Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/09HXLsJtq0PUoSLYuoQ4x9IUk2w.roa
File: 09HXLsJtq0PUoSLYuoQ4x9IUk2w.roa (raw, json)
Hash identifier: wF1HALKUPHbkbs7Hwr045p8vyAjnAG7/qmKvY10oW2Q=
Subject key identifier: D3:D1:D7:2E:C2:6D:AB:43:D4:A1:22:D8:BA:84:38:C7:D2:14:93:6C
Certificate issuer: /CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Certificate serial: 01856E0AE407F40FA0ABDE9885AB453020F9
Authority key identifier: F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/09HXLsJtq0PUoSLYuoQ4x9IUk2w.roa
Signing time: Sun 01 Jan 2023 15:54:45 +0000
ROA not before: Sun 01 Jan 2023 15:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35176
IP address blocks: 185.252.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:e4:07:f4:0f:a0:ab:de:98:85:ab:45:30:20:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Validity
Not Before: Jan 1 15:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3d1d72ec26dab43d4a122d8ba8438c7d214936c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:98:01:0f:a3:3d:5f:49:31:b8:d9:69:73:97:
3f:17:7a:a8:ed:51:aa:bd:be:e8:b0:55:a5:4f:ac:
69:1c:0e:93:f7:4a:aa:2d:17:f1:5e:05:6d:39:32:
c4:bc:45:9f:d6:84:b1:df:82:ac:c3:43:e9:93:c7:
3b:42:86:25:03:aa:cc:9b:ac:09:03:84:3c:fb:53:
b7:a4:01:fd:7e:3f:76:c3:ec:4b:1d:af:a7:95:ab:
12:87:a4:a0:fe:dc:69:fa:04:e1:69:0e:e4:16:3b:
12:40:14:3e:ec:64:24:c3:94:3c:58:46:0a:15:b3:
41:2d:ac:3b:59:db:47:c9:0f:19:0f:ed:47:b3:1c:
ea:bd:75:6c:31:a5:7c:13:8c:ba:82:4c:1d:7d:81:
c0:62:8f:6c:dc:ed:45:44:4c:5d:14:1c:e1:a0:e2:
d0:6d:e7:22:66:b7:42:00:08:9f:25:ad:6e:9e:1b:
3e:91:43:a8:5e:5a:65:19:35:75:c1:17:b7:f9:15:
82:8c:b2:1f:d0:f7:bf:c3:16:1f:49:bf:35:42:dc:
37:ab:1a:d7:9a:59:c1:a7:e5:65:e7:a3:da:ba:15:
a6:c9:1d:43:68:59:c5:b7:c8:bd:1e:b1:2b:06:50:
e2:bf:e0:21:e2:c4:69:ed:c2:05:51:71:af:f3:16:
66:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D1:D7:2E:C2:6D:AB:43:D4:A1:22:D8:BA:84:38:C7:D2:14:93:6C
X509v3 Authority Key Identifier:
keyid:F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/09HXLsJtq0PUoSLYuoQ4x9IUk2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.21.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a0:e8:21:72:12:d2:58:94:45:95:87:bc:68:c8:2d:61:e2:
fa:50:ea:96:cf:3e:2c:88:b5:24:16:16:18:94:f4:25:dd:39:
88:21:eb:07:62:e0:3f:62:f6:e1:1b:48:9f:dc:45:f9:6b:0c:
c2:66:7b:22:30:ed:9f:80:83:5f:4e:11:ad:e0:e4:8c:fd:59:
31:40:de:97:6d:ad:2f:70:ad:37:d7:f7:f4:a0:4a:98:f9:9d:
58:e8:4a:02:46:09:ac:b8:a8:3c:b9:20:a1:48:a8:52:44:38:
20:c5:3b:ca:8f:ce:31:b2:2a:41:44:41:7e:65:90:59:16:34:
bc:f0:01:14:c5:b1:ce:cc:31:d7:70:0d:6a:5c:94:e3:47:79:
d4:01:77:49:7a:5e:87:c5:0e:48:b8:35:73:d3:ff:05:15:f7:
92:de:53:4b:71:7e:6d:db:21:ac:c7:72:cc:fc:96:b1:0b:85:
87:ac:b5:61:e6:a1:8e:b5:61:77:9f:0e:5b:c5:4d:c7:23:7b:
a2:03:37:07:1a:4e:17:b5:e3:73:2b:e2:24:f4:e1:70:2c:95:
a0:a3:42:f3:a5:3f:c2:72:96:60:7f:63:c2:be:1b:31:bc:58:
bd:d8:d6:fa:a4:60:05:ed:75:eb:a4:1e:8e:22:59:dd:73:8a:
03:28:3b:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuCuQH9A+gq96YhatFMCD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjE4NmU5NzA5N2M4NDE3ZDk0MzdkNzBjZmRmYzUyNzMz
MWI1YTgwHhcNMjMwMTAxMTU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2QxZDcyZWMyNmRhYjQzZDRhMTIyZDhiYTg0MzhjN2QyMTQ5MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5gBD6M9X0kxuNlpc5c/F3qo7VGq
vb7osFWlT6xpHA6T90qqLRfxXgVtOTLEvEWf1oSx34Ksw0Ppk8c7QoYlA6rMm6wJ
A4Q8+1O3pAH9fj92w+xLHa+nlasSh6Sg/txp+gThaQ7kFjsSQBQ+7GQkw5Q8WEYK
FbNBLaw7WdtHyQ8ZD+1HsxzqvXVsMaV8E4y6gkwdfYHAYo9s3O1FRExdFBzhoOLQ
beciZrdCAAifJa1unhs+kUOoXlplGTV1wRe3+RWCjLIf0Pe/wxYfSb81Qtw3qxrX
mlnBp+Vl56PauhWmyR1DaFnFt8i9HrErBlDiv+Ah4sRp7cIFUXGv8xZmVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPR1y7CbatD1KEi2LqEOMfSFJNsMB8GA1UdIwQY
MBaAFPHxhulwl8hBfZQ31wz9/FJzMbWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2Mt
YjY1Y2QxMzYyNjJlLzEvMDlIWExzSnRxMFBVb1NMWXVvUTR4OUlVazJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2MtYjY1Y2QxMzYyNjJl
LzEvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufwVMA0G
CSqGSIb3DQEBCwUAA4IBAQBdoOghchLSWJRFlYe8aMgtYeL6UOqWzz4siLUkFhYY
lPQl3TmIIesHYuA/YvbhG0if3EX5awzCZnsiMO2fgINfThGt4OSM/VkxQN6Xba0v
cK031/f0oEqY+Z1Y6EoCRgmsuKg8uSChSKhSRDggxTvKj84xsipBREF+ZZBZFjS8
8AEUxbHOzDHXcA1qXJTjR3nUAXdJel6HxQ5IuDVz0/8FFfeS3lNLcX5t2yGsx3LM
/JaxC4WHrLVh5qGOtWF3nw5bxU3HI3uiAzcHGk4XteNzK+Ik9OFwLJWgo0LzpT/C
cpZgf2PCvhsxvFi92Nb6pGAF7XXrpB6OIlndc4oDKDsV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:57 2024 by rpki-client on console-ams.rpki-client.org