Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/A1YDsUdQr9d9Rn9ap2wD_8_48EM.roa
File: A1YDsUdQr9d9Rn9ap2wD_8_48EM.roa (raw, json)
Hash identifier: jvW2d/QMHQc++1A2+QabNlAf/Q1CWDmm7OjrDf+L5P0=
Subject key identifier: 03:56:03:B1:47:50:AF:D7:7D:46:7F:5A:A7:6C:03:FF:CF:F8:F0:43
Certificate issuer: /CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Certificate serial: 0185723A1DA1EE4C42D6FB5AE14D1F57DEFF
Authority key identifier: 4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/A1YDsUdQr9d9Rn9ap2wD_8_48EM.roa
Signing time: Mon 02 Jan 2023 11:24:49 +0000
ROA not before: Mon 02 Jan 2023 11:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200271
IP address blocks: 185.255.84.0/22 maxlen: 22
2a02:4ba::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:1d:a1:ee:4c:42:d6:fb:5a:e1:4d:1f:57:de:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Validity
Not Before: Jan 2 11:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=035603b14750afd77d467f5aa76c03ffcff8f043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:78:58:32:73:cc:c9:87:21:38:9e:36:de:67:
1a:44:91:cf:9c:e6:ef:e9:2a:03:f0:1a:2b:27:0a:
65:6d:26:f5:e2:2e:b6:de:33:ff:3a:93:cb:1a:16:
3e:47:a9:56:d4:26:5e:c7:b1:0e:7a:fa:d4:5d:fd:
5d:73:69:8c:e8:97:69:6b:da:10:d3:b7:f5:27:4b:
c7:f9:e1:a9:fe:8a:36:e3:6c:07:1e:4b:2e:6a:dc:
29:a5:81:fa:9b:0f:1b:52:5b:61:19:f4:ae:2f:ee:
de:24:a9:54:dc:7a:bc:90:47:f8:e8:a1:35:c7:61:
14:49:fe:42:e2:54:cc:0d:81:ca:28:f8:12:2a:e7:
77:e5:61:a9:3d:fb:90:1c:40:4a:50:c1:f5:66:5c:
77:92:f8:56:dd:a2:07:fe:0c:34:da:a2:5d:9f:6b:
6e:cc:67:d7:5e:aa:ce:b1:b9:05:4d:72:e7:33:29:
bc:98:89:29:d8:4d:c3:93:f1:ce:5e:be:40:ad:7e:
b3:36:84:89:74:69:d4:57:27:4b:91:c7:d6:eb:fd:
86:87:fe:d5:63:a0:9e:34:e2:c8:f5:07:8f:e2:be:
0d:71:be:6b:64:7c:79:a0:07:94:7d:64:2e:5f:ff:
08:9b:75:98:55:6a:2c:08:13:f0:68:65:8e:fd:fe:
af:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:56:03:B1:47:50:AF:D7:7D:46:7F:5A:A7:6C:03:FF:CF:F8:F0:43
X509v3 Authority Key Identifier:
keyid:4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/A1YDsUdQr9d9Rn9ap2wD_8_48EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.84.0/22
IPv6:
2a02:4ba::/32
Signature Algorithm: sha256WithRSAEncryption
13:e7:dd:62:d6:4a:d4:6b:47:a7:3b:21:02:17:91:27:20:5b:
6e:96:0d:ef:b6:22:cd:57:74:24:3a:57:3f:33:e2:00:01:d8:
a1:44:0c:f6:8f:fe:bb:e0:ed:7f:86:b3:9e:49:94:33:0c:a0:
15:9f:5b:1f:64:7d:4b:a7:70:d7:8b:b1:97:73:69:21:d0:00:
80:50:0c:35:85:71:05:d6:7e:d9:00:96:ef:79:25:5a:a0:aa:
84:d7:ca:9e:98:87:61:76:c0:19:81:ba:cc:f6:77:dc:3a:d4:
7e:a5:9c:1c:43:ae:f3:8c:b1:00:3d:73:aa:a6:c2:f6:20:61:
6c:6d:7e:63:7e:9a:47:c0:9c:61:9d:e5:11:ef:bd:ab:12:ce:
c3:09:ac:1d:38:0a:c0:b8:28:b4:44:41:ce:4d:cd:3f:32:dc:
a8:a1:e7:3a:24:f8:6d:4a:df:27:b1:47:b1:b9:bb:b3:38:7e:
4f:78:4d:cb:41:17:e9:c5:5a:35:49:8d:f0:ee:b7:33:57:ed:
4f:61:1e:1f:8b:3a:0a:df:bf:5e:e0:55:1a:98:be:25:9b:a4:
b0:58:33:93:07:7c:35:84:d2:7e:af:b8:2a:54:67:f3:05:ab:
0c:bb:28:2c:6d:c5:be:d8:bb:0a:bd:b0:72:29:61:03:94:de:
95:8e:9e:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyOh2h7kxC1vta4U0fV97/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzY4M2Q2ZWE1MzlmZWYxYjZiNmRiZGQ3NGEzMWQwNWU1
ZjBhMjMwHhcNMjMwMTAyMTEyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzU2MDNiMTQ3NTBhZmQ3N2Q0NjdmNWFhNzZjMDNmZmNmZjhmMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nhYMnPMyYchOJ423mcaRJHPnObv
6SoD8BorJwplbSb14i623jP/OpPLGhY+R6lW1CZex7EOevrUXf1dc2mM6Jdpa9oQ
07f1J0vH+eGp/oo242wHHksuatwppYH6mw8bUlthGfSuL+7eJKlU3Hq8kEf46KE1
x2EUSf5C4lTMDYHKKPgSKud35WGpPfuQHEBKUMH1Zlx3kvhW3aIH/gw02qJdn2tu
zGfXXqrOsbkFTXLnMym8mIkp2E3Dk/HOXr5ArX6zNoSJdGnUVydLkcfW6/2Gh/7V
Y6CeNOLI9QeP4r4Ncb5rZHx5oAeUfWQuX/8Im3WYVWosCBPwaGWO/f6vuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFANWA7FHUK/XfUZ/WqdsA//P+PBDMB8GA1UdIwQY
MBaAFE12g9bqU5/vG2ttvddKMdBeXwojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQt
NjhiMzc2OGY1MGRjLzEvQTFZRHNVZFFyOWQ5Um45YXAyd0RfOF80OEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQtNjhiMzc2OGY1MGRj
LzEvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf9UMA0E
AgACMAcDBQAqAgS6MA0GCSqGSIb3DQEBCwUAA4IBAQAT591i1krUa0enOyECF5En
IFtulg3vtiLNV3QkOlc/M+IAAdihRAz2j/674O1/hrOeSZQzDKAVn1sfZH1Lp3DX
i7GXc2kh0ACAUAw1hXEF1n7ZAJbveSVaoKqE18qemIdhdsAZgbrM9nfcOtR+pZwc
Q67zjLEAPXOqpsL2IGFsbX5jfppHwJxhneUR772rEs7DCawdOArAuCi0REHOTc0/
Mtyooec6JPhtSt8nsUexubuzOH5PeE3LQRfpxVo1SY3w7rczV+1PYR4fizoK379e
4FUamL4lm6SwWDOTB3w1hNJ+r7gqVGfzBasMuygsbcW+2LsKvbByKWEDlN6Vjp7O
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:08 2024 by rpki-client on console.sobornost.net