Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/xMraKQVXtV87tZZlzjbJiGQgg-w.roa
File: xMraKQVXtV87tZZlzjbJiGQgg-w.roa (raw, json)
Hash identifier: jl3t715WIJP+okmTFotR2kdelK3MiZkla20QLHRew4s=
Subject key identifier: C4:CA:DA:29:05:57:B5:5F:3B:B5:96:65:CE:36:C9:88:64:20:83:EC
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 01856F2FCED305B601D004FB2752C7E86E0E
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/xMraKQVXtV87tZZlzjbJiGQgg-w.roa
Signing time: Sun 01 Jan 2023 21:14:42 +0000
ROA not before: Sun 01 Jan 2023 21:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16839
IP address blocks: 138.12.128.0/17 maxlen: 24
37.98.232.0/21 maxlen: 24
163.120.128.0/17 maxlen: 24
148.139.0.0/16 maxlen: 24
2a04:37c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:ce:d3:05:b6:01:d0:04:fb:27:52:c7:e8:6e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Jan 1 21:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4cada290557b55f3bb59665ce36c988642083ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:75:1b:f7:e4:f6:bf:f6:ea:f2:2a:a2:df:6e:
aa:57:69:f6:9e:d8:03:26:4b:2c:2a:ae:87:68:0a:
99:f3:a7:5c:94:3c:95:c6:3f:7f:47:8c:ff:bf:84:
dd:69:99:07:fe:26:a7:61:e5:ae:44:30:4f:82:ef:
55:04:f7:2b:7c:a8:6c:cd:71:13:9a:ae:92:37:a7:
bb:67:ad:e7:b1:ea:07:c1:b5:0f:0d:ad:91:dc:94:
83:7e:2b:38:15:e3:7b:b7:b6:f0:24:5e:01:2a:8d:
03:07:8d:96:21:01:4a:95:fc:88:3c:26:0e:cc:55:
0b:53:62:dc:32:b6:1d:a5:54:0d:67:77:b0:53:7b:
12:a1:e3:b1:6d:a6:fc:67:08:08:28:fc:8c:3f:ab:
a8:3e:03:6d:86:57:32:9c:e0:fb:53:7d:2a:81:62:
67:c0:0c:a8:8f:95:d1:05:02:e8:d7:c7:2f:19:7b:
aa:c7:d0:9a:12:4f:c9:a8:e3:c3:37:7b:21:fc:8f:
0a:d0:6a:5d:37:c2:20:d5:61:be:04:47:fa:47:1c:
02:cc:b6:89:d9:c7:a2:a3:d8:45:e7:25:04:1d:b3:
d4:84:b7:e9:03:03:7d:f3:dd:ce:ed:24:4b:60:f3:
c1:51:c3:21:16:ad:e8:a0:53:cd:55:19:de:e4:88:
29:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CA:DA:29:05:57:B5:5F:3B:B5:96:65:CE:36:C9:88:64:20:83:EC
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/xMraKQVXtV87tZZlzjbJiGQgg-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
138.12.128.0/17
148.139.0.0/16
163.120.128.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:85:e4:74:04:de:d8:b4:48:16:a6:27:23:50:f1:7c:23:f9:
06:4d:73:10:80:db:0e:d1:69:d0:08:8a:27:09:9b:19:10:30:
86:55:b6:b0:ed:cd:2c:d3:6c:23:b4:d0:00:1b:97:26:44:9a:
97:c8:f0:23:68:e7:d0:01:c8:3d:0a:96:af:31:f8:52:ad:aa:
0d:1d:c7:2a:3d:31:e9:92:b9:7a:c7:ac:ce:4a:4f:24:91:fb:
3b:56:28:64:59:36:7f:4b:3e:96:8b:37:0c:23:54:41:39:cb:
04:25:f2:dc:92:b8:41:66:2f:1a:bf:f1:bb:8f:44:07:86:a4:
48:ff:98:ad:79:df:96:d9:b8:8e:03:be:53:52:6e:c0:97:dd:
ea:00:c1:bb:e6:4f:08:7a:ba:4b:3c:2e:39:09:40:61:38:1a:
ff:cb:08:03:f8:bd:e7:b9:27:70:83:fc:ba:15:ae:f0:71:40:
36:15:ec:fa:d5:3f:06:d6:7a:dc:c9:b8:7e:0b:6b:b4:0a:d5:
28:f9:a8:7d:a8:ee:09:53:cf:a9:fd:86:91:6d:5e:50:3c:6c:
33:90:14:18:6d:98:ce:88:7d:54:89:77:ef:b9:bf:95:84:58:
5f:85:b0:7b:92:02:dc:f8:95:8d:97:05:d5:c8:48:2a:17:85:
7f:6d:1b:f6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvL87TBbYB0AT7J1LH6G4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjMwMTAxMjExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGNhZGEyOTA1NTdiNTVmM2JiNTk2NjVjZTM2Yzk4ODY0MjA4M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznUb9+T2v/bq8iqi326qV2n2ntgD
JkssKq6HaAqZ86dclDyVxj9/R4z/v4TdaZkH/ianYeWuRDBPgu9VBPcrfKhszXET
mq6SN6e7Z63nseoHwbUPDa2R3JSDfis4FeN7t7bwJF4BKo0DB42WIQFKlfyIPCYO
zFULU2LcMrYdpVQNZ3ewU3sSoeOxbab8ZwgIKPyMP6uoPgNthlcynOD7U30qgWJn
wAyoj5XRBQLo18cvGXuqx9CaEk/JqOPDN3sh/I8K0GpdN8Ig1WG+BEf6RxwCzLaJ
2ceio9hF5yUEHbPUhLfpAwN9893O7SRLYPPBUcMhFq3ooFPNVRne5IgpDQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMTK2ikFV7VfO7WWZc42yYhkIIPsMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEveE1yYUtRVlh0Vjg3dFpabHpqYkppR1FnZy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQDJWLoAwQH
igyAAwMAlIsDBAejeIAwDQQCAAIwBwMFAyoEN8AwDQYJKoZIhvcNAQELBQADggEB
AEyF5HQE3ti0SBamJyNQ8Xwj+QZNcxCA2w7RadAIiicJmxkQMIZVtrDtzSzTbCO0
0AAblyZEmpfI8CNo59AByD0Klq8x+FKtqg0dxyo9MemSuXrHrM5KTySR+ztWKGRZ
Nn9LPpaLNwwjVEE5ywQl8tySuEFmLxq/8buPRAeGpEj/mK1535bZuI4DvlNSbsCX
3eoAwbvmTwh6uks8LjkJQGE4Gv/LCAP4vee5J3CD/LoVrvBxQDYV7PrVPwbWetzJ
uH4La7QK1Sj5qH2o7glTz6n9hpFtXlA8bDOQFBhtmM6IfVSJd++5v5WEWF+FsHuS
Atz4lY2XBdXISCoXhX9tG/Y=
-----END CERTIFICATE-----
Generated at Mon Sep 25 09:21:26 2023 by rpki-client on console-fra.rpki-client.org