Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/dnOiFqMd-IRrV8N0cAvnaM6MBIc.roa
File: dnOiFqMd-IRrV8N0cAvnaM6MBIc.roa (raw, json)
Hash identifier: uRxZDsEF5Ercuz5OTfCVoqjBlMqM/MLSIxmBmdqTxCg=
Subject key identifier: 76:73:A2:16:A3:1D:F8:84:6B:57:C3:74:70:0B:E7:68:CE:8C:04:87
Certificate issuer: /CN=49a9e891e06d42277dc4fb5fbd69e9abd8e29883
Certificate serial: 01856D5D286ADCAB43C36B4CD05EBB75C0E0
Authority key identifier: 49:A9:E8:91:E0:6D:42:27:7D:C4:FB:5F:BD:69:E9:AB:D8:E2:98:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SanokeBtQid9xPtfvWnpq9jimIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/dnOiFqMd-IRrV8N0cAvnaM6MBIc.roa
Signing time: Sun 01 Jan 2023 12:44:59 +0000
ROA not before: Sun 01 Jan 2023 12:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196655
IP address blocks: 109.68.128.0/21 maxlen: 24
185.40.200.0/22 maxlen: 24
178.22.16.0/21 maxlen: 21
193.142.23.0/24 maxlen: 24
2a00:1f50::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:28:6a:dc:ab:43:c3:6b:4c:d0:5e:bb:75:c0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49a9e891e06d42277dc4fb5fbd69e9abd8e29883
Validity
Not Before: Jan 1 12:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7673a216a31df8846b57c374700be768ce8c0487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:55:f5:da:90:86:9e:97:ab:b0:25:6b:61:35:
c4:c8:0c:98:eb:3a:6a:a2:67:52:15:49:65:4a:22:
11:f5:aa:68:5c:96:7d:04:ea:b5:19:d8:01:a0:a7:
e4:98:4c:cf:9c:3f:e5:1a:14:8d:85:4d:5c:d5:15:
a9:b0:57:a8:f2:b8:f7:fc:18:9b:36:dd:c6:c3:a4:
60:bc:d9:b4:ac:4a:ab:76:2f:88:17:3c:10:43:95:
48:94:d9:8a:db:0e:53:54:ba:8d:33:d8:61:08:04:
cb:af:64:cf:2c:8f:81:6b:86:90:cd:e5:12:b0:c0:
d9:a3:9c:86:b0:a9:50:e5:84:bd:70:85:3b:96:a7:
6a:45:76:3f:0c:e5:88:38:60:9d:23:4d:c0:7c:20:
6e:04:ea:69:3e:cc:92:db:0e:5e:e0:5d:57:e6:16:
20:d2:a9:82:00:69:e2:75:72:49:e5:9c:27:49:9c:
29:51:88:73:b7:b0:25:70:50:8c:33:76:a6:e5:6d:
c1:cc:4a:79:70:e6:a6:a1:fa:73:84:96:50:88:3c:
db:09:63:14:5b:08:4a:3d:d4:d9:7d:3a:4a:67:0e:
4a:c8:fb:63:90:d3:5b:de:e5:da:c3:41:fa:a5:08:
b5:ce:05:04:bb:5e:ec:c1:08:fe:d5:ea:39:64:72:
31:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:73:A2:16:A3:1D:F8:84:6B:57:C3:74:70:0B:E7:68:CE:8C:04:87
X509v3 Authority Key Identifier:
keyid:49:A9:E8:91:E0:6D:42:27:7D:C4:FB:5F:BD:69:E9:AB:D8:E2:98:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SanokeBtQid9xPtfvWnpq9jimIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/dnOiFqMd-IRrV8N0cAvnaM6MBIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/SanokeBtQid9xPtfvWnpq9jimIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.128.0/21
178.22.16.0/21
185.40.200.0/22
193.142.23.0/24
IPv6:
2a00:1f50::/32
Signature Algorithm: sha256WithRSAEncryption
47:ff:94:f9:96:03:c0:c3:ee:1e:31:1e:51:8a:d1:49:a0:38:
50:29:e4:80:51:fa:42:35:f9:fb:73:43:21:d0:47:30:79:52:
62:dc:30:1a:2a:2e:4c:d0:81:04:7f:ed:bd:90:a7:02:94:74:
20:19:f4:19:de:b1:4f:59:06:95:0d:30:49:9c:7a:28:7c:dc:
ee:be:f5:f7:fe:e2:9c:3d:44:93:60:00:69:a6:19:38:c8:04:
f8:05:7a:69:07:34:47:8d:d1:08:98:df:74:e9:93:2b:0f:2f:
33:ee:12:ca:0a:84:a4:b0:69:e1:5f:6f:c5:23:a0:85:6b:06:
40:c1:dc:6f:66:6c:75:c3:2a:30:97:46:45:85:5a:40:36:52:
51:dd:d7:87:c3:f2:be:1c:2a:13:12:65:3d:a1:51:8a:74:9e:
f0:5a:9c:b1:63:7c:c0:f6:04:c6:d7:2c:32:52:86:c9:97:28:
1e:b5:b3:82:d2:45:43:e3:2d:6e:5d:95:46:39:a9:7e:41:76:
6e:a4:2c:d8:11:68:61:20:03:8b:7e:e6:35:13:47:8b:d9:6f:
2e:ab:0d:e2:ef:1a:3a:8a:d7:cb:45:b4:69:2b:9a:71:56:e0:
dc:b2:4c:34:ff:02:bd:e8:df:f3:24:f0:88:47:0e:aa:61:2e:
01:c8:30:02
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtXShq3KtDw2tM0F67dcDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YTllODkxZTA2ZDQyMjc3ZGM0ZmI1ZmJkNjllOWFiZDhl
Mjk4ODMwHhcNMjMwMTAxMTI0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjczYTIxNmEzMWRmODg0NmI1N2MzNzQ3MDBiZTc2OGNlOGMwNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1X12pCGnpersCVrYTXEyAyY6zpq
omdSFUllSiIR9apoXJZ9BOq1GdgBoKfkmEzPnD/lGhSNhU1c1RWpsFeo8rj3/Bib
Nt3Gw6RgvNm0rEqrdi+IFzwQQ5VIlNmK2w5TVLqNM9hhCATLr2TPLI+Ba4aQzeUS
sMDZo5yGsKlQ5YS9cIU7lqdqRXY/DOWIOGCdI03AfCBuBOppPsyS2w5e4F1X5hYg
0qmCAGnidXJJ5ZwnSZwpUYhzt7AlcFCMM3am5W3BzEp5cOamofpzhJZQiDzbCWMU
WwhKPdTZfTpKZw5KyPtjkNNb3uXaw0H6pQi1zgUEu17swQj+1eo5ZHIxNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHZzohajHfiEa1fDdHAL52jOjASHMB8GA1UdIwQY
MBaAFEmp6JHgbUInfcT7X71p6avY4piDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2Fub2tlQnRRaWQ5eFB0ZnZXbnBxOWppbUlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81MzY5NmYtZjk3My00N2ZiLThkNzkt
YWRkYzZkNGJiMmU3LzEvZG5PaUZxTWQtSVJyVjhOMGNBdm5hTTZNQkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81MzY5NmYtZjk3My00N2ZiLThkNzktYWRkYzZkNGJiMmU3
LzEvU2Fub2tlQnRRaWQ5eFB0ZnZXbnBxOWppbUlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDbUSAAwQD
shYQAwQCuSjIAwQAwY4XMA0EAgACMAcDBQAqAB9QMA0GCSqGSIb3DQEBCwUAA4IB
AQBH/5T5lgPAw+4eMR5RitFJoDhQKeSAUfpCNfn7c0Mh0EcweVJi3DAaKi5M0IEE
f+29kKcClHQgGfQZ3rFPWQaVDTBJnHoofNzuvvX3/uKcPUSTYABpphk4yAT4BXpp
BzRHjdEImN906ZMrDy8z7hLKCoSksGnhX2/FI6CFawZAwdxvZmx1wyowl0ZFhVpA
NlJR3deHw/K+HCoTEmU9oVGKdJ7wWpyxY3zA9gTG1ywyUobJlygetbOC0kVD4y1u
XZVGOal+QXZupCzYEWhhIAOLfuY1E0eL2W8uqw3i7xo6itfLRbRpK5pxVuDcskw0
/wK96N/zJPCIRw6qYS4ByDAC
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:09 2024 by rpki-client on console-ams.rpki-client.org