Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/7SoYF2UBXQv61kfoAWaGFgPeaVs.roa
File: 7SoYF2UBXQv61kfoAWaGFgPeaVs.roa (raw, json)
Hash identifier: ldYUjH3x1diRuFcmqgYCiVk9NiGd2fLftw3iKsxz+cY=
Subject key identifier: ED:2A:18:17:65:01:5D:0B:FA:D6:47:E8:01:66:86:16:03:DE:69:5B
Certificate issuer: /CN=7373c1ff55403d4792346493f769f8d033bef02c
Certificate serial: 01856CAF2AF5660E77E09DAE475E756FDF41
Authority key identifier: 73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/7SoYF2UBXQv61kfoAWaGFgPeaVs.roa
Signing time: Sun 01 Jan 2023 09:34:57 +0000
ROA not before: Sun 01 Jan 2023 09:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 193.201.70.0/23 maxlen: 23
213.230.192.0/18 maxlen: 32
2a01:70::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:2a:f5:66:0e:77:e0:9d:ae:47:5e:75:6f:df:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7373c1ff55403d4792346493f769f8d033bef02c
Validity
Not Before: Jan 1 09:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed2a181765015d0bfad647e80166861603de695b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:da:1d:ec:3c:7e:61:56:fc:7f:cd:51:b6:69:
0e:19:1b:40:1d:d9:03:15:ff:79:58:b9:65:a4:f3:
9d:52:47:9d:75:e5:50:4a:52:a9:61:48:50:b4:a3:
a3:f1:62:6f:32:66:74:50:ab:14:3b:9f:ac:e4:7f:
e7:43:e0:51:94:3d:02:17:dd:27:04:57:81:e8:17:
ea:e3:38:f4:52:cf:7f:00:ae:eb:11:55:9e:12:4b:
de:a8:a3:d8:44:2f:1a:62:46:4f:9d:50:2f:9a:51:
68:39:6c:3b:b6:f9:99:42:1f:61:4c:48:72:96:e2:
a3:43:c8:93:b8:1e:f1:59:84:83:51:0c:75:1a:ad:
cf:f1:e0:f3:88:96:00:26:42:f6:b7:23:76:d4:a0:
31:fb:be:88:60:cc:9c:a8:41:aa:06:c5:92:bd:99:
a0:4a:3a:01:24:3d:61:f1:72:b4:d0:3e:7c:64:1a:
3e:e3:e7:56:ad:7b:f1:9e:5b:a5:89:d3:aa:64:c3:
75:2b:ad:d7:d7:b8:f0:0f:98:76:5d:1c:1f:ba:90:
62:48:93:b0:40:d4:2d:ca:74:49:f3:4c:96:b3:64:
9b:1d:2a:e9:8b:cf:50:ad:c5:7e:27:61:38:b8:80:
7e:fe:78:3e:3f:68:35:0a:07:b8:3c:53:0a:f1:8f:
56:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:2A:18:17:65:01:5D:0B:FA:D6:47:E8:01:66:86:16:03:DE:69:5B
X509v3 Authority Key Identifier:
keyid:73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/7SoYF2UBXQv61kfoAWaGFgPeaVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.70.0/23
213.230.192.0/18
IPv6:
2a01:70::/32
Signature Algorithm: sha256WithRSAEncryption
0b:14:8d:86:ac:f3:3f:d3:29:b0:35:03:18:76:aa:14:4b:c2:
c7:d4:37:a7:62:c6:af:87:8f:5f:67:2b:d6:fd:92:44:9c:18:
3b:8b:81:b9:e7:8b:46:9d:b1:87:16:1c:11:ba:61:38:5a:4f:
a3:3f:19:d6:a7:ec:7c:88:6d:a8:e2:23:54:15:bb:ca:7b:6b:
25:f7:d7:0b:54:71:a8:66:a0:7a:07:55:13:9c:7c:44:6c:97:
1c:c7:ec:19:5c:4a:ff:ad:19:c9:71:e8:93:bf:37:c7:7f:87:
80:65:20:bb:77:e6:12:4b:9c:0e:9a:a2:f6:29:15:ab:c6:4d:
b1:ac:23:da:0c:73:8a:75:7a:dc:eb:b0:04:84:89:85:db:e9:
ec:68:40:ca:7b:da:9d:fa:a7:3b:a5:2f:bb:aa:84:c3:cb:b3:
47:6d:85:e5:d1:c8:4d:78:ef:c8:69:e4:75:ce:63:cd:e8:02:
ec:ff:65:95:70:6c:fa:3a:f8:f7:ab:af:31:37:8d:3b:2f:81:
9d:bb:76:20:25:53:c2:22:fd:50:05:66:01:5f:2f:e6:6c:b6:
c2:a3:c1:d1:5e:32:b4:98:4b:0f:18:50:56:90:9f:7c:67:94:
ac:65:17:98:79:ea:0a:e1:26:fc:ed:92:20:c8:48:de:1a:5c:
34:ea:96:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsryr1Zg534J2uR151b99BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNzNjMWZmNTU0MDNkNDc5MjM0NjQ5M2Y3NjlmOGQwMzNi
ZWYwMmMwHhcNMjMwMTAxMDkzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDJhMTgxNzY1MDE1ZDBiZmFkNjQ3ZTgwMTY2ODYxNjAzZGU2OTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitod7Dx+YVb8f81RtmkOGRtAHdkD
Ff95WLllpPOdUkeddeVQSlKpYUhQtKOj8WJvMmZ0UKsUO5+s5H/nQ+BRlD0CF90n
BFeB6Bfq4zj0Us9/AK7rEVWeEkveqKPYRC8aYkZPnVAvmlFoOWw7tvmZQh9hTEhy
luKjQ8iTuB7xWYSDUQx1Gq3P8eDziJYAJkL2tyN21KAx+76IYMycqEGqBsWSvZmg
SjoBJD1h8XK00D58ZBo+4+dWrXvxnlulidOqZMN1K63X17jwD5h2XRwfupBiSJOw
QNQtynRJ80yWs2SbHSrpi89QrcV+J2E4uIB+/ng+P2g1Cge4PFMK8Y9WuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO0qGBdlAV0L+tZH6AFmhhYD3mlbMB8GA1UdIwQY
MBaAFHNzwf9VQD1HkjRkk/dp+NAzvvAsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzNQQl8xVkFQVWVTTkdTVDkybjQwRE8tOEN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xYWZmMTAtZGQyOS00MzlmLThkMjMt
YmM5YTVmNjYwNWZjLzEvN1NvWUYyVUJYUXY2MWtmb0FXYUdGZ1BlYVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xYWZmMTAtZGQyOS00MzlmLThkMjMtYmM5YTVmNjYwNWZj
LzEvYzNQQl8xVkFQVWVTTkdTVDkybjQwRE8tOEN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwclGAwQG
1ebAMA0EAgACMAcDBQAqAQBwMA0GCSqGSIb3DQEBCwUAA4IBAQALFI2GrPM/0ymw
NQMYdqoUS8LH1DenYsavh49fZyvW/ZJEnBg7i4G554tGnbGHFhwRumE4Wk+jPxnW
p+x8iG2o4iNUFbvKe2sl99cLVHGoZqB6B1UTnHxEbJccx+wZXEr/rRnJceiTvzfH
f4eAZSC7d+YSS5wOmqL2KRWrxk2xrCPaDHOKdXrc67AEhImF2+nsaEDKe9qd+qc7
pS+7qoTDy7NHbYXl0chNeO/IaeR1zmPN6ALs/2WVcGz6Ovj3q68xN407L4Gdu3Yg
JVPCIv1QBWYBXy/mbLbCo8HRXjK0mEsPGFBWkJ98Z5SsZReYeeoK4Sb87ZIgyEje
Glw06paA
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:45 2024 by rpki-client on console-ams.rpki-client.org