Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/6iumYBg4bzKhFud_2KlwG8JlLeg.roa
File: 6iumYBg4bzKhFud_2KlwG8JlLeg.roa (raw, json)
Hash identifier: EOk2biraMQ3uBe4DXGOaEdyxMHNgRK15c4DI2xvPU14=
Subject key identifier: EA:2B:A6:60:18:38:6F:32:A1:16:E7:7F:D8:A9:70:1B:C2:65:2D:E8
Certificate issuer: /CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Certificate serial: 01856E0AE53D0BDABDED28398CDA513FE041
Authority key identifier: F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/6iumYBg4bzKhFud_2KlwG8JlLeg.roa
Signing time: Sun 01 Jan 2023 15:54:45 +0000
ROA not before: Sun 01 Jan 2023 15:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39183
IP address blocks: 185.252.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:e5:3d:0b:da:bd:ed:28:39:8c:da:51:3f:e0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Validity
Not Before: Jan 1 15:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea2ba66018386f32a116e77fd8a9701bc2652de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8c:27:63:e7:09:e7:c1:e5:6f:b5:61:87:f9:
b0:57:ec:ec:8d:83:14:14:54:a0:94:23:e5:12:f7:
f7:c1:7e:03:a8:bb:f0:50:c1:a1:38:f2:8a:fb:4c:
9d:4a:12:55:37:25:f8:dd:98:2d:7e:1d:96:59:af:
ee:36:28:df:e4:ad:10:1d:1f:d7:31:58:e2:5c:b5:
52:1f:14:81:a3:24:76:ad:9b:e8:c3:14:47:98:cd:
86:62:ef:2b:b8:75:ae:42:63:f0:3f:9b:19:1e:96:
34:eb:4b:bf:40:33:b9:d8:0e:8b:2b:d7:34:f0:c8:
28:b7:ee:71:00:d8:d7:30:2e:e8:01:1b:bc:e1:bd:
62:6d:22:80:49:de:76:e6:78:fc:d1:8b:da:07:78:
34:bf:50:a2:71:a4:a8:f8:34:b2:e3:eb:54:8d:13:
df:20:56:0f:9c:10:5a:64:9c:fa:33:7b:ca:83:bf:
f6:f6:47:7a:29:64:be:a5:19:5f:41:2c:a3:1c:1a:
94:2d:32:24:77:5f:ea:f2:6a:d5:38:ec:cc:7b:b4:
f0:6e:d2:ef:8c:40:f3:a6:47:99:80:1d:1f:28:39:
f9:6a:78:1e:ed:97:82:83:76:82:dd:5a:49:3f:a5:
26:04:fc:45:4f:4a:a0:1c:8c:0a:db:23:ba:b2:d5:
80:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:2B:A6:60:18:38:6F:32:A1:16:E7:7F:D8:A9:70:1B:C2:65:2D:E8
X509v3 Authority Key Identifier:
keyid:F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/6iumYBg4bzKhFud_2KlwG8JlLeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.20.0/24
Signature Algorithm: sha256WithRSAEncryption
15:0f:63:2e:cf:e4:55:7d:44:47:96:70:9a:c9:a0:f0:9a:dc:
f5:1f:fc:27:74:3c:10:23:bd:6b:b7:40:38:2f:0a:d0:a7:df:
35:a5:a7:05:7c:16:fd:b3:0b:9a:1f:f4:6b:00:75:d4:1f:e3:
73:ad:f6:c3:63:88:e4:39:85:0f:36:aa:54:e8:c5:80:e5:49:
64:86:86:40:9f:49:4b:a6:d0:da:bf:29:d6:0d:13:73:09:04:
9e:64:65:01:25:39:7a:d1:0a:ee:5a:ee:dd:e9:f0:df:e1:91:
47:90:82:81:22:be:69:8e:7a:56:c3:45:2d:e1:3d:f1:a0:61:
10:b2:c6:35:23:a5:f4:67:b4:3a:05:d2:f1:51:7c:c8:b4:dd:
2d:a1:19:bc:06:7d:9f:3b:95:17:3f:49:2f:4b:69:be:54:77:
41:a1:48:38:45:73:b3:15:01:b5:98:cc:90:7d:f1:18:fa:fc:
c9:ef:60:35:29:71:c2:c8:c8:57:2e:27:4b:1d:6e:1c:f4:d5:
af:fa:d2:d9:cb:6c:29:3c:28:99:a2:bf:8a:9d:5d:94:d2:3f:
97:64:89:74:42:33:53:a4:1b:ee:1b:1d:47:e4:7e:0a:90:19:
b9:e1:68:a3:a4:b2:88:86:f6:87:9b:49:0c:ca:62:02:a0:fd:
25:fc:b4:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuCuU9C9q97Sg5jNpRP+BBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjE4NmU5NzA5N2M4NDE3ZDk0MzdkNzBjZmRmYzUyNzMz
MWI1YTgwHhcNMjMwMTAxMTU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTJiYTY2MDE4Mzg2ZjMyYTExNmU3N2ZkOGE5NzAxYmMyNjUyZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIwnY+cJ58Hlb7Vhh/mwV+zsjYMU
FFSglCPlEvf3wX4DqLvwUMGhOPKK+0ydShJVNyX43Zgtfh2WWa/uNijf5K0QHR/X
MVjiXLVSHxSBoyR2rZvowxRHmM2GYu8ruHWuQmPwP5sZHpY060u/QDO52A6LK9c0
8Mgot+5xANjXMC7oARu84b1ibSKASd525nj80YvaB3g0v1CicaSo+DSy4+tUjRPf
IFYPnBBaZJz6M3vKg7/29kd6KWS+pRlfQSyjHBqULTIkd1/q8mrVOOzMe7TwbtLv
jEDzpkeZgB0fKDn5ange7ZeCg3aC3VpJP6UmBPxFT0qgHIwK2yO6stWAyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOorpmAYOG8yoRbnf9ipcBvCZS3oMB8GA1UdIwQY
MBaAFPHxhulwl8hBfZQ31wz9/FJzMbWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2Mt
YjY1Y2QxMzYyNjJlLzEvNml1bVlCZzRiektoRnVkXzJLbHdHOEpsTGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2MtYjY1Y2QxMzYyNjJl
LzEvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufwUMA0G
CSqGSIb3DQEBCwUAA4IBAQAVD2Muz+RVfURHlnCayaDwmtz1H/wndDwQI71rt0A4
LwrQp981pacFfBb9swuaH/RrAHXUH+NzrfbDY4jkOYUPNqpU6MWA5UlkhoZAn0lL
ptDavynWDRNzCQSeZGUBJTl60QruWu7d6fDf4ZFHkIKBIr5pjnpWw0Ut4T3xoGEQ
ssY1I6X0Z7Q6BdLxUXzItN0toRm8Bn2fO5UXP0kvS2m+VHdBoUg4RXOzFQG1mMyQ
ffEY+vzJ72A1KXHCyMhXLidLHW4c9NWv+tLZy2wpPCiZor+KnV2U0j+XZIl0QjNT
pBvuGx1H5H4KkBm54WijpLKIhvaHm0kMymICoP0l/LSw
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:28:00 2024 by rpki-client on console-fra.rpki-client.org