Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/2Dy5yzC4uoLbdfHlSY01UGb9O4k.roa
File: 2Dy5yzC4uoLbdfHlSY01UGb9O4k.roa (raw, json)
Hash identifier: WQgCr8I8qKZmZLB7ymDkjW++BhlCAaRBmhj7hi5J3dU=
Subject key identifier: D8:3C:B9:CB:30:B8:BA:82:DB:75:F1:E5:49:8D:35:50:66:FD:3B:89
Certificate issuer: /CN=a1b4dd83fc5ecd210f4f684fb6bf40fb3160db21
Certificate serial: 01857079825DDCF62213D7289607592C5FA7
Authority key identifier: A1:B4:DD:83:FC:5E:CD:21:0F:4F:68:4F:B6:BF:40:FB:31:60:DB:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obTdg_xezSEPT2hPtr9A-zFg2yE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/2Dy5yzC4uoLbdfHlSY01UGb9O4k.roa
Signing time: Mon 02 Jan 2023 03:14:49 +0000
ROA not before: Mon 02 Jan 2023 03:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198545
IP address blocks: 185.57.220.0/22 maxlen: 22
2a02:5fa0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:82:5d:dc:f6:22:13:d7:28:96:07:59:2c:5f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b4dd83fc5ecd210f4f684fb6bf40fb3160db21
Validity
Not Before: Jan 2 03:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d83cb9cb30b8ba82db75f1e5498d355066fd3b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:db:6c:5c:4a:cd:17:13:96:f6:f5:bf:02:f2:
26:7a:5a:52:c9:27:3e:47:a8:4e:d2:5f:95:63:01:
44:8b:52:3b:2d:d9:38:69:b1:09:1e:39:7c:b4:5e:
42:ae:9d:f9:31:bc:5a:fb:88:71:6b:f2:20:cd:18:
e6:5f:51:d4:b8:24:54:ba:7f:ba:43:5c:91:aa:f5:
89:bb:0e:be:32:c6:6e:81:94:52:ba:ea:c5:94:65:
18:14:9d:71:eb:c2:6d:ec:cf:23:dc:f2:fd:df:03:
a2:5d:e0:38:79:53:7a:f5:4f:0a:f7:35:af:c1:0b:
e8:c2:d1:e0:66:60:5a:99:86:4b:7f:09:e2:f2:7f:
e9:da:6f:76:15:58:0b:2a:3f:4d:32:6a:4b:3f:b8:
07:e9:67:dc:59:b7:96:93:2d:7a:6c:14:4c:4d:3f:
d6:d2:29:a2:53:95:3b:19:1b:0f:4f:ac:4e:99:ac:
92:88:90:2d:db:45:ba:94:be:61:60:9c:20:19:4e:
0c:5d:81:fc:74:e7:33:c2:87:24:22:12:80:a3:65:
c2:27:72:e0:fe:51:2e:d3:4f:f6:ff:1c:5e:a5:05:
fa:b8:56:a1:8d:46:bb:c0:fa:ab:55:f7:98:7d:57:
84:7f:66:7b:15:db:cb:c9:9c:85:68:b5:c2:bf:5b:
e2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3C:B9:CB:30:B8:BA:82:DB:75:F1:E5:49:8D:35:50:66:FD:3B:89
X509v3 Authority Key Identifier:
keyid:A1:B4:DD:83:FC:5E:CD:21:0F:4F:68:4F:B6:BF:40:FB:31:60:DB:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obTdg_xezSEPT2hPtr9A-zFg2yE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/2Dy5yzC4uoLbdfHlSY01UGb9O4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/obTdg_xezSEPT2hPtr9A-zFg2yE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.220.0/22
IPv6:
2a02:5fa0::/32
Signature Algorithm: sha256WithRSAEncryption
a2:24:63:3e:90:37:0b:28:68:96:ee:67:b5:84:fd:56:b3:fe:
a6:27:68:a6:6b:0b:c1:3b:e5:4e:36:10:f5:79:4d:82:bc:7a:
f4:68:c9:9d:a1:3c:7f:fe:3c:b1:fc:fd:4f:0d:45:0b:22:57:
d9:9e:75:00:b5:68:ca:5e:eb:68:dc:d1:17:65:8c:ef:e1:7b:
5f:69:c9:02:dd:69:8b:60:90:77:e8:01:a4:0c:60:10:5a:92:
d0:3f:25:a1:4d:15:aa:0d:96:3a:0a:19:3c:f0:9e:ef:de:1e:
7d:f1:06:fa:97:44:b5:a9:fc:95:65:d6:a3:45:dc:31:d5:36:
ec:e4:4b:1b:bf:ba:e1:73:5e:13:47:e6:5a:2b:be:ad:51:5c:
89:c4:79:5d:d5:01:e5:f4:2a:31:72:b1:03:80:ef:c7:da:60:
16:35:d1:74:9b:53:ee:3d:c5:07:1c:ca:e7:f1:99:5d:45:a7:
ad:7f:07:51:01:83:e2:02:b1:9a:aa:fc:17:39:b8:ba:82:36:
8d:59:1b:0d:76:3d:69:33:b0:f8:21:4f:d1:07:fc:5e:9b:d7:
9d:d3:2b:e9:ae:44:df:2c:ae:9c:80:38:71:70:40:57:23:50:
55:69:d0:d4:a4:c9:fc:51:72:15:c0:59:81:54:07:b4:51:fa:
b0:a8:18:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweYJd3PYiE9colgdZLF+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjRkZDgzZmM1ZWNkMjEwZjRmNjg0ZmI2YmY0MGZiMzE2
MGRiMjEwHhcNMjMwMTAyMDMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODNjYjljYjMwYjhiYTgyZGI3NWYxZTU0OThkMzU1MDY2ZmQzYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNtsXErNFxOW9vW/AvImelpSySc+
R6hO0l+VYwFEi1I7Ldk4abEJHjl8tF5Crp35Mbxa+4hxa/IgzRjmX1HUuCRUun+6
Q1yRqvWJuw6+MsZugZRSuurFlGUYFJ1x68Jt7M8j3PL93wOiXeA4eVN69U8K9zWv
wQvowtHgZmBamYZLfwni8n/p2m92FVgLKj9NMmpLP7gH6WfcWbeWky16bBRMTT/W
0imiU5U7GRsPT6xOmaySiJAt20W6lL5hYJwgGU4MXYH8dOczwockIhKAo2XCJ3Lg
/lEu00/2/xxepQX6uFahjUa7wPqrVfeYfVeEf2Z7FdvLyZyFaLXCv1visQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNg8ucswuLqC23Xx5UmNNVBm/TuJMB8GA1UdIwQY
MBaAFKG03YP8Xs0hD09oT7a/QPsxYNshMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JUZGdfeGV6U0VQVDJoUHRyOUEtekZnMnlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xNDZmOGEtZTA2OC00OGNhLWEzODgt
ZmIxODZiOTQzMzRmLzEvMkR5NXl6QzR1b0xiZGZIbFNZMDFVR2I5TzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xNDZmOGEtZTA2OC00OGNhLWEzODgtZmIxODZiOTQzMzRm
LzEvb2JUZGdfeGV6U0VQVDJoUHRyOUEtekZnMnlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTncMA0E
AgACMAcDBQAqAl+gMA0GCSqGSIb3DQEBCwUAA4IBAQCiJGM+kDcLKGiW7me1hP1W
s/6mJ2imawvBO+VONhD1eU2CvHr0aMmdoTx//jyx/P1PDUULIlfZnnUAtWjKXuto
3NEXZYzv4XtfackC3WmLYJB36AGkDGAQWpLQPyWhTRWqDZY6Chk88J7v3h598Qb6
l0S1qfyVZdajRdwx1Tbs5Esbv7rhc14TR+ZaK76tUVyJxHld1QHl9CoxcrEDgO/H
2mAWNdF0m1PuPcUHHMrn8ZldRaetfwdRAYPiArGaqvwXObi6gjaNWRsNdj1pM7D4
IU/RB/xem9ed0yvprkTfLK6cgDhxcEBXI1BVadDUpMn8UXIVwFmBVAe0UfqwqBja
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:00 2024 by rpki-client on console.sobornost.net