Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cx08f_qkM8B8OwfwWG-rsRCVsmo.roa
File: cx08f_qkM8B8OwfwWG-rsRCVsmo.roa (raw, json)
Hash identifier: buvhl2znXkWd8JxUq0Dswpdz45tLdaubiLnrJUofvGw=
Subject key identifier: 73:1D:3C:7F:FA:A4:33:C0:7C:3B:07:F0:58:6F:AB:B1:10:95:B2:6A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187A233461A2EF167140B2BF0A00C93201E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cx08f_qkM8B8OwfwWG-rsRCVsmo.roa
Signing time: Fri 21 Apr 2023 05:04:41 +0000
ROA not before: Fri 21 Apr 2023 05:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 171.22.31.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:33:46:1a:2e:f1:67:14:0b:2b:f0:a0:0c:93:20:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 21 05:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=731d3c7ffaa433c07c3b07f0586fabb11095b26a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d8:78:71:5f:d8:4b:41:7a:79:13:0c:a6:16:
86:b9:7c:16:d9:d4:27:39:94:5d:a9:8b:f4:90:e0:
01:f3:c4:cf:7a:51:92:f5:28:3d:62:61:9b:71:95:
85:ee:a3:5c:59:74:34:83:12:30:bd:33:e8:05:bc:
ae:a4:db:d6:b1:6d:32:ca:86:9e:15:d7:fa:e7:e2:
19:cd:f3:0b:6f:77:db:0c:f7:d2:a7:f3:e8:60:cb:
a7:8d:b7:ff:16:69:52:56:64:e9:a6:6f:2d:43:25:
34:1a:d5:b2:9b:17:16:e5:30:9b:be:16:b7:67:cc:
18:24:6d:90:97:26:b3:66:c5:74:91:7b:7e:06:3d:
bb:a1:6d:80:9b:bd:f4:12:ca:86:91:dc:ee:54:cb:
58:a8:40:3a:88:8e:7c:8d:8f:b3:01:ae:32:ec:a4:
15:e1:ef:91:eb:0d:ad:b4:67:e4:81:0d:ef:13:18:
c5:63:e7:7d:90:aa:36:ab:c6:90:e5:90:33:8c:92:
b6:f3:0c:03:14:d2:36:92:2b:33:0b:0b:6b:12:0f:
39:00:20:dc:c7:93:c8:50:e2:d6:61:12:91:f2:ca:
7e:01:4f:e9:74:69:b1:b1:90:89:e6:fe:e5:54:20:
92:d6:99:31:35:f7:72:82:25:48:55:75:b3:25:ed:
a8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1D:3C:7F:FA:A4:33:C0:7C:3B:07:F0:58:6F:AB:B1:10:95:B2:6A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cx08f_qkM8B8OwfwWG-rsRCVsmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
85.209.132.0/24
171.22.31.0/24
176.125.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:f2:06:63:12:55:0e:eb:8d:cf:2e:d9:66:62:3d:81:f3:46:
97:0e:ef:16:c3:c9:71:11:9c:c7:1e:1c:27:65:cf:ae:fa:4f:
05:76:de:2f:dc:98:dc:93:1e:8b:06:fb:14:b6:6d:ff:c6:4f:
bc:6e:78:01:57:80:e4:cf:d6:3f:c4:4a:98:94:70:31:b9:7b:
64:38:d1:c0:7c:47:dd:0a:56:6e:7e:21:44:95:83:cc:ff:33:
b4:53:3e:4b:f7:b4:40:64:b8:61:de:ec:1f:1b:a5:44:7f:1c:
1c:18:03:26:05:85:59:3d:1a:af:39:0b:71:e1:28:22:78:a1:
3d:98:cf:50:ac:d3:44:30:a6:4b:31:d7:40:ac:42:03:3f:9e:
49:94:ae:42:c9:6a:5f:2e:27:8c:42:6b:ce:ea:de:5e:3a:4e:
a7:66:c4:16:6e:c6:17:be:c8:7e:86:5d:9f:92:a2:87:07:ac:
d6:05:55:47:eb:52:45:60:8e:a6:87:78:12:f7:1e:8d:57:9a:
4b:79:84:59:05:87:4b:77:0c:58:ab:25:e9:e1:21:f0:ec:f6:
a4:9c:c0:45:b2:a1:76:3a:9e:0e:49:14:b7:67:7b:05:86:df:
7f:bb:f9:cf:44:9f:f9:c1:dd:6e:b3:5c:9d:d7:93:32:d4:bb:
13:a3:55:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeiM0YaLvFnFAsr8KAMkyAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDIxMDUwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzFkM2M3ZmZhYTQzM2MwN2MzYjA3ZjA1ODZmYWJiMTEwOTViMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39h4cV/YS0F6eRMMphaGuXwW2dQn
OZRdqYv0kOAB88TPelGS9Sg9YmGbcZWF7qNcWXQ0gxIwvTPoBbyupNvWsW0yyoae
Fdf65+IZzfMLb3fbDPfSp/PoYMunjbf/FmlSVmTppm8tQyU0GtWymxcW5TCbvha3
Z8wYJG2QlyazZsV0kXt+Bj27oW2Am730EsqGkdzuVMtYqEA6iI58jY+zAa4y7KQV
4e+R6w2ttGfkgQ3vExjFY+d9kKo2q8aQ5ZAzjJK28wwDFNI2kiszCwtrEg85ACDc
x5PIUOLWYRKR8sp+AU/pdGmxsZCJ5v7lVCCS1pkxNfdygiVIVXWzJe2orQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHMdPH/6pDPAfDsH8Fhvq7EQlbJqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvY3gwOGZfcWtNOEI4T3dmd1dHLXJzUkNWc21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVBWtAwQA
VdGEAwQAqxYfAwQAsH3/MA0GCSqGSIb3DQEBCwUAA4IBAQCl8gZjElUO643PLtlm
Yj2B80aXDu8Ww8lxEZzHHhwnZc+u+k8Fdt4v3Jjckx6LBvsUtm3/xk+8bngBV4Dk
z9Y/xEqYlHAxuXtkONHAfEfdClZufiFElYPM/zO0Uz5L97RAZLhh3uwfG6VEfxwc
GAMmBYVZPRqvOQtx4SgieKE9mM9QrNNEMKZLMddArEIDP55JlK5CyWpfLieMQmvO
6t5eOk6nZsQWbsYXvsh+hl2fkqKHB6zWBVVH61JFYI6mh3gS9x6NV5pLeYRZBYdL
dwxYqyXp4SHw7PaknMBFsqF2Op4OSRS3Z3sFht9/u/nPRJ/5wd1us1yd15My1LsT
o1XY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org