Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/ijyQjGbrCuX7JHT4g7xqnnmqIos.roa
File: ijyQjGbrCuX7JHT4g7xqnnmqIos.roa (raw, json)
Hash identifier: 5RF6syCJMbAAK4nrO1HpZCymHw3z/khy4lyUwdS4eMU=
Subject key identifier: 8A:3C:90:8C:66:EB:0A:E5:FB:24:74:F8:83:BC:6A:9E:79:AA:22:8B
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 01856D66194F37A86C84D0C51154552E6420
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/ijyQjGbrCuX7JHT4g7xqnnmqIos.roa
Signing time: Sun 01 Jan 2023 12:54:45 +0000
ROA not before: Sun 01 Jan 2023 12:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39392
IP address blocks: 213.109.164.0/22 maxlen: 22
2a09:ec00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:19:4f:37:a8:6c:84:d0:c5:11:54:55:2e:64:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Jan 1 12:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a3c908c66eb0ae5fb2474f883bc6a9e79aa228b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f8:a1:1e:05:6c:34:aa:63:be:8d:5e:03:3c:
41:a6:e4:bf:1e:64:32:8d:0f:72:be:4b:66:ab:7a:
78:16:8d:aa:1d:e7:88:b6:09:0d:8a:78:d6:3a:53:
dd:da:85:1c:32:5f:67:d2:3f:19:77:ec:1c:60:b9:
c2:88:07:58:ea:36:52:64:f3:1d:9d:39:8f:12:71:
73:8e:63:4b:90:6f:4f:a4:61:76:46:cc:2d:39:fb:
be:83:46:9b:71:1f:52:6b:11:fb:1e:04:af:e6:b4:
ee:28:70:2a:b2:60:b2:54:46:d1:59:f6:a2:71:b6:
67:bb:80:a9:4e:8d:e9:c3:ca:70:2e:9e:ca:ca:2f:
f9:53:6e:4d:06:f3:26:bf:ea:56:15:4e:0b:50:14:
b4:32:ff:87:76:24:21:2e:fb:ac:06:6a:a8:c8:e0:
1c:7e:06:97:65:64:fb:6c:9a:eb:0c:6e:70:63:cb:
c9:f0:89:3a:c4:60:33:07:04:25:22:c6:51:1b:a9:
cc:50:d4:35:95:b1:74:2b:31:c6:be:5b:97:ac:36:
b1:31:08:45:aa:be:b1:98:ac:34:1c:6e:98:d1:a2:
a2:0a:2c:cf:7c:46:5a:0c:84:68:fe:16:95:17:79:
9d:2a:61:62:ce:e1:5a:c0:24:17:ee:26:71:b0:6e:
9b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3C:90:8C:66:EB:0A:E5:FB:24:74:F8:83:BC:6A:9E:79:AA:22:8B
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/ijyQjGbrCuX7JHT4g7xqnnmqIos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.164.0/22
IPv6:
2a09:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
a8:f0:6e:4d:0a:c0:48:42:ca:4a:a3:7d:db:5c:96:2f:a4:87:
da:77:df:8b:52:83:65:2e:52:18:89:2a:6e:44:a7:5f:9b:aa:
f2:4f:9d:bf:ed:f1:44:4a:10:07:e6:23:a0:1e:ed:8a:53:b2:
34:b8:93:30:ff:00:9b:10:56:40:94:a8:3c:8d:c9:a2:75:6e:
61:17:b3:c5:14:9e:cd:86:45:a7:fd:7f:fc:ec:d2:33:c3:53:
f5:4f:54:a8:f3:a4:85:49:17:f0:fb:89:13:c5:b4:9e:80:f9:
0d:bb:02:2d:43:97:ca:e6:0e:5d:f1:c4:65:0c:6a:90:85:b4:
86:11:5f:c8:68:94:24:6f:47:26:d9:a3:93:8a:ac:81:59:98:
e2:1b:f7:f6:7f:32:02:f0:7a:b1:96:ae:b8:34:8f:51:9b:11:
70:0d:64:df:85:88:ba:53:83:a8:fa:d4:ec:59:ac:c0:75:78:
f7:0e:59:8d:7d:7f:6b:36:25:c3:3f:b5:d1:88:b9:cf:04:c6:
d8:be:ac:de:cd:af:21:76:29:d9:86:71:c8:9c:74:e1:00:d8:
40:1d:d3:f2:92:b1:8f:42:7f:8e:4a:0e:c9:51:03:e0:3b:7e:
76:9c:ea:d0:a2:24:c4:86:4b:a7:09:38:60:46:8e:5f:50:e1:
66:c5:3e:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtZhlPN6hshNDFEVRVLmQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmIwMDRlMzk3ZGRmMDRlN2QwNWYzNjQzYTAzNmYyMTgz
NmZmMTAwHhcNMjMwMTAxMTI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTNjOTA4YzY2ZWIwYWU1ZmIyNDc0Zjg4M2JjNmE5ZTc5YWEyMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPihHgVsNKpjvo1eAzxBpuS/HmQy
jQ9yvktmq3p4Fo2qHeeItgkNinjWOlPd2oUcMl9n0j8Zd+wcYLnCiAdY6jZSZPMd
nTmPEnFzjmNLkG9PpGF2RswtOfu+g0abcR9SaxH7HgSv5rTuKHAqsmCyVEbRWfai
cbZnu4CpTo3pw8pwLp7Kyi/5U25NBvMmv+pWFU4LUBS0Mv+HdiQhLvusBmqoyOAc
fgaXZWT7bJrrDG5wY8vJ8Ik6xGAzBwQlIsZRG6nMUNQ1lbF0KzHGvluXrDaxMQhF
qr6xmKw0HG6Y0aKiCizPfEZaDIRo/haVF3mdKmFizuFawCQX7iZxsG6bJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIo8kIxm6wrl+yR0+IO8ap55qiKLMB8GA1UdIwQY
MBaAFDf7AE45fd8E59BfNkOgNvIYNv8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEt
YjUzYjY0Y2YwZDk1LzEvaWp5UWpHYnJDdVg3SkhUNGc3eHFubm1xSW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEtYjUzYjY0Y2YwZDk1
LzEvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC1W2kMA0E
AgACMAcDBQMqCewAMA0GCSqGSIb3DQEBCwUAA4IBAQCo8G5NCsBIQspKo33bXJYv
pIfad9+LUoNlLlIYiSpuRKdfm6ryT52/7fFEShAH5iOgHu2KU7I0uJMw/wCbEFZA
lKg8jcmidW5hF7PFFJ7NhkWn/X/87NIzw1P1T1So86SFSRfw+4kTxbSegPkNuwIt
Q5fK5g5d8cRlDGqQhbSGEV/IaJQkb0cm2aOTiqyBWZjiG/f2fzIC8Hqxlq64NI9R
mxFwDWTfhYi6U4Oo+tTsWazAdXj3DlmNfX9rNiXDP7XRiLnPBMbYvqzeza8hdinZ
hnHInHThANhAHdPykrGPQn+OSg7JUQPgO352nOrQoiTEhkunCThgRo5fUOFmxT5B
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:17 2024 by rpki-client on console-fra.rpki-client.org