Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/izMNdvilfDuTz4s2UiDRcf5pAEE.roa
File: izMNdvilfDuTz4s2UiDRcf5pAEE.roa (raw, json)
Hash identifier: KAgGw+9ndbHnzGmvhBBxfy/UaCEBrfB88IzxeZacbDA=
Subject key identifier: 8B:33:0D:76:F8:A5:7C:3B:93:CF:8B:36:52:20:D1:71:FE:69:00:41
Certificate issuer: /CN=16fcf4866b6c85eb0cb7688edd43830f419d66a2
Certificate serial: 01856E38CA52996A79B7433AE57553F9F4E5
Authority key identifier: 16:FC:F4:86:6B:6C:85:EB:0C:B7:68:8E:DD:43:83:0F:41:9D:66:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fvz0hmtshesMt2iO3UODD0GdZqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/izMNdvilfDuTz4s2UiDRcf5pAEE.roa
Signing time: Sun 01 Jan 2023 16:44:53 +0000
ROA not before: Sun 01 Jan 2023 16:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212613
IP address blocks: 193.176.121.0/24 maxlen: 24
193.176.120.0/22 maxlen: 22
193.176.120.0/24 maxlen: 24
193.176.123.0/24 maxlen: 24
193.176.122.0/24 maxlen: 24
2a05:5a00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:ca:52:99:6a:79:b7:43:3a:e5:75:53:f9:f4:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16fcf4866b6c85eb0cb7688edd43830f419d66a2
Validity
Not Before: Jan 1 16:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b330d76f8a57c3b93cf8b365220d171fe690041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5f:2f:27:68:d5:2f:37:d1:9b:fc:9e:7b:65:
4d:35:e1:05:fa:a4:8d:88:80:09:a3:9e:bd:6e:1c:
2c:96:de:8a:3e:f3:d9:06:52:9a:7d:ed:fa:30:5d:
c3:23:33:9f:f4:38:0b:ff:26:6c:7f:ee:e6:bd:f3:
f9:9f:92:d8:99:eb:d1:f0:9f:72:01:b8:78:69:cc:
a3:e1:97:e6:d8:a6:93:14:4f:47:50:55:d8:57:c4:
0f:aa:b7:ce:bf:16:c3:40:29:7e:cb:51:df:ff:80:
95:c3:93:57:27:85:be:12:b8:61:39:78:73:d5:35:
25:9d:36:10:b2:df:f2:e4:b7:9b:9d:94:6e:c4:c4:
3e:70:cb:9a:14:82:12:3a:e4:e0:59:58:75:b7:4b:
3b:62:0b:1c:ae:cc:7a:ad:5a:3f:da:a9:60:66:ce:
af:bf:89:0e:da:fb:df:ba:db:97:cc:2e:08:1e:25:
b6:e1:67:29:9f:11:f2:6b:b1:c8:c9:71:79:c5:9b:
67:c5:48:da:0d:6e:a2:c0:1a:88:f3:15:bd:2b:c5:
a9:59:a0:e8:ca:a0:a7:2f:65:7e:7b:c9:0c:05:13:
79:b9:1f:55:ca:2f:99:f9:56:63:dd:7d:02:10:a5:
80:32:66:a5:92:a9:bb:5d:8e:e2:7c:48:30:c9:13:
00:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:33:0D:76:F8:A5:7C:3B:93:CF:8B:36:52:20:D1:71:FE:69:00:41
X509v3 Authority Key Identifier:
keyid:16:FC:F4:86:6B:6C:85:EB:0C:B7:68:8E:DD:43:83:0F:41:9D:66:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fvz0hmtshesMt2iO3UODD0GdZqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/izMNdvilfDuTz4s2UiDRcf5pAEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/Fvz0hmtshesMt2iO3UODD0GdZqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.120.0/22
IPv6:
2a05:5a00::/29
Signature Algorithm: sha256WithRSAEncryption
06:ae:e0:74:22:ab:95:13:2d:98:44:ef:18:31:f8:ea:f1:1b:
66:58:ba:5d:c0:98:84:03:ae:d1:99:84:1a:83:9c:8c:93:01:
d4:0c:54:bf:14:e9:de:c4:c6:c4:51:7b:ee:90:ea:ee:78:5a:
c7:9e:4c:53:1a:bc:99:51:9a:9a:3c:ea:da:b9:79:f5:34:40:
d3:2b:2a:f1:c4:16:a1:ed:66:cb:97:a5:a5:d4:e4:a3:f5:24:
73:e9:f9:fc:f5:a2:53:e7:da:8b:16:08:59:3e:ba:8a:f6:bb:
eb:a8:c3:29:da:c1:a6:d1:f3:0a:39:89:7f:d4:aa:7c:26:14:
90:0b:55:d1:e7:4d:1a:af:7b:a5:22:b0:70:27:50:d0:4b:10:
f0:e5:8d:57:ce:28:58:95:28:8c:86:68:75:23:29:22:0c:bd:
59:45:38:fe:d7:d3:82:b5:d9:a7:92:42:8a:33:fe:81:25:d4:
d8:e6:38:92:0a:54:d3:63:52:ca:44:6f:f5:9e:01:16:fe:fb:
65:fd:83:f8:3b:d9:ac:ea:15:28:a9:c8:b6:e6:af:86:11:6f:
68:0b:12:07:0e:21:07:22:41:c8:40:8e:83:98:59:60:9a:eb:
50:9e:b9:01:e4:f5:76:c4:11:b7:6d:da:a7:a2:b9:62:50:31:
66:f2:7e:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuOMpSmWp5t0M65XVT+fTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZmNmNDg2NmI2Yzg1ZWIwY2I3Njg4ZWRkNDM4MzBmNDE5
ZDY2YTIwHhcNMjMwMTAxMTY0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMzMGQ3NmY4YTU3YzNiOTNjZjhiMzY1MjIwZDE3MWZlNjkwMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF8vJ2jVLzfRm/yee2VNNeEF+qSN
iIAJo569bhwslt6KPvPZBlKafe36MF3DIzOf9DgL/yZsf+7mvfP5n5LYmevR8J9y
Abh4acyj4Zfm2KaTFE9HUFXYV8QPqrfOvxbDQCl+y1Hf/4CVw5NXJ4W+ErhhOXhz
1TUlnTYQst/y5LebnZRuxMQ+cMuaFIISOuTgWVh1t0s7Ygscrsx6rVo/2qlgZs6v
v4kO2vvfutuXzC4IHiW24WcpnxHya7HIyXF5xZtnxUjaDW6iwBqI8xW9K8WpWaDo
yqCnL2V+e8kMBRN5uR9Vyi+Z+VZj3X0CEKWAMmalkqm7XY7ifEgwyRMALwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIszDXb4pXw7k8+LNlIg0XH+aQBBMB8GA1UdIwQY
MBaAFBb89IZrbIXrDLdojt1Dgw9BnWaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnZ6MGhtdHNoZXNNdDJpTzNVT0REMEdkWnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mYzg4ODMtYWFkMi00MThiLTliODct
ZWEyMTZiYTI1OTRkLzEvaXpNTmR2aWxmRHVUejRzMlVpRFJjZjVwQUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mYzg4ODMtYWFkMi00MThiLTliODctZWEyMTZiYTI1OTRk
LzEvRnZ6MGhtdHNoZXNNdDJpTzNVT0REMEdkWnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwbB4MA0E
AgACMAcDBQMqBVoAMA0GCSqGSIb3DQEBCwUAA4IBAQAGruB0IquVEy2YRO8YMfjq
8RtmWLpdwJiEA67RmYQag5yMkwHUDFS/FOnexMbEUXvukOrueFrHnkxTGryZUZqa
POrauXn1NEDTKyrxxBah7WbLl6Wl1OSj9SRz6fn89aJT59qLFghZPrqK9rvrqMMp
2sGm0fMKOYl/1Kp8JhSQC1XR500ar3ulIrBwJ1DQSxDw5Y1XzihYlSiMhmh1Iyki
DL1ZRTj+19OCtdmnkkKKM/6BJdTY5jiSClTTY1LKRG/1ngEW/vtl/YP4O9ms6hUo
qci25q+GEW9oCxIHDiEHIkHIQI6DmFlgmutQnrkB5PV2xBG3bdqnorliUDFm8n4Q
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:33 2024 by rpki-client on console-ams.rpki-client.org