Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/VRpiMPiwPeo9Up4yrXTNTyZm5_o.roa
File: VRpiMPiwPeo9Up4yrXTNTyZm5_o.roa (raw, json)
Hash identifier: cqrmHkvfZvUhoSPqP5oRMfiECivEtHstRo8PX+ctgKw=
Subject key identifier: 55:1A:62:30:F8:B0:3D:EA:3D:52:9E:32:AD:74:CD:4F:26:66:E7:FA
Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial: 01857079B196CDD37BDB76D20495A3A67223
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/VRpiMPiwPeo9Up4yrXTNTyZm5_o.roa
Signing time: Mon 02 Jan 2023 03:15:01 +0000
ROA not before: Mon 02 Jan 2023 03:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44833
IP address blocks: 185.66.236.0/22 maxlen: 24
2a03:22a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:b1:96:cd:d3:7b:db:76:d2:04:95:a3:a6:72:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
Validity
Not Before: Jan 2 03:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=551a6230f8b03dea3d529e32ad74cd4f2666e7fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cf:60:28:cc:b9:3a:c6:ee:ba:34:a1:e5:0a:
91:2b:9f:7a:0b:56:13:3f:6c:80:a0:80:2f:93:02:
90:f6:4c:cf:9f:1e:35:aa:fb:6c:6b:84:a3:4b:6a:
56:f7:09:f7:54:78:d0:79:0b:8c:26:40:c9:48:50:
06:3f:99:c3:1e:0d:43:38:ab:bf:1c:ed:95:fc:7a:
81:d3:b3:f1:3b:0a:c6:42:a0:bf:fb:6c:ab:6f:a0:
2a:6e:11:f4:61:8a:ff:5f:1b:bd:0e:49:dd:3b:e7:
c9:2a:7d:dd:85:53:3a:89:45:09:1d:43:d1:63:a4:
74:64:e1:a4:0a:4d:f7:f3:c3:de:04:18:8a:d2:fc:
46:e9:5c:ad:63:e4:dd:8e:6b:85:22:82:67:4c:da:
7b:4f:d6:81:08:a6:c8:70:be:24:b0:49:71:e9:9a:
b6:24:64:67:bc:ed:79:66:07:78:f1:10:8c:7b:50:
1b:5b:d6:8b:7c:b0:b4:d5:fe:9e:de:68:d6:a1:ac:
9b:52:7e:21:6d:91:15:ff:f5:48:92:9d:b3:6d:5d:
67:83:c6:dd:49:f7:19:26:07:63:a3:ed:30:70:78:
ab:d2:e8:9f:d3:28:ee:f4:a1:23:69:2f:91:8c:2c:
1f:23:e1:41:0e:0c:d6:e3:e2:00:41:41:02:30:7c:
38:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:1A:62:30:F8:B0:3D:EA:3D:52:9E:32:AD:74:CD:4F:26:66:E7:FA
X509v3 Authority Key Identifier:
keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/VRpiMPiwPeo9Up4yrXTNTyZm5_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.236.0/22
IPv6:
2a03:22a0::/32
Signature Algorithm: sha256WithRSAEncryption
62:a2:27:be:d8:29:2b:17:d1:17:ac:8b:95:72:9d:98:ba:c3:
71:6c:58:a3:38:6d:f5:1f:83:7c:2a:be:23:cc:33:a8:c0:83:
ca:37:23:98:66:79:bf:9a:6d:81:cd:5d:f1:00:4e:8c:cd:83:
2b:5a:37:af:51:3c:ec:cb:fd:a6:11:37:5f:32:5e:5f:1e:61:
53:b4:cc:b9:39:e4:3e:c9:a5:5d:55:bf:8d:22:64:13:0f:47:
aa:75:93:93:f7:c4:e9:d4:3f:61:bc:1c:dc:7a:80:37:84:64:
69:8b:e5:11:e7:f3:58:98:30:5a:c5:32:8b:75:56:40:e1:3f:
b2:76:e8:0b:f0:74:aa:ac:da:d7:ad:63:53:cc:26:b0:9b:1b:
96:f2:ca:a1:a1:63:16:6b:37:18:95:2e:00:0b:bb:ca:df:00:
40:90:5a:dc:2a:46:47:29:4a:33:87:59:63:dd:f5:79:66:d9:
83:65:c8:0d:36:8b:ef:fa:aa:81:88:5b:5c:6b:e3:40:19:ca:
ed:65:8b:0f:e7:b0:dd:c7:a4:1f:f7:96:12:ac:7f:47:7c:0b:
14:7a:ae:6c:40:76:ee:b0:c9:2d:bf:7c:ea:9d:0b:72:9d:16:
50:78:45:4a:79:e8:48:d7:71:fb:e1:78:f4:ce:39:8f:6f:30:
0b:49:77:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwebGWzdN723bSBJWjpnIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjMwMTAyMDMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTFhNjIzMGY4YjAzZGVhM2Q1MjllMzJhZDc0Y2Q0ZjI2NjZlN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM9gKMy5OsbuujSh5QqRK596C1YT
P2yAoIAvkwKQ9kzPnx41qvtsa4SjS2pW9wn3VHjQeQuMJkDJSFAGP5nDHg1DOKu/
HO2V/HqB07PxOwrGQqC/+2yrb6AqbhH0YYr/Xxu9DkndO+fJKn3dhVM6iUUJHUPR
Y6R0ZOGkCk3388PeBBiK0vxG6VytY+TdjmuFIoJnTNp7T9aBCKbIcL4ksElx6Zq2
JGRnvO15Zgd48RCMe1AbW9aLfLC01f6e3mjWoaybUn4hbZEV//VIkp2zbV1ng8bd
SfcZJgdjo+0wcHir0uif0yju9KEjaS+RjCwfI+FBDgzW4+IAQUECMHw4DwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFUaYjD4sD3qPVKeMq10zU8mZuf6MB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvVlJwaU1QaXdQZW85VXA0eXJYVE5UeVptNV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuULsMA0E
AgACMAcDBQAqAyKgMA0GCSqGSIb3DQEBCwUAA4IBAQBioie+2CkrF9EXrIuVcp2Y
usNxbFijOG31H4N8Kr4jzDOowIPKNyOYZnm/mm2BzV3xAE6MzYMrWjevUTzsy/2m
ETdfMl5fHmFTtMy5OeQ+yaVdVb+NImQTD0eqdZOT98Tp1D9hvBzceoA3hGRpi+UR
5/NYmDBaxTKLdVZA4T+ydugL8HSqrNrXrWNTzCawmxuW8sqhoWMWazcYlS4AC7vK
3wBAkFrcKkZHKUozh1lj3fV5ZtmDZcgNNovv+qqBiFtca+NAGcrtZYsP57Ddx6Qf
95YSrH9HfAsUeq5sQHbusMktv3zqnQtynRZQeEVKeehI13H74Xj0zjmPbzALSXcZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:52 2024 by rpki-client on console-ams.rpki-client.org