Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/K7hXMEa7RH9_Ylz_kKLs8MMmmvY.roa
File: K7hXMEa7RH9_Ylz_kKLs8MMmmvY.roa (raw, json)
Hash identifier: fEwzuUg3IqTX4XpN3e86V4OayJP3XwGaV0C2I+R3HKQ=
Subject key identifier: 2B:B8:57:30:46:BB:44:7F:7F:62:5C:FF:90:A2:EC:F0:C3:26:9A:F6
Certificate issuer: /CN=d7eaba53d6dfbab4e976120c1e20268bbfe8a0e0
Certificate serial: 01856DAF5F859E754DFBE8EB2768114B1DFB
Authority key identifier: D7:EA:BA:53:D6:DF:BA:B4:E9:76:12:0C:1E:20:26:8B:BF:E8:A0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-q6U9bfurTpdhIMHiAmi7_ooOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/K7hXMEa7RH9_Ylz_kKLs8MMmmvY.roa
Signing time: Sun 01 Jan 2023 14:14:47 +0000
ROA not before: Sun 01 Jan 2023 14:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33987
IP address blocks: 84.21.224.0/21 maxlen: 21
84.21.232.0/23 maxlen: 23
84.21.240.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:5f:85:9e:75:4d:fb:e8:eb:27:68:11:4b:1d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7eaba53d6dfbab4e976120c1e20268bbfe8a0e0
Validity
Not Before: Jan 1 14:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bb8573046bb447f7f625cff90a2ecf0c3269af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ea:07:7b:59:ba:03:a2:a9:72:25:56:13:0f:
db:90:ce:c1:34:fb:26:87:79:07:b7:d0:17:6e:f0:
44:1b:c9:3b:81:f3:f2:d1:12:6c:a0:e5:aa:c3:d0:
7a:8b:65:15:ec:e6:cb:f7:c5:75:46:78:9e:26:d2:
2a:99:94:7d:f9:99:65:60:a3:a9:ed:02:33:63:91:
12:e3:f4:64:27:78:b4:70:2d:ef:01:8f:1a:e0:b2:
c0:86:12:83:d8:16:1f:04:94:73:ea:fa:2a:52:58:
fd:ce:72:ea:d1:9f:49:a0:34:e2:e0:9f:30:ab:00:
59:33:8b:65:51:a1:9f:58:dd:e5:a8:47:f8:3d:cf:
c1:2b:61:3c:a0:8a:54:1f:aa:2f:cf:ef:b3:49:48:
f6:41:f7:ee:cc:5a:9f:27:c9:fc:ea:e1:3b:09:0c:
a8:19:f0:2e:a6:01:89:6f:28:75:19:ad:a6:da:0b:
a6:fd:be:71:fb:d9:b7:ac:0e:80:c3:a9:36:0c:04:
c6:8a:f9:27:1f:e9:47:ea:83:d3:7c:2a:4e:6f:20:
7c:4e:c0:f4:40:7d:44:53:b4:90:04:31:27:2f:1d:
55:94:dc:74:1b:e1:b1:aa:d6:1a:a8:0f:8e:4a:40:
78:35:1d:8c:73:61:46:6e:0a:55:d3:6c:c7:9d:10:
b5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B8:57:30:46:BB:44:7F:7F:62:5C:FF:90:A2:EC:F0:C3:26:9A:F6
X509v3 Authority Key Identifier:
keyid:D7:EA:BA:53:D6:DF:BA:B4:E9:76:12:0C:1E:20:26:8B:BF:E8:A0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-q6U9bfurTpdhIMHiAmi7_ooOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/K7hXMEa7RH9_Ylz_kKLs8MMmmvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/1-q6U9bfurTpdhIMHiAmi7_ooOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.224.0-84.21.233.255
84.21.240.0/20
Signature Algorithm: sha256WithRSAEncryption
70:d6:20:53:6e:90:5d:8d:10:2e:f8:f2:a6:9a:90:f3:42:f9:
b1:2c:25:02:12:03:15:06:16:5d:62:5a:ae:e0:b4:79:12:35:
8b:ab:7b:e1:f2:4e:ed:f5:ca:dc:17:cc:f3:b6:41:d4:1a:65:
a4:92:25:ca:57:69:39:30:f4:e9:60:e2:ed:47:c5:8d:4b:75:
15:90:dc:ef:64:5b:ca:2a:49:4d:f8:39:55:63:19:0f:53:7a:
95:81:a1:42:fa:49:94:b2:3e:2a:55:26:b8:ed:cb:68:23:b7:
d2:f1:79:37:77:2c:d2:db:c6:7c:d5:85:7a:cc:5f:ad:e9:63:
e2:56:ee:e2:25:d8:7a:86:5f:90:23:07:c7:34:60:44:cc:d8:
b7:e9:de:01:33:e1:5e:57:26:3c:a5:dc:96:63:f4:bc:51:3c:
c2:ab:af:44:ce:fd:d7:a4:71:bc:c1:23:04:26:a2:56:83:17:
d3:8a:ea:1b:5c:c5:7e:8d:6c:99:43:bc:bf:02:ca:b5:99:7e:
1d:c2:bd:ad:d8:56:a8:c8:66:74:f3:bd:b7:a2:9c:6e:4e:6c:
8f:aa:6d:53:95:3a:d5:b2:9e:1b:35:7b:63:e4:e9:32:c3:2c:
0f:52:b4:8e:76:eb:e7:4b:ad:de:05:7f:5a:4e:ee:48:bf:ff:
f9:57:31:7c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtr1+FnnVN++jrJ2gRSx37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZWFiYTUzZDZkZmJhYjRlOTc2MTIwYzFlMjAyNjhiYmZl
OGEwZTAwHhcNMjMwMTAxMTQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmI4NTczMDQ2YmI0NDdmN2Y2MjVjZmY5MGEyZWNmMGMzMjY5YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOoHe1m6A6KpciVWEw/bkM7BNPsm
h3kHt9AXbvBEG8k7gfPy0RJsoOWqw9B6i2UV7ObL98V1RnieJtIqmZR9+ZllYKOp
7QIzY5ES4/RkJ3i0cC3vAY8a4LLAhhKD2BYfBJRz6voqUlj9znLq0Z9JoDTi4J8w
qwBZM4tlUaGfWN3lqEf4Pc/BK2E8oIpUH6ovz++zSUj2QffuzFqfJ8n86uE7CQyo
GfAupgGJbyh1Ga2m2gum/b5x+9m3rA6Aw6k2DATGivknH+lH6oPTfCpObyB8TsD0
QH1EU7SQBDEnLx1VlNx0G+GxqtYaqA+OSkB4NR2Mc2FGbgpV02zHnRC1qQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCu4VzBGu0R/f2Jc/5Ci7PDDJpr2MB8GA1UdIwQY
MBaAFNfqulPW37q06XYSDB4gJou/6KDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xNlU5YmZ1clRwZGhJTUhpQW1pN19vb09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85YWZlMzUtMGUzZi00ZDcwLWIxYTQt
MmFlNzkzZGE0NzcwLzEvSzdoWE1FYTdSSDlfWWx6X2tLTHM4TU1tbXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85YWZlMzUtMGUzZi00ZDcwLWIxYTQtMmFlNzkzZGE0Nzcw
LzEvMS1xNlU5YmZ1clRwZGhJTUhpQW1pN19vb09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVUFeAD
BAFUFegDBARUFfAwDQYJKoZIhvcNAQELBQADggEBAHDWIFNukF2NEC748qaakPNC
+bEsJQISAxUGFl1iWq7gtHkSNYure+HyTu31ytwXzPO2QdQaZaSSJcpXaTkw9Olg
4u1HxY1LdRWQ3O9kW8oqSU34OVVjGQ9TepWBoUL6SZSyPipVJrjty2gjt9LxeTd3
LNLbxnzVhXrMX63pY+JW7uIl2HqGX5AjB8c0YETM2Lfp3gEz4V5XJjyl3JZj9LxR
PMKrr0TO/dekcbzBIwQmolaDF9OK6htcxX6NbJlDvL8CyrWZfh3Cva3YVqjIZnTz
vbeinG5ObI+qbVOVOtWynhs1e2Pk6TLDLA9StI526+dLrd4Ff1pO7ki///lXMXw=
-----END CERTIFICATE-----
Generated at Wed Aug 2 07:22:10 2023 by rpki-client on console-ams.rpki-client.org