Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/yOaVqiYEiUoFCZSKRvKwo0klYGk.roa
File: yOaVqiYEiUoFCZSKRvKwo0klYGk.roa (raw, json)
Hash identifier: pKPTAVPY+s3W7uOI96loWqjql6f/XevGLwAts/8T/l8=
Subject key identifier: C8:E6:95:AA:26:04:89:4A:05:09:94:8A:46:F2:B0:A3:49:25:60:69
Certificate issuer: /CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Certificate serial: 018A8E63F555555DFDA7C6F2CE9FC43EAF2E
Authority key identifier: D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/yOaVqiYEiUoFCZSKRvKwo0klYGk.roa
Signing time: Wed 13 Sep 2023 11:53:50 +0000
ROA not before: Wed 13 Sep 2023 11:53:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29063
IP address blocks: 83.138.0.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:63:f5:55:55:5d:fd:a7:c6:f2:ce:9f:c4:3e:af:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Validity
Not Before: Sep 13 11:53:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8e695aa2604894a0509948a46f2b0a349256069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5e:c6:75:2a:4a:de:fd:86:ae:d8:eb:c3:f0:
15:88:20:cc:a4:9d:cf:b0:3b:51:8f:24:a2:60:d3:
f8:31:75:9f:b9:e8:16:2f:27:3b:f7:d7:02:92:0a:
b8:67:42:08:ec:e8:89:c7:37:a8:e9:46:ec:17:da:
f6:ec:c2:3c:98:05:86:f2:55:c2:04:32:64:a8:4a:
e4:0c:a9:70:55:f8:83:03:4d:84:94:c0:57:e0:32:
13:45:c6:8a:fc:b3:f7:fc:d6:08:45:02:9b:3b:7f:
14:4e:a8:dd:2b:cb:4a:7a:cf:a4:c2:df:23:a1:f6:
5a:9a:f4:19:78:f5:7b:92:1b:c6:5a:95:91:ba:83:
1e:5c:ae:9d:38:8d:83:0f:0d:fe:ae:d1:de:03:d5:
83:fe:cd:64:d4:33:b7:e3:df:16:10:f7:e1:44:42:
36:d5:00:3f:a0:8c:dd:d7:86:c9:92:da:11:01:2d:
3f:fb:16:2c:6a:69:c9:fc:95:9b:a6:e6:b6:2d:ea:
29:79:b4:c2:8f:f5:b7:86:64:90:31:02:8d:f4:2d:
b4:a2:67:10:33:f5:c1:52:c7:71:8b:43:97:77:8e:
35:c1:56:20:61:4f:48:04:a7:e3:6b:8b:0f:f5:db:
30:e4:6a:8e:95:db:05:e0:69:e2:24:e0:1d:89:8d:
b0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E6:95:AA:26:04:89:4A:05:09:94:8A:46:F2:B0:A3:49:25:60:69
X509v3 Authority Key Identifier:
keyid:D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/yOaVqiYEiUoFCZSKRvKwo0klYGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.138.0.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:69:9b:91:b7:0f:61:a1:56:e6:38:51:71:c8:dc:f6:64:10:
01:14:77:e7:ad:9e:0b:e9:3a:5d:43:98:be:38:66:22:7e:ad:
4d:a9:56:ec:19:45:dc:be:e4:96:ca:3e:be:01:12:e1:48:61:
1a:69:b8:42:0b:12:d6:b8:cd:22:d6:b0:79:d0:a4:46:19:57:
54:1a:13:01:48:eb:79:3c:4b:18:24:3e:97:28:d5:68:6d:81:
83:24:05:a0:5b:7b:68:ad:09:b6:7d:f6:2b:f1:c7:83:cf:f0:
85:50:4d:f6:51:5c:2d:51:90:16:20:c2:72:91:bb:5d:e1:64:
55:38:4e:a7:50:b9:9c:71:69:f2:59:4c:16:a8:93:fd:00:b9:
6d:d6:9c:7f:c5:c9:f0:26:ae:e0:ee:9d:6d:2b:6b:b6:3d:c5:
1d:d4:dd:ec:2e:58:e9:08:6d:e9:bd:95:6b:9e:d1:b8:c0:bd:
6e:d3:fd:90:2a:6e:8d:37:77:5e:17:7d:d6:06:73:74:b2:52:
c9:3a:bf:b6:d0:3d:12:b8:0e:ff:f7:a9:f6:dc:5a:ca:a5:9e:
a2:be:86:a3:75:6c:85:fe:79:92:30:47:d9:c8:53:d2:2e:bd:
b7:16:6c:4d:1d:b0:22:a8:22:77:f7:27:44:3e:d4:70:8a:28:
78:b3:ec:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqOY/VVVV39p8byzp/EPq8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNmJmZDkyOGJjY2I0MmFkOWM0NjhhNTUyYWI3MzkzZmRk
ODcwOTUwHhcNMjMwOTEzMTE1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGU2OTVhYTI2MDQ4OTRhMDUwOTk0OGE0NmYyYjBhMzQ5MjU2MDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF7GdSpK3v2Grtjrw/AViCDMpJ3P
sDtRjySiYNP4MXWfuegWLyc799cCkgq4Z0II7OiJxzeo6UbsF9r27MI8mAWG8lXC
BDJkqErkDKlwVfiDA02ElMBX4DITRcaK/LP3/NYIRQKbO38UTqjdK8tKes+kwt8j
ofZamvQZePV7khvGWpWRuoMeXK6dOI2DDw3+rtHeA9WD/s1k1DO3498WEPfhREI2
1QA/oIzd14bJktoRAS0/+xYsamnJ/JWbpua2LeopebTCj/W3hmSQMQKN9C20omcQ
M/XBUsdxi0OXd441wVYgYU9IBKfja4sP9dsw5GqOldsF4GniJOAdiY2w9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjmlaomBIlKBQmUikbysKNJJWBpMB8GA1UdIwQY
MBaAFNNr/ZKLzLQq2cRopVKrc5P92HCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjkt
YTc0ZTRhODg3ODA0LzEveU9hVnFpWUVpVW9GQ1pTS1J2S3dvMGtsWUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjktYTc0ZTRhODg3ODA0
LzEvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU4oAMA0G
CSqGSIb3DQEBCwUAA4IBAQBcaZuRtw9hoVbmOFFxyNz2ZBABFHfnrZ4L6TpdQ5i+
OGYifq1NqVbsGUXcvuSWyj6+ARLhSGEaabhCCxLWuM0i1rB50KRGGVdUGhMBSOt5
PEsYJD6XKNVobYGDJAWgW3torQm2ffYr8ceDz/CFUE32UVwtUZAWIMJykbtd4WRV
OE6nULmccWnyWUwWqJP9ALlt1px/xcnwJq7g7p1tK2u2PcUd1N3sLljpCG3pvZVr
ntG4wL1u0/2QKm6NN3deF33WBnN0slLJOr+20D0SuA7/96n23FrKpZ6ivoajdWyF
/nmSMEfZyFPSLr23FmxNHbAiqCJ39ydEPtRwiih4s+yG
-----END CERTIFICATE-----
Generated at Mon Oct 9 11:52:25 2023 by rpki-client on console-ams.rpki-client.org