Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/32049c-6393-4106-b30e-1fc1e73f0607/1/22yFZ6VTDvbJSM60KTy2IVGKbEU.roa
File: 22yFZ6VTDvbJSM60KTy2IVGKbEU.roa (raw, json)
Hash identifier: wjesJCblrKZ2RLEeqIKP0WPgbsNvORMdKajaXx5+nxk=
Subject key identifier: DB:6C:85:67:A5:53:0E:F6:C9:48:CE:B4:29:3C:B6:21:51:8A:6C:45
Certificate issuer: /CN=2ffbd9de8d89526c5a49a766c1f485f09f5a9166
Certificate serial: 0187B72CD5720D6D3A678DE729E102F8DCA4
Authority key identifier: 2F:FB:D9:DE:8D:89:52:6C:5A:49:A7:66:C1:F4:85:F0:9F:5A:91:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L_vZ3o2JUmxaSadmwfSF8J9akWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/32049c-6393-4106-b30e-1fc1e73f0607/1/22yFZ6VTDvbJSM60KTy2IVGKbEU.roa
Signing time: Tue 25 Apr 2023 06:49:41 +0000
ROA not before: Tue 25 Apr 2023 06:49:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41561
IP address blocks: 193.201.244.0/22 maxlen: 22
195.78.70.0/23 maxlen: 23
2a04:83c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:2c:d5:72:0d:6d:3a:67:8d:e7:29:e1:02:f8:dc:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ffbd9de8d89526c5a49a766c1f485f09f5a9166
Validity
Not Before: Apr 25 06:49:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db6c8567a5530ef6c948ceb4293cb621518a6c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e6:de:69:ba:d2:3b:72:c6:0b:ae:ce:54:ab:
39:42:b3:58:cc:2a:5e:67:6d:f1:92:ae:b4:cf:44:
38:07:51:b9:34:62:11:2f:3d:51:6e:54:22:4b:bb:
dc:9c:a6:6c:37:43:bb:28:45:0e:3a:3c:31:cd:c9:
b3:79:74:8e:8f:c8:59:d9:c6:26:3e:dd:f1:be:62:
ae:0d:6f:8c:33:89:d2:5a:51:2d:af:75:c2:b9:0b:
a1:f3:a6:82:bb:ce:c7:e9:23:b3:09:46:fd:69:a9:
0f:d8:40:63:e6:eb:04:67:9d:a7:d1:77:6d:ed:b5:
c8:b2:ef:63:47:5a:09:ca:ad:ca:9d:a6:2f:bf:fc:
87:a7:60:b8:19:5b:b5:93:54:e0:55:4d:0a:d5:f9:
03:31:c7:f1:38:49:0a:b7:66:50:48:24:84:e4:66:
c7:dd:30:47:d9:ec:3e:6c:7d:08:36:82:42:bf:09:
67:a9:85:48:60:41:d2:28:bc:45:a7:36:38:03:96:
52:cc:8d:01:18:93:b4:1e:e1:d5:11:99:10:f5:67:
54:82:47:ad:ab:f2:53:b3:85:58:8b:45:b9:b0:0b:
69:57:1b:52:2c:e7:a5:c0:b6:48:14:88:a3:c0:ec:
f4:6c:d1:54:fa:4c:10:5f:45:d6:15:5e:9d:49:d8:
03:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:6C:85:67:A5:53:0E:F6:C9:48:CE:B4:29:3C:B6:21:51:8A:6C:45
X509v3 Authority Key Identifier:
keyid:2F:FB:D9:DE:8D:89:52:6C:5A:49:A7:66:C1:F4:85:F0:9F:5A:91:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L_vZ3o2JUmxaSadmwfSF8J9akWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/32049c-6393-4106-b30e-1fc1e73f0607/1/22yFZ6VTDvbJSM60KTy2IVGKbEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/32049c-6393-4106-b30e-1fc1e73f0607/1/L_vZ3o2JUmxaSadmwfSF8J9akWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.244.0/22
195.78.70.0/23
IPv6:
2a04:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
4f:5a:81:02:a9:90:48:21:21:cf:3f:49:b4:5a:a9:b0:94:47:
75:c1:b2:d6:57:e3:a8:3e:05:71:c3:58:20:64:43:f5:42:59:
f3:5c:94:74:92:55:50:bf:b4:c2:70:40:ef:2f:8d:25:14:20:
e7:59:e0:de:77:be:e0:42:4f:01:a4:92:a2:2f:44:4c:b5:f0:
ab:3a:03:a3:8f:c3:44:b6:1f:f2:d4:15:17:61:3c:af:04:bc:
33:fc:d1:0a:87:54:f4:78:7d:09:2c:db:24:e9:e3:87:b1:a8:
63:01:35:0c:f4:69:41:95:e0:45:43:a7:c3:5e:0b:98:47:af:
03:17:22:c6:c8:35:fe:d6:0e:c8:b7:46:c1:f8:eb:c0:1c:ad:
80:64:44:1a:94:36:8f:75:00:7d:4c:06:b9:18:49:be:b5:5c:
60:15:41:9b:44:fd:09:15:5b:d0:e1:69:51:67:2b:ba:fd:7b:
28:fa:ce:1f:c9:08:76:25:e7:b1:ad:12:17:b1:83:90:86:39:
e6:26:4a:4f:17:c1:58:83:7a:7d:8e:36:89:be:9b:f2:73:56:
ff:6f:ba:f2:ae:e8:a3:5a:2d:ba:cc:f4:aa:6c:7f:63:03:54:
8d:df:cc:b9:ab:3d:d7:b5:cc:5c:c3:b6:09:35:77:0e:1d:a6:
a0:d4:a8:c8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYe3LNVyDW06Z43nKeEC+NykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZmJkOWRlOGQ4OTUyNmM1YTQ5YTc2NmMxZjQ4NWYwOWY1
YTkxNjYwHhcNMjMwNDI1MDY0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjZjODU2N2E1NTMwZWY2Yzk0OGNlYjQyOTNjYjYyMTUxOGE2YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+beabrSO3LGC67OVKs5QrNYzCpe
Z23xkq60z0Q4B1G5NGIRLz1RblQiS7vcnKZsN0O7KEUOOjwxzcmzeXSOj8hZ2cYm
Pt3xvmKuDW+MM4nSWlEtr3XCuQuh86aCu87H6SOzCUb9aakP2EBj5usEZ52n0Xdt
7bXIsu9jR1oJyq3KnaYvv/yHp2C4GVu1k1TgVU0K1fkDMcfxOEkKt2ZQSCSE5GbH
3TBH2ew+bH0INoJCvwlnqYVIYEHSKLxFpzY4A5ZSzI0BGJO0HuHVEZkQ9WdUgket
q/JTs4VYi0W5sAtpVxtSLOelwLZIFIijwOz0bNFU+kwQX0XWFV6dSdgDaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNtshWelUw72yUjOtCk8tiFRimxFMB8GA1UdIwQY
MBaAFC/72d6NiVJsWkmnZsH0hfCfWpFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTF92WjNvMkpVbXhhU2FkbXdmU0Y4Sjlha1dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMjA0OWMtNjM5My00MTA2LWIzMGUt
MWZjMWU3M2YwNjA3LzEvMjJ5Rlo2VlREdmJKU002MEtUeTJJVkdLYkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMjA0OWMtNjM5My00MTA2LWIzMGUtMWZjMWU3M2YwNjA3
LzEvTF92WjNvMkpVbXhhU2FkbXdmU0Y4Sjlha1dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwcn0AwQB
w05GMA0EAgACMAcDBQMqBIPAMA0GCSqGSIb3DQEBCwUAA4IBAQBPWoECqZBIISHP
P0m0WqmwlEd1wbLWV+OoPgVxw1ggZEP1QlnzXJR0klVQv7TCcEDvL40lFCDnWeDe
d77gQk8BpJKiL0RMtfCrOgOjj8NEth/y1BUXYTyvBLwz/NEKh1T0eH0JLNsk6eOH
sahjATUM9GlBleBFQ6fDXguYR68DFyLGyDX+1g7It0bB+OvAHK2AZEQalDaPdQB9
TAa5GEm+tVxgFUGbRP0JFVvQ4WlRZyu6/Xso+s4fyQh2JeexrRIXsYOQhjnmJkpP
F8FYg3p9jjaJvpvyc1b/b7ryruijWi26zPSqbH9jA1SN38y5qz3Xtcxcw7YJNXcO
Haag1KjI
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:00 2024 by rpki-client on console-ams.rpki-client.org