Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/4e7cf9-a9df-4ba3-af77-e2707e197541/1/rwinJ09aidQZg8qQhTrBIvU-EQI.roa
File: rwinJ09aidQZg8qQhTrBIvU-EQI.roa (raw, json)
Hash identifier: LcRtnQ5vanzfvhtxymWvf9ZaBtjs4FoK4hYieReYNqk=
Subject key identifier: AF:08:A7:27:4F:5A:89:D4:19:83:CA:90:85:3A:C1:22:F5:3E:11:02
Certificate issuer: /CN=cf9f02dbd972595a31cabeab0cd95d706a8cdd31
Certificate serial: 01856D13A4530D5A6F1A861840384CF0074F
Authority key identifier: CF:9F:02:DB:D9:72:59:5A:31:CA:BE:AB:0C:D9:5D:70:6A:8C:DD:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z58C29lyWVoxyr6rDNldcGqM3TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/4e7cf9-a9df-4ba3-af77-e2707e197541/1/rwinJ09aidQZg8qQhTrBIvU-EQI.roa
Signing time: Sun 01 Jan 2023 11:24:41 +0000
ROA not before: Sun 01 Jan 2023 11:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52165
IP address blocks: 185.185.185.0/24 maxlen: 24
185.185.184.0/24 maxlen: 24
185.185.186.0/24 maxlen: 24
185.185.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:a4:53:0d:5a:6f:1a:86:18:40:38:4c:f0:07:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf9f02dbd972595a31cabeab0cd95d706a8cdd31
Validity
Not Before: Jan 1 11:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af08a7274f5a89d41983ca90853ac122f53e1102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e2:c4:fc:a8:37:71:86:26:6f:56:cc:93:08:
6a:03:e6:7c:80:34:e5:7a:85:a9:cd:84:01:a9:bc:
48:41:63:13:73:3a:b8:f2:01:01:80:68:aa:3e:7e:
b8:a1:7c:4e:a2:9d:8f:5a:a6:97:1e:f2:36:be:0b:
59:a4:55:0c:c2:f0:6e:7f:9e:0d:da:31:6f:cb:01:
d6:34:93:3d:c9:38:53:76:c8:99:8c:8c:e1:0b:2a:
93:58:ad:74:e4:ee:34:e4:a1:b9:6a:9d:1d:14:5c:
90:a3:12:a8:6f:3d:ce:41:3c:37:d0:ce:fe:31:82:
7f:84:30:c2:99:33:c7:66:ae:21:fa:f3:82:d2:d5:
07:57:29:3d:8b:a8:d5:16:87:75:97:bb:dd:10:c9:
f4:b8:70:bf:b4:21:c1:ff:ef:18:a3:92:52:44:6d:
28:40:43:85:06:63:f5:dc:e9:41:71:f4:fc:26:99:
eb:63:63:cd:a7:c1:5b:65:24:1b:ff:30:d4:e5:52:
75:d2:a7:00:42:b7:24:93:e5:bf:ec:9c:05:c5:06:
a1:ec:d3:97:fa:5b:e9:c2:22:d9:d1:96:86:09:e3:
1b:1a:cc:a5:cb:30:bd:0c:be:a2:a4:f2:e2:5e:fc:
e6:7e:b7:b8:79:9b:57:21:db:e9:88:64:ee:e3:69:
cb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:08:A7:27:4F:5A:89:D4:19:83:CA:90:85:3A:C1:22:F5:3E:11:02
X509v3 Authority Key Identifier:
keyid:CF:9F:02:DB:D9:72:59:5A:31:CA:BE:AB:0C:D9:5D:70:6A:8C:DD:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z58C29lyWVoxyr6rDNldcGqM3TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4e7cf9-a9df-4ba3-af77-e2707e197541/1/rwinJ09aidQZg8qQhTrBIvU-EQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4e7cf9-a9df-4ba3-af77-e2707e197541/1/z58C29lyWVoxyr6rDNldcGqM3TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.184.0/22
Signature Algorithm: sha256WithRSAEncryption
68:27:e4:15:c0:48:91:67:f9:51:16:80:c1:97:1d:6d:7d:7f:
75:00:b9:b0:85:e5:58:64:70:e4:73:a0:97:51:e1:fe:18:16:
f0:e5:1a:63:ed:00:9f:be:8e:c2:2f:34:f9:92:ca:79:ca:34:
b2:f0:6b:da:1d:f7:3d:f8:15:86:3f:68:3b:f2:1a:51:68:86:
8d:d0:b1:ab:a9:ef:36:34:22:2b:36:a1:32:d8:98:31:57:6f:
21:3f:c7:1b:31:60:49:21:05:b1:59:f3:b5:6f:b9:04:7d:23:
c9:71:46:f8:dd:1b:35:5d:d4:d4:2d:7b:36:88:d7:9a:f6:47:
16:e4:69:b1:3f:8f:66:bc:2b:fc:88:b2:49:0a:cd:25:9b:2c:
3a:bc:76:24:0c:c3:7a:02:da:9a:aa:08:3a:70:1a:f0:fd:76:
8b:18:b5:66:cd:ee:0a:b7:b6:13:69:c3:c2:ae:88:a6:d1:45:
42:ab:86:75:ee:6c:e3:4f:7c:ab:10:6b:5b:b6:9c:52:f5:a2:
f5:31:e6:04:19:f8:e7:60:02:15:16:bb:b4:ff:69:a9:0e:f8:
af:01:83:c1:c7:14:c3:75:6a:62:e2:e8:c6:2a:a4:6c:9f:79:
6f:5f:50:ca:f7:d8:2d:64:52:70:76:f4:08:b1:92:68:a8:75:
a4:0c:8f:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE6RTDVpvGoYYQDhM8AdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOWYwMmRiZDk3MjU5NWEzMWNhYmVhYjBjZDk1ZDcwNmE4
Y2RkMzEwHhcNMjMwMTAxMTEyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA4YTcyNzRmNWE4OWQ0MTk4M2NhOTA4NTNhYzEyMmY1M2UxMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuLE/Kg3cYYmb1bMkwhqA+Z8gDTl
eoWpzYQBqbxIQWMTczq48gEBgGiqPn64oXxOop2PWqaXHvI2vgtZpFUMwvBuf54N
2jFvywHWNJM9yThTdsiZjIzhCyqTWK105O405KG5ap0dFFyQoxKobz3OQTw30M7+
MYJ/hDDCmTPHZq4h+vOC0tUHVyk9i6jVFod1l7vdEMn0uHC/tCHB/+8Yo5JSRG0o
QEOFBmP13OlBcfT8JpnrY2PNp8FbZSQb/zDU5VJ10qcAQrckk+W/7JwFxQah7NOX
+lvpwiLZ0ZaGCeMbGsylyzC9DL6ipPLiXvzmfre4eZtXIdvpiGTu42nLZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8IpydPWonUGYPKkIU6wSL1PhECMB8GA1UdIwQY
MBaAFM+fAtvZcllaMcq+qwzZXXBqjN0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejU4QzI5bHlXVm94eXI2ckRObGRjR3FNM1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80ZTdjZjktYTlkZi00YmEzLWFmNzct
ZTI3MDdlMTk3NTQxLzEvcndpbkowOWFpZFFaZzhxUWhUckJJdlUtRVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80ZTdjZjktYTlkZi00YmEzLWFmNzctZTI3MDdlMTk3NTQx
LzEvejU4QzI5bHlXVm94eXI2ckRObGRjR3FNM1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubm4MA0G
CSqGSIb3DQEBCwUAA4IBAQBoJ+QVwEiRZ/lRFoDBlx1tfX91ALmwheVYZHDkc6CX
UeH+GBbw5Rpj7QCfvo7CLzT5ksp5yjSy8GvaHfc9+BWGP2g78hpRaIaN0LGrqe82
NCIrNqEy2JgxV28hP8cbMWBJIQWxWfO1b7kEfSPJcUb43Rs1XdTULXs2iNea9kcW
5GmxP49mvCv8iLJJCs0lmyw6vHYkDMN6Atqaqgg6cBrw/XaLGLVmze4Kt7YTacPC
roim0UVCq4Z17mzjT3yrEGtbtpxS9aL1MeYEGfjnYAIVFru0/2mpDvivAYPBxxTD
dWpi4ujGKqRsn3lvX1DK99gtZFJwdvQIsZJoqHWkDI/V
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:52 2024 by rpki-client on console.sobornost.net