Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/m2_i9vEbw1COlHxYzvALeXTcEhg.roa
File: m2_i9vEbw1COlHxYzvALeXTcEhg.roa (raw, json)
Hash identifier: 4osqywtR3llY4r4yZM69DBAroDCDuE9+nxTJblzaI/U=
Subject key identifier: 9B:6F:E2:F6:F1:1B:C3:50:8E:94:7C:58:CE:F0:0B:79:74:DC:12:18
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 0187BD92B6E1399A9CE0D14C2559457BE89E
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/m2_i9vEbw1COlHxYzvALeXTcEhg.roa
Signing time: Wed 26 Apr 2023 12:38:41 +0000
ROA not before: Wed 26 Apr 2023 12:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16097
IP address blocks: 153.96.84.0/23 maxlen: 23
153.96.86.0/24 maxlen: 24
129.233.172.0/24 maxlen: 24
153.96.132.0/24 maxlen: 24
153.96.27.0/24 maxlen: 24
129.233.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:92:b6:e1:39:9a:9c:e0:d1:4c:25:59:45:7b:e8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Apr 26 12:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b6fe2f6f11bc3508e947c58cef00b7974dc1218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7f:d4:46:55:a2:32:7c:62:27:58:1d:22:8f:
8d:45:64:ab:0a:3a:d1:26:4e:ef:82:39:cd:8d:72:
0c:0f:ea:97:b8:3a:67:e0:a1:10:8c:cf:d5:c3:b5:
83:95:a9:0e:14:9c:98:9d:3f:30:a9:48:01:28:e8:
6c:64:27:33:2f:f4:1b:2b:bd:93:e8:84:33:ca:8f:
5a:8a:03:1c:cb:b1:4f:6d:56:d6:d8:db:54:56:12:
e2:2d:34:72:11:bf:9f:69:d9:c4:5d:c8:f6:41:2a:
01:ca:88:2c:fa:3f:1f:b2:c5:0e:e8:ee:0c:63:0d:
93:3f:46:56:bb:61:a1:cc:a8:d0:e8:f9:7c:0d:dc:
55:3e:95:0f:1d:05:bc:8a:fd:14:8b:be:a0:04:8b:
f2:fb:94:08:46:75:22:7c:d4:87:3d:08:6e:e8:2b:
a4:d3:7a:24:66:39:db:98:31:ff:cd:72:9b:15:7f:
25:91:70:06:5d:45:51:0c:b6:b8:86:29:d7:82:c6:
5f:e2:32:b4:22:e3:06:2b:5c:14:03:52:e2:51:47:
7d:29:d7:e4:67:9c:56:9b:ab:c4:06:cb:48:7c:e8:
2c:dc:7c:32:86:7b:34:b6:3e:fd:d4:14:f3:35:4c:
08:96:ab:03:ac:f8:ab:ac:95:fc:60:da:ef:74:b5:
21:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6F:E2:F6:F1:1B:C3:50:8E:94:7C:58:CE:F0:0B:79:74:DC:12:18
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/m2_i9vEbw1COlHxYzvALeXTcEhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.172.0/24
129.233.216.0/24
153.96.27.0/24
153.96.84.0-153.96.86.255
153.96.132.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:83:f9:84:9f:12:07:b1:20:4e:d0:54:03:b9:e3:29:ca:78:
7f:ad:b8:c0:ee:4a:7a:91:18:c9:69:33:fe:fc:40:dc:a8:ba:
41:32:a4:2f:d8:a5:6d:69:8c:57:88:96:b2:02:60:53:a6:b8:
63:ce:44:2c:84:f5:ce:48:e8:e7:3a:4f:23:a3:cc:5d:8e:b5:
d8:af:26:09:f9:b9:33:7e:e2:7d:e0:e3:1f:12:ad:76:a3:16:
87:f3:ff:8f:cf:c5:f3:8e:01:d7:fc:cc:82:d0:f4:ae:11:88:
5e:69:ff:5c:ad:b3:50:d5:72:17:89:b3:53:37:12:e5:c3:9b:
84:56:07:0d:1d:f5:b2:07:b0:90:0a:39:c2:53:65:b9:a1:6a:
e6:0d:dd:3c:71:b4:43:83:bc:5a:6c:5e:e4:5b:5c:ef:76:3e:
0e:c5:16:a5:e3:07:9f:eb:d7:a6:f1:58:b9:49:fa:f4:f0:53:
33:c8:b9:79:61:9f:41:93:f8:05:a3:fd:92:4a:c4:c6:39:37:
eb:61:50:91:b7:df:e7:d1:b2:dd:ae:45:95:43:a4:1f:9d:b4:
15:68:6e:d8:37:a4:da:22:ca:31:fb:9f:31:c1:8c:b5:2d:a9:
fb:b6:9a:9a:26:58:ef:f7:3e:a0:3b:fb:ee:6b:89:fe:8d:ca:
80:ac:3c:a4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYe9krbhOZqc4NFMJVlFe+ieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwNDI2MTIzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjZmZTJmNmYxMWJjMzUwOGU5NDdjNThjZWYwMGI3OTc0ZGMxMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3/URlWiMnxiJ1gdIo+NRWSrCjrR
Jk7vgjnNjXIMD+qXuDpn4KEQjM/Vw7WDlakOFJyYnT8wqUgBKOhsZCczL/QbK72T
6IQzyo9aigMcy7FPbVbW2NtUVhLiLTRyEb+fadnEXcj2QSoByogs+j8fssUO6O4M
Yw2TP0ZWu2GhzKjQ6Pl8DdxVPpUPHQW8iv0Ui76gBIvy+5QIRnUifNSHPQhu6Cuk
03okZjnbmDH/zXKbFX8lkXAGXUVRDLa4hinXgsZf4jK0IuMGK1wUA1LiUUd9Kdfk
Z5xWm6vEBstIfOgs3Hwyhns0tj791BTzNUwIlqsDrPirrJX8YNrvdLUhiQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJtv4vbxG8NQjpR8WM7wC3l03BIYMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvbTJfaTl2RWJ3MUNPbEh4WXp2QUxlWFRjRWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAgemsAwQA
genYAwQAmWAbMAwDBAKZYFQDBACZYFYDBACZYIQwDQYJKoZIhvcNAQELBQADggEB
AHyD+YSfEgexIE7QVAO54ynKeH+tuMDuSnqRGMlpM/78QNyoukEypC/YpW1pjFeI
lrICYFOmuGPORCyE9c5I6Oc6TyOjzF2OtdivJgn5uTN+4n3g4x8SrXajFofz/4/P
xfOOAdf8zILQ9K4RiF5p/1yts1DVcheJs1M3EuXDm4RWBw0d9bIHsJAKOcJTZbmh
auYN3TxxtEODvFpsXuRbXO92Pg7FFqXjB5/r16bxWLlJ+vTwUzPIuXlhn0GT+AWj
/ZJKxMY5N+thUJG33+fRst2uRZVDpB+dtBVobtg3pNoiyjH7nzHBjLUtqfu2mpom
WO/3PqA7++5rif6NyoCsPKQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:35 2024 by rpki-client on console-fra.rpki-client.org