Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/RlOxfMzx3BNX8nl2A6O3LOsFo0Q.roa
File: RlOxfMzx3BNX8nl2A6O3LOsFo0Q.roa (raw, json)
Hash identifier: gZ3kXAfZumrBTjcGaJ623QTtFrQPjnQ2Nij2obWmq0Q=
Subject key identifier: 46:53:B1:7C:CC:F1:DC:13:57:F2:79:76:03:A3:B7:2C:EB:05:A3:44
Certificate issuer: /CN=61fe2eafa64aceaf1fcfcfbca6150a7a2d35be4a
Certificate serial: 01856C53BA2D20CDB8003F475033E0453C58
Authority key identifier: 61:FE:2E:AF:A6:4A:CE:AF:1F:CF:CF:BC:A6:15:0A:7A:2D:35:BE:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yf4ur6ZKzq8fz8-8phUKei01vko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/RlOxfMzx3BNX8nl2A6O3LOsFo0Q.roa
Signing time: Sun 01 Jan 2023 07:55:04 +0000
ROA not before: Sun 01 Jan 2023 07:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205679
IP address blocks: 92.118.164.0/22 maxlen: 24
88.218.252.0/22 maxlen: 24
185.210.36.0/22 maxlen: 24
2a0b:51c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ba:2d:20:cd:b8:00:3f:47:50:33:e0:45:3c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61fe2eafa64aceaf1fcfcfbca6150a7a2d35be4a
Validity
Not Before: Jan 1 07:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4653b17cccf1dc1357f2797603a3b72ceb05a344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2e:30:9f:76:87:6c:8e:03:92:aa:8e:76:f5:
25:5e:1d:f2:07:7e:ca:09:b4:2e:3b:5d:af:1e:cd:
78:ed:a0:8b:99:39:e3:20:52:4e:e3:da:11:b7:ef:
46:34:96:fe:c8:41:a2:c4:af:fc:d6:db:d8:5a:fa:
2a:f2:90:ec:aa:40:97:73:20:fb:06:ea:ca:c0:80:
49:69:88:ea:b9:a2:b1:fb:00:fc:28:a9:89:05:d6:
29:9f:98:7f:db:18:59:8f:84:ea:b5:f7:b8:7b:7d:
6c:8c:26:f4:1b:95:6d:25:09:59:4c:ee:5d:de:9a:
cb:58:35:eb:04:5c:c0:79:7e:14:97:4a:2f:8f:5c:
2c:6c:ea:b8:ba:f7:c1:1a:90:6c:4f:dc:63:0d:a0:
c5:98:5c:25:88:10:21:da:05:ff:ca:92:4a:7a:0b:
40:26:3a:d4:c3:a2:7c:09:cd:ce:2a:31:31:38:99:
91:be:e3:28:38:7d:c1:6f:7d:b5:7d:82:fa:79:b1:
aa:b9:6f:00:67:aa:ed:63:e5:cb:dc:67:a0:1e:3a:
33:57:f2:68:89:46:a3:20:f1:71:d4:c2:63:24:4b:
9f:a4:c0:33:bc:86:35:29:b2:3b:58:fc:7e:ea:50:
af:4e:fe:0a:34:f2:fe:71:df:c6:01:73:9b:c4:20:
c5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:53:B1:7C:CC:F1:DC:13:57:F2:79:76:03:A3:B7:2C:EB:05:A3:44
X509v3 Authority Key Identifier:
keyid:61:FE:2E:AF:A6:4A:CE:AF:1F:CF:CF:BC:A6:15:0A:7A:2D:35:BE:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yf4ur6ZKzq8fz8-8phUKei01vko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/RlOxfMzx3BNX8nl2A6O3LOsFo0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/Yf4ur6ZKzq8fz8-8phUKei01vko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.252.0/22
92.118.164.0/22
185.210.36.0/22
IPv6:
2a0b:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:c8:6d:de:fe:94:35:cc:ce:db:a5:12:61:c1:3c:6c:26:b8:
8b:50:38:59:a8:0d:2b:56:2b:bc:49:28:82:2c:5a:80:51:e2:
6a:a8:91:22:a6:9c:1e:4f:fc:5d:79:4a:ba:e8:dc:a7:92:82:
2c:f3:bc:83:1c:97:f1:72:5b:58:8a:cb:e1:e5:e5:8f:d0:d6:
c4:6a:93:95:74:c7:cd:99:ff:80:58:6d:01:43:13:ac:37:50:
10:30:e3:d8:8f:22:d9:b0:5b:85:9c:13:c4:d4:7c:9a:a1:9a:
ed:44:c0:45:3e:1a:01:c6:95:eb:28:8c:21:3e:e3:d0:7e:4d:
70:fa:3a:d1:13:61:c7:15:e4:cd:24:d1:82:7f:96:93:eb:59:
fa:1f:d1:cb:f2:03:4d:a2:51:1b:98:22:33:97:09:89:26:3a:
ed:41:53:02:43:e3:47:dd:95:1a:a9:9c:b8:c0:74:c8:4d:d8:
24:93:f7:38:b4:b8:3b:74:58:b5:48:e9:d9:4e:5a:61:4e:38:
ad:21:03:a9:96:43:b2:b2:6d:21:71:ce:c7:58:36:a6:63:df:
ef:2f:d0:d1:5e:a6:86:04:4b:54:93:d9:35:cc:43:ff:cf:4b:
ae:cd:5e:70:34:3a:e1:10:bd:be:e1:2e:09:4f:2a:f3:eb:ae:
a2:49:99:2b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsU7otIM24AD9HUDPgRTxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZmUyZWFmYTY0YWNlYWYxZmNmY2ZiY2E2MTUwYTdhMmQz
NWJlNGEwHhcNMjMwMTAxMDc1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjUzYjE3Y2NjZjFkYzEzNTdmMjc5NzYwM2EzYjcyY2ViMDVhMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy4wn3aHbI4DkqqOdvUlXh3yB37K
CbQuO12vHs147aCLmTnjIFJO49oRt+9GNJb+yEGixK/81tvYWvoq8pDsqkCXcyD7
BurKwIBJaYjquaKx+wD8KKmJBdYpn5h/2xhZj4Tqtfe4e31sjCb0G5VtJQlZTO5d
3prLWDXrBFzAeX4Ul0ovj1wsbOq4uvfBGpBsT9xjDaDFmFwliBAh2gX/ypJKegtA
JjrUw6J8Cc3OKjExOJmRvuMoOH3Bb321fYL6ebGquW8AZ6rtY+XL3GegHjozV/Jo
iUajIPFx1MJjJEufpMAzvIY1KbI7WPx+6lCvTv4KNPL+cd/GAXObxCDFvwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEZTsXzM8dwTV/J5dgOjtyzrBaNEMB8GA1UdIwQY
MBaAFGH+Lq+mSs6vH8/PvKYVCnotNb5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWY0dXI2Wkt6cThmejgtOHBoVUtlaTAxdmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8yMWNhNDMtZDNlMS00ZWMwLTlhOWQt
MzlhZmQ5MzE2NTk4LzEvUmxPeGZNengzQk5YOG5sMkE2TzNMT3NGbzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8yMWNhNDMtZDNlMS00ZWMwLTlhOWQtMzlhZmQ5MzE2NTk4
LzEvWWY0dXI2Wkt6cThmejgtOHBoVUtlaTAxdmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCWNr8AwQC
XHakAwQCudIkMA0EAgACMAcDBQMqC1HAMA0GCSqGSIb3DQEBCwUAA4IBAQBEyG3e
/pQ1zM7bpRJhwTxsJriLUDhZqA0rViu8SSiCLFqAUeJqqJEippweT/xdeUq66Nyn
koIs87yDHJfxcltYisvh5eWP0NbEapOVdMfNmf+AWG0BQxOsN1AQMOPYjyLZsFuF
nBPE1HyaoZrtRMBFPhoBxpXrKIwhPuPQfk1w+jrRE2HHFeTNJNGCf5aT61n6H9HL
8gNNolEbmCIzlwmJJjrtQVMCQ+NH3ZUaqZy4wHTITdgkk/c4tLg7dFi1SOnZTlph
TjitIQOplkOysm0hcc7HWDamY9/vL9DRXqaGBEtUk9k1zEP/z0uuzV5wNDrhEL2+
4S4JTyrz666iSZkr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-fra.rpki-client.org