Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/bf86b0-c5ed-4bdd-a917-682cd3bd4102/1/IApEEna6iQPYNruybVi42LusHWc.roa
File: IApEEna6iQPYNruybVi42LusHWc.roa (raw, json)
Hash identifier: QzJmAULv0v0RfSW5d4EsqUCSIf+q9SM4tFG0SBQp454=
Subject key identifier: 20:0A:44:12:76:BA:89:03:D8:36:BB:B2:6D:58:B8:D8:BB:AC:1D:67
Certificate issuer: /CN=1627b80681f5b48e126898295983e0df29971b98
Certificate serial: 018572B44327A4BA06B557829C30267C1DA0
Authority key identifier: 16:27:B8:06:81:F5:B4:8E:12:68:98:29:59:83:E0:DF:29:97:1B:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fie4BoH1tI4SaJgpWYPg3ymXG5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/bf86b0-c5ed-4bdd-a917-682cd3bd4102/1/IApEEna6iQPYNruybVi42LusHWc.roa
Signing time: Mon 02 Jan 2023 13:38:14 +0000
ROA not before: Mon 02 Jan 2023 13:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39387
IP address blocks: 195.178.118.0/23 maxlen: 23
2001:67c:300::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:43:27:a4:ba:06:b5:57:82:9c:30:26:7c:1d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1627b80681f5b48e126898295983e0df29971b98
Validity
Not Before: Jan 2 13:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=200a441276ba8903d836bbb26d58b8d8bbac1d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:09:8b:39:15:61:a9:37:5a:ab:94:69:df:63:
3a:79:bb:bc:f0:94:34:6c:81:cd:4d:ff:3a:5e:96:
bf:d1:4c:5a:10:1c:6c:39:b2:ba:90:6f:47:a6:d8:
d7:d6:25:d2:cd:7d:5c:dd:fe:74:b4:17:e1:f4:b9:
33:ee:79:fc:04:12:2b:97:34:16:cf:ed:51:d1:da:
b6:ae:96:8d:f6:95:b3:8c:f4:88:cc:e9:af:d4:0d:
6c:c9:75:65:be:23:82:82:b9:19:e1:d5:b3:da:29:
b7:f2:2e:d5:19:3a:54:d1:9f:2f:ad:e5:ab:e0:bd:
c1:55:e9:42:c1:48:20:54:3f:85:50:39:94:62:c1:
12:bb:e3:b0:21:ff:53:8e:af:ac:35:d4:26:44:2a:
b7:b5:7b:73:93:1f:45:15:70:bd:bd:2c:d6:6a:c5:
60:06:1e:5b:67:2a:87:d7:f0:e0:d7:2c:6b:43:d6:
fa:5d:6c:3e:f4:64:cb:7f:d7:dd:c9:4d:6d:c4:8b:
52:b7:a6:a4:eb:5c:03:5c:fd:48:88:8b:10:fe:47:
32:c0:11:e1:4d:fd:6f:8d:45:32:af:66:ac:15:b9:
7d:01:85:b1:ad:b7:98:63:d2:9b:c5:3c:cc:38:db:
01:63:48:06:fa:a0:76:ed:09:65:e1:98:6e:79:ef:
a6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0A:44:12:76:BA:89:03:D8:36:BB:B2:6D:58:B8:D8:BB:AC:1D:67
X509v3 Authority Key Identifier:
keyid:16:27:B8:06:81:F5:B4:8E:12:68:98:29:59:83:E0:DF:29:97:1B:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fie4BoH1tI4SaJgpWYPg3ymXG5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/bf86b0-c5ed-4bdd-a917-682cd3bd4102/1/IApEEna6iQPYNruybVi42LusHWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/bf86b0-c5ed-4bdd-a917-682cd3bd4102/1/Fie4BoH1tI4SaJgpWYPg3ymXG5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.178.118.0/23
IPv6:
2001:67c:300::/48
Signature Algorithm: sha256WithRSAEncryption
1f:33:2e:fc:c9:3c:af:6e:71:4d:50:aa:02:95:1a:5a:cb:c5:
b9:6c:7b:c2:03:99:d5:2f:a9:c2:86:e0:05:09:09:8a:fc:1d:
c7:6a:e5:69:fa:b4:b6:76:38:b6:ab:93:78:92:36:37:a2:be:
37:cb:75:28:75:f4:54:0c:96:d5:64:48:a1:57:b0:40:c6:f8:
51:47:d7:95:5e:68:a0:d8:1b:f4:1e:f6:5d:7d:71:c6:04:5f:
21:82:fd:e9:83:9b:92:cf:48:97:fc:2d:ed:5e:08:57:22:57:
b6:f3:b7:23:e2:bb:10:3a:dc:ed:27:06:25:5f:51:8c:42:d4:
6f:aa:e0:c2:bb:74:85:61:8c:8c:f8:fc:02:ec:c0:5b:e3:d4:
2b:e5:e5:29:71:71:46:e5:f2:01:4e:27:a7:9c:84:67:36:e6:
23:57:8a:ff:6d:70:83:5d:17:11:af:92:3b:4e:e7:8b:20:95:
f2:b6:32:1a:5b:9c:d8:fa:12:d6:a1:3b:95:e4:d6:c5:69:ef:
61:3d:45:1b:62:15:78:e5:50:a7:56:57:29:e3:ea:f3:fa:52:
fc:7b:32:94:56:32:e8:1b:5e:f7:6a:e2:4b:cd:1c:01:0a:bc:
2a:11:38:31:5f:ff:b3:d1:db:99:6b:51:e0:36:b0:dd:14:12:
cd:0c:fc:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVytEMnpLoGtVeCnDAmfB2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MjdiODA2ODFmNWI0OGUxMjY4OTgyOTU5ODNlMGRmMjk5
NzFiOTgwHhcNMjMwMTAyMTMzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBhNDQxMjc2YmE4OTAzZDgzNmJiYjI2ZDU4YjhkOGJiYWMxZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwmLORVhqTdaq5Rp32M6ebu88JQ0
bIHNTf86Xpa/0UxaEBxsObK6kG9HptjX1iXSzX1c3f50tBfh9Lkz7nn8BBIrlzQW
z+1R0dq2rpaN9pWzjPSIzOmv1A1syXVlviOCgrkZ4dWz2im38i7VGTpU0Z8vreWr
4L3BVelCwUggVD+FUDmUYsESu+OwIf9Tjq+sNdQmRCq3tXtzkx9FFXC9vSzWasVg
Bh5bZyqH1/Dg1yxrQ9b6XWw+9GTLf9fdyU1txItSt6ak61wDXP1IiIsQ/kcywBHh
Tf1vjUUyr2asFbl9AYWxrbeYY9KbxTzMONsBY0gG+qB27Qll4Zhuee+mfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCAKRBJ2uokD2Da7sm1YuNi7rB1nMB8GA1UdIwQY
MBaAFBYnuAaB9bSOEmiYKVmD4N8plxuYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmllNEJvSDF0STRTYUpncFdZUGczeW1YRzVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iZjg2YjAtYzVlZC00YmRkLWE5MTct
NjgyY2QzYmQ0MTAyLzEvSUFwRUVuYTZpUVBZTnJ1eWJWaTQyTHVzSFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iZjg2YjAtYzVlZC00YmRkLWE5MTctNjgyY2QzYmQ0MTAy
LzEvRmllNEJvSDF0STRTYUpncFdZUGczeW1YRzVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw7J2MA8E
AgACMAkDBwAgAQZ8AwAwDQYJKoZIhvcNAQELBQADggEBAB8zLvzJPK9ucU1QqgKV
GlrLxblse8IDmdUvqcKG4AUJCYr8Hcdq5Wn6tLZ2OLark3iSNjeivjfLdSh19FQM
ltVkSKFXsEDG+FFH15VeaKDYG/Qe9l19ccYEXyGC/emDm5LPSJf8Le1eCFciV7bz
tyPiuxA63O0nBiVfUYxC1G+q4MK7dIVhjIz4/ALswFvj1Cvl5SlxcUbl8gFOJ6ec
hGc25iNXiv9tcINdFxGvkjtO54sglfK2MhpbnNj6EtahO5Xk1sVp72E9RRtiFXjl
UKdWVynj6vP6Uvx7MpRWMugbXvdq4kvNHAEKvCoRODFf/7PR25lrUeA2sN0UEs0M
/KQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:40 2024 by rpki-client on console-ams.rpki-client.org