Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/F2dto3iSbIRz4Ftl0joXyddOits.roa
File: F2dto3iSbIRz4Ftl0joXyddOits.roa (raw, json)
Hash identifier: oF9EChtDEdOO8BYQMMVFQUYe+zJp0WsEBCWLZJG/gUM=
Subject key identifier: 17:67:6D:A3:78:92:6C:84:73:E0:5B:65:D2:3A:17:C9:D7:4E:8A:DB
Certificate issuer: /CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Certificate serial: 01856F42CC39EF8A64486C1EA582EAF4E4CB
Authority key identifier: 9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/F2dto3iSbIRz4Ftl0joXyddOits.roa
Signing time: Sun 01 Jan 2023 21:35:26 +0000
ROA not before: Sun 01 Jan 2023 21:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15525
IP address blocks: 176.221.32.0/21 maxlen: 24
185.99.233.0/24 maxlen: 24
185.99.234.0/23 maxlen: 24
2a03:9c80::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:cc:39:ef:8a:64:48:6c:1e:a5:82:ea:f4:e4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Validity
Not Before: Jan 1 21:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17676da378926c8473e05b65d23a17c9d74e8adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:66:94:32:af:8d:ed:d3:41:8e:c2:ff:ed:19:
e3:3e:b1:1e:22:5e:38:e1:63:f1:28:bd:06:d8:76:
3e:76:09:dc:3e:a7:a4:a1:34:d9:3e:f0:37:29:97:
dd:07:8b:bd:b2:3c:a8:1f:b8:16:87:84:cd:30:68:
f0:50:e6:f8:5e:58:dd:de:12:c2:6d:5c:11:e2:cc:
44:2b:b1:ce:4c:f4:8f:fa:76:c4:ce:52:ad:d5:e3:
18:d5:3e:2d:57:06:36:90:2b:8b:87:2e:be:56:ed:
89:9a:42:71:2a:f2:6b:29:f6:17:0d:d9:0b:b0:c7:
5d:ca:4a:44:6f:00:e8:6f:6d:2a:14:51:61:5e:a4:
ae:49:d8:0d:4b:58:53:f8:33:21:9d:a0:ca:04:4a:
41:48:fc:77:a6:3f:6c:14:55:ff:11:16:2e:cc:07:
4a:99:c5:b4:73:46:83:80:9f:c1:57:ba:b3:8a:b8:
41:b9:7a:b4:25:87:41:cd:17:10:11:d8:a2:94:93:
c1:ae:ea:ce:e3:83:81:cf:7e:52:a1:25:5c:f9:2a:
4f:04:0d:56:91:0c:6e:9b:85:d9:af:d5:17:46:57:
75:04:72:40:ef:eb:76:4e:51:d1:59:e9:e0:5b:50:
34:a6:b4:c9:bc:fb:fa:b1:d3:52:e8:45:5a:27:e8:
da:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:67:6D:A3:78:92:6C:84:73:E0:5B:65:D2:3A:17:C9:D7:4E:8A:DB
X509v3 Authority Key Identifier:
keyid:9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/F2dto3iSbIRz4Ftl0joXyddOits.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.32.0/21
185.99.233.0-185.99.235.255
IPv6:
2a03:9c80::/34
Signature Algorithm: sha256WithRSAEncryption
53:9f:56:0d:5f:41:30:0e:10:44:8a:bd:f7:e3:19:a1:0a:c6:
f9:16:f2:c6:27:f8:10:11:17:54:1c:70:d6:7c:92:6e:38:00:
32:1b:d6:28:96:1e:a1:c1:85:fd:f9:ae:5e:be:94:26:83:9c:
51:c2:c8:45:9b:03:b2:43:1c:2d:44:5b:34:50:1b:00:ec:9c:
c4:b6:8a:f6:ee:6c:c4:19:5a:63:fa:6d:d1:cf:3d:d7:8b:56:
7b:f0:4f:44:35:fe:8f:03:e5:e2:f0:df:d7:f5:d8:99:15:1f:
75:93:4f:70:33:e8:9b:e6:5d:7a:6f:9d:ab:89:95:92:65:0a:
90:b4:a4:cc:7b:69:a2:1e:ba:b0:c6:20:c3:4f:df:dc:64:97:
dd:dc:1c:fe:31:ff:18:17:a5:86:18:90:92:4b:b0:d4:e7:23:
c8:34:a5:52:79:8b:4a:33:84:39:e2:3d:77:a0:6b:f0:4d:c0:
44:fd:d2:2f:47:d7:c6:67:d7:2a:fc:a6:db:01:ea:36:12:3e:
14:50:07:25:fc:75:01:2a:3a:d4:94:36:19:62:2b:76:0a:f0:
39:c6:69:df:ef:e8:34:b8:f3:5a:31:9b:45:72:19:f4:d5:59:
14:6b:57:2c:7d:fd:d4:01:c8:af:76:17:a7:ea:a1:87:c6:6e:
70:42:81:ed
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvQsw574pkSGwepYLq9OTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGVkZjQ3ODIyYWVlMjdkYTI4ZDM0ZGFiMWZlN2EzYzYw
YTZhYWEwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzY3NmRhMzc4OTI2Yzg0NzNlMDViNjVkMjNhMTdjOWQ3NGU4YWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGaUMq+N7dNBjsL/7RnjPrEeIl44
4WPxKL0G2HY+dgncPqekoTTZPvA3KZfdB4u9sjyoH7gWh4TNMGjwUOb4Xljd3hLC
bVwR4sxEK7HOTPSP+nbEzlKt1eMY1T4tVwY2kCuLhy6+Vu2JmkJxKvJrKfYXDdkL
sMddykpEbwDob20qFFFhXqSuSdgNS1hT+DMhnaDKBEpBSPx3pj9sFFX/ERYuzAdK
mcW0c0aDgJ/BV7qzirhBuXq0JYdBzRcQEdiilJPBrurO44OBz35SoSVc+SpPBA1W
kQxum4XZr9UXRld1BHJA7+t2TlHRWengW1A0prTJvPv6sdNS6EVaJ+jaxQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBdnbaN4kmyEc+BbZdI6F8nXTorbMB8GA1UdIwQY
MBaAFJ7e30eCKu4n2ijTTasf56PGCmqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUt
ZDczOTkyOTIwMTlhLzEvRjJkdG8zaVNiSVJ6NEZ0bDBqb1h5ZGRPaXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUtZDczOTkyOTIwMTlh
LzEvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUAwQDsN0gMAwD
BAC5Y+kDBAK5Y+gwDgQCAAIwCAMGBioDnIAAMA0GCSqGSIb3DQEBCwUAA4IBAQBT
n1YNX0EwDhBEir334xmhCsb5FvLGJ/gQERdUHHDWfJJuOAAyG9Yolh6hwYX9+a5e
vpQmg5xRwshFmwOyQxwtRFs0UBsA7JzEtor27mzEGVpj+m3Rzz3Xi1Z78E9ENf6P
A+Xi8N/X9diZFR91k09wM+ib5l16b52riZWSZQqQtKTMe2miHrqwxiDDT9/cZJfd
3Bz+Mf8YF6WGGJCSS7DU5yPINKVSeYtKM4Q54j13oGvwTcBE/dIvR9fGZ9cq/Kbb
Aeo2Ej4UUAcl/HUBKjrUlDYZYit2CvA5xmnf7+g0uPNaMZtFchn01VkUa1csff3U
Acivdhen6qGHxm5wQoHt
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:22 2024 by rpki-client on console-ams.rpki-client.org