Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/iYWwteBgejdnSy77Vef2KMYzLPw.roa
File: iYWwteBgejdnSy77Vef2KMYzLPw.roa (raw, json)
Hash identifier: dNr9TZZYvvMCLfG92McDCbMnyQSNyw23U/nVp9kDVxk=
Subject key identifier: 89:85:B0:B5:E0:60:7A:37:67:4B:2E:FB:55:E7:F6:28:C6:33:2C:FC
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F10B865C5F19FE93E4D85C84BC7C80
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/iYWwteBgejdnSy77Vef2KMYzLPw.roa
Signing time: Mon 02 Jan 2023 10:05:00 +0000
ROA not before: Mon 02 Jan 2023 10:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210423
IP address blocks: 84.236.234.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:0b:86:5c:5f:19:fe:93:e4:d8:5c:84:bc:7c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8985b0b5e0607a37674b2efb55e7f628c6332cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ec:cd:85:38:a9:91:d2:05:b8:21:f9:ff:3b:
5f:93:0d:0f:59:37:97:a8:13:96:37:6a:6f:9c:eb:
17:a9:42:89:a9:51:3a:91:92:63:7b:16:dc:c4:2d:
da:1c:1a:cb:46:af:63:e8:ac:18:b8:d0:43:68:68:
1b:e1:3b:de:fe:38:13:dc:da:55:06:3b:43:a9:57:
07:50:7d:d6:46:6d:ec:b6:15:13:17:59:e4:6d:31:
80:7d:82:e3:2f:d2:bc:35:86:cd:e5:62:44:a1:90:
03:8e:27:77:87:50:e4:bd:f8:19:01:d6:2a:79:77:
99:dc:ac:f1:8f:3a:d1:b0:22:aa:3f:1a:4e:5f:b2:
50:41:b5:28:10:3e:68:f4:de:b4:d4:5c:ed:f9:85:
ff:3c:67:a2:7f:b1:56:23:3b:49:49:db:84:4f:b6:
e0:8d:d6:9a:49:85:fd:48:1c:2f:77:27:0a:90:f0:
08:1b:84:c6:51:44:38:ee:b2:13:be:8e:ce:a1:60:
c5:40:50:65:f1:43:45:3c:dd:e6:a9:07:d0:4d:ec:
f8:14:28:9c:36:8c:2a:a5:fb:6e:6d:4e:d9:df:02:
61:91:c8:02:ca:b6:b1:7c:ee:cc:3d:c0:92:aa:0b:
91:b9:ac:21:03:a4:39:11:44:f5:b8:91:49:61:b3:
20:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:85:B0:B5:E0:60:7A:37:67:4B:2E:FB:55:E7:F6:28:C6:33:2C:FC
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/iYWwteBgejdnSy77Vef2KMYzLPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.234.0/23
95.178.112.0/22
Signature Algorithm: sha256WithRSAEncryption
74:40:67:52:aa:45:f7:c6:56:5a:61:a3:5b:38:8a:88:cd:b0:
f0:9b:7b:e7:19:6c:c6:af:d3:15:96:2c:5e:df:b5:dd:7c:82:
be:4b:77:b2:ff:42:d7:a0:88:69:33:90:8c:49:5f:95:36:13:
aa:71:a6:0a:2f:45:fd:ec:f2:87:07:d6:23:2d:53:0d:fd:45:
c6:5e:5e:8c:c5:2b:0e:2d:2e:5e:06:61:29:f6:c8:df:97:68:
82:19:55:76:27:61:a8:1d:fe:3d:a9:17:26:6b:75:1d:f2:20:
4a:ad:4d:e6:cd:b8:f8:f6:94:42:83:3e:0a:2e:9f:0b:eb:e1:
ed:16:09:7f:34:d8:fd:ac:27:d4:2c:5d:35:79:7d:20:7b:dd:
81:37:f2:d2:15:81:06:17:f1:7e:1f:5c:85:68:11:7a:70:5b:
b1:26:73:1d:41:ff:c9:9f:39:2e:dc:d7:97:d3:69:c3:41:ff:
81:e5:d8:ff:02:29:0c:a7:13:18:b5:5a:68:7b:cf:40:64:3e:
d0:74:2c:d2:79:5d:7b:6a:d4:64:29:71:c4:2b:5f:28:58:8c:
6e:a4:af:26:91:86:96:c3:0d:4a:c3:69:48:be:1b:c0:bf:07:
7b:96:6b:6e:77:6f:21:99:6a:77:07:45:e2:1f:af:f2:89:11:
69:ef:d2:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx8QuGXF8Z/pPk2FyEvHyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTg1YjBiNWUwNjA3YTM3Njc0YjJlZmI1NWU3ZjYyOGM2MzMyY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuzNhTipkdIFuCH5/ztfkw0PWTeX
qBOWN2pvnOsXqUKJqVE6kZJjexbcxC3aHBrLRq9j6KwYuNBDaGgb4Tve/jgT3NpV
BjtDqVcHUH3WRm3sthUTF1nkbTGAfYLjL9K8NYbN5WJEoZADjid3h1DkvfgZAdYq
eXeZ3KzxjzrRsCKqPxpOX7JQQbUoED5o9N601Fzt+YX/PGeif7FWIztJSduET7bg
jdaaSYX9SBwvdycKkPAIG4TGUUQ47rITvo7OoWDFQFBl8UNFPN3mqQfQTez4FCic
NowqpftubU7Z3wJhkcgCyraxfO7MPcCSqguRuawhA6Q5EUT1uJFJYbMgOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImFsLXgYHo3Z0su+1Xn9ijGMyz8MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvaVlXd3RlQmdlamRuU3k3N1ZlZjJLTVl6TFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVOzqAwQC
X7JwMA0GCSqGSIb3DQEBCwUAA4IBAQB0QGdSqkX3xlZaYaNbOIqIzbDwm3vnGWzG
r9MVlixe37XdfIK+S3ey/0LXoIhpM5CMSV+VNhOqcaYKL0X97PKHB9YjLVMN/UXG
Xl6MxSsOLS5eBmEp9sjfl2iCGVV2J2GoHf49qRcma3Ud8iBKrU3mzbj49pRCgz4K
Lp8L6+HtFgl/NNj9rCfULF01eX0ge92BN/LSFYEGF/F+H1yFaBF6cFuxJnMdQf/J
nzku3NeX02nDQf+B5dj/AikMpxMYtVpoe89AZD7QdCzSeV17atRkKXHEK18oWIxu
pK8mkYaWww1Kw2lIvhvAvwd7lmtud28hmWp3B0XiH6/yiRFp79IY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org