Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/5irMSq1KgfIBous9dnEi2BN7YgQ.roa
File: 5irMSq1KgfIBous9dnEi2BN7YgQ.roa (raw, json)
Hash identifier: 4S6mtel/n9s/vI7OMnX9F+/jvg6VsjJpat04XJUv5oM=
Subject key identifier: E6:2A:CC:4A:AD:4A:81:F2:01:A2:EB:3D:76:71:22:D8:13:7B:62:04
Certificate issuer: /CN=d43c92474fed383c95fa2ccd83d614f57e563d82
Certificate serial: 01856CF82EF9955698E73F919E2763F9266A
Authority key identifier: D4:3C:92:47:4F:ED:38:3C:95:FA:2C:CD:83:D6:14:F5:7E:56:3D:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DySR0_tODyV-izNg9YU9X5WPYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/5irMSq1KgfIBous9dnEi2BN7YgQ.roa
Signing time: Sun 01 Jan 2023 10:54:42 +0000
ROA not before: Sun 01 Jan 2023 10:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29605
IP address blocks: 193.110.140.0/24 maxlen: 24
178.255.128.0/21 maxlen: 24
185.87.88.0/22 maxlen: 24
2a01:6940::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:2e:f9:95:56:98:e7:3f:91:9e:27:63:f9:26:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43c92474fed383c95fa2ccd83d614f57e563d82
Validity
Not Before: Jan 1 10:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e62acc4aad4a81f201a2eb3d767122d8137b6204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:eb:30:a3:8d:d0:83:e7:84:ff:7e:03:e7:e5:
8c:08:e2:0e:ef:49:34:45:a3:13:69:e4:75:a3:64:
b2:2e:66:b3:a9:3a:76:74:8e:2e:3e:7e:96:f3:9c:
82:5f:c7:5f:05:66:ee:c5:cd:e2:82:9e:8e:1f:49:
e6:5d:d3:b6:00:19:5b:5b:0b:39:e7:ee:ff:5e:e0:
b9:a7:d4:6a:06:e9:7c:0c:04:a4:98:cd:ef:ab:73:
d1:73:4d:d9:3e:1c:4a:f5:90:39:7b:c6:ea:c2:5c:
34:70:5e:db:c6:6f:89:a1:ac:ba:ac:22:9b:d4:0b:
dc:81:ac:fb:59:50:e3:ca:4b:b4:01:c2:be:2e:3f:
e7:14:37:b3:48:94:3d:02:db:f2:c4:59:60:ad:c9:
16:ec:b1:eb:52:4e:d8:b3:53:c4:5e:a9:b8:19:5c:
42:87:d1:00:5d:3c:87:64:1a:08:04:ae:8e:ab:27:
e0:e4:9f:7f:09:7b:21:ed:9a:1f:8b:81:8f:8f:59:
fb:77:90:87:02:24:42:f4:37:c1:f4:4d:41:bf:63:
b6:6b:6c:b6:78:1e:7c:f4:d0:6f:2e:61:ee:9c:bb:
b9:d7:70:51:aa:02:fb:ae:e7:e4:52:97:14:dd:c2:
0c:7b:10:6a:bd:6a:08:b4:d4:2f:84:2d:1b:08:1c:
6c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2A:CC:4A:AD:4A:81:F2:01:A2:EB:3D:76:71:22:D8:13:7B:62:04
X509v3 Authority Key Identifier:
keyid:D4:3C:92:47:4F:ED:38:3C:95:FA:2C:CD:83:D6:14:F5:7E:56:3D:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DySR0_tODyV-izNg9YU9X5WPYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/5irMSq1KgfIBous9dnEi2BN7YgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/1DySR0_tODyV-izNg9YU9X5WPYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.128.0/21
185.87.88.0/22
193.110.140.0/24
IPv6:
2a01:6940::/32
Signature Algorithm: sha256WithRSAEncryption
99:2e:02:1f:07:2b:e8:fa:8a:e7:43:f0:13:06:4e:c3:aa:27:
89:47:fc:81:1d:0b:59:e1:79:e0:19:7d:28:1f:95:83:65:a2:
59:87:55:5f:69:e6:10:e5:9c:ef:1f:85:67:6b:23:d7:c0:ce:
dc:d7:08:24:b5:fb:a1:ea:ac:f8:d6:68:89:0c:12:43:58:d7:
68:a0:23:fa:27:61:bf:45:bc:e0:33:61:aa:5d:e2:61:5b:c7:
71:d7:8c:9e:6e:85:22:ca:34:c9:d2:af:18:2f:60:ac:58:5c:
f0:c9:8c:66:33:03:2a:f3:9e:c3:0b:a2:2c:5d:26:dc:97:bb:
82:a0:1b:b8:16:c4:b8:01:9d:56:3e:89:1e:12:c1:59:55:9e:
83:5d:a3:fb:ae:f4:26:fe:88:71:dd:5b:9e:67:5b:85:8f:a5:
c1:25:c9:40:56:55:f5:87:b8:1e:bd:53:92:a7:fc:61:f4:3d:
a9:28:c3:95:ca:c7:4e:5d:7e:06:b5:38:a2:de:b2:9e:26:27:
62:ff:a8:a7:bd:f8:26:44:2b:f5:ee:b8:b0:cf:f0:a7:48:99:
e9:1b:6d:04:1d:57:d1:78:f6:b8:46:ce:d0:03:3a:20:99:51:
8a:98:fd:7b:9a:fe:63:96:c0:7e:78:f9:00:4f:d6:36:a3:47:
69:9c:af:47
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVs+C75lVaY5z+Rnidj+SZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2M5MjQ3NGZlZDM4M2M5NWZhMmNjZDgzZDYxNGY1N2U1
NjNkODIwHhcNMjMwMTAxMTA1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJhY2M0YWFkNGE4MWYyMDFhMmViM2Q3NjcxMjJkODEzN2I2MjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+swo43Qg+eE/34D5+WMCOIO70k0
RaMTaeR1o2SyLmazqTp2dI4uPn6W85yCX8dfBWbuxc3igp6OH0nmXdO2ABlbWws5
5+7/XuC5p9RqBul8DASkmM3vq3PRc03ZPhxK9ZA5e8bqwlw0cF7bxm+Joay6rCKb
1Avcgaz7WVDjyku0AcK+Lj/nFDezSJQ9AtvyxFlgrckW7LHrUk7Ys1PEXqm4GVxC
h9EAXTyHZBoIBK6Oqyfg5J9/CXsh7Zofi4GPj1n7d5CHAiRC9DfB9E1Bv2O2a2y2
eB589NBvLmHunLu513BRqgL7rufkUpcU3cIMexBqvWoItNQvhC0bCBxsJwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOYqzEqtSoHyAaLrPXZxItgTe2IEMB8GA1UdIwQY
MBaAFNQ8kkdP7Tg8lfoszYPWFPV+Vj2CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUR5U1IwX3RPRHlWLWl6Tmc5WVU5WDVXUFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NDFmM2EtYWI4My00ZGQ5LWIxODMt
NmIwNmMxNzZiZDVhLzEvNWlyTVNxMUtnZklCb3VzOWRuRWkyQk43WWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NDFmM2EtYWI4My00ZGQ5LWIxODMtNmIwNmMxNzZiZDVh
LzEvMUR5U1IwX3RPRHlWLWl6Tmc5WVU5WDVXUFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsv+AAwQC
uVdYAwQAwW6MMA0EAgACMAcDBQAqAWlAMA0GCSqGSIb3DQEBCwUAA4IBAQCZLgIf
Byvo+ornQ/ATBk7DqieJR/yBHQtZ4XngGX0oH5WDZaJZh1VfaeYQ5ZzvH4VnayPX
wM7c1wgktfuh6qz41miJDBJDWNdooCP6J2G/RbzgM2GqXeJhW8dx14yeboUiyjTJ
0q8YL2CsWFzwyYxmMwMq857DC6IsXSbcl7uCoBu4FsS4AZ1WPokeEsFZVZ6DXaP7
rvQm/ohx3VueZ1uFj6XBJclAVlX1h7gevVOSp/xh9D2pKMOVysdOXX4GtTii3rKe
Jidi/6invfgmRCv17riwz/CnSJnpG20EHVfRePa4Rs7QAzogmVGKmP17mv5jlsB+
ePkAT9Y2o0dpnK9H
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:16 2024 by rpki-client on console-ams.rpki-client.org