Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/S6PdZvq5vjhAvfqzFVzqCJ74Wxo.roa
File: S6PdZvq5vjhAvfqzFVzqCJ74Wxo.roa (raw, json)
Hash identifier: tUbEZzNuqdTgyDKyV0yscrzUaYDR5OaTLRB7tOTVhH8=
Subject key identifier: 4B:A3:DD:66:FA:B9:BE:38:40:BD:FA:B3:15:5C:EA:08:9E:F8:5B:1A
Certificate issuer: /CN=0291d4de130da6aace22ed99650be182497e0bcf
Certificate serial: 018570C2DFDC23875680DFCEDD55FA1B5FC1
Authority key identifier: 02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/S6PdZvq5vjhAvfqzFVzqCJ74Wxo.roa
Signing time: Mon 02 Jan 2023 04:34:57 +0000
ROA not before: Mon 02 Jan 2023 04:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25415
IP address blocks: 193.107.184.0/22 maxlen: 22
185.27.8.0/22 maxlen: 22
2a0c:9bc0::/29 maxlen: 29
2a00:8920::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:df:dc:23:87:56:80:df:ce:dd:55:fa:1b:5f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0291d4de130da6aace22ed99650be182497e0bcf
Validity
Not Before: Jan 2 04:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ba3dd66fab9be3840bdfab3155cea089ef85b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:13:b8:9d:d7:5e:5f:6f:d2:b4:3c:24:c5:cf:
d5:58:c0:e7:09:c8:9e:d8:f4:db:42:27:71:b6:fc:
15:c1:e5:80:61:67:23:f2:4a:e7:87:9c:6e:b9:7b:
c3:53:df:3b:7a:46:25:70:3e:45:64:53:51:e0:81:
5a:31:e9:80:2a:08:f2:6f:a6:ab:b1:60:30:f9:4f:
0b:e2:46:bd:b7:dc:52:93:4d:62:e5:16:bd:42:68:
e1:56:da:48:0a:73:ad:8c:bd:86:47:cd:37:89:d8:
b1:bd:90:f1:fd:28:94:d5:50:e6:79:98:ed:c3:a9:
57:1d:65:de:98:90:b0:52:b3:8f:8d:b0:6f:7a:05:
00:63:ff:79:c7:7d:34:d1:98:ba:34:9d:6a:6d:54:
ef:08:8b:a9:43:a0:97:a0:c6:f8:39:40:72:f6:69:
3c:44:e9:00:53:5f:e5:e6:bc:7a:57:a8:31:b2:3a:
d2:21:0a:d8:20:b2:55:9d:01:d2:16:56:86:8e:da:
75:8c:2b:5a:9d:ad:9f:53:e6:4b:1f:f2:37:4f:d3:
8a:23:ee:45:fc:4e:25:1d:f8:c3:a3:51:dc:66:10:
57:3f:a1:03:c2:33:b8:55:6d:4d:84:66:37:df:a5:
29:dc:82:9b:fe:c1:50:4f:e4:55:74:0e:df:69:79:
96:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A3:DD:66:FA:B9:BE:38:40:BD:FA:B3:15:5C:EA:08:9E:F8:5B:1A
X509v3 Authority Key Identifier:
keyid:02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/S6PdZvq5vjhAvfqzFVzqCJ74Wxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.8.0/22
193.107.184.0/22
IPv6:
2a00:8920::/32
2a0c:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:2b:db:81:af:9b:fe:75:f5:8f:1b:04:0e:b9:ee:6c:f3:5c:
35:de:44:6c:d2:49:73:c9:6e:59:c3:14:7e:20:5e:83:88:94:
f4:b4:1a:e3:7f:01:be:56:da:06:4a:d1:a2:bb:f6:a8:db:4f:
9d:84:20:ee:ae:e3:6b:1e:b1:58:cc:52:8b:ba:b1:96:d3:49:
af:72:19:7d:99:45:11:28:76:4f:4d:cc:c6:2a:ce:27:ac:b3:
2e:a7:d7:06:1d:fc:66:f5:9e:07:3c:f2:a9:ab:8f:2c:5b:ab:
1c:7e:52:88:fb:3f:8d:96:9c:3e:90:54:d9:15:b3:7a:48:2a:
82:12:82:58:dd:f6:88:03:fc:bc:a6:8f:54:85:76:8d:9f:b3:
81:f7:b6:97:43:25:ac:e2:4b:4c:b5:4a:d9:4e:b6:79:09:b0:
fa:d4:c5:00:3d:87:0d:28:70:75:0f:94:be:47:7b:27:cc:dd:
b2:78:63:27:5b:8e:e1:df:d3:64:34:7b:b3:50:13:c8:0d:28:
4b:c8:6d:5d:e7:15:50:20:74:d9:13:4d:dd:3d:f9:a2:46:8d:
dd:79:32:26:16:81:31:4f:4c:f7:25:81:78:62:42:f5:e7:1e:
86:1a:66:03:a5:d6:4c:b8:d5:8b:7d:ab:94:b4:80:ef:65:91:
e1:0d:9a:ef
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVwwt/cI4dWgN/O3VX6G1/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTFkNGRlMTMwZGE2YWFjZTIyZWQ5OTY1MGJlMTgyNDk3
ZTBiY2YwHhcNMjMwMTAyMDQzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmEzZGQ2NmZhYjliZTM4NDBiZGZhYjMxNTVjZWEwODllZjg1YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBO4nddeX2/StDwkxc/VWMDnCcie
2PTbQidxtvwVweWAYWcj8krnh5xuuXvDU987ekYlcD5FZFNR4IFaMemAKgjyb6ar
sWAw+U8L4ka9t9xSk01i5Ra9QmjhVtpICnOtjL2GR803idixvZDx/SiU1VDmeZjt
w6lXHWXemJCwUrOPjbBvegUAY/95x3000Zi6NJ1qbVTvCIupQ6CXoMb4OUBy9mk8
ROkAU1/l5rx6V6gxsjrSIQrYILJVnQHSFlaGjtp1jCtana2fU+ZLH/I3T9OKI+5F
/E4lHfjDo1HcZhBXP6EDwjO4VW1NhGY336Up3IKb/sFQT+RVdA7faXmWpwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEuj3Wb6ub44QL36sxVc6gie+FsaMB8GA1UdIwQY
MBaAFAKR1N4TDaaqziLtmWUL4YJJfgvPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQt
Nzc4MTY4MTA3N2Y3LzEvUzZQZFp2cTV2amhBdmZxekZWenFDSjc0V3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQtNzc4MTY4MTA3N2Y3
LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRsIAwQC
wWu4MBQEAgACMA4DBQAqAIkgAwUDKgybwDANBgkqhkiG9w0BAQsFAAOCAQEAjivb
ga+b/nX1jxsEDrnubPNcNd5EbNJJc8luWcMUfiBeg4iU9LQa438BvlbaBkrRorv2
qNtPnYQg7q7jax6xWMxSi7qxltNJr3IZfZlFESh2T03MxirOJ6yzLqfXBh38ZvWe
BzzyqauPLFurHH5SiPs/jZacPpBU2RWzekgqghKCWN32iAP8vKaPVIV2jZ+zgfe2
l0MlrOJLTLVK2U62eQmw+tTFAD2HDShwdQ+Uvkd7J8zdsnhjJ1uO4d/TZDR7s1AT
yA0oS8htXecVUCB02RNN3T35okaN3XkyJhaBMU9M9yWBeGJC9ecehhpmA6XWTLjV
i32rlLSA72WR4Q2a7w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:48 2024 by rpki-client on console-ams.rpki-client.org