:ad:7c:db:a4:2f:9b:a6:39:af:ca:77:ca:f4:
13:05:7f:46:6c:dc:9f:ca:ba:90:12:fd:a2:0e:83:fe:42:b5:
39:fb:32:cd:fe:c1:6c:9c:82:61:2d:5e:0e:b1:c7:b8:eb:df:
bc:5f:27:64:70:ba:46:71:04:b0:b5:ee:6b:5f:ed:4b:29:e5:
fb:7e:73:da:47:74:b0:08:c6:4e:59:b4:0d:07:e0:c3:c9:bc:
6d:c4:56:aa:2c:82:2a:a5:80:27:0b:0c:af:70:59:8f:9a:b8:
26:40:eb:8d:1d:a1:25:9d:15:db:90:c0:a2:99:f4:7e:31:9f:
aa:4b:25:46:7f:ba:b2:7f:d0:79:b5:41:d0:06:57:06:84:08:
e1:d4:33:f8:a9:2d:00:bf:74:71:54:c7:6c:fa:a5:49:75:41:
da:0e:d6:7d:34:fa:b9:0a:9b:ff:c8:e2:e9:43:6f:fb:11:62:
77:a0:49:0d:73:50:a3:b9:fc:9b:9f:74:c6:52:49:6b:55:3e:
32:cc:54:79:1e:40:dc:4c:75:c0:13:48:b0:80:08:5d:31:8a:
d7:b9:31:3f:2f:02:b8:85:b7:ae:f2:d5:01:b5:65:5b:43:4b:
0a:e3:e5:8e:23:b9:de:f0:5e:4a:96:94:7a:a4:2f:04:3e:15:
6e:d5:5c:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsI1bCoP8SvgONni9cPm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2I3NmQzYzBjNjBkNjYzNTA2YTI1MjY3MWM1MjhlMzQz
OWZmNzUwHhcNMjMwMTAyMDQxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzUyNzFkZDc2Y2EyOTk1MTY5NGMzZWY5ZjIyOTgyNWQ3ODZmODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYaou3Lty8EcitdKy0IFPsRgJan+
8hLZIxMwVWBVz/w16Khk4SvOgPclt05mPzCVXiu+Ui6SJtVI/GCA5t2JWKmSb5PZ
SI3pLnTaJZnzVrzNkgHP9HpOSA29cIZ5DvAn9bCDqUKBaYS2N91sCmUL432pOI6F
KxJV9JQUrNUUVji1CPwUjO9ARmBj1np2bz1ZokYRhyeV10nplTHY6AK0kEKWsyXO
CGZ6XylhblSqEUVd5fOTR2Y+RUHyvodDG1z3JyNRAU3hzknBlaSBqcRIxiLaTpDX
ZcIkNFWXv5Jld9sdOcz/dklZ3vvc3ZA3z5EoKFKd2aGa7dAXKfT1kIY7XwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFANScd12yimVFpTD758imCXXhvh7MB8GA1UdIwQY
MBaAFN87dtPAxg1mNQaiUmccUo40Of91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3p0MjA4REdEV1kxQnFKU1p4eFNqalE1XzNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9hMmM5YWMtZjNjYS00YWRjLTk1ODYt
ZDllMTEzN2YwMmI1LzEvQTFKeDNYYktLWlVXbE1Qdm55S1lKZGVHLUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9hMmM5YWMtZjNjYS00YWRjLTk1ODYtZDllMTEzN2YwMmI1
LzEvM3p0MjA4REdEV1kxQnFKU1p4eFNqalE1XzNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudD8MA0E
AgACMAcDBQMqC13AMA0GCSqGSIb3DQEBCwUAA4IBAQC8KhOJra1826Qvm6Y5r8p3
yvQTBX9GbNyfyrqQEv2iDoP+QrU5+zLN/sFsnIJhLV4Osce469+8XydkcLpGcQSw
te5rX+1LKeX7fnPaR3SwCMZOWbQNB+DDybxtxFaqLIIqpYAnCwyvcFmPmrgmQOuN
HaElnRXbkMCimfR+MZ+qSyVGf7qyf9B5tUHQBlcGhAjh1DP4qS0Av3RxVMds+qVJ
dUHaDtZ9NPq5Cpv/yOLpQ2/7EWJ3oEkNc1Cjufybn3TGUklrVT4yzFR5HkDcTHXA
E0iwgAhdMYrXuTE/LwK4hbeu8tUBtWVbQ0sK4+WOI7ne8F5KlpR6pC8EPhVu1Vx+
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:12 2024 by rpki-client on console-ams.rpki-client.org