Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/lRJIdfepfG9pg05p9QjR5Ri-Wl0.roa
File: lRJIdfepfG9pg05p9QjR5Ri-Wl0.roa (raw, json)
Hash identifier: neejIt/VQMlKpsyFqRLF7QDHZ9/+JrMMl49cVk79B9Y=
Subject key identifier: 95:12:48:75:F7:A9:7C:6F:69:83:4E:69:F5:08:D1:E5:18:BE:5A:5D
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 0185711E52AD4CC33A0E253926FF1627DF19
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/lRJIdfepfG9pg05p9QjR5Ri-Wl0.roa
Signing time: Mon 02 Jan 2023 06:14:50 +0000
ROA not before: Mon 02 Jan 2023 06:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28843
IP address blocks: 62.205.192.0/20 maxlen: 20
188.64.176.0/21 maxlen: 21
62.205.192.0/18 maxlen: 18
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:52:ad:4c:c3:3a:0e:25:39:26:ff:16:27:df:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Jan 2 06:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95124875f7a97c6f69834e69f508d1e518be5a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c9:e0:f8:d3:21:24:2b:9c:0e:f0:a0:c5:80:
f8:2a:21:36:dc:0c:dc:0c:40:c9:7d:56:9c:4e:77:
6b:cf:30:36:40:11:b3:1b:e5:ec:b5:77:b1:5e:3c:
45:20:5a:81:3d:f1:30:f0:fb:f6:6f:75:fd:cc:89:
dc:d7:72:2f:38:0a:53:e1:30:d7:81:0c:97:03:03:
68:f0:9c:bf:48:05:5d:5a:12:5a:01:cc:1e:eb:a5:
df:2e:4b:ca:55:3d:20:9d:f2:42:98:bd:dc:b6:9f:
80:74:d7:bb:bc:71:d6:66:f8:74:9c:d2:de:10:ca:
7b:1b:f1:57:78:c7:40:47:1e:68:c3:c7:8f:f3:b3:
be:92:b2:a1:fc:f8:1b:f3:fd:95:44:a7:3b:ff:4c:
fc:57:a3:7f:1a:92:5c:35:d4:d0:2a:a2:fd:88:63:
4a:ce:93:f5:5c:f8:e8:6c:3f:f4:f5:b2:2f:d8:47:
9b:4d:9c:45:a1:30:bd:35:7e:a0:bd:d6:38:fd:85:
8e:12:58:1c:51:ee:c6:9e:bd:fe:58:a6:9a:89:8a:
9b:52:40:10:c4:4a:02:3b:74:a3:00:59:50:bb:69:
c4:6a:2a:b8:a1:b6:da:c8:ce:8e:d9:77:c4:0c:4e:
e3:c1:33:1c:ee:8a:63:7b:2e:5f:a2:85:59:8a:2e:
c8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:12:48:75:F7:A9:7C:6F:69:83:4E:69:F5:08:D1:E5:18:BE:5A:5D
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/lRJIdfepfG9pg05p9QjR5Ri-Wl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.192.0/18
188.64.176.0/21
Signature Algorithm: sha256WithRSAEncryption
94:5c:57:aa:d4:16:56:f6:5c:3c:42:c7:af:f8:ad:bb:df:00:
24:68:da:90:6a:de:dc:8a:4f:a3:e0:17:6d:58:42:83:a5:64:
6f:6e:3f:90:2c:5b:d8:84:9b:f0:7d:e8:5a:a7:67:92:19:45:
0b:5a:c7:42:a1:3f:9f:96:8d:82:2b:40:7f:fa:fd:21:e8:f0:
22:18:9e:d2:ba:0f:aa:d3:03:87:61:d8:d6:45:f6:0a:11:07:
d3:4e:95:61:7a:68:31:23:75:e9:23:b1:5d:12:54:76:f2:03:
de:e2:78:b2:c2:1e:5d:72:63:0a:7c:7e:8c:e9:c8:06:34:6a:
72:26:2b:c5:c7:b3:be:6d:8f:6d:97:8e:d0:8f:e0:74:f9:39:
43:3d:c1:ec:2e:ef:af:25:66:03:b3:e2:35:64:1c:f5:47:06:
d4:9f:a5:5a:1a:a2:db:c6:f4:b9:39:de:7b:b7:8f:6d:88:ab:
bf:04:3f:34:6b:82:46:ba:55:fa:1a:56:fe:cd:f1:38:84:ef:
87:a5:b7:a4:d6:17:3a:dd:8f:f8:ba:ce:78:1b:7b:69:4b:75:
fc:fd:28:56:b0:d4:58:db:e7:89:f4:82:53:56:a7:76:64:d4:
3c:9e:0e:9d:c0:e7:fc:10:22:5c:92:dd:aa:18:72:5d:d9:4d:
a4:c4:20:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxHlKtTMM6DiU5Jv8WJ98ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjMwMTAyMDYxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTEyNDg3NWY3YTk3YzZmNjk4MzRlNjlmNTA4ZDFlNTE4YmU1YTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsng+NMhJCucDvCgxYD4KiE23Azc
DEDJfVacTndrzzA2QBGzG+XstXexXjxFIFqBPfEw8Pv2b3X9zInc13IvOApT4TDX
gQyXAwNo8Jy/SAVdWhJaAcwe66XfLkvKVT0gnfJCmL3ctp+AdNe7vHHWZvh0nNLe
EMp7G/FXeMdARx5ow8eP87O+krKh/Pgb8/2VRKc7/0z8V6N/GpJcNdTQKqL9iGNK
zpP1XPjobD/09bIv2EebTZxFoTC9NX6gvdY4/YWOElgcUe7Gnr3+WKaaiYqbUkAQ
xEoCO3SjAFlQu2nEaiq4obbayM6O2XfEDE7jwTMc7opjey5fooVZii7IKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUSSHX3qXxvaYNOafUI0eUYvlpdMB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvbFJKSWRmZXBmRzlwZzA1cDlRalI1UmktV2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGPs3AAwQD
vECwMA0GCSqGSIb3DQEBCwUAA4IBAQCUXFeq1BZW9lw8Qsev+K273wAkaNqQat7c
ik+j4BdtWEKDpWRvbj+QLFvYhJvwfehap2eSGUULWsdCoT+flo2CK0B/+v0h6PAi
GJ7Sug+q0wOHYdjWRfYKEQfTTpVhemgxI3XpI7FdElR28gPe4niywh5dcmMKfH6M
6cgGNGpyJivFx7O+bY9tl47Qj+B0+TlDPcHsLu+vJWYDs+I1ZBz1RwbUn6VaGqLb
xvS5Od57t49tiKu/BD80a4JGulX6Glb+zfE4hO+Hpbek1hc63Y/4us54G3tpS3X8
/ShWsNRY2+eJ9IJTVqd2ZNQ8ng6dwOf8ECJckt2qGHJd2U2kxCCC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:54 2023 by rpki-client on console-fra.rpki-client.org