Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rSVtan4siD1Rz6sqvTeQgtZ3E9Y.roa
File: rSVtan4siD1Rz6sqvTeQgtZ3E9Y.roa (raw, json)
Hash identifier: un7hr4QH492Nlc4xLV+zkrUVO0T5+rNgI5NM3CZVzb4=
Subject key identifier: AD:25:6D:6A:7E:2C:88:3D:51:CF:AB:2A:BD:37:90:82:D6:77:13:D6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01875BE145BDCF408BDFDB921D121779D6DF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rSVtan4siD1Rz6sqvTeQgtZ3E9Y.roa
Signing time: Fri 07 Apr 2023 13:21:42 +0000
ROA not before: Fri 07 Apr 2023 13:21:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 171.22.31.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5b:e1:45:bd:cf:40:8b:df:db:92:1d:12:17:79:d6:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 7 13:21:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad256d6a7e2c883d51cfab2abd379082d67713d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3d:e1:0f:37:c8:fb:1b:27:50:29:87:5e:22:
8b:35:3a:d6:18:ca:fa:9b:e7:31:6a:57:7a:15:d5:
37:e1:fd:1a:b9:be:30:26:2c:6f:31:74:e5:87:ae:
3f:10:50:cf:bc:29:f0:8d:d7:49:6f:42:0f:5b:32:
d9:68:81:86:9c:6f:2b:5e:a0:01:5d:1f:25:c0:03:
b2:20:9e:41:46:ce:d0:23:f4:ed:d1:f3:71:2e:8e:
7f:e1:94:dd:76:71:77:58:4f:62:a6:18:45:38:a7:
2e:48:b1:7d:41:4f:9e:b6:e1:01:db:49:e8:97:38:
f9:73:9c:ef:8f:4b:1b:a0:09:db:80:8e:eb:d1:eb:
6e:8e:33:4d:91:a4:13:02:25:fc:ed:e1:06:4e:f0:
13:03:00:0c:65:f4:a4:59:20:c7:56:ca:57:99:88:
98:d4:ae:c0:51:34:cf:c7:26:32:4f:1c:f9:cf:1e:
49:41:a5:cf:38:b7:6e:68:0c:8a:fa:7c:54:6f:a7:
4a:a0:1a:ce:ca:d5:45:85:f8:68:4e:2f:18:83:43:
52:f3:d3:6a:c4:28:ef:d3:23:d4:ae:ea:6f:e7:d2:
67:d4:7a:b8:8e:4e:ff:e2:51:c0:49:80:5c:52:0d:
cb:e8:18:a6:72:44:8b:44:76:50:79:54:27:95:3b:
78:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:25:6D:6A:7E:2C:88:3D:51:CF:AB:2A:BD:37:90:82:D6:77:13:D6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rSVtan4siD1Rz6sqvTeQgtZ3E9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
85.209.132.0/24
171.22.31.0/24
176.125.255.0/24
185.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
78:ef:d0:8b:44:50:6d:fb:f8:02:80:da:70:c3:93:4c:bd:a7:
81:92:b5:bf:47:9e:26:12:73:52:f7:c0:ae:91:f3:40:6e:9c:
7b:5c:9d:46:dc:7d:0f:b3:08:ee:49:b0:52:91:d4:51:91:a7:
cc:09:a9:3b:bf:10:35:5f:8c:2c:8a:63:cf:ab:84:0c:12:43:
54:07:8b:62:eb:c6:64:36:9a:60:9b:f9:c7:80:92:e0:9a:ef:
a2:75:26:74:c7:4b:ff:f6:4a:64:40:7c:65:3d:b8:ca:4b:d8:
24:21:7a:6e:12:c1:68:b9:26:68:19:ed:23:0f:c1:25:63:60:
23:a9:1a:61:c4:9f:77:1c:61:f2:3d:fd:68:07:12:79:31:8d:
2a:73:7e:6f:3d:e7:66:0c:84:b3:a4:34:aa:b0:65:9c:7e:5f:
92:43:bb:a0:d0:96:73:5d:ba:8f:d3:83:dd:bd:7e:6f:ec:c1:
18:61:9a:4c:0e:c1:18:0e:2e:a9:d9:b7:97:79:a1:e7:87:97:
db:61:8f:18:e7:e3:b1:2b:32:c4:8d:da:33:3a:d8:1a:4c:2a:
90:33:69:bf:83:5a:72:7d:63:ac:c5:c5:6c:1d:ef:fe:82:ef:
63:14:cf:b5:8f:af:0a:02:b8:cf:c6:de:2b:3e:1a:1a:1f:3c:
67:f6:98:72
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYdb4UW9z0CL39uSHRIXedbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDA3MTMyMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDI1NmQ2YTdlMmM4ODNkNTFjZmFiMmFiZDM3OTA4MmQ2NzcxM2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz3hDzfI+xsnUCmHXiKLNTrWGMr6
m+cxald6FdU34f0aub4wJixvMXTlh64/EFDPvCnwjddJb0IPWzLZaIGGnG8rXqAB
XR8lwAOyIJ5BRs7QI/Tt0fNxLo5/4ZTddnF3WE9iphhFOKcuSLF9QU+etuEB20no
lzj5c5zvj0sboAnbgI7r0etujjNNkaQTAiX87eEGTvATAwAMZfSkWSDHVspXmYiY
1K7AUTTPxyYyTxz5zx5JQaXPOLduaAyK+nxUb6dKoBrOytVFhfhoTi8Yg0NS89Nq
xCjv0yPUrupv59Jn1Hq4jk7/4lHASYBcUg3L6BimckSLRHZQeVQnlTt4iQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK0lbWp+LIg9Uc+rKr03kILWdxPWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvclNWdGFuNHNpRDFSejZzcXZUZVFndFozRTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVBWtAwQA
VdGEAwQAqxYfAwQAsH3/AwQAufbfMA0GCSqGSIb3DQEBCwUAA4IBAQB479CLRFBt
+/gCgNpww5NMvaeBkrW/R54mEnNS98CukfNAbpx7XJ1G3H0PswjuSbBSkdRRkafM
Cak7vxA1X4wsimPPq4QMEkNUB4ti68ZkNppgm/nHgJLgmu+idSZ0x0v/9kpkQHxl
PbjKS9gkIXpuEsFouSZoGe0jD8ElY2AjqRphxJ93HGHyPf1oBxJ5MY0qc35vPedm
DISzpDSqsGWcfl+SQ7ug0JZzXbqP04PdvX5v7MEYYZpMDsEYDi6p2beXeaHnh5fb
YY8Y5+OxKzLEjdozOtgaTCqQM2m/g1pyfWOsxcVsHe/+gu9jFM+1j68KArjPxt4r
PhoaHzxn9phy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org