Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/ivKmnzClTZ-SyNKtkrDcLOfQHGE.roa
File: ivKmnzClTZ-SyNKtkrDcLOfQHGE.roa (raw, json)
Hash identifier: hD7H6pq/z0oUlaA0RWJOhthtOdlGu95Abk8pbWMHRh4=
Subject key identifier: 8A:F2:A6:9F:30:A5:4D:9F:92:C8:D2:AD:92:B0:DC:2C:E7:D0:1C:61
Certificate issuer: /CN=a2d37fc31efd3703bf2c4c3e88bc3c1cfb479919
Certificate serial: 01857355FB71DBF7E9E0200057F1E24F13D5
Authority key identifier: A2:D3:7F:C3:1E:FD:37:03:BF:2C:4C:3E:88:BC:3C:1C:FB:47:99:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otN_wx79NwO_LEw-iLw8HPtHmRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/ivKmnzClTZ-SyNKtkrDcLOfQHGE.roa
Signing time: Mon 02 Jan 2023 16:34:52 +0000
ROA not before: Mon 02 Jan 2023 16:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57317
IP address blocks: 185.105.112.0/22 maxlen: 24
2a06:3700::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:fb:71:db:f7:e9:e0:20:00:57:f1:e2:4f:13:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d37fc31efd3703bf2c4c3e88bc3c1cfb479919
Validity
Not Before: Jan 2 16:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8af2a69f30a54d9f92c8d2ad92b0dc2ce7d01c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:48:06:10:88:cf:b4:8b:71:d4:55:ed:d2:
3c:da:b3:12:37:87:c7:de:4b:f6:ce:e4:f3:b5:ed:
31:9d:2b:02:4c:76:ac:41:d7:27:35:49:ec:ba:81:
19:31:99:ad:3c:7a:2f:c8:22:54:39:98:66:04:27:
c9:0e:be:fe:cd:e9:cd:dd:c4:3b:ed:32:8f:f3:fc:
3f:12:4d:8b:3f:e2:85:6c:13:f8:55:e9:8d:8f:3c:
39:31:3f:08:d2:15:ce:ca:5a:3f:5d:99:7e:6f:8a:
2b:fa:8e:77:76:58:5c:b7:14:90:ed:52:07:4f:e0:
58:7b:78:db:cc:fc:e6:01:8f:77:74:9a:d4:6d:87:
32:b8:f3:6e:3c:1a:39:b3:be:6c:26:a3:eb:0d:cd:
96:ae:ef:8e:03:34:1b:02:9d:d5:46:dd:56:98:ca:
bb:cd:ec:03:cb:cf:81:e5:e2:bc:c3:b0:40:5f:9f:
4a:f0:0d:80:b0:82:44:90:c3:4d:2e:58:dc:10:c5:
6f:84:c7:5d:26:b4:af:9a:ec:74:d2:f6:96:ac:56:
05:e6:83:1e:e0:75:fa:5f:e4:cf:27:af:a3:f9:ff:
b4:73:09:f5:4c:7d:3a:d7:58:86:42:d3:49:8c:76:
53:bc:e0:b3:33:2a:8d:7a:8e:c8:01:46:cf:e5:11:
06:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F2:A6:9F:30:A5:4D:9F:92:C8:D2:AD:92:B0:DC:2C:E7:D0:1C:61
X509v3 Authority Key Identifier:
keyid:A2:D3:7F:C3:1E:FD:37:03:BF:2C:4C:3E:88:BC:3C:1C:FB:47:99:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otN_wx79NwO_LEw-iLw8HPtHmRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/ivKmnzClTZ-SyNKtkrDcLOfQHGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3632f5-89e7-4d22-8bc1-33399080270f/1/otN_wx79NwO_LEw-iLw8HPtHmRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.112.0/22
IPv6:
2a06:3700::/29
Signature Algorithm: sha256WithRSAEncryption
59:f9:93:7a:23:1f:91:75:2e:68:98:e6:4a:d3:15:45:f9:8b:
74:13:42:f8:02:1f:6f:10:56:c3:7c:17:4f:b8:b6:c0:85:3c:
fd:0e:51:58:bc:93:f6:77:e4:7e:36:3c:96:c3:48:a6:cd:c1:
f7:7d:14:be:7a:71:0c:8b:a7:1a:1e:3a:a5:d9:d8:b6:c4:e5:
a8:63:f2:e7:1e:39:28:4c:1e:51:ab:5c:58:97:af:98:49:bc:
3b:b2:2e:a4:cd:f1:05:4b:a1:f2:03:93:9d:8d:ac:3e:14:14:
8e:df:04:51:fc:fe:b9:84:9c:e3:fe:85:7e:27:04:77:48:f2:
35:84:25:f7:3a:1a:9a:3b:9b:a7:1e:1b:2c:c9:57:52:ef:aa:
f0:51:63:1c:d6:dd:6a:fb:e4:b2:89:e4:51:b6:55:c4:d5:66:
a0:ab:97:82:af:9d:fd:7d:74:19:81:1a:34:ff:99:25:31:a1:
45:b1:5d:3a:74:51:46:6f:8d:23:fc:40:b9:a0:cd:e2:85:41:
f6:87:5f:73:b4:10:dd:6b:58:f7:f3:a7:03:82:ec:10:e0:5c:
af:2f:33:d6:56:b1:bb:79:14:5b:48:07:27:dc:6a:d6:d7:4b:
d6:7e:eb:a8:e4:14:4f:d4:4e:9c:47:fe:30:94:50:5f:e7:dd:
6a:a0:50:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzVftx2/fp4CAAV/HiTxPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDM3ZmMzMWVmZDM3MDNiZjJjNGMzZTg4YmMzYzFjZmI0
Nzk5MTkwHhcNMjMwMTAyMTYzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWYyYTY5ZjMwYTU0ZDlmOTJjOGQyYWQ5MmIwZGMyY2U3ZDAxYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqVIBhCIz7SLcdRV7dI82rMSN4fH
3kv2zuTzte0xnSsCTHasQdcnNUnsuoEZMZmtPHovyCJUOZhmBCfJDr7+zenN3cQ7
7TKP8/w/Ek2LP+KFbBP4VemNjzw5MT8I0hXOylo/XZl+b4or+o53dlhctxSQ7VIH
T+BYe3jbzPzmAY93dJrUbYcyuPNuPBo5s75sJqPrDc2Wru+OAzQbAp3VRt1WmMq7
zewDy8+B5eK8w7BAX59K8A2AsIJEkMNNLljcEMVvhMddJrSvmux00vaWrFYF5oMe
4HX6X+TPJ6+j+f+0cwn1TH0611iGQtNJjHZTvOCzMyqNeo7IAUbP5REGgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIrypp8wpU2fksjSrZKw3Czn0BxhMB8GA1UdIwQY
MBaAFKLTf8Me/TcDvyxMPoi8PBz7R5kZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3ROX3d4NzlOd09fTEV3LWlMdzhIUHRIbVJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zNjMyZjUtODllNy00ZDIyLThiYzEt
MzMzOTkwODAyNzBmLzEvaXZLbW56Q2xUWi1TeU5LdGtyRGNMT2ZRSEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zNjMyZjUtODllNy00ZDIyLThiYzEtMzMzOTkwODAyNzBm
LzEvb3ROX3d4NzlOd09fTEV3LWlMdzhIUHRIbVJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWlwMA0E
AgACMAcDBQMqBjcAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ+ZN6Ix+RdS5omOZK0xVF
+Yt0E0L4Ah9vEFbDfBdPuLbAhTz9DlFYvJP2d+R+NjyWw0imzcH3fRS+enEMi6ca
Hjql2di2xOWoY/LnHjkoTB5Rq1xYl6+YSbw7si6kzfEFS6HyA5Odjaw+FBSO3wRR
/P65hJzj/oV+JwR3SPI1hCX3OhqaO5unHhssyVdS76rwUWMc1t1q++SyieRRtlXE
1Wagq5eCr539fXQZgRo0/5klMaFFsV06dFFGb40j/EC5oM3ihUH2h19ztBDda1j3
86cDguwQ4FyvLzPWVrG7eRRbSAcn3GrW10vWfuuo5BRP1E6cR/4wlFBf591qoFBc
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:38 2024 by rpki-client on console.sobornost.net