Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D5xf_Jm0upqifPPy1rJs8EuJlSE.roa
File: D5xf_Jm0upqifPPy1rJs8EuJlSE.roa (raw, json)
Hash identifier: XqTrzwuOb4mHnmiet8z8rX9Mn2c/fai8TyWg6GE8av8=
Subject key identifier: 0F:9C:5F:FC:99:B4:BA:9A:A2:7C:F3:F2:D6:B2:6C:F0:4B:89:95:21
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D82166EF8EFAEBC9D3EA0FAAF7E8C3C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D5xf_Jm0upqifPPy1rJs8EuJlSE.roa
Signing time: Sun 01 Jan 2023 13:25:20 +0000
ROA not before: Sun 01 Jan 2023 13:25:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393398
IP address blocks: 81.161.237.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:82:16:6e:f8:ef:ae:bc:9d:3e:a0:fa:af:7e:8c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f9c5ffc99b4ba9aa27cf3f2d6b26cf04b899521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:74:26:2e:b9:a4:a3:a6:ac:c2:b6:5c:de:
af:9f:ee:b7:ff:af:02:07:60:b7:ba:b9:f9:f7:b1:
51:a2:c4:64:48:38:8d:56:ca:bf:96:c1:60:87:3b:
4b:da:e4:e2:a6:42:6f:25:a7:59:0b:a3:16:bb:17:
ed:fe:31:e5:dc:36:2c:4a:ad:91:87:c1:ed:d7:47:
ea:74:54:e7:b8:79:ec:e0:62:92:8a:5f:ad:0d:94:
23:85:48:70:29:df:75:29:ed:d0:0d:d2:d6:3e:21:
a1:41:cc:eb:68:a4:9e:11:19:89:fc:49:5d:20:36:
9e:f3:47:69:c4:d7:3f:43:72:98:17:a4:2e:a8:08:
3c:ad:70:09:95:44:bb:48:01:06:71:08:66:d2:b5:
ef:ea:df:68:c3:e3:4a:9b:86:b3:a4:06:cc:1b:96:
dc:f0:e3:d2:d8:19:d7:16:84:eb:8a:c9:c0:9e:ad:
c5:ad:2b:2a:93:fb:28:40:f7:f2:3a:c7:80:64:e9:
ab:57:f6:9a:40:51:5e:7a:28:55:65:61:e1:96:c8:
f3:7f:92:06:a7:d8:17:91:77:ce:bd:e7:df:6a:ce:
fd:68:1d:67:ad:a6:ad:59:39:3e:95:7b:fd:f9:b6:
57:30:db:3b:70:3a:91:7c:32:f3:26:82:93:75:d9:
c6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9C:5F:FC:99:B4:BA:9A:A2:7C:F3:F2:D6:B2:6C:F0:4B:89:95:21
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D5xf_Jm0upqifPPy1rJs8EuJlSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
193.58.121.0/24
193.58.123.0/24
Signature Algorithm: sha256WithRSAEncryption
57:95:71:c8:ce:fc:4a:a8:07:f0:e6:0b:53:fd:7b:fa:08:06:
3b:ea:73:aa:a6:d6:f3:c4:c2:5f:23:f0:63:1f:bb:0f:51:d5:
7e:11:aa:d7:2a:b6:34:11:e2:a0:4e:01:f7:ea:6e:af:71:28:
74:48:aa:c2:90:a9:0a:d0:b6:d9:20:64:ad:b2:8d:c0:0f:a6:
9c:ef:cb:05:bc:48:e7:84:c7:4a:52:06:b2:09:6c:a9:a4:92:
ea:c9:5a:0c:04:01:2b:8e:3d:c8:d3:8c:09:83:c0:08:b1:7f:
1d:45:4a:8c:8f:b8:d1:be:88:c1:d6:10:1c:86:bf:d2:84:e1:
4d:04:2d:7f:71:7f:42:f6:06:7d:f4:6d:e6:1e:3b:76:37:cc:
ae:50:1d:d6:71:3a:33:09:bc:eb:b7:d8:57:3f:3f:ce:62:6b:
c9:63:6f:ea:dd:ce:c0:bb:5c:8d:29:6d:31:37:fb:70:6a:61:
87:13:bf:76:d1:61:dc:5a:18:0b:99:fb:44:a9:02:63:00:25:
6b:45:48:a1:dd:de:ba:44:52:20:e1:fd:74:85:d5:bc:cc:d2:
61:38:35:2d:2e:7a:5a:83:20:da:1d:a3:75:2a:93:72:8d:fb:
3e:d1:79:d5:a0:19:b3:ae:83:3f:4d:b7:43:86:da:fb:8a:72:
05:33:7d:2d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtghZu+O+uvJ0+oPqvfow8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjljNWZmYzk5YjRiYTlhYTI3Y2YzZjJkNmIyNmNmMDRiODk5NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoN0Ji65pKOmrMK2XN6vn+63/68C
B2C3urn597FRosRkSDiNVsq/lsFghztL2uTipkJvJadZC6MWuxft/jHl3DYsSq2R
h8Ht10fqdFTnuHns4GKSil+tDZQjhUhwKd91Ke3QDdLWPiGhQczraKSeERmJ/Eld
IDae80dpxNc/Q3KYF6QuqAg8rXAJlUS7SAEGcQhm0rXv6t9ow+NKm4azpAbMG5bc
8OPS2BnXFoTrisnAnq3FrSsqk/soQPfyOseAZOmrV/aaQFFeeihVZWHhlsjzf5IG
p9gXkXfOveffas79aB1nraatWTk+lXv9+bZXMNs7cDqRfDLzJoKTddnGIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA+cX/yZtLqaonzz8taybPBLiZUhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRDV4Zl9KbTB1cHFpZlBQeTFySnM4RXVKbFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUaHtAwQA
wTp5AwQAwTp7MA0GCSqGSIb3DQEBCwUAA4IBAQBXlXHIzvxKqAfw5gtT/Xv6CAY7
6nOqptbzxMJfI/BjH7sPUdV+EarXKrY0EeKgTgH36m6vcSh0SKrCkKkK0LbZIGSt
so3AD6ac78sFvEjnhMdKUgayCWyppJLqyVoMBAErjj3I04wJg8AIsX8dRUqMj7jR
vojB1hAchr/ShOFNBC1/cX9C9gZ99G3mHjt2N8yuUB3WcTozCbzrt9hXPz/OYmvJ
Y2/q3c7Au1yNKW0xN/twamGHE7920WHcWhgLmftEqQJjACVrRUih3d66RFIg4f10
hdW8zNJhODUtLnpagyDaHaN1KpNyjfs+0XnVoBmzroM/TbdDhtr7inIFM30t
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:47 2024 by rpki-client on console-fra.rpki-client.org