Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/c9SUsG1p7y5dgnO6QUEupjHIIVM.roa
File: c9SUsG1p7y5dgnO6QUEupjHIIVM.roa (raw, json)
Hash identifier: ZdEiH6Z9g1PTTzGiLEdUXKd+iDrZSEtVnbB7hCMhZVA=
Subject key identifier: 73:D4:94:B0:6D:69:EF:2E:5D:82:73:BA:41:41:2E:A6:31:C8:21:53
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01867A8C418CF3D71D503F8E4E62791903D2
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/c9SUsG1p7y5dgnO6QUEupjHIIVM.roa
Signing time: Wed 22 Feb 2023 19:14:17 +0000
ROA not before: Wed 22 Feb 2023 19:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197518
IP address blocks: 185.255.200.0/22 maxlen: 22
185.199.212.0/22 maxlen: 24
188.95.248.0/21 maxlen: 21
130.193.104.0/24 maxlen: 24
130.193.104.0/21 maxlen: 21
130.193.108.0/24 maxlen: 24
2a03:680::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:8c:41:8c:f3:d7:1d:50:3f:8e:4e:62:79:19:03:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Feb 22 19:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73d494b06d69ef2e5d8273ba41412ea631c82153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:64:e5:c6:15:26:10:28:15:a9:29:95:89:01:
8e:af:29:64:4c:e1:e8:73:7d:3a:7b:34:2d:96:a0:
fd:18:6c:87:8c:c0:79:87:45:08:5c:52:b4:c0:c0:
ef:49:5a:38:e7:fc:6a:f9:4a:1f:1d:5b:3b:52:83:
a0:e0:b5:63:01:34:82:98:9d:d0:a4:86:44:ee:cc:
20:b2:7d:50:cb:c5:e8:ed:05:e3:db:4e:76:d6:ad:
29:7a:99:c0:bf:cd:c1:82:c4:36:3e:34:6a:65:31:
f2:f9:c0:e9:06:ec:05:da:1a:c4:a1:ce:f6:01:d7:
52:42:71:d5:ec:5a:2b:e1:9b:c3:51:bf:90:22:12:
65:c2:92:7d:3b:e3:b5:ae:a7:69:84:ff:72:ee:e5:
6f:fa:27:a2:3e:a5:9b:9f:4a:ca:9b:ef:c5:85:7f:
4c:d5:2d:34:69:8c:8a:c2:53:af:39:23:e1:23:c3:
bf:2e:fc:5f:2a:43:2f:4a:fb:ff:97:f9:87:df:f3:
c4:f3:a6:7b:30:16:81:e0:2c:4f:64:ca:bd:c2:35:
e5:2b:37:68:26:65:b9:a2:ac:6d:46:c7:60:79:b6:
49:33:dd:94:82:aa:66:e5:0a:ce:af:34:42:87:90:
a4:9f:bf:4a:27:60:2d:e6:99:75:10:e8:d3:82:82:
b7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D4:94:B0:6D:69:EF:2E:5D:82:73:BA:41:41:2E:A6:31:C8:21:53
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/c9SUsG1p7y5dgnO6QUEupjHIIVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.104.0/21
185.199.212.0/22
185.255.200.0/22
188.95.248.0/21
IPv6:
2a03:680::/32
Signature Algorithm: sha256WithRSAEncryption
5f:d0:ea:64:96:41:d0:89:f5:5c:c8:b6:24:38:98:76:c1:b3:
c3:0e:42:a4:05:07:01:ac:81:6e:45:7b:1d:89:7e:ee:e4:74:
36:93:f8:ea:39:75:25:65:e9:f0:7b:7a:8a:70:54:1e:cb:09:
56:cc:7b:89:64:0f:3f:4c:bc:d1:81:d9:fe:04:75:64:d8:2e:
e4:61:c7:7e:bc:fd:cf:d8:a0:c7:34:8a:e3:69:bb:8d:9b:d4:
bd:e9:90:94:a9:30:7b:26:73:07:69:30:73:e2:88:4f:96:91:
88:ac:1e:f6:c5:8c:c7:f0:ab:28:32:67:64:39:9c:ef:b3:22:
7a:3c:0b:e3:af:95:0d:10:ca:40:f7:28:8b:2d:b8:93:48:82:
f6:93:6e:c0:c8:de:cd:d6:5e:45:d1:77:5c:e5:9f:f7:95:1d:
1e:5a:a4:d1:23:ec:75:ba:c9:94:6a:f1:a3:05:01:8f:19:72:
f8:5c:61:d4:5f:e5:ab:6d:16:80:01:f2:94:b1:58:0c:ab:dd:
72:cc:f3:45:a9:5a:ad:31:37:43:77:7e:98:19:47:ee:b8:da:
bf:27:da:95:a8:81:4e:f6:34:d3:83:73:83:43:e1:a0:48:9c:
5e:66:9a:09:c3:76:f3:c2:ba:65:22:4a:75:4e:5b:e2:9c:34:
94:65:f5:9c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYZ6jEGM89cdUD+OTmJ5GQPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMjIyMTkxNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Q0OTRiMDZkNjllZjJlNWQ4MjczYmE0MTQxMmVhNjMxYzgyMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmTlxhUmECgVqSmViQGOrylkTOHo
c306ezQtlqD9GGyHjMB5h0UIXFK0wMDvSVo45/xq+UofHVs7UoOg4LVjATSCmJ3Q
pIZE7swgsn1Qy8Xo7QXj20521q0pepnAv83BgsQ2PjRqZTHy+cDpBuwF2hrEoc72
AddSQnHV7For4ZvDUb+QIhJlwpJ9O+O1rqdphP9y7uVv+ieiPqWbn0rKm+/FhX9M
1S00aYyKwlOvOSPhI8O/LvxfKkMvSvv/l/mH3/PE86Z7MBaB4CxPZMq9wjXlKzdo
JmW5oqxtRsdgebZJM92Ugqpm5QrOrzRCh5Ckn79KJ2At5pl1EOjTgoK3wQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHPUlLBtae8uXYJzukFBLqYxyCFTMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvYzlTVXNHMXA3eTVkZ25PNlFVRXVwakhJSVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDgsFoAwQC
ucfUAwQCuf/IAwQDvF/4MA0EAgACMAcDBQAqAwaAMA0GCSqGSIb3DQEBCwUAA4IB
AQBf0OpklkHQifVcyLYkOJh2wbPDDkKkBQcBrIFuRXsdiX7u5HQ2k/jqOXUlZenw
e3qKcFQeywlWzHuJZA8/TLzRgdn+BHVk2C7kYcd+vP3P2KDHNIrjabuNm9S96ZCU
qTB7JnMHaTBz4ohPlpGIrB72xYzH8KsoMmdkOZzvsyJ6PAvjr5UNEMpA9yiLLbiT
SIL2k27AyN7N1l5F0Xdc5Z/3lR0eWqTRI+x1usmUavGjBQGPGXL4XGHUX+WrbRaA
AfKUsVgMq91yzPNFqVqtMTdDd36YGUfuuNq/J9qVqIFO9jTTg3ODQ+GgSJxeZpoJ
w3bzwrplIkp1TlvinDSUZfWc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org