Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/DB9NQMOHDIKy1X94M7o4B93-mWA.roa
File: DB9NQMOHDIKy1X94M7o4B93-mWA.roa (raw, json)
Hash identifier: BMBcR9juG8oYlGvHR+KW4zu8NsAMSWDBlvJwx13uOqk=
Subject key identifier: 0C:1F:4D:40:C3:87:0C:82:B2:D5:7F:78:33:BA:38:07:DD:FE:99:60
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018570D5164D2E8C8A68BF767BF129BF82F4
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/DB9NQMOHDIKy1X94M7o4B93-mWA.roa
Signing time: Mon 02 Jan 2023 04:54:51 +0000
ROA not before: Mon 02 Jan 2023 04:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58431
IP address blocks: 5.226.176.0/21 maxlen: 24
178.237.166.0/23 maxlen: 24
2a03:a860:a00::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:16:4d:2e:8c:8a:68:bf:76:7b:f1:29:bf:82:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 2 04:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c1f4d40c3870c82b2d57f7833ba3807ddfe9960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:17:1c:7f:a2:5c:2e:99:a4:42:fa:2a:33:33:
d3:dc:fb:83:ab:2f:86:b3:4b:8a:c1:45:49:1a:37:
cd:1f:62:5c:1d:71:ea:7c:f6:fd:d9:4c:2c:cc:f6:
b3:53:e7:a4:78:ce:f0:72:d9:00:fb:1f:9f:87:3e:
ab:4b:22:63:a4:37:9a:ad:fa:99:0f:1a:d2:69:13:
84:64:5c:b7:5f:dd:4d:cf:62:4d:09:14:be:4e:08:
45:1f:f2:98:45:43:a7:58:80:09:f8:85:17:a9:54:
33:15:45:a4:66:ef:d0:ca:fa:2a:45:cb:c3:ed:18:
1e:ba:df:59:db:ff:9b:e6:ae:c5:1d:aa:a4:3b:8e:
c7:73:04:73:b4:c9:ba:b5:ea:1f:1a:93:b6:70:5b:
27:0e:b9:7c:27:8a:18:83:21:48:c1:70:66:ba:62:
62:25:b7:aa:65:f0:4d:f2:eb:36:5e:3e:46:03:2a:
07:b9:57:f4:f4:bd:a5:c1:38:94:f1:7e:9f:66:a5:
54:0d:c1:cd:fb:31:68:bc:19:2d:c5:64:6d:31:7a:
11:6d:46:49:e3:9d:a4:b7:33:b1:2d:fd:b5:bb:50:
e2:c7:c3:d8:77:eb:2c:27:9d:6a:79:f1:31:b9:1c:
61:7d:00:de:3d:19:0c:ba:c2:97:ec:59:50:87:51:
70:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1F:4D:40:C3:87:0C:82:B2:D5:7F:78:33:BA:38:07:DD:FE:99:60
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/DB9NQMOHDIKy1X94M7o4B93-mWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.176.0/21
178.237.166.0/23
IPv6:
2a03:a860:a00::/40
Signature Algorithm: sha256WithRSAEncryption
77:93:e6:0b:f7:54:ad:ae:1e:0c:f0:09:34:fa:18:f7:af:07:
89:67:cf:80:b3:ea:76:8f:be:d5:2a:77:d0:fd:03:07:6d:ec:
9a:0a:5d:74:e1:f1:bd:eb:32:d0:42:8f:93:69:1d:c9:db:2f:
ec:b1:41:fc:7f:7f:6e:3a:11:ae:35:cc:bf:12:0d:da:88:e0:
b1:39:a4:76:34:e1:d0:f9:19:3c:e7:21:1c:0b:26:42:1d:04:
db:0f:92:f9:31:a2:3b:30:bc:bd:02:1c:03:e6:46:17:88:56:
a3:2d:3d:54:c4:40:74:a5:71:5f:72:da:7d:e7:e4:87:56:5b:
5f:4d:cc:d0:6f:9e:34:dc:5e:23:5d:96:9b:81:8c:da:60:13:
c8:3e:46:65:da:82:d4:d1:a8:a6:2e:96:61:c8:e2:72:0a:a3:
9e:a0:28:41:b0:22:65:9a:1e:1a:6b:4b:d3:43:48:05:c1:d5:
6a:3d:32:69:d5:f7:42:8d:a3:42:e6:74:7e:61:84:cf:cf:e3:
30:8b:a6:de:05:9e:19:08:e1:50:cf:e5:ca:1c:76:da:f5:0b:
5a:4c:ee:12:98:b3:81:92:fb:db:7f:47:94:16:f9:ea:9b:0d:
60:59:15:f8:5d:89:92:07:bd:3e:da:80:26:25:74:2d:4c:26:
94:43:d6:0a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVw1RZNLoyKaL92e/Epv4L0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjMwMTAyMDQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzFmNGQ0MGMzODcwYzgyYjJkNTdmNzgzM2JhMzgwN2RkZmU5OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxccf6JcLpmkQvoqMzPT3PuDqy+G
s0uKwUVJGjfNH2JcHXHqfPb92UwszPazU+ekeM7wctkA+x+fhz6rSyJjpDearfqZ
DxrSaROEZFy3X91Nz2JNCRS+TghFH/KYRUOnWIAJ+IUXqVQzFUWkZu/QyvoqRcvD
7Rgeut9Z2/+b5q7FHaqkO47HcwRztMm6teofGpO2cFsnDrl8J4oYgyFIwXBmumJi
JbeqZfBN8us2Xj5GAyoHuVf09L2lwTiU8X6fZqVUDcHN+zFovBktxWRtMXoRbUZJ
452ktzOxLf21u1Dix8PYd+ssJ51qefExuRxhfQDePRkMusKX7FlQh1Fw2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAwfTUDDhwyCstV/eDO6OAfd/plgMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvREI5TlFNT0hESUt5MVg5NE03bzRCOTMtbVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDBeKwAwQB
su2mMA4EAgACMAgDBgAqA6hgCjANBgkqhkiG9w0BAQsFAAOCAQEAd5PmC/dUra4e
DPAJNPoY968HiWfPgLPqdo++1Sp30P0DB23smgpddOHxvesy0EKPk2kdydsv7LFB
/H9/bjoRrjXMvxIN2ojgsTmkdjTh0PkZPOchHAsmQh0E2w+S+TGiOzC8vQIcA+ZG
F4hWoy09VMRAdKVxX3Lafefkh1ZbX03M0G+eNNxeI12Wm4GM2mATyD5GZdqC1NGo
pi6WYcjicgqjnqAoQbAiZZoeGmtL00NIBcHVaj0yadX3Qo2jQuZ0fmGEz8/jMIum
3gWeGQjhUM/lyhx22vULWkzuEpizgZL7239HlBb56psNYFkV+F2Jkge9PtqAJiV0
LUwmlEPWCg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:01 2024 by rpki-client on console-fra.rpki-client.org