Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/xyzwARczWcXlYnEZEs4bQ73pBgc.roa
File: xyzwARczWcXlYnEZEs4bQ73pBgc.roa (raw, json)
Hash identifier: ardrWjP3e56Ci4DBggLnGIatbnmsKfEyv7zvMSjS7VA=
Subject key identifier: C7:2C:F0:01:17:33:59:C5:E5:62:71:19:12:CE:1B:43:BD:E9:06:07
Certificate issuer: /CN=1ff5268752cbb524bcfe4b5a4976ff0f85d389af
Certificate serial: 01859C4B4F2A9792D8915836D58B5E82E265
Authority key identifier: 1F:F5:26:87:52:CB:B5:24:BC:FE:4B:5A:49:76:FF:0F:85:D3:89:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H_Umh1LLtSS8_ktaSXb_D4XTia8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/xyzwARczWcXlYnEZEs4bQ73pBgc.roa
Signing time: Tue 10 Jan 2023 15:27:39 +0000
ROA not before: Tue 10 Jan 2023 15:27:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49784
IP address blocks: 185.12.216.0/22 maxlen: 24
2a03:8940::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:4b:4f:2a:97:92:d8:91:58:36:d5:8b:5e:82:e2:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ff5268752cbb524bcfe4b5a4976ff0f85d389af
Validity
Not Before: Jan 10 15:27:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c72cf001173359c5e562711912ce1b43bde90607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:4c:08:e4:c8:60:a6:c8:72:e0:da:f3:81:01:
14:98:34:c4:be:2e:29:a1:f7:7b:96:2f:d6:4f:fc:
cf:7d:1a:3c:1c:94:92:d4:fc:11:e8:c6:10:a4:9c:
04:76:bd:15:98:61:63:2d:62:56:9a:8b:7f:a7:3f:
f4:bc:42:00:b9:34:f0:c5:a8:1a:b0:23:09:ef:64:
2d:f0:02:46:e0:b4:e1:e4:e1:8a:56:68:0c:41:df:
12:5a:49:4f:a5:44:64:15:0c:61:7b:ab:e2:5e:9c:
fa:bc:a5:a8:3a:17:cc:05:25:d6:ff:13:06:5f:1b:
47:dc:03:be:97:35:85:cb:dd:c4:d0:d5:a2:81:97:
73:ed:23:99:60:d1:eb:77:9a:b3:1e:76:d4:b7:bc:
e9:7f:95:45:c8:71:9f:51:62:92:7d:4c:12:b2:72:
22:84:45:3f:25:0f:3f:03:99:58:dc:4e:89:99:23:
99:f3:f1:9f:c7:bc:2d:3a:97:b0:2f:1d:5a:bd:60:
e9:38:dc:ff:f7:39:b6:af:30:15:91:2b:3e:fb:c3:
39:f3:a1:30:1f:09:0c:c0:3c:f5:80:ea:a6:65:59:
7a:dc:91:25:a8:5f:31:fb:ab:57:fa:b9:6e:07:79:
81:da:41:6c:04:84:4b:b9:8a:b8:b6:db:4e:17:1d:
f9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2C:F0:01:17:33:59:C5:E5:62:71:19:12:CE:1B:43:BD:E9:06:07
X509v3 Authority Key Identifier:
keyid:1F:F5:26:87:52:CB:B5:24:BC:FE:4B:5A:49:76:FF:0F:85:D3:89:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H_Umh1LLtSS8_ktaSXb_D4XTia8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/xyzwARczWcXlYnEZEs4bQ73pBgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.216.0/22
IPv6:
2a03:8940::/32
Signature Algorithm: sha256WithRSAEncryption
13:d8:74:27:f5:0d:46:e5:cc:c9:2e:3a:9e:d3:d7:01:cc:cc:
00:a2:ba:a4:bc:de:94:64:ba:ef:51:89:c1:54:b7:a9:59:b9:
c1:3b:44:1e:49:aa:b8:2e:fb:0d:14:8b:f8:dd:b1:57:3d:63:
98:78:c4:0e:66:73:78:6a:e8:c7:06:04:fe:cd:20:80:64:95:
5a:f9:db:25:5c:27:11:c4:72:25:59:fa:78:98:52:24:75:b1:
aa:34:13:aa:3a:f1:97:92:10:1b:f0:8f:ea:d1:e3:5d:f2:ef:
34:cd:37:55:ed:44:f4:d6:dd:19:a9:a8:83:93:14:1e:72:78:
93:55:87:1e:6a:d9:5a:b9:ae:40:15:b9:d0:b4:10:3a:3f:f1:
33:0e:59:39:64:48:69:7b:ac:29:64:a0:fc:7c:22:ba:48:56:
11:9a:e9:2e:40:1e:f0:5e:0f:33:36:88:41:b0:c5:0f:eb:d6:
48:d9:33:62:ca:d0:a4:73:9b:6a:4d:36:96:35:e5:91:30:07:
7a:6d:a7:17:a8:8e:4c:a7:02:91:e1:c5:3c:8b:28:77:69:bf:
54:1a:c0:ab:87:f2:05:09:1e:57:2b:28:81:c2:b1:a7:77:17:
27:45:cb:d7:fc:79:1b:e1:20:27:20:bc:5b:13:d0:1e:1c:e6:
5e:1c:09:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWcS08ql5LYkVg21YteguJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZjUyNjg3NTJjYmI1MjRiY2ZlNGI1YTQ5NzZmZjBmODVk
Mzg5YWYwHhcNMjMwMTEwMTUyNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJjZjAwMTE3MzM1OWM1ZTU2MjcxMTkxMmNlMWI0M2JkZTkwNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEwI5Mhgpshy4NrzgQEUmDTEvi4p
ofd7li/WT/zPfRo8HJSS1PwR6MYQpJwEdr0VmGFjLWJWmot/pz/0vEIAuTTwxaga
sCMJ72Qt8AJG4LTh5OGKVmgMQd8SWklPpURkFQxhe6viXpz6vKWoOhfMBSXW/xMG
XxtH3AO+lzWFy93E0NWigZdz7SOZYNHrd5qzHnbUt7zpf5VFyHGfUWKSfUwSsnIi
hEU/JQ8/A5lY3E6JmSOZ8/Gfx7wtOpewLx1avWDpONz/9zm2rzAVkSs++8M586Ew
HwkMwDz1gOqmZVl63JElqF8x+6tX+rluB3mB2kFsBIRLuYq4tttOFx35yQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMcs8AEXM1nF5WJxGRLOG0O96QYHMB8GA1UdIwQY
MBaAFB/1JodSy7UkvP5LWkl2/w+F04mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSF9VbWgxTEx0U1M4X2t0YVNYYl9ENFhUaWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80YzI3MzQtMTEzOS00YTNmLThmODQt
OTc0NDg4YmNiNzIzLzEveHl6d0FSY3pXY1hsWW5FWkVzNGJRNzNwQmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80YzI3MzQtMTEzOS00YTNmLThmODQtOTc0NDg4YmNiNzIz
LzEvSF9VbWgxTEx0U1M4X2t0YVNYYl9ENFhUaWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQzYMA0E
AgACMAcDBQAqA4lAMA0GCSqGSIb3DQEBCwUAA4IBAQAT2HQn9Q1G5czJLjqe09cB
zMwAorqkvN6UZLrvUYnBVLepWbnBO0QeSaq4LvsNFIv43bFXPWOYeMQOZnN4aujH
BgT+zSCAZJVa+dslXCcRxHIlWfp4mFIkdbGqNBOqOvGXkhAb8I/q0eNd8u80zTdV
7UT01t0ZqaiDkxQecniTVYceatlaua5AFbnQtBA6P/EzDlk5ZEhpe6wpZKD8fCK6
SFYRmukuQB7wXg8zNohBsMUP69ZI2TNiytCkc5tqTTaWNeWRMAd6bacXqI5MpwKR
4cU8iyh3ab9UGsCrh/IFCR5XKyiBwrGndxcnRcvX/Hkb4SAnILxbE9AeHOZeHAn8
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:12 2024 by rpki-client on console.sobornost.net