Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2a727b-a745-4339-925a-4d00d6032afe/1/xPPB1Ow4sJ8S3Ejb4gsi5w0cBS8.roa
File: xPPB1Ow4sJ8S3Ejb4gsi5w0cBS8.roa (raw, json)
Hash identifier: sV+iVpzu7cpR3BNcoJt5npXzhTyyaXKudKzPgy9qmu0=
Subject key identifier: C4:F3:C1:D4:EC:38:B0:9F:12:DC:48:DB:E2:0B:22:E7:0D:1C:05:2F
Certificate issuer: /CN=b244d27188fe526bd72636738195d1eb7f606335
Certificate serial: 0185720C5D3A370845C9F1D0DA63F61FE11B
Authority key identifier: B2:44:D2:71:88:FE:52:6B:D7:26:36:73:81:95:D1:EB:7F:60:63:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/skTScYj-UmvXJjZzgZXR639gYzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2a727b-a745-4339-925a-4d00d6032afe/1/xPPB1Ow4sJ8S3Ejb4gsi5w0cBS8.roa
Signing time: Mon 02 Jan 2023 10:34:50 +0000
ROA not before: Mon 02 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25522
IP address blocks: 194.153.124.0/22 maxlen: 22
194.153.120.0/22 maxlen: 22
2001:67c:704::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:5d:3a:37:08:45:c9:f1:d0:da:63:f6:1f:e1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b244d27188fe526bd72636738195d1eb7f606335
Validity
Not Before: Jan 2 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4f3c1d4ec38b09f12dc48dbe20b22e70d1c052f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b7:10:3b:86:13:b5:a5:a7:4c:5b:e7:13:74:
91:a8:d6:56:7d:76:8a:31:47:a0:2f:3a:c5:3c:5a:
99:a0:6c:0a:a4:ae:8e:32:85:e9:81:89:c4:73:b5:
ef:66:cc:bf:ec:b0:11:ac:97:05:81:27:f8:87:db:
4a:b6:b6:9b:a1:ef:95:1b:c2:c8:c0:8d:b4:42:c0:
f5:e0:f2:ba:7e:b1:5a:14:78:19:c5:4c:9f:6c:d4:
cb:2c:2c:c3:4b:bb:13:1c:31:57:89:7c:4a:b5:dd:
02:af:56:c6:47:4f:91:8b:7d:c3:b9:13:7b:9c:5e:
18:d0:c4:1e:81:fb:8e:85:2c:a4:b1:6e:37:9c:3c:
b4:b5:f8:0a:fe:dc:19:7f:ba:53:7c:ff:e6:df:b7:
86:cd:44:7f:cf:53:94:e5:b9:67:c6:82:70:e3:bb:
99:b3:04:cb:1a:b1:b5:47:e9:1f:c7:ae:e8:ed:ba:
e5:f8:56:d5:8b:b7:01:f0:2d:6e:33:8b:49:60:c7:
fa:e4:24:04:88:14:79:0a:70:c4:68:94:e8:3c:42:
f9:a6:10:ce:50:59:56:38:d3:0c:f2:6f:af:32:eb:
ca:a0:9f:22:c1:bc:86:39:03:50:8c:08:51:8e:96:
40:6f:b7:32:d7:68:93:98:a3:0b:08:a8:ba:e0:a5:
8e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F3:C1:D4:EC:38:B0:9F:12:DC:48:DB:E2:0B:22:E7:0D:1C:05:2F
X509v3 Authority Key Identifier:
keyid:B2:44:D2:71:88:FE:52:6B:D7:26:36:73:81:95:D1:EB:7F:60:63:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/skTScYj-UmvXJjZzgZXR639gYzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2a727b-a745-4339-925a-4d00d6032afe/1/xPPB1Ow4sJ8S3Ejb4gsi5w0cBS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2a727b-a745-4339-925a-4d00d6032afe/1/skTScYj-UmvXJjZzgZXR639gYzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.120.0/21
IPv6:
2001:67c:704::/48
Signature Algorithm: sha256WithRSAEncryption
bd:8b:3d:aa:9e:a7:01:e1:38:55:4f:f7:9d:71:a8:92:e6:46:
4b:5f:8f:a9:72:64:bf:d1:63:c1:ea:2c:14:a5:f7:58:0b:a2:
ce:cf:d1:0d:c4:3e:fe:39:fc:4a:52:a2:3f:76:0a:f4:7c:a8:
b5:f3:86:09:3c:aa:b0:0b:19:46:ed:61:2e:f0:b6:22:2f:89:
cc:96:e4:8c:18:d1:3f:2d:e1:97:a7:1c:17:ad:b0:da:04:c7:
7b:7d:b5:e2:7d:69:3d:88:a6:e3:b5:f0:14:b4:73:15:97:98:
67:62:1a:48:44:44:ad:f6:eb:97:27:25:07:ac:e3:21:b1:65:
dc:8f:61:7b:e8:05:1e:16:3b:fe:7c:84:4b:30:7d:3f:35:10:
5e:04:50:ae:16:09:41:84:85:f5:18:d1:fb:5d:d6:8f:0a:79:
7e:27:f6:cf:6d:24:33:96:4b:d6:98:77:73:0e:f5:aa:9f:ca:
ca:95:1a:4b:ba:e6:cd:28:15:16:7c:d2:10:03:15:24:4f:fc:
c8:5b:40:7a:41:6c:f2:e0:97:3c:76:3c:a0:6d:aa:08:48:d7:
3a:06:f1:e0:41:e1:53:24:ae:12:cc:9d:46:6f:ab:33:5f:28:
87:42:f3:17:dd:4a:b0:c4:e8:0e:40:5e:7b:d2:e5:e7:af:c3:
e7:29:d2:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyDF06NwhFyfHQ2mP2H+EbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNDRkMjcxODhmZTUyNmJkNzI2MzY3MzgxOTVkMWViN2Y2
MDYzMzUwHhcNMjMwMTAyMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGYzYzFkNGVjMzhiMDlmMTJkYzQ4ZGJlMjBiMjJlNzBkMWMwNTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbcQO4YTtaWnTFvnE3SRqNZWfXaK
MUegLzrFPFqZoGwKpK6OMoXpgYnEc7XvZsy/7LARrJcFgSf4h9tKtraboe+VG8LI
wI20QsD14PK6frFaFHgZxUyfbNTLLCzDS7sTHDFXiXxKtd0Cr1bGR0+Ri33DuRN7
nF4Y0MQegfuOhSyksW43nDy0tfgK/twZf7pTfP/m37eGzUR/z1OU5blnxoJw47uZ
swTLGrG1R+kfx67o7brl+FbVi7cB8C1uM4tJYMf65CQEiBR5CnDEaJToPEL5phDO
UFlWONMM8m+vMuvKoJ8iwbyGOQNQjAhRjpZAb7cy12iTmKMLCKi64KWOMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMTzwdTsOLCfEtxI2+ILIucNHAUvMB8GA1UdIwQY
MBaAFLJE0nGI/lJr1yY2c4GV0et/YGM1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2tUU2NZai1VbXZYSmpaemdaWFI2MzlnWXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yYTcyN2ItYTc0NS00MzM5LTkyNWEt
NGQwMGQ2MDMyYWZlLzEveFBQQjFPdzRzSjhTM0VqYjRnc2k1dzBjQlM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yYTcyN2ItYTc0NS00MzM5LTkyNWEtNGQwMGQ2MDMyYWZl
LzEvc2tUU2NZai1VbXZYSmpaemdaWFI2MzlnWXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwpl4MA8E
AgACMAkDBwAgAQZ8BwQwDQYJKoZIhvcNAQELBQADggEBAL2LPaqepwHhOFVP951x
qJLmRktfj6lyZL/RY8HqLBSl91gLos7P0Q3EPv45/EpSoj92CvR8qLXzhgk8qrAL
GUbtYS7wtiIvicyW5IwY0T8t4ZenHBetsNoEx3t9teJ9aT2IpuO18BS0cxWXmGdi
GkhERK3265cnJQes4yGxZdyPYXvoBR4WO/58hEswfT81EF4EUK4WCUGEhfUY0ftd
1o8KeX4n9s9tJDOWS9aYd3MO9aqfysqVGku65s0oFRZ80hADFSRP/MhbQHpBbPLg
lzx2PKBtqghI1zoG8eBB4VMkrhLMnUZvqzNfKIdC8xfdSrDE6A5AXnvS5eevw+cp
0qk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:23 2024 by rpki-client on console-fra.rpki-client.org