Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/s89HurSx8Q1en_hSGVFmlV2ODXY.roa
File: s89HurSx8Q1en_hSGVFmlV2ODXY.roa (raw, json)
Hash identifier: 0NwWQ0j6gIi1/3ds6Rkh6+Fd8MJfeCRuTX7BFaqeKjs=
Subject key identifier: B3:CF:47:BA:B4:B1:F1:0D:5E:9F:F8:52:19:51:66:95:5D:8E:0D:76
Certificate issuer: /CN=b19f07669e58ec32b9d9132e2ca6d19c2e949360
Certificate serial: 01856F14AA6B891079370D6BBA272146FA2A
Authority key identifier: B1:9F:07:66:9E:58:EC:32:B9:D9:13:2E:2C:A6:D1:9C:2E:94:93:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/s89HurSx8Q1en_hSGVFmlV2ODXY.roa
Signing time: Sun 01 Jan 2023 20:45:03 +0000
ROA not before: Sun 01 Jan 2023 20:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15490
IP address blocks: 185.141.252.0/22 maxlen: 24
185.141.252.0/24 maxlen: 24
2a07:2780::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:aa:6b:89:10:79:37:0d:6b:ba:27:21:46:fa:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b19f07669e58ec32b9d9132e2ca6d19c2e949360
Validity
Not Before: Jan 1 20:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3cf47bab4b1f10d5e9ff852195166955d8e0d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6b:ea:31:dd:ee:f9:65:ee:a8:ba:f4:f7:d7:
3e:69:e8:d3:14:5e:a8:2c:4b:99:df:0b:12:19:99:
a5:bb:08:9c:f9:33:e6:2c:0d:f8:0a:97:39:19:32:
c2:2a:e8:78:ac:6c:6f:c0:78:9d:58:2e:1f:c4:e0:
55:ce:4a:5a:ac:cb:42:58:87:fe:fc:cb:60:2b:02:
07:c9:5d:84:c1:7c:78:ee:21:71:8a:b6:b3:15:ea:
26:89:f7:9b:ca:d8:1f:9b:85:c0:ab:6a:6b:5b:16:
e1:9e:57:8e:28:d7:1c:3a:1e:a8:e7:31:33:5a:cb:
88:be:16:93:c9:83:3d:3b:5b:22:84:3a:f8:c0:4f:
e3:8b:f6:e9:bf:bc:88:e1:97:b4:1a:2d:aa:68:2a:
9a:2c:d8:15:a3:dc:b0:8f:65:62:25:ca:e0:bc:bf:
47:c7:fc:24:91:07:e1:d3:7a:79:93:2b:b2:e9:e7:
bd:e3:03:e4:3f:ea:2c:9a:25:39:02:93:54:24:57:
e0:fb:02:c3:b7:71:cf:12:d2:5d:f6:90:94:c8:be:
54:29:bd:44:73:88:f4:dc:36:2b:d8:86:8b:80:73:
90:35:3d:44:cc:cb:55:01:c1:c5:e1:92:76:bf:5d:
7a:84:ca:22:6b:87:5c:7b:2c:29:65:c5:d0:6f:23:
34:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CF:47:BA:B4:B1:F1:0D:5E:9F:F8:52:19:51:66:95:5D:8E:0D:76
X509v3 Authority Key Identifier:
keyid:B1:9F:07:66:9E:58:EC:32:B9:D9:13:2E:2C:A6:D1:9C:2E:94:93:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/s89HurSx8Q1en_hSGVFmlV2ODXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.252.0/22
IPv6:
2a07:2780::/29
Signature Algorithm: sha256WithRSAEncryption
6a:b9:71:47:c5:f0:be:7f:ba:63:7e:36:08:47:34:ee:da:44:
cf:a8:e8:66:d8:87:dd:06:0b:ca:64:d9:49:6d:82:f0:6f:b8:
a4:22:e3:6b:d2:fe:27:d8:d0:cc:42:2d:c3:be:7c:ff:7d:f7:
40:30:66:43:5f:d3:4c:35:69:71:92:17:5c:25:69:e5:69:00:
e7:d8:03:72:33:22:4c:1b:91:1c:de:88:8c:77:8c:0c:df:82:
52:6d:b5:c4:b1:45:65:75:d9:31:e3:f3:0c:0f:d5:40:9e:e0:
ea:f7:f5:c0:49:c9:5f:cf:40:99:81:96:08:fc:68:43:c5:5e:
8d:f8:fd:6c:d9:71:43:c1:a3:6d:32:c5:85:6b:50:6d:9e:db:
a9:e1:b8:bd:5c:88:34:94:1d:8b:70:a2:7d:4b:c2:d3:4a:52:
5c:8e:c4:d7:02:b8:4e:77:1f:64:57:34:eb:2b:80:be:56:ad:
8d:8b:00:44:05:88:35:ae:e3:58:b4:4e:33:77:a4:33:5a:ce:
fe:5e:7f:41:7c:b4:50:64:82:08:6b:3e:0a:20:95:9c:96:55:
2e:bb:a7:de:f6:64:33:90:62:45:21:cb:20:a5:97:16:e7:f8:
47:27:d8:35:34:d5:c8:3b:b5:4f:3a:dd:ee:44:25:3c:eb:bb:
c1:fb:55:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFKpriRB5Nw1ruichRvoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOWYwNzY2OWU1OGVjMzJiOWQ5MTMyZTJjYTZkMTljMmU5
NDkzNjAwHhcNMjMwMTAxMjA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2NmNDdiYWI0YjFmMTBkNWU5ZmY4NTIxOTUxNjY5NTVkOGUwZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGvqMd3u+WXuqLr099c+aejTFF6o
LEuZ3wsSGZmluwic+TPmLA34Cpc5GTLCKuh4rGxvwHidWC4fxOBVzkparMtCWIf+
/MtgKwIHyV2EwXx47iFxirazFeomifebytgfm4XAq2prWxbhnleOKNccOh6o5zEz
WsuIvhaTyYM9O1sihDr4wE/ji/bpv7yI4Ze0Gi2qaCqaLNgVo9ywj2ViJcrgvL9H
x/wkkQfh03p5kyuy6ee94wPkP+osmiU5ApNUJFfg+wLDt3HPEtJd9pCUyL5UKb1E
c4j03DYr2IaLgHOQNT1EzMtVAcHF4ZJ2v116hMoia4dceywpZcXQbyM0UQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLPPR7q0sfENXp/4UhlRZpVdjg12MB8GA1UdIwQY
MBaAFLGfB2aeWOwyudkTLiym0ZwulJNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1o4SFpwNVk3REs1MlJNdUxLYlJuQzZVazJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82MjZlZWYtMTJkMC00N2ZhLWI2MzMt
NjQxZGQ0Mjg4YzQwLzEvczg5SHVyU3g4UTFlbl9oU0dWRm1sVjJPRFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82MjZlZWYtMTJkMC00N2ZhLWI2MzMtNjQxZGQ0Mjg4YzQw
LzEvc1o4SFpwNVk3REs1MlJNdUxLYlJuQzZVazJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY38MA0E
AgACMAcDBQMqByeAMA0GCSqGSIb3DQEBCwUAA4IBAQBquXFHxfC+f7pjfjYIRzTu
2kTPqOhm2IfdBgvKZNlJbYLwb7ikIuNr0v4n2NDMQi3Dvnz/ffdAMGZDX9NMNWlx
khdcJWnlaQDn2ANyMyJMG5Ec3oiMd4wM34JSbbXEsUVlddkx4/MMD9VAnuDq9/XA
Sclfz0CZgZYI/GhDxV6N+P1s2XFDwaNtMsWFa1Btntup4bi9XIg0lB2LcKJ9S8LT
SlJcjsTXArhOdx9kVzTrK4C+Vq2NiwBEBYg1ruNYtE4zd6QzWs7+Xn9BfLRQZIII
az4KIJWcllUuu6fe9mQzkGJFIcsgpZcW5/hHJ9g1NNXIO7VPOt3uRCU867vB+1X0
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:20:16 2024 by rpki-client on console-ams.rpki-client.org