Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/liCL1SBnzFlBLi5T0n3P_DT5JMw.roa
File: liCL1SBnzFlBLi5T0n3P_DT5JMw.roa (raw, json)
Hash identifier: wWFxi9W4tKxveWg8b6xrhfpeEAcTdECubUAFpYmXN8w=
Subject key identifier: 96:20:8B:D5:20:67:CC:59:41:2E:2E:53:D2:7D:CF:FC:34:F9:24:CC
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018920225DD60F2D7DA067A5C0A7B0D0AC1B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/liCL1SBnzFlBLi5T0n3P_DT5JMw.roa
Signing time: Tue 04 Jul 2023 09:01:10 +0000
ROA not before: Tue 04 Jul 2023 09:01:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3949
IP address blocks: 217.67.74.0/23 maxlen: 24
217.67.72.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:22:5d:d6:0f:2d:7d:a0:67:a5:c0:a7:b0:d0:ac:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 4 09:01:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96208bd52067cc59412e2e53d27dcffc34f924cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8d:e5:1a:81:46:73:7c:cc:32:77:52:23:77:
d1:f1:1e:fa:7c:da:28:4c:51:42:08:3f:67:68:8b:
26:a1:ae:30:9e:30:b2:4a:1f:c0:cb:f1:d8:36:91:
7f:95:9d:bb:5b:dc:8a:35:d1:cb:2d:bb:3b:7f:5d:
81:f9:52:96:84:32:ed:0f:69:4f:21:dc:91:4c:16:
02:85:af:4e:ff:8e:f6:f3:f4:42:3a:77:44:b9:a5:
c6:6a:5a:7e:a6:a2:f2:a8:58:32:0e:fd:7a:ba:de:
40:f2:c2:7f:00:0a:44:5a:e3:a4:98:f0:6c:05:b9:
78:8c:b8:37:c2:30:d9:85:77:7a:3d:30:70:16:51:
44:0c:ae:aa:3c:52:ae:90:9e:b7:ee:d1:6a:b3:72:
b3:b6:6e:52:d7:8c:83:0e:b9:a7:29:b5:41:9b:3f:
23:01:7a:95:46:45:5c:10:31:15:35:36:ca:5d:7d:
60:02:9b:63:5a:47:f6:61:0a:10:12:ad:9e:84:e5:
87:bf:2d:cc:4e:73:b7:a0:9d:ad:49:ad:35:dc:61:
db:23:7a:63:53:27:a3:d0:e1:2c:f7:15:21:43:ce:
b5:64:f8:1b:79:3f:20:13:c1:4c:b9:db:71:e6:6c:
a3:25:e5:61:30:de:60:e9:31:2f:2e:3e:f9:c0:5a:
e1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:20:8B:D5:20:67:CC:59:41:2E:2E:53:D2:7D:CF:FC:34:F9:24:CC
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/liCL1SBnzFlBLi5T0n3P_DT5JMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.72.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:15:cd:d2:76:75:72:e7:dd:64:1b:24:bf:21:2b:27:6f:f7:
6d:89:24:d7:f0:a1:6f:4e:d0:85:37:d8:df:d3:1d:3d:88:a4:
bc:1e:d3:a8:a0:27:12:47:40:d8:d4:80:d2:78:40:9b:53:fa:
96:53:04:cc:de:69:6e:2c:1c:8e:1c:34:cc:46:9a:37:a0:6e:
d3:3e:c9:f3:e8:82:03:98:65:13:56:e2:ca:e8:5a:d2:8e:e9:
b2:8c:d9:6f:11:9c:b4:23:ad:d7:c1:c7:59:5c:69:72:f4:15:
ed:23:68:ea:17:b4:9c:f9:67:1f:b9:21:83:74:6c:f1:42:85:
6d:df:9b:7e:13:1d:c8:8e:ae:6a:be:11:47:69:15:94:30:39:
af:ff:46:e3:a4:1b:59:63:11:75:82:d8:98:9e:e7:31:9d:34:
5e:97:79:db:31:fc:89:69:3a:43:2d:74:27:6d:9e:80:bf:e6:
0b:b6:37:eb:c0:43:21:61:63:a9:82:17:51:b3:44:8b:61:1e:
27:eb:9e:88:6a:0e:5b:30:b2:fc:7c:8c:aa:47:b7:2d:4e:57:
bf:79:c7:4c:21:b4:0e:0f:b6:93:a8:96:54:a1:ec:52:20:dd:
a5:7d:7e:cd:43:56:d0:9e:a9:8c:73:c2:09:25:cf:cb:2d:f6:
29:fd:a8:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkgIl3WDy19oGelwKew0KwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzA0MDkwMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjIwOGJkNTIwNjdjYzU5NDEyZTJlNTNkMjdkY2ZmYzM0ZjkyNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI3lGoFGc3zMMndSI3fR8R76fNoo
TFFCCD9naIsmoa4wnjCySh/Ay/HYNpF/lZ27W9yKNdHLLbs7f12B+VKWhDLtD2lP
IdyRTBYCha9O/4728/RCOndEuaXGalp+pqLyqFgyDv16ut5A8sJ/AApEWuOkmPBs
Bbl4jLg3wjDZhXd6PTBwFlFEDK6qPFKukJ637tFqs3Kztm5S14yDDrmnKbVBmz8j
AXqVRkVcEDEVNTbKXX1gAptjWkf2YQoQEq2ehOWHvy3MTnO3oJ2tSa013GHbI3pj
Uyej0OEs9xUhQ861ZPgbeT8gE8FMudtx5myjJeVhMN5g6TEvLj75wFrhIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYgi9UgZ8xZQS4uU9J9z/w0+STMMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvbGlDTDFTQm56RmxCTGk1VDBuM1BfRFQ1Sk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UNIMA0G
CSqGSIb3DQEBCwUAA4IBAQCoFc3SdnVy591kGyS/ISsnb/dtiSTX8KFvTtCFN9jf
0x09iKS8HtOooCcSR0DY1IDSeECbU/qWUwTM3mluLByOHDTMRpo3oG7TPsnz6IID
mGUTVuLK6FrSjumyjNlvEZy0I63XwcdZXGly9BXtI2jqF7Sc+WcfuSGDdGzxQoVt
35t+Ex3Ijq5qvhFHaRWUMDmv/0bjpBtZYxF1gtiYnucxnTRel3nbMfyJaTpDLXQn
bZ6Av+YLtjfrwEMhYWOpghdRs0SLYR4n656Iag5bMLL8fIyqR7ctTle/ecdMIbQO
D7aTqJZUoexSIN2lfX7NQ1bQnqmMc8IJJc/LLfYp/ai1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-fra.rpki-client.org