Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sjF1BBvKvoaY9hKQxtpyBMrJeP0.roa
File: sjF1BBvKvoaY9hKQxtpyBMrJeP0.roa (raw, json)
Hash identifier: V1a7e0pImFmjfUK+R0poJ0njq3+hzAD6PD0z1uRy/yQ=
Subject key identifier: B2:31:75:04:1B:CA:BE:86:98:F6:12:90:C6:DA:72:04:CA:C9:78:FD
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0185778D3B1C9381EA70CBEB4A771FB1B366
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sjF1BBvKvoaY9hKQxtpyBMrJeP0.roa
Signing time: Tue 03 Jan 2023 12:13:42 +0000
ROA not before: Tue 03 Jan 2023 12:13:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210423
IP address blocks: 84.236.234.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
94.24.46.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:8d:3b:1c:93:81:ea:70:cb:eb:4a:77:1f:b1:b3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 3 12:13:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b23175041bcabe8698f61290c6da7204cac978fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:22:8d:a7:24:cc:33:ba:55:ff:05:51:72:9c:
be:45:c3:d1:35:e0:53:c1:66:64:e0:43:bf:92:c3:
23:e7:f1:1d:63:2b:81:bf:96:b1:7a:3a:14:d8:3e:
a9:56:27:0a:5a:f0:c9:7e:ac:1b:e0:ae:30:78:3b:
10:4a:98:9b:ac:08:ec:f5:05:d5:ac:15:d1:2c:8a:
0e:85:97:32:91:f2:57:7b:15:a5:ee:5a:9b:bf:fe:
c5:3b:9a:85:28:7d:de:e6:ad:86:fb:67:92:bc:4a:
75:1b:ba:06:51:c9:26:e6:2e:4f:48:9a:ed:b9:86:
46:a0:9e:e3:de:f0:c8:b1:02:16:9c:1c:37:3e:43:
06:4b:e5:8b:4c:7f:74:59:7a:79:46:58:10:59:07:
4d:71:4d:e9:a6:6b:18:0f:42:93:c2:75:39:f4:58:
d7:22:d2:62:99:69:2e:33:41:d7:ce:bc:93:2a:88:
71:49:3f:25:2f:37:0f:36:78:21:d9:40:9f:ef:b0:
bd:11:d6:de:88:65:2e:61:4a:19:92:fb:d3:8e:a8:
59:99:7b:17:ab:17:79:97:12:26:fe:37:0d:91:43:
f4:1e:85:ec:e4:03:1a:6b:e2:ee:5e:ef:d2:1a:1f:
d7:d2:05:48:48:1b:0e:1b:5c:f2:5b:0e:76:68:1f:
64:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:31:75:04:1B:CA:BE:86:98:F6:12:90:C6:DA:72:04:CA:C9:78:FD
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sjF1BBvKvoaY9hKQxtpyBMrJeP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.234.0/23
94.24.46.0/23
95.178.112.0/22
Signature Algorithm: sha256WithRSAEncryption
57:2e:77:d8:3e:ff:da:d3:e3:c4:ee:64:c3:16:64:e9:d4:43:
9c:9e:e2:74:0d:85:f1:f1:36:15:07:e2:97:7c:5b:18:1c:7a:
4f:58:74:b8:e5:73:3b:89:aa:ca:55:8a:29:bf:3d:f6:d4:1e:
96:9a:62:8b:0b:4f:6d:cc:25:87:2b:11:d5:eb:7a:b6:55:b0:
b0:7f:83:0e:72:dd:ba:5e:23:71:41:43:7e:29:73:a0:be:9c:
c9:63:b3:1c:e6:b4:1b:37:71:6e:35:71:a2:e0:d9:04:72:a1:
27:10:d0:20:26:e6:2b:f0:b9:47:a0:77:91:31:e4:83:99:46:
10:f3:0b:91:43:1c:90:ec:4b:9b:09:b0:34:e7:6a:d4:f8:4b:
00:a5:a8:66:44:31:06:b1:78:ce:ca:1a:cc:9c:f9:c1:5f:81:
99:04:a2:c0:fa:a7:59:6b:b4:ca:20:36:21:bf:71:aa:33:d0:
eb:c3:b7:a8:c9:6c:f3:43:bb:93:0d:ba:b4:87:56:e5:32:ac:
ed:46:e1:a2:21:32:e0:72:0c:7a:16:0e:ff:84:bb:73:4c:a4:
a0:ba:a8:cb:0a:20:ea:bf:e1:a6:24:65:3d:01:ed:c0:c7:af:
ea:92:4a:9a:fa:04:6e:b9:e1:72:da:94:1c:96:76:7e:01:7a:
ad:34:56:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV3jTsck4HqcMvrSncfsbNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAzMTIxMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjMxNzUwNDFiY2FiZTg2OThmNjEyOTBjNmRhNzIwNGNhYzk3OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSKNpyTMM7pV/wVRcpy+RcPRNeBT
wWZk4EO/ksMj5/EdYyuBv5axejoU2D6pVicKWvDJfqwb4K4weDsQSpibrAjs9QXV
rBXRLIoOhZcykfJXexWl7lqbv/7FO5qFKH3e5q2G+2eSvEp1G7oGUckm5i5PSJrt
uYZGoJ7j3vDIsQIWnBw3PkMGS+WLTH90WXp5RlgQWQdNcU3ppmsYD0KTwnU59FjX
ItJimWkuM0HXzryTKohxST8lLzcPNngh2UCf77C9EdbeiGUuYUoZkvvTjqhZmXsX
qxd5lxIm/jcNkUP0HoXs5AMaa+LuXu/SGh/X0gVISBsOG1zyWw52aB9kFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLIxdQQbyr6GmPYSkMbacgTKyXj9MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvc2pGMUJCdkt2b2FZOWhLUXh0cHlCTXJKZVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVOzqAwQB
XhguAwQCX7JwMA0GCSqGSIb3DQEBCwUAA4IBAQBXLnfYPv/a0+PE7mTDFmTp1EOc
nuJ0DYXx8TYVB+KXfFsYHHpPWHS45XM7iarKVYopvz321B6WmmKLC09tzCWHKxHV
63q2VbCwf4MOct26XiNxQUN+KXOgvpzJY7Mc5rQbN3FuNXGi4NkEcqEnENAgJuYr
8LlHoHeRMeSDmUYQ8wuRQxyQ7EubCbA052rU+EsApahmRDEGsXjOyhrMnPnBX4GZ
BKLA+qdZa7TKIDYhv3GqM9Drw7eoyWzzQ7uTDbq0h1blMqztRuGiITLgcgx6Fg7/
hLtzTKSguqjLCiDqv+GmJGU9Ae3Ax6/qkkqa+gRuueFy2pQclnZ+AXqtNFan
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:02 2023 by rpki-client on console-ams.rpki-client.org