Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/D2XiMx5moc-6D8U_XmNLjir6cYU.roa
File: D2XiMx5moc-6D8U_XmNLjir6cYU.roa (raw, json)
Hash identifier: UQUaLRmsjLsVBN9A8aaT6RAtbm/ZXLQ2gpURtAhAyqI=
Subject key identifier: 0F:65:E2:33:1E:66:A1:CF:BA:0F:C5:3F:5E:63:4B:8E:2A:FA:71:85
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01857039A410AD0DDB1307C962720F10B80F
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/D2XiMx5moc-6D8U_XmNLjir6cYU.roa
Signing time: Mon 02 Jan 2023 02:05:03 +0000
ROA not before: Mon 02 Jan 2023 02:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.164.0/22 maxlen: 22
194.64.172.0/22 maxlen: 22
194.64.168.0/22 maxlen: 22
194.233.32.0/22 maxlen: 22
194.233.40.0/22 maxlen: 22
194.195.204.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:a4:10:ad:0d:db:13:07:c9:62:72:0f:10:b8:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 02:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f65e2331e66a1cfba0fc53f5e634b8e2afa7185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4c:c3:50:5c:54:c6:51:dc:6a:1b:ca:3e:05:
5f:15:d5:4d:7f:f1:0e:e6:a7:69:ec:d3:cb:8d:7b:
98:7b:63:6b:d1:bc:cc:33:b6:96:be:6f:14:fb:8c:
15:6f:de:cc:68:c2:6b:00:0e:27:79:54:cb:4b:25:
b9:15:22:68:09:a7:00:77:0e:70:69:4c:3f:aa:d6:
88:88:40:75:e7:fa:bc:a8:d8:04:2a:b7:5e:fa:ba:
31:e2:d7:8f:e7:ca:a9:b4:bc:74:33:b1:ed:d5:5a:
13:2e:35:96:65:15:b8:1a:14:01:2d:2c:b6:7a:62:
37:f3:eb:89:3e:93:12:ab:c0:63:17:cb:62:10:ab:
66:9a:77:b3:f2:c3:d5:d2:07:b8:39:22:45:26:2d:
8a:7e:d7:bf:a1:59:a2:12:a6:b8:ba:98:f1:3c:a0:
2e:84:1b:57:92:64:25:78:21:da:3d:03:94:e5:b3:
87:dc:87:2d:7b:32:9a:1c:3c:19:6a:08:f8:e3:4a:
40:56:98:40:ee:6b:60:bb:a7:61:00:4a:6f:da:5f:
fd:fe:15:ef:fb:d9:ea:9a:15:d5:ef:bb:f7:dc:31:
94:7f:57:a5:8c:6b:fc:62:5a:7b:ca:97:0f:51:1d:
14:dd:66:c1:73:98:3e:bc:33:02:c9:33:ce:45:29:
35:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:65:E2:33:1E:66:A1:CF:BA:0F:C5:3F:5E:63:4B:8E:2A:FA:71:85
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/D2XiMx5moc-6D8U_XmNLjir6cYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.164.0-194.64.175.255
194.195.204.0/22
194.233.32.0/22
194.233.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:de:55:14:70:8b:c6:e9:64:d4:a8:db:ca:33:20:3a:6d:81:
ce:bc:a1:23:ef:c2:ac:e0:64:d4:47:9d:70:87:b5:18:02:8d:
96:d4:b1:76:ac:81:f0:07:13:1d:ac:78:41:e8:e8:28:12:84:
18:bd:ef:97:f4:26:9c:23:ae:40:a8:34:3c:5f:0e:7a:6d:7b:
79:e8:9e:6a:cd:da:5f:ae:9a:50:79:2a:4f:75:69:57:19:44:
95:bf:8b:d6:b7:99:82:a2:54:96:43:49:a8:91:44:c6:61:ff:
eb:79:f1:95:9b:4f:7a:13:12:0f:dd:ed:ba:ab:12:96:f4:89:
ae:70:93:9c:8a:59:b7:b9:f4:c2:76:a0:5c:d0:14:a0:88:d6:
8e:85:d7:2a:d7:03:8f:01:5c:0d:50:9b:6a:44:d4:22:ef:86:
5c:85:44:33:20:6c:1c:03:79:cf:a6:1c:ff:22:58:5d:ca:db:
12:4b:a4:fc:a7:57:73:82:c1:54:72:94:d1:2b:5c:83:42:80:
fa:ec:89:ad:42:ec:7d:81:2c:12:d2:43:66:23:9a:00:c7:b3:
0a:d5:06:e5:62:ee:51:46:74:28:c7:b3:e1:a0:97:e7:9c:2b:
ea:bb:c2:fd:d6:40:f2:c2:92:05:d2:6d:91:e7:f6:df:bb:e8:
3b:ef:9a:a3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwOaQQrQ3bEwfJYnIPELgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwMTAyMDIwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY1ZTIzMzFlNjZhMWNmYmEwZmM1M2Y1ZTYzNGI4ZTJhZmE3MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkzDUFxUxlHcahvKPgVfFdVNf/EO
5qdp7NPLjXuYe2Nr0bzMM7aWvm8U+4wVb97MaMJrAA4neVTLSyW5FSJoCacAdw5w
aUw/qtaIiEB15/q8qNgEKrde+rox4teP58qptLx0M7Ht1VoTLjWWZRW4GhQBLSy2
emI38+uJPpMSq8BjF8tiEKtmmnez8sPV0ge4OSJFJi2Kfte/oVmiEqa4upjxPKAu
hBtXkmQleCHaPQOU5bOH3IctezKaHDwZagj440pAVphA7mtgu6dhAEpv2l/9/hXv
+9nqmhXV77v33DGUf1eljGv8Ylp7ypcPUR0U3WbBc5g+vDMCyTPORSk1VwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFA9l4jMeZqHPug/FP15jS44q+nGFMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvRDJYaU14NW1vYy02RDhVX1htTkxqaXI2Y1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBALCQKQD
BATCQKADBALCw8wDBALC6SADBALC6SgwDQYJKoZIhvcNAQELBQADggEBAI3eVRRw
i8bpZNSo28ozIDptgc68oSPvwqzgZNRHnXCHtRgCjZbUsXasgfAHEx2seEHo6CgS
hBi975f0JpwjrkCoNDxfDnpte3nonmrN2l+umlB5Kk91aVcZRJW/i9a3mYKiVJZD
SaiRRMZh/+t58ZWbT3oTEg/d7bqrEpb0ia5wk5yKWbe59MJ2oFzQFKCI1o6F1yrX
A48BXA1Qm2pE1CLvhlyFRDMgbBwDec+mHP8iWF3K2xJLpPynV3OCwVRylNErXINC
gPrsia1C7H2BLBLSQ2YjmgDHswrVBuVi7lFGdCjHs+Ggl+ecK+q7wv3WQPLCkgXS
bZHn9t+76DvvmqM=
-----END CERTIFICATE-----
Generated at Mon Jul 31 10:20:50 2023 by rpki-client on console-fra.rpki-client.org