Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/910bd4-7fda-4934-a403-b136fe40df4d/1/heMlky5g1O8uDBANBWKx-OxOzC8.roa
File: heMlky5g1O8uDBANBWKx-OxOzC8.roa (raw, json)
Hash identifier: uAwydjABCtXidW9HyIOnh5nK0l27IUPg5j9fW5+AeBQ=
Subject key identifier: 85:E3:25:93:2E:60:D4:EF:2E:0C:10:0D:05:62:B1:F8:EC:4E:CC:2F
Certificate issuer: /CN=7698c999e7f0493ee36634e892b37c9f3bf9407d
Certificate serial: 01856F42A1DAB3815533450C9D917DDFCAA8
Authority key identifier: 76:98:C9:99:E7:F0:49:3E:E3:66:34:E8:92:B3:7C:9F:3B:F9:40:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dpjJmefwST7jZjTokrN8nzv5QH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/910bd4-7fda-4934-a403-b136fe40df4d/1/heMlky5g1O8uDBANBWKx-OxOzC8.roa
Signing time: Sun 01 Jan 2023 21:35:15 +0000
ROA not before: Sun 01 Jan 2023 21:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35627
IP address blocks: 195.160.166.0/24 maxlen: 24
195.160.166.0/23 maxlen: 24
2001:67c:5c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a1:da:b3:81:55:33:45:0c:9d:91:7d:df:ca:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7698c999e7f0493ee36634e892b37c9f3bf9407d
Validity
Not Before: Jan 1 21:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85e325932e60d4ef2e0c100d0562b1f8ec4ecc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:80:80:e7:5d:25:3b:93:5d:9b:62:b6:85:e1:
21:05:25:d5:17:a1:8e:aa:6b:95:d5:85:da:a7:53:
bb:c9:1b:dd:78:b9:a3:8f:b4:58:5b:4e:95:59:45:
c5:ec:b3:b3:76:e3:23:23:ac:39:40:c4:d8:cb:25:
b5:5c:8d:b3:88:0f:46:00:53:a4:08:4b:35:83:66:
a3:e6:98:17:f4:b0:dd:45:e8:09:cb:0c:8a:9f:99:
40:bd:8e:8b:e8:1b:bc:03:47:a9:35:d6:d3:cf:83:
81:8b:24:c4:d5:f2:00:03:32:dd:03:e5:5a:1f:4c:
33:f3:9e:a5:1b:95:e4:72:c0:c2:17:65:c9:cf:f3:
0b:5c:ae:19:86:37:18:4a:77:72:11:19:d4:c2:19:
df:76:7d:db:9d:7e:a7:21:7d:bf:da:ae:f9:ad:b3:
e6:a8:c9:c7:c8:0a:2c:8a:c5:13:fa:5d:60:fe:6a:
96:88:34:a5:87:0d:d8:d9:a0:1a:c9:e7:0c:89:d0:
6d:17:ce:d0:c6:e4:94:29:dc:bf:48:82:a5:3d:ec:
dc:0b:41:97:01:15:11:28:d0:5c:d2:95:0a:6c:17:
ca:49:99:79:14:11:45:b5:cb:fc:aa:71:f6:42:2e:
15:42:aa:db:9b:63:3c:15:a3:e6:ef:5d:49:d7:18:
8b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E3:25:93:2E:60:D4:EF:2E:0C:10:0D:05:62:B1:F8:EC:4E:CC:2F
X509v3 Authority Key Identifier:
keyid:76:98:C9:99:E7:F0:49:3E:E3:66:34:E8:92:B3:7C:9F:3B:F9:40:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpjJmefwST7jZjTokrN8nzv5QH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/910bd4-7fda-4934-a403-b136fe40df4d/1/heMlky5g1O8uDBANBWKx-OxOzC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/910bd4-7fda-4934-a403-b136fe40df4d/1/dpjJmefwST7jZjTokrN8nzv5QH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.166.0/23
IPv6:
2001:67c:5c::/48
Signature Algorithm: sha256WithRSAEncryption
0f:06:8e:20:19:74:eb:d1:e5:70:bf:a9:cc:81:cf:6a:63:6c:
ba:57:c0:61:4f:96:cd:85:a9:1c:ae:fc:49:e1:40:a9:f7:50:
af:32:a7:4d:c7:66:4b:1c:da:f0:73:5c:22:c2:05:4a:b1:dc:
b2:a5:43:06:10:61:e3:f7:06:4f:43:92:d6:6e:9d:ea:f9:f8:
eb:33:72:8d:db:eb:88:de:e2:b1:58:c8:4c:33:6b:61:3f:96:
b4:e3:44:e2:2a:72:22:93:3b:ba:25:48:3b:c8:fe:ed:f5:9f:
0c:6e:9c:b1:9b:12:46:68:ef:54:eb:bc:7f:74:a5:ba:48:89:
13:33:53:4d:d5:f6:ee:fb:64:e1:b8:86:cf:6a:42:ce:c4:51:
24:b1:98:73:c8:c5:91:6b:45:10:8f:1c:12:7a:b8:1a:a5:fa:
84:88:51:ef:f2:15:67:77:ae:d3:72:0d:f5:66:a7:15:9e:82:
7e:42:7f:43:ff:ff:f1:90:d0:88:2a:88:0a:62:6b:29:ac:f6:
70:a1:6d:93:35:53:7b:f7:c0:2e:a2:29:ed:cd:31:54:d3:c2:
e0:c6:33:c8:16:e4:76:f9:c5:a9:e9:11:61:8c:e8:5f:e5:00:
c3:a0:53:04:02:07:b3:a7:ab:11:a0:cb:ed:89:ce:18:94:83:
f9:8e:e5:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvQqHas4FVM0UMnZF938qoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OThjOTk5ZTdmMDQ5M2VlMzY2MzRlODkyYjM3YzlmM2Jm
OTQwN2QwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWUzMjU5MzJlNjBkNGVmMmUwYzEwMGQwNTYyYjFmOGVjNGVjYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYCA510lO5Ndm2K2heEhBSXVF6GO
qmuV1YXap1O7yRvdeLmjj7RYW06VWUXF7LOzduMjI6w5QMTYyyW1XI2ziA9GAFOk
CEs1g2aj5pgX9LDdRegJywyKn5lAvY6L6Bu8A0epNdbTz4OBiyTE1fIAAzLdA+Va
H0wz856lG5XkcsDCF2XJz/MLXK4ZhjcYSndyERnUwhnfdn3bnX6nIX2/2q75rbPm
qMnHyAosisUT+l1g/mqWiDSlhw3Y2aAayecMidBtF87QxuSUKdy/SIKlPezcC0GX
ARURKNBc0pUKbBfKSZl5FBFFtcv8qnH2Qi4VQqrbm2M8FaPm711J1xiLmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIXjJZMuYNTvLgwQDQVisfjsTswvMB8GA1UdIwQY
MBaAFHaYyZnn8Ek+42Y06JKzfJ87+UB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHBqSm1lZndTVDdqWmpUb2tyTjhuenY1UUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC85MTBiZDQtN2ZkYS00OTM0LWE0MDMt
YjEzNmZlNDBkZjRkLzEvaGVNbGt5NWcxTzh1REJBTkJXS3gtT3hPekM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC85MTBiZDQtN2ZkYS00OTM0LWE0MDMtYjEzNmZlNDBkZjRk
LzEvZHBqSm1lZndTVDdqWmpUb2tyTjhuenY1UUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw6CmMA8E
AgACMAkDBwAgAQZ8AFwwDQYJKoZIhvcNAQELBQADggEBAA8GjiAZdOvR5XC/qcyB
z2pjbLpXwGFPls2FqRyu/EnhQKn3UK8yp03HZksc2vBzXCLCBUqx3LKlQwYQYeP3
Bk9DktZuner5+Oszco3b64je4rFYyEwza2E/lrTjROIqciKTO7olSDvI/u31nwxu
nLGbEkZo71TrvH90pbpIiRMzU03V9u77ZOG4hs9qQs7EUSSxmHPIxZFrRRCPHBJ6
uBql+oSIUe/yFWd3rtNyDfVmpxWegn5Cf0P///GQ0IgqiApiayms9nChbZM1U3v3
wC6iKe3NMVTTwuDGM8gW5Hb5xanpEWGM6F/lAMOgUwQCB7OnqxGgy+2JzhiUg/mO
5TU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:20 2024 by rpki-client on console-fra.rpki-client.org