Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/yS2rrWgNxo63YCaqZljgGJg9vSQ.roa
File: yS2rrWgNxo63YCaqZljgGJg9vSQ.roa (raw, json)
Hash identifier: P1vYJ1FkhPwYX6eCR1YvyGIgIl50nWEKjEJyW7tl5lo=
Subject key identifier: C9:2D:AB:AD:68:0D:C6:8E:B7:60:26:AA:66:58:E0:18:98:3D:BD:24
Certificate issuer: /CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Certificate serial: 01856FCBA61038DDA6926D95C33D4A808152
Authority key identifier: 20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/yS2rrWgNxo63YCaqZljgGJg9vSQ.roa
Signing time: Mon 02 Jan 2023 00:04:55 +0000
ROA not before: Mon 02 Jan 2023 00:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209888
IP address blocks: 185.180.216.0/22 maxlen: 24
2a0a:af80::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:a6:10:38:dd:a6:92:6d:95:c3:3d:4a:80:81:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Validity
Not Before: Jan 2 00:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c92dabad680dc68eb76026aa6658e018983dbd24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:db:03:d1:90:66:cc:4a:45:97:cd:03:bd:4a:
74:fc:67:b2:c5:af:e3:9c:3d:f1:00:98:84:b0:0e:
3c:ca:62:10:58:8c:4f:09:ec:f6:5d:d0:0e:cc:60:
31:1a:97:1a:7a:f4:f7:d8:82:98:a9:aa:5f:88:03:
46:4a:78:b1:02:d4:4a:e3:b7:cd:d6:85:c9:da:59:
af:9d:63:aa:b6:3f:53:7f:16:57:d7:0b:27:a8:49:
a7:02:3b:15:36:1d:b1:b8:48:95:34:e2:c9:9c:a9:
e9:2a:6f:12:ba:19:85:0f:61:08:2f:35:55:b5:3e:
0e:cb:aa:64:84:f9:38:de:d3:c4:4c:0a:97:4f:c9:
0b:57:5d:e1:53:28:a5:ab:01:2c:73:b1:6b:05:b2:
3d:8a:74:9f:5c:94:dd:ac:a1:e1:82:32:bf:c7:59:
30:f9:ae:fb:f0:a9:ba:31:4d:17:90:3a:04:61:76:
b7:1c:bc:7d:79:a7:be:53:2c:e1:91:8c:9c:52:ab:
c5:d5:3a:c0:cb:c7:78:3f:28:b2:7c:00:d2:50:66:
08:12:73:dd:a3:cb:4d:b0:05:b1:f2:14:f7:84:6d:
77:a4:86:4c:37:ee:4a:6e:3f:ad:b4:e2:6b:00:05:
b4:22:83:1d:29:eb:24:73:80:c5:c3:be:e1:6b:64:
d5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2D:AB:AD:68:0D:C6:8E:B7:60:26:AA:66:58:E0:18:98:3D:BD:24
X509v3 Authority Key Identifier:
keyid:20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/yS2rrWgNxo63YCaqZljgGJg9vSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.216.0/22
IPv6:
2a0a:af80::/29
Signature Algorithm: sha256WithRSAEncryption
86:c2:f1:d9:83:5c:a9:65:95:81:0c:db:1f:3c:99:39:78:ea:
00:e7:04:7e:fd:86:c9:ea:df:dd:b7:ff:a8:9b:87:bd:ec:fd:
fa:01:4b:07:8d:f5:ac:b9:72:fa:bf:25:27:0b:a8:c8:86:1c:
cc:23:a5:75:c4:3e:dc:c9:9a:8e:6f:d1:90:51:9f:d1:ca:3f:
06:c2:f9:15:69:21:12:6b:4c:e9:f6:74:53:58:a9:d8:4e:de:
b7:27:46:98:81:b3:14:c1:0c:cf:5d:cd:bf:95:2c:7e:5e:62:
e9:39:d0:ee:d7:3b:2f:6e:32:5c:ba:fb:a1:49:ef:3b:84:94:
9d:e9:fb:29:4c:49:96:d6:6e:f6:c8:52:58:78:31:d1:40:1d:
b4:d5:96:b2:de:c5:07:d8:37:8a:b3:96:b2:7e:90:95:68:05:
b9:83:36:eb:63:38:ad:a7:91:12:0a:fe:fb:d4:0a:4a:b9:80:
a5:0a:0c:ce:fc:7f:4c:98:ac:14:99:3a:25:2e:81:a2:e3:39:
69:68:0a:cc:73:ae:09:f4:ae:64:fd:b4:4a:86:8d:a3:ef:32:
62:69:87:c5:6f:db:6c:76:81:64:66:3c:2d:e1:52:f0:ca:e6:
02:c7:a1:c6:d0:82:1a:93:20:50:4f:22:8c:ba:1d:d1:1c:87:
b7:b0:6a:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy6YQON2mkm2Vwz1KgIFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmY2ODA4ZTA2MDQ2OTcyNzBmYWEzYzNkYjE1OWY3ZmU5
OGVjZGQwHhcNMjMwMTAyMDAwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJkYWJhZDY4MGRjNjhlYjc2MDI2YWE2NjU4ZTAxODk4M2RiZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNsD0ZBmzEpFl80DvUp0/Geyxa/j
nD3xAJiEsA48ymIQWIxPCez2XdAOzGAxGpcaevT32IKYqapfiANGSnixAtRK47fN
1oXJ2lmvnWOqtj9TfxZX1wsnqEmnAjsVNh2xuEiVNOLJnKnpKm8SuhmFD2EILzVV
tT4Oy6pkhPk43tPETAqXT8kLV13hUyilqwEsc7FrBbI9inSfXJTdrKHhgjK/x1kw
+a778Km6MU0XkDoEYXa3HLx9eae+UyzhkYycUqvF1TrAy8d4PyiyfADSUGYIEnPd
o8tNsAWx8hT3hG13pIZMN+5Kbj+ttOJrAAW0IoMdKeskc4DFw77ha2TViwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMktq61oDcaOt2AmqmZY4BiYPb0kMB8GA1UdIwQY
MBaAFCBvaAjgYEaXJw+qPD2xWff+mOzdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc5b0NPQmdScGNuRDZvOFBiRlo5XzZZN04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yNjVkM2EtYWVkNi00YmUyLWI0MmUt
ZWI2MmU4YzRkZmE5LzEveVMycnJXZ054bzYzWUNhcVpsamdHSmc5dlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8yNjVkM2EtYWVkNi00YmUyLWI0MmUtZWI2MmU4YzRkZmE5
LzEvSUc5b0NPQmdScGNuRDZvOFBiRlo5XzZZN04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubTYMA0E
AgACMAcDBQMqCq+AMA0GCSqGSIb3DQEBCwUAA4IBAQCGwvHZg1ypZZWBDNsfPJk5
eOoA5wR+/YbJ6t/dt/+om4e97P36AUsHjfWsuXL6vyUnC6jIhhzMI6V1xD7cyZqO
b9GQUZ/Ryj8GwvkVaSESa0zp9nRTWKnYTt63J0aYgbMUwQzPXc2/lSx+XmLpOdDu
1zsvbjJcuvuhSe87hJSd6fspTEmW1m72yFJYeDHRQB201Zay3sUH2DeKs5ayfpCV
aAW5gzbrYzitp5ESCv771ApKuYClCgzO/H9MmKwUmTolLoGi4zlpaArMc64J9K5k
/bRKho2j7zJiaYfFb9tsdoFkZjwt4VLwyuYCx6HG0IIakyBQTyKMuh3RHIe3sGpi
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:58 2024 by rpki-client on console.sobornost.net