Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-clh6jC80bXIG2oD9Zr9Th-JqVY.roa
File: 1-clh6jC80bXIG2oD9Zr9Th-JqVY.roa (raw, json)
Hash identifier: vgWW/W2h/JryXMl8i3DGLVBbAaQ0kX3dveWTGpJ97H0=
Subject key identifier: F9:C9:61:EA:30:BC:D1:B5:C8:1B:6A:03:F5:9A:FD:4E:1F:89:A9:56
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0185706761C9834E2564F5E75A04CC65705C
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-clh6jC80bXIG2oD9Zr9Th-JqVY.roa
Signing time: Mon 02 Jan 2023 02:55:01 +0000
ROA not before: Mon 02 Jan 2023 02:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 109.206.248.0/23 maxlen: 23
185.232.84.0/23 maxlen: 23
2a0b:3c40:10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:61:c9:83:4e:25:64:f5:e7:5a:04:cc:65:70:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 2 02:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9c961ea30bcd1b5c81b6a03f59afd4e1f89a956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:52:cb:a5:1c:3c:27:92:f8:bc:31:7a:e4:bb:
6e:57:53:33:79:36:07:98:21:9a:ff:87:41:c3:f7:
89:aa:cb:ef:98:04:79:7c:07:85:9a:f1:b2:45:77:
29:31:4f:e2:29:20:66:1d:9d:39:c3:7d:fe:d8:ac:
1b:b4:50:92:ac:81:11:c2:99:5c:1f:b1:d6:4d:6d:
25:c1:e5:8e:a3:c7:e5:f8:bb:44:ab:6f:b3:e8:b3:
ec:cf:9a:cc:67:90:00:30:b4:c8:e8:c3:9c:da:c5:
fa:88:4b:35:e5:33:1f:a9:a8:25:9a:d8:54:e3:a7:
31:96:86:37:43:f2:d0:98:69:4a:5e:6e:81:1b:c4:
9e:54:20:bb:b6:56:d3:df:56:44:c1:a3:9b:75:e5:
aa:20:3f:a4:7d:29:ae:3f:2b:f5:51:24:2d:4c:42:
2c:b5:a2:ce:1f:c0:f5:9a:09:06:2e:8e:d8:5f:46:
ab:de:56:3b:dd:e4:4f:48:f9:b9:2e:33:37:50:5d:
aa:54:32:a8:67:f7:86:60:3f:96:4b:fb:c1:8f:b7:
04:3b:91:d2:dd:7d:42:d7:4c:c5:f6:68:50:27:a3:
da:01:15:e5:14:96:41:ce:1c:a4:7f:b9:80:a3:dc:
b8:dd:40:78:ea:ae:44:bf:75:cf:60:d8:6f:8a:5d:
2f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C9:61:EA:30:BC:D1:B5:C8:1B:6A:03:F5:9A:FD:4E:1F:89:A9:56
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1-clh6jC80bXIG2oD9Zr9Th-JqVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.248.0/23
185.232.84.0/23
IPv6:
2a0b:3c40:10::/48
Signature Algorithm: sha256WithRSAEncryption
16:93:7f:3f:95:e2:49:9d:17:cf:d0:fa:28:bc:5b:7e:64:53:
8d:8f:8c:92:34:f8:19:c7:fe:77:02:4c:1a:d3:26:95:11:f7:
6d:1a:f8:9e:80:8e:ea:e9:06:d4:12:86:ff:f2:a1:e7:7c:b0:
0e:ed:11:a5:18:a5:7f:29:31:9a:17:6a:c3:0b:ff:c3:24:75:
9e:1a:9f:3c:90:b0:6d:b3:10:75:0e:9b:a8:cc:0f:a4:76:ce:
ba:94:1d:52:20:81:51:fc:69:09:5b:b3:6a:cc:53:6f:90:d2:
44:54:db:e5:17:8c:7f:a1:ca:9a:e8:26:bf:c7:b2:b2:5b:24:
69:da:dc:19:08:8a:c5:3f:d3:48:bd:6f:7e:24:b0:10:0d:b7:
cc:5c:48:45:66:06:29:19:b3:1a:9b:f5:1c:4a:16:d0:27:cb:
00:2b:9c:4e:fa:2b:0a:dc:1b:f6:0f:a8:da:08:44:ba:91:18:
20:fa:d4:c3:43:6e:7c:e4:64:61:33:56:4c:29:5b:87:a6:e2:
a3:b3:78:7b:4d:de:a0:e1:a8:0d:57:3e:6a:cf:3a:fc:3a:7f:
cc:51:8f:53:1c:e8:7d:71:e5:36:c8:a1:72:36:8b:e4:e2:03:
e0:95:52:bc:96:0f:3e:e3:95:2b:83:23:58:40:42:3f:80:e0:
05:07:fe:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwZ2HJg04lZPXnWgTMZXBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAyMDI1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWM5NjFlYTMwYmNkMWI1YzgxYjZhMDNmNTlhZmQ0ZTFmODlhOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlLLpRw8J5L4vDF65LtuV1MzeTYH
mCGa/4dBw/eJqsvvmAR5fAeFmvGyRXcpMU/iKSBmHZ05w33+2KwbtFCSrIERwplc
H7HWTW0lweWOo8fl+LtEq2+z6LPsz5rMZ5AAMLTI6MOc2sX6iEs15TMfqaglmthU
46cxloY3Q/LQmGlKXm6BG8SeVCC7tlbT31ZEwaObdeWqID+kfSmuPyv1USQtTEIs
taLOH8D1mgkGLo7YX0ar3lY73eRPSPm5LjM3UF2qVDKoZ/eGYD+WS/vBj7cEO5HS
3X1C10zF9mhQJ6PaARXlFJZBzhykf7mAo9y43UB46q5Ev3XPYNhvil0vDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPnJYeowvNG1yBtqA/Wa/U4fialWMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMS1jbGg2akM4MGJYSUcyb0Q5WnI5VGgtSnFWWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRj
My8xL3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAW3O+AME
AbnoVDAPBAIAAjAJAwcAKgs8QAAQMA0GCSqGSIb3DQEBCwUAA4IBAQAWk38/leJJ
nRfP0PoovFt+ZFONj4ySNPgZx/53Akwa0yaVEfdtGviegI7q6QbUEob/8qHnfLAO
7RGlGKV/KTGaF2rDC//DJHWeGp88kLBtsxB1DpuozA+kds66lB1SIIFR/GkJW7Nq
zFNvkNJEVNvlF4x/ocqa6Ca/x7KyWyRp2twZCIrFP9NIvW9+JLAQDbfMXEhFZgYp
GbMam/UcShbQJ8sAK5xO+isK3Bv2D6jaCES6kRgg+tTDQ2585GRhM1ZMKVuHpuKj
s3h7Td6g4agNVz5qzzr8On/MUY9THOh9ceU2yKFyNovk4gPglVK8lg8+45UrgyNY
QEI/gOAFB/5e
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:22 2023 by rpki-client on console-ams.rpki-client.org