Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6XvLNqBVaTPN53nOWNOpDIAAIiw.roa
File: 6XvLNqBVaTPN53nOWNOpDIAAIiw.roa (raw, json)
Hash identifier: dxLW8V1aJ2aoGz/p7xvwY30+cVdb34kAjIzBM1zuVSY=
Subject key identifier: E9:7B:CB:36:A0:55:69:33:CD:E7:79:CE:58:D3:A9:0C:80:00:22:2C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81E4EC9798CF2C4D00C592FF84DB5E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6XvLNqBVaTPN53nOWNOpDIAAIiw.roa
Signing time: Sun 01 Jan 2023 13:25:07 +0000
ROA not before: Sun 01 Jan 2023 13:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 194.31.223.0/24 maxlen: 24
164.40.189.0/24 maxlen: 24
164.40.191.0/24 maxlen: 24
164.40.188.0/24 maxlen: 24
164.40.190.0/24 maxlen: 24
193.149.28.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:e4:ec:97:98:cf:2c:4d:00:c5:92:ff:84:db:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e97bcb36a0556933cde779ce58d3a90c8000222c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:2a:62:d7:63:ac:34:b3:6b:90:a0:9b:92:
0d:c2:8c:85:a2:14:41:7c:78:d9:15:86:dc:f3:65:
b4:97:5b:32:cb:a8:61:9a:7c:60:86:6c:cb:75:a7:
59:1a:2d:f7:b1:12:ac:d3:2e:31:ee:b9:0d:69:75:
8f:30:3c:4f:56:b0:a0:f7:0a:f0:67:71:be:fc:26:
98:e6:44:af:3b:7c:80:5e:09:5a:b6:3f:d3:1e:f0:
35:93:d2:d4:f7:83:17:17:81:2e:28:27:6c:84:58:
e1:10:c5:f3:fe:5b:40:cb:51:1e:0f:f5:51:6b:46:
9b:db:8d:f7:01:9a:18:4e:b1:a5:b3:ca:75:54:39:
41:b8:f4:2f:8b:ea:85:7c:ad:0e:00:8e:41:13:03:
34:0f:17:da:c0:41:bf:47:76:4e:c8:53:11:15:ea:
37:b7:00:72:28:38:2b:cf:43:14:b8:c7:71:c4:c4:
0e:ac:4b:ed:df:13:37:b8:b2:27:1e:e7:55:e0:1e:
b6:9a:6e:5e:77:2a:2d:14:4b:80:75:3b:04:b4:3c:
70:cf:46:c3:1a:a7:3c:19:a1:09:d1:2e:46:0d:46:
ce:dd:63:5e:21:e2:b1:a3:95:1e:25:c2:ec:fc:41:
65:4b:a3:cf:2a:bc:e7:c7:17:59:b5:dd:fb:b2:01:
f8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:7B:CB:36:A0:55:69:33:CD:E7:79:CE:58:D3:A9:0C:80:00:22:2C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6XvLNqBVaTPN53nOWNOpDIAAIiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.40.188.0/22
193.149.28.0/22
194.31.223.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c6:aa:bc:6c:bb:58:aa:f2:d2:2e:b8:fb:21:2a:24:16:54:
98:26:78:f3:09:d1:c5:60:3b:a2:ab:02:16:09:9e:b9:20:5c:
66:6e:da:7b:f4:d2:3d:a8:dc:ff:9a:bf:94:96:e1:5a:33:0a:
b1:36:b0:15:77:cc:f5:b7:a0:f1:e7:f2:52:77:8c:74:04:37:
ff:d7:a0:c0:3f:dd:27:00:3c:13:7b:52:8e:6b:ff:93:b8:22:
01:1d:fc:2d:99:93:fc:c2:95:10:02:83:ff:ce:a8:b4:c4:d2:
44:73:3b:e4:f4:f0:01:57:1f:85:67:22:92:2b:d5:3b:67:51:
50:7e:bc:e6:18:83:04:cb:96:f1:71:30:76:b7:6f:90:d1:cf:
f7:84:1e:c4:d5:59:00:66:3f:ba:45:a8:38:07:8d:d6:fe:cb:
32:3c:a7:12:4c:c5:b4:f3:e8:7a:f7:34:98:43:c7:25:66:20:
21:72:fe:43:95:98:b7:64:d8:8e:94:e9:8d:57:28:f1:75:8e:
30:2b:b5:2e:7f:22:da:84:8d:cd:27:cc:71:14:40:cb:86:67:
78:a0:5f:27:52:9e:5a:b7:f7:2e:49:87:15:34:5d:fd:16:f5:
f3:7e:28:53:b4:95:a2:90:1a:9e:20:83:4f:1d:2c:a7:1a:7e:
1f:41:5a:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtgeTsl5jPLE0AxZL/hNteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTdiY2IzNmEwNTU2OTMzY2RlNzc5Y2U1OGQzYTkwYzgwMDAyMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQkqYtdjrDSza5Cgm5INwoyFohRB
fHjZFYbc82W0l1syy6hhmnxghmzLdadZGi33sRKs0y4x7rkNaXWPMDxPVrCg9wrw
Z3G+/CaY5kSvO3yAXglatj/THvA1k9LU94MXF4EuKCdshFjhEMXz/ltAy1EeD/VR
a0ab2433AZoYTrGls8p1VDlBuPQvi+qFfK0OAI5BEwM0DxfawEG/R3ZOyFMRFeo3
twByKDgrz0MUuMdxxMQOrEvt3xM3uLInHudV4B62mm5edyotFEuAdTsEtDxwz0bD
Gqc8GaEJ0S5GDUbO3WNeIeKxo5UeJcLs/EFlS6PPKrznxxdZtd37sgH4dwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOl7yzagVWkzzed5zljTqQyAACIsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNlh2TE5xQlZhVFBONTNuT1dOT3BESUFBSWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCpCi8AwQC
wZUcAwQAwh/fMA0GCSqGSIb3DQEBCwUAA4IBAQAoxqq8bLtYqvLSLrj7ISokFlSY
JnjzCdHFYDuiqwIWCZ65IFxmbtp79NI9qNz/mr+UluFaMwqxNrAVd8z1t6Dx5/JS
d4x0BDf/16DAP90nADwTe1KOa/+TuCIBHfwtmZP8wpUQAoP/zqi0xNJEczvk9PAB
Vx+FZyKSK9U7Z1FQfrzmGIMEy5bxcTB2t2+Q0c/3hB7E1VkAZj+6Rag4B43W/ssy
PKcSTMW08+h69zSYQ8clZiAhcv5DlZi3ZNiOlOmNVyjxdY4wK7UufyLahI3NJ8xx
FEDLhmd4oF8nUp5at/cuSYcVNF39FvXzfihTtJWikBqeIINPHSynGn4fQVoa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org