Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/xaFoGRNzd6g6r_DaJ9dsZ7DI9xE.roa
File: xaFoGRNzd6g6r_DaJ9dsZ7DI9xE.roa (raw, json)
Hash identifier: En2BN7u7puBiQ+yDtStD94Qt7aVfDP/SNAzJSgP+gGI=
Subject key identifier: C5:A1:68:19:13:73:77:A8:3A:AF:F0:DA:27:D7:6C:67:B0:C8:F7:11
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 01892507BA699257613867535DF87025211B
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/xaFoGRNzd6g6r_DaJ9dsZ7DI9xE.roa
Signing time: Wed 05 Jul 2023 07:50:10 +0000
ROA not before: Wed 05 Jul 2023 07:50:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43009
IP address blocks: 83.166.64.0/19 maxlen: 19
83.166.65.0/24 maxlen: 24
83.166.78.0/24 maxlen: 24
83.166.79.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:07:ba:69:92:57:61:38:67:53:5d:f8:70:25:21:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: Jul 5 07:50:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5a16819137377a83aaff0da27d76c67b0c8f711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b9:93:09:13:a5:65:49:53:c4:33:b6:6e:da:
16:38:5c:47:07:c3:b3:48:1d:d1:dd:0d:78:0d:eb:
d4:30:c8:1f:5f:97:29:0f:b0:3b:b8:87:ae:a8:08:
39:32:fb:11:d8:b5:a4:df:16:8f:77:18:7a:2c:36:
9b:76:9d:57:65:fc:db:cb:9d:b2:3e:c9:86:1b:43:
1a:07:53:0c:60:41:62:06:24:1e:55:d3:fe:56:af:
e4:bd:3c:90:82:8b:a3:7a:b1:1f:bd:aa:62:43:dd:
ef:f7:56:63:46:4a:79:39:06:1d:e1:35:40:e0:82:
d2:2d:b4:b1:cf:de:cf:2e:86:9b:27:17:e3:d2:8b:
5c:15:ff:5e:c2:29:84:53:35:cc:9b:ad:58:9e:56:
a4:0b:04:7f:89:d3:1e:6a:fc:09:45:1e:e5:1d:18:
f4:15:ad:32:fc:55:92:7f:4b:8f:4a:ed:5f:60:e4:
6b:be:6d:99:e8:bb:f7:3f:ed:77:c7:b7:ee:18:1a:
a9:80:d0:07:c1:86:3c:a7:4d:75:c5:1c:ab:e7:38:
08:bb:4a:55:4a:ea:8c:97:14:25:f7:3c:7a:58:ae:
6c:9a:a8:91:01:65:4f:07:0e:33:f4:93:b2:dc:1e:
f0:10:d3:4f:3c:fd:1f:ac:5d:96:8f:b5:dd:1b:2d:
73:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A1:68:19:13:73:77:A8:3A:AF:F0:DA:27:D7:6C:67:B0:C8:F7:11
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/xaFoGRNzd6g6r_DaJ9dsZ7DI9xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.64.0/19
Signature Algorithm: sha256WithRSAEncryption
48:61:64:16:82:52:7d:b8:98:45:17:6a:88:18:99:b0:14:bc:
9a:f2:2b:80:0c:60:92:58:4b:81:95:68:44:0e:ee:48:c7:76:
77:a7:57:bf:9a:ab:49:15:94:16:bc:df:48:e0:e2:83:f7:79:
ed:6e:2d:21:04:7c:5f:d0:1c:90:d1:23:c7:12:52:1a:fa:87:
35:96:41:a8:d4:d8:27:a5:3f:9a:dd:2d:c4:e9:d0:7b:a1:67:
96:65:a6:a5:dd:d9:b6:2b:70:c9:c2:0b:aa:4d:85:f1:66:a1:
e6:4e:3c:e9:f1:d6:1e:dc:7f:fd:18:c5:91:fc:48:e0:18:5f:
a1:2f:6e:35:6f:56:e1:07:80:ac:96:9d:d7:b8:d0:be:5c:88:
ea:09:7c:3b:f5:01:f6:e5:68:e1:f2:f3:75:d3:80:14:11:7f:
65:7e:96:55:d9:97:f7:ac:28:ec:11:00:2b:a4:62:18:13:e2:
49:c7:97:90:9b:4b:0a:2f:00:d6:24:de:aa:b9:cf:7f:49:93:
1f:0f:97:9a:cd:18:91:c3:3e:9e:1b:65:82:00:e9:80:ca:de:
be:f3:96:c8:9d:04:c1:e2:ef:b9:bb:12:a0:68:c0:c0:74:0e:
93:a2:d2:f4:1e:8c:2a:42:c9:14:07:ca:52:8f:ef:dc:04:76:
ad:81:90:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYklB7ppkldhOGdTXfhwJSEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjMwNzA1MDc1MDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWExNjgxOTEzNzM3N2E4M2FhZmYwZGEyN2Q3NmM2N2IwYzhmNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7mTCROlZUlTxDO2btoWOFxHB8Oz
SB3R3Q14DevUMMgfX5cpD7A7uIeuqAg5MvsR2LWk3xaPdxh6LDabdp1XZfzby52y
PsmGG0MaB1MMYEFiBiQeVdP+Vq/kvTyQgoujerEfvapiQ93v91ZjRkp5OQYd4TVA
4ILSLbSxz97PLoabJxfj0otcFf9ewimEUzXMm61YnlakCwR/idMeavwJRR7lHRj0
Fa0y/FWSf0uPSu1fYORrvm2Z6Lv3P+13x7fuGBqpgNAHwYY8p011xRyr5zgIu0pV
SuqMlxQl9zx6WK5smqiRAWVPBw4z9JOy3B7wENNPPP0frF2Wj7XdGy1zEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWhaBkTc3eoOq/w2ifXbGewyPcRMB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEveGFGb0dSTnpkNmc2cl9EYUo5ZHNaN0RJOXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU6ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQBIYWQWglJ9uJhFF2qIGJmwFLya8iuADGCSWEuBlWhE
Du5Ix3Z3p1e/mqtJFZQWvN9I4OKD93ntbi0hBHxf0ByQ0SPHElIa+oc1lkGo1Ngn
pT+a3S3E6dB7oWeWZaal3dm2K3DJwguqTYXxZqHmTjzp8dYe3H/9GMWR/EjgGF+h
L241b1bhB4Cslp3XuNC+XIjqCXw79QH25Wjh8vN104AUEX9lfpZV2Zf3rCjsEQAr
pGIYE+JJx5eQm0sKLwDWJN6quc9/SZMfD5eazRiRwz6eG2WCAOmAyt6+85bInQTB
4u+5uxKgaMDAdA6TotL0HowqQskUB8pSj+/cBHatgZBI
-----END CERTIFICATE-----
Generated at Tue Jul 25 10:19:17 2023 by rpki-client on console-fra.rpki-client.org