Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/wt4nT0pnVcILxzQUrD6RDXWjBj8.roa
File: wt4nT0pnVcILxzQUrD6RDXWjBj8.roa (raw, json)
Hash identifier: 5jB7vrypQe7dNgpilBn1NZNiQ8NoRrWkvfbxUaP/WyE=
Subject key identifier: C2:DE:27:4F:4A:67:55:C2:0B:C7:34:14:AC:3E:91:0D:75:A3:06:3F
Certificate issuer: /CN=07f2a175be20108641c649553213f212511667a5
Certificate serial: 01856F824EAE8D16522588A4AEF665BB3EB5
Authority key identifier: 07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/wt4nT0pnVcILxzQUrD6RDXWjBj8.roa
Signing time: Sun 01 Jan 2023 22:44:48 +0000
ROA not before: Sun 01 Jan 2023 22:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64403
IP address blocks: 185.166.232.0/23 maxlen: 24
185.166.234.0/24 maxlen: 24
185.166.235.0/24 maxlen: 24
2a0b:2200::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:4e:ae:8d:16:52:25:88:a4:ae:f6:65:bb:3e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f2a175be20108641c649553213f212511667a5
Validity
Not Before: Jan 1 22:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2de274f4a6755c20bc73414ac3e910d75a3063f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c9:78:ff:40:ab:96:aa:48:45:58:77:a3:31:
3e:2b:94:51:93:3c:26:24:d6:9f:05:1b:66:f5:99:
95:a5:56:07:11:08:3b:8c:f6:ba:5f:b7:88:91:97:
85:e5:35:37:e6:87:81:22:d0:e6:91:76:56:78:50:
f7:40:eb:ee:11:47:4c:f2:8b:02:b6:79:a2:cf:6f:
ee:62:ce:e4:cf:18:c6:0f:26:9e:d8:8b:49:08:be:
04:d1:2c:d6:8c:39:c7:00:a2:a3:ce:96:b7:c8:9c:
5f:02:0c:10:78:f7:97:9a:99:96:5d:d6:2c:9a:84:
4b:76:1a:ad:68:ed:58:89:34:85:48:32:92:e0:fe:
4b:89:f0:b5:aa:bd:52:0c:59:9e:4a:16:c1:30:40:
19:0c:a7:13:b4:74:13:73:cb:0a:c9:c9:ae:fd:50:
20:4f:f9:b4:ff:f5:33:63:54:28:33:86:4b:aa:44:
22:ca:da:ab:da:2c:2d:f2:43:9c:79:bb:37:8e:c4:
ef:0b:95:28:4c:51:9f:c0:1f:18:1b:7a:97:5f:86:
9c:fb:9d:c3:f6:f8:1a:fe:15:80:18:59:39:a4:7a:
32:b5:57:72:96:86:74:bc:d6:d3:18:47:8b:e9:08:
dc:62:be:ca:d5:39:56:4c:58:5c:91:5c:9b:31:ce:
09:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DE:27:4F:4A:67:55:C2:0B:C7:34:14:AC:3E:91:0D:75:A3:06:3F
X509v3 Authority Key Identifier:
keyid:07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/wt4nT0pnVcILxzQUrD6RDXWjBj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.232.0/22
IPv6:
2a0b:2200::/29
Signature Algorithm: sha256WithRSAEncryption
72:3c:45:a0:22:b7:fa:af:50:73:e7:5e:41:c2:17:60:54:26:
6a:a4:58:ac:40:11:93:cb:cb:41:aa:b8:61:b0:93:62:c5:39:
3e:50:e9:6f:6f:5e:6a:d6:a2:42:75:d6:2f:cb:bc:a6:65:ed:
a8:7f:f2:60:95:31:b3:8b:00:5c:34:cc:a1:f0:75:b5:cf:b9:
cd:06:86:61:d3:9e:86:f5:4b:d9:cf:85:eb:7d:f6:d0:eb:94:
72:d0:7f:dd:a2:bf:79:5f:36:c1:db:c7:55:96:83:c4:c5:0b:
8e:f2:51:1e:d3:eb:85:60:51:fc:9a:44:8a:c2:ad:09:65:4f:
df:1e:9b:f0:29:31:bd:96:a4:9e:04:f7:2e:89:af:93:1a:b2:
23:07:7b:79:e4:5f:be:d9:55:ac:f5:9c:aa:c2:d8:55:5c:17:
b3:6a:9f:56:6e:46:7f:49:c0:d0:71:e8:26:ff:b3:eb:90:14:
bc:2b:e7:ff:aa:cd:fd:5b:61:e7:6e:85:df:b1:cb:83:d1:1d:
00:87:e6:a8:85:10:7e:2e:7b:09:9b:f5:7c:66:f0:29:f9:6b:
ef:ad:c6:0f:e5:0d:0a:99:c3:51:5a:63:29:cb:bb:77:f6:48:
24:49:84:9b:54:20:86:67:91:02:26:61:e7:1a:bc:4a:95:33:
c0:90:8d:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvgk6ujRZSJYikrvZluz61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjJhMTc1YmUyMDEwODY0MWM2NDk1NTMyMTNmMjEyNTEx
NjY3YTUwHhcNMjMwMTAxMjI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmRlMjc0ZjRhNjc1NWMyMGJjNzM0MTRhYzNlOTEwZDc1YTMwNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMl4/0CrlqpIRVh3ozE+K5RRkzwm
JNafBRtm9ZmVpVYHEQg7jPa6X7eIkZeF5TU35oeBItDmkXZWeFD3QOvuEUdM8osC
tnmiz2/uYs7kzxjGDyae2ItJCL4E0SzWjDnHAKKjzpa3yJxfAgwQePeXmpmWXdYs
moRLdhqtaO1YiTSFSDKS4P5LifC1qr1SDFmeShbBMEAZDKcTtHQTc8sKycmu/VAg
T/m0//UzY1QoM4ZLqkQiytqr2iwt8kOcebs3jsTvC5UoTFGfwB8YG3qXX4ac+53D
9vga/hWAGFk5pHoytVdyloZ0vNbTGEeL6QjcYr7K1TlWTFhckVybMc4J/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMLeJ09KZ1XCC8c0FKw+kQ11owY/MB8GA1UdIwQY
MBaAFAfyoXW+IBCGQcZJVTIT8hJRFmelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGIt
Mzc2NDI2ZmZkNjYyLzEvd3Q0blQwcG5WY0lMeHpRVXJENlJEWFdqQmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGItMzc2NDI2ZmZkNjYy
LzEvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaboMA0E
AgACMAcDBQMqCyIAMA0GCSqGSIb3DQEBCwUAA4IBAQByPEWgIrf6r1Bz515Bwhdg
VCZqpFisQBGTy8tBqrhhsJNixTk+UOlvb15q1qJCddYvy7ymZe2of/JglTGziwBc
NMyh8HW1z7nNBoZh056G9UvZz4XrffbQ65Ry0H/dor95XzbB28dVloPExQuO8lEe
0+uFYFH8mkSKwq0JZU/fHpvwKTG9lqSeBPcuia+TGrIjB3t55F++2VWs9ZyqwthV
XBezap9WbkZ/ScDQcegm/7PrkBS8K+f/qs39W2HnboXfscuD0R0Ah+aohRB+LnsJ
m/V8ZvAp+WvvrcYP5Q0KmcNRWmMpy7t39kgkSYSbVCCGZ5ECJmHnGrxKlTPAkI0C
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:41 2024 by rpki-client on console-ams.rpki-client.org