Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/iQUzb5VxD9xPinpFRKONX5HQRkU.roa
File: iQUzb5VxD9xPinpFRKONX5HQRkU.roa (raw, json)
Hash identifier: V5G7Fn8wx3eGbFzu20VZmGgVHrsVvmFM6/JH6ciCMpU=
Subject key identifier: 89:05:33:6F:95:71:0F:DC:4F:8A:7A:45:44:A3:8D:5F:91:D0:46:45
Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Certificate serial: 018570796C87EB9CB4CC3C0C512858FF9768
Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/iQUzb5VxD9xPinpFRKONX5HQRkU.roa
Signing time: Mon 02 Jan 2023 03:14:43 +0000
ROA not before: Mon 02 Jan 2023 03:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40021
IP address blocks: 176.57.165.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6c:87:eb:9c:b4:cc:3c:0c:51:28:58:ff:97:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Validity
Not Before: Jan 2 03:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8905336f95710fdc4f8a7a4544a38d5f91d04645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:82:52:e2:0b:de:56:7b:63:da:62:e4:2c:2e:
03:b7:6d:3c:47:98:b6:a0:5e:a7:21:b2:9c:7e:85:
92:01:5b:2b:b4:a2:0a:5c:ad:eb:bf:e9:93:f6:c1:
c5:4c:c2:55:be:21:2b:66:64:11:3c:92:5c:58:c1:
cb:34:13:bc:f8:53:55:08:1a:a4:2a:ff:47:c0:a3:
0d:03:0b:01:8e:b7:3c:19:2e:25:86:93:1c:13:2a:
9e:82:f1:b1:c2:07:03:a7:24:10:80:dd:08:7e:ad:
6a:38:54:0a:5a:90:f5:a7:cd:ee:03:32:63:10:c5:
be:cc:76:7a:e5:81:c7:f1:f1:3c:ab:54:02:b2:cd:
03:5c:41:9f:9a:57:a3:ef:07:0a:c1:2b:6b:ae:ab:
40:3b:4b:d8:f1:19:ae:2b:f8:8d:21:6b:7d:38:09:
c3:2f:60:c7:89:3e:2b:bf:14:52:6b:b0:7a:21:25:
87:21:5e:be:f8:4e:e2:93:be:45:45:dd:d3:32:85:
a1:5c:c1:a9:79:f0:f5:91:e7:dd:75:57:ea:eb:1b:
1e:cf:ef:cd:5b:9b:fd:d1:3b:92:d3:04:c2:18:05:
60:5b:3f:04:ce:d4:ad:18:d9:88:78:4f:32:c8:4a:
44:c1:a8:8c:c6:b9:d3:f0:92:37:dc:37:e3:64:de:
f7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:05:33:6F:95:71:0F:DC:4F:8A:7A:45:44:A3:8D:5F:91:D0:46:45
X509v3 Authority Key Identifier:
keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/iQUzb5VxD9xPinpFRKONX5HQRkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.165.0/24
Signature Algorithm: sha256WithRSAEncryption
42:71:99:16:88:2e:9c:d2:b3:6e:a9:30:47:7d:be:72:d2:41:
48:0c:f6:bd:b3:e3:e8:f3:e9:69:9f:27:61:10:4c:f8:d5:c1:
73:5c:b0:55:96:c0:d4:86:68:c1:0f:a5:a1:e3:30:65:78:9f:
be:8c:4c:91:d2:5b:af:20:85:ab:d2:0d:2f:45:53:8d:21:57:
f1:f8:3b:e9:8f:be:16:9f:8d:5d:e2:9f:9c:a0:9f:03:cd:ea:
ce:34:44:f6:04:e6:0a:84:21:7b:9c:e8:8d:97:70:ef:69:63:
cf:34:a7:11:51:c3:fb:2c:db:cc:8c:fe:92:cf:8c:4e:b9:41:
a6:6b:16:52:47:f1:a3:2d:e0:88:c9:eb:cb:04:f3:0a:cb:6d:
9c:16:72:37:79:a5:67:6a:44:03:4d:9c:07:06:f2:4d:9a:99:
b4:68:0a:ef:ac:86:91:c9:3f:17:52:26:da:94:0f:79:94:d3:
08:d9:ca:24:80:dc:f4:2a:87:78:07:dd:0a:95:cb:08:f3:9a:
20:da:6a:15:ee:21:4b:75:a1:6a:d7:a3:07:c0:c7:bd:f8:8c:
42:08:98:e4:55:ee:1f:c6:b9:50:e6:50:14:20:81:e3:fa:68:
e2:8b:e9:ae:14:d9:36:98:ce:5a:f0:a1:9c:d9:a0:d9:f7:a7:
58:07:39:ad
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVweWyH65y0zDwMUShY/5doMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy
MjBmYzIwHhcNMjMwMTAyMDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTA1MzM2Zjk1NzEwZmRjNGY4YTdhNDU0NGEzOGQ1ZjkxZDA0NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIJS4gveVntj2mLkLC4Dt208R5i2
oF6nIbKcfoWSAVsrtKIKXK3rv+mT9sHFTMJVviErZmQRPJJcWMHLNBO8+FNVCBqk
Kv9HwKMNAwsBjrc8GS4lhpMcEyqegvGxwgcDpyQQgN0Ifq1qOFQKWpD1p83uAzJj
EMW+zHZ65YHH8fE8q1QCss0DXEGfmlej7wcKwStrrqtAO0vY8RmuK/iNIWt9OAnD
L2DHiT4rvxRSa7B6ISWHIV6++E7ik75FRd3TMoWhXMGpefD1kefddVfq6xsez+/N
W5v90TuS0wTCGAVgWz8EztStGNmIeE8yyEpEwaiMxrnT8JI33DfjZN73AQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIkFM2+VcQ/cT4p6RUSjjV+R0EZFMB8GA1UdIwQY
MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz
LWE4OWY4MTc3NjQwNi8xL2lRVXpiNVZ4RDl4UGlucEZSS09OWDVIUVJrVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw
Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACwOaUw
DQYJKoZIhvcNAQELBQADggEBAEJxmRaILpzSs26pMEd9vnLSQUgM9r2z4+jz6Wmf
J2EQTPjVwXNcsFWWwNSGaMEPpaHjMGV4n76MTJHSW68ghavSDS9FU40hV/H4O+mP
vhafjV3in5ygnwPN6s40RPYE5gqEIXuc6I2XcO9pY880pxFRw/ss28yM/pLPjE65
QaZrFlJH8aMt4IjJ68sE8wrLbZwWcjd5pWdqRANNnAcG8k2ambRoCu+shpHJPxdS
JtqUD3mU0wjZyiSA3PQqh3gH3QqVywjzmiDaahXuIUt1oWrXowfAx734jEIImORV
7h/GuVDmUBQggeP6aOKL6a4U2TaYzlrwoZzZoNn3p1gHOa0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:35 2024 by rpki-client on console-ams.rpki-client.org