Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/da27ed-3cc3-4937-8583-43e811f77681/1/xPkPuSEqqveXT4JlzttG4871SPk.roa
File: xPkPuSEqqveXT4JlzttG4871SPk.roa (raw, json)
Hash identifier: nN9nP1ws37itmhc+gA2VAoFSq/4W4mzLHF3KYSUzQ4E=
Subject key identifier: C4:F9:0F:B9:21:2A:AA:F7:97:4F:82:65:CE:DB:46:E3:CE:F5:48:F9
Certificate issuer: /CN=0ab38dab90c61450dc8ad66b485d536cbaf9e0f9
Certificate serial: 01856F823C69FC49ABB54933E87BF0C9FE68
Authority key identifier: 0A:B3:8D:AB:90:C6:14:50:DC:8A:D6:6B:48:5D:53:6C:BA:F9:E0:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CrONq5DGFFDcitZrSF1TbLr54Pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/da27ed-3cc3-4937-8583-43e811f77681/1/xPkPuSEqqveXT4JlzttG4871SPk.roa
Signing time: Sun 01 Jan 2023 22:44:44 +0000
ROA not before: Sun 01 Jan 2023 22:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199791
IP address blocks: 147.111.0.0/18 maxlen: 18
147.111.0.0/16 maxlen: 16
81.175.16.0/22 maxlen: 22
147.111.128.0/18 maxlen: 18
185.45.36.0/22 maxlen: 22
147.111.64.0/18 maxlen: 18
147.111.192.0/18 maxlen: 18
2a01:79e0::/32 maxlen: 32
2a01:79e0:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:3c:69:fc:49:ab:b5:49:33:e8:7b:f0:c9:fe:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ab38dab90c61450dc8ad66b485d536cbaf9e0f9
Validity
Not Before: Jan 1 22:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4f90fb9212aaaf7974f8265cedb46e3cef548f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:77:7c:b6:47:c2:86:2b:93:2c:ad:a2:fe:a8:
1f:3f:d3:7e:b5:89:d4:93:9e:b9:71:ac:95:c3:36:
f8:e6:b5:75:43:1a:09:9e:39:ec:90:b4:b0:7f:ca:
ce:42:28:f0:a8:e6:50:5f:04:ea:a7:66:73:a3:56:
8a:10:08:7f:c2:23:9a:8b:ac:ab:dd:76:1b:6c:07:
fe:42:48:e0:65:7f:62:d8:98:23:62:69:ad:f5:86:
ef:a7:66:90:3f:c8:5f:75:da:b2:a2:34:02:2b:7e:
4a:c4:52:c8:a7:96:bf:e6:51:35:38:1e:67:37:f2:
c6:8b:87:db:cf:b4:6f:71:24:d9:0b:33:a8:de:86:
f7:ab:da:b4:ce:cd:05:8c:d7:20:d9:5c:8f:f4:fb:
8a:b8:cb:d8:e0:68:c8:b1:f1:ad:36:fe:98:94:37:
f2:7b:14:53:96:fd:b9:51:30:e9:39:df:2e:09:c7:
75:f5:c3:db:0c:21:e8:68:74:33:66:11:66:0a:a2:
58:48:36:fe:75:d1:e6:a3:6e:34:e9:96:11:48:b3:
c6:95:db:21:be:06:a9:06:55:5b:3e:d0:bf:d9:a2:
03:a6:fa:c8:75:af:43:eb:dd:28:00:6a:89:39:4f:
0a:a0:03:8f:eb:b0:fc:94:74:18:ac:24:94:38:27:
fa:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F9:0F:B9:21:2A:AA:F7:97:4F:82:65:CE:DB:46:E3:CE:F5:48:F9
X509v3 Authority Key Identifier:
keyid:0A:B3:8D:AB:90:C6:14:50:DC:8A:D6:6B:48:5D:53:6C:BA:F9:E0:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CrONq5DGFFDcitZrSF1TbLr54Pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/da27ed-3cc3-4937-8583-43e811f77681/1/xPkPuSEqqveXT4JlzttG4871SPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/da27ed-3cc3-4937-8583-43e811f77681/1/CrONq5DGFFDcitZrSF1TbLr54Pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.175.16.0/22
147.111.0.0/16
185.45.36.0/22
IPv6:
2a01:79e0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:d9:32:bc:2c:76:2d:43:c6:ac:ea:6d:f2:06:ec:ea:67:5f:
68:43:b3:b1:f8:46:d0:70:4d:c2:7c:0b:7f:95:43:1f:ac:89:
0a:7a:08:56:5b:c9:e3:7c:eb:02:30:b8:71:cc:71:ad:75:52:
99:42:b8:66:7c:7f:49:9a:0f:d7:d7:1a:05:99:28:10:71:18:
2f:02:0b:19:ec:89:cd:67:c3:19:b4:6b:e3:f1:16:c3:ca:ad:
67:3c:b7:35:a3:bf:de:fb:76:3a:80:13:45:e0:b9:dc:a8:44:
25:e2:f8:bf:26:33:6d:e6:02:03:ae:cb:f0:f0:aa:65:b3:c2:
b3:10:62:3c:8a:d0:cf:b3:f9:b0:42:93:72:27:f8:73:b0:03:
35:56:ec:51:08:0b:74:8d:30:40:97:82:c2:84:1c:68:65:db:
d3:e5:47:a5:ad:33:ef:b3:37:b3:00:c8:be:c1:22:07:e8:e7:
88:5f:c1:97:df:bc:21:2d:74:21:27:a3:d7:8a:03:51:9b:36:
01:9e:ee:c4:42:c2:7e:b4:95:80:af:60:d2:71:3b:80:12:ae:
ce:67:04:a0:87:d0:42:d5:ff:99:c7:ee:bb:38:46:bc:64:97:
fb:ac:28:d4:2c:15:4b:e3:f2:6d:39:2b:1c:d6:67:7b:0f:f3:
fa:2a:e3:38
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvgjxp/EmrtUkz6Hvwyf5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYjM4ZGFiOTBjNjE0NTBkYzhhZDY2YjQ4NWQ1MzZjYmFm
OWUwZjkwHhcNMjMwMTAxMjI0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGY5MGZiOTIxMmFhYWY3OTc0ZjgyNjVjZWRiNDZlM2NlZjU0OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHd8tkfChiuTLK2i/qgfP9N+tYnU
k565cayVwzb45rV1QxoJnjnskLSwf8rOQijwqOZQXwTqp2Zzo1aKEAh/wiOai6yr
3XYbbAf+QkjgZX9i2JgjYmmt9Ybvp2aQP8hfddqyojQCK35KxFLIp5a/5lE1OB5n
N/LGi4fbz7RvcSTZCzOo3ob3q9q0zs0FjNcg2VyP9PuKuMvY4GjIsfGtNv6YlDfy
exRTlv25UTDpOd8uCcd19cPbDCHoaHQzZhFmCqJYSDb+ddHmo2406ZYRSLPGldsh
vgapBlVbPtC/2aIDpvrIda9D690oAGqJOU8KoAOP67D8lHQYrCSUOCf6WQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMT5D7khKqr3l0+CZc7bRuPO9Uj5MB8GA1UdIwQY
MBaAFAqzjauQxhRQ3IrWa0hdU2y6+eD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3JPTnE1REdGRkRjaXRaclNGMVRiTHI1NFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYTI3ZWQtM2NjMy00OTM3LTg1ODMt
NDNlODExZjc3NjgxLzEveFBrUHVTRXFxdmVYVDRKbHp0dEc0ODcxU1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYTI3ZWQtM2NjMy00OTM3LTg1ODMtNDNlODExZjc3Njgx
LzEvQ3JPTnE1REdGRkRjaXRaclNGMVRiTHI1NFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCUa8QAwMA
k28DBAK5LSQwDQQCAAIwBwMFACoBeeAwDQYJKoZIhvcNAQELBQADggEBABrZMrws
di1DxqzqbfIG7OpnX2hDs7H4RtBwTcJ8C3+VQx+siQp6CFZbyeN86wIwuHHMca11
UplCuGZ8f0maD9fXGgWZKBBxGC8CCxnsic1nwxm0a+PxFsPKrWc8tzWjv977djqA
E0XgudyoRCXi+L8mM23mAgOuy/DwqmWzwrMQYjyK0M+z+bBCk3In+HOwAzVW7FEI
C3SNMECXgsKEHGhl29PlR6WtM++zN7MAyL7BIgfo54hfwZffvCEtdCEno9eKA1Gb
NgGe7sRCwn60lYCvYNJxO4ASrs5nBKCH0ELV/5nH7rs4Rrxkl/usKNQsFUvj8m05
KxzWZ3sP8/oq4zg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org