Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/p1dqhezylLMXRDminQvEyDERsao.roa
File: p1dqhezylLMXRDminQvEyDERsao.roa (raw, json)
Hash identifier: Oa7q0Q4sWdWSnp1gC1HO+Ok5LS5Hdc2TF9JYmZ68NQI=
Subject key identifier: A7:57:6A:85:EC:F2:94:B3:17:44:39:A2:9D:0B:C4:C8:31:11:B1:AA
Certificate issuer: /CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Certificate serial: 018570151BCA9AE26BF7009F3BBCF905DCBE
Authority key identifier: B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/p1dqhezylLMXRDminQvEyDERsao.roa
Signing time: Mon 02 Jan 2023 01:25:09 +0000
ROA not before: Mon 02 Jan 2023 01:25:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33923
IP address blocks: 194.6.246.0/24 maxlen: 24
185.183.236.0/22 maxlen: 24
194.145.184.0/22 maxlen: 22
94.246.128.0/18 maxlen: 24
2a00:1a40::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:1b:ca:9a:e2:6b:f7:00:9f:3b:bc:f9:05:dc:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Validity
Not Before: Jan 2 01:25:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7576a85ecf294b3174439a29d0bc4c83111b1aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8e:74:db:ed:ce:27:4e:3d:c4:de:bd:f9:85:
e9:99:47:b0:1a:1a:0e:dc:0b:f7:96:b3:c6:dc:eb:
e8:e8:bc:2c:bb:38:16:80:b9:19:60:2c:dd:df:f0:
82:fe:c5:15:a2:13:aa:d9:e9:83:4f:34:33:de:4c:
52:4c:40:ee:db:06:ed:a7:6c:7e:7e:72:94:1a:d6:
d0:ed:96:87:55:11:d5:55:ab:e0:f7:1f:c2:2f:10:
a3:5a:02:da:be:96:74:8e:57:2b:14:b5:7f:50:9b:
66:b3:d2:34:55:ac:ee:ce:e1:47:ab:99:00:be:61:
9e:a3:f1:43:ca:48:22:8a:07:96:7a:f2:b2:fd:5c:
f8:fe:ed:cf:b4:06:9f:48:01:ea:a7:db:7f:f6:6e:
ab:48:b2:9d:e7:3d:e3:b0:eb:da:da:dc:69:be:b3:
1b:7c:38:be:41:b6:4e:26:0e:36:f7:2e:f2:c1:54:
a5:62:3b:ca:a4:b7:b3:d9:82:c5:a5:e7:12:90:ef:
0b:24:f0:42:f2:24:96:97:e2:eb:79:29:54:a9:23:
3b:ca:8e:24:22:8e:9f:eb:79:57:5f:9c:92:9c:f0:
aa:12:d8:db:cc:6b:cd:e4:cd:c8:3b:80:cc:a5:c2:
07:44:0b:4a:4c:bc:d1:e2:f7:a8:c2:71:b3:e6:9b:
ed:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:57:6A:85:EC:F2:94:B3:17:44:39:A2:9D:0B:C4:C8:31:11:B1:AA
X509v3 Authority Key Identifier:
keyid:B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/p1dqhezylLMXRDminQvEyDERsao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.246.128.0/18
185.183.236.0/22
194.6.246.0/24
194.145.184.0/22
IPv6:
2a00:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
b7:df:14:91:dc:50:59:29:ec:7b:a9:41:0f:cb:26:e7:6a:6a:
d4:4b:e1:f1:c6:e5:57:05:11:c5:35:b4:9f:e5:8b:83:ae:e7:
bf:62:df:88:96:5d:92:fb:5b:3e:c1:9f:5b:cf:a7:0f:e3:12:
cb:0c:ad:6b:d6:ce:c9:db:65:56:73:70:57:ae:60:1b:da:37:
0b:5a:41:d4:f9:f4:e1:54:76:1d:67:e1:19:8d:41:be:45:c0:
68:81:cc:c5:c9:a8:a1:c7:fa:05:5b:e3:b2:91:85:24:3f:13:
d8:ca:a4:93:73:60:ed:49:97:5e:6b:0f:4c:8d:73:18:d8:b4:
c2:b7:c4:65:9f:86:45:cc:c3:44:66:1f:13:c9:ba:76:c8:c7:
ba:6f:fa:f6:0c:e2:06:63:bd:cd:9a:b1:1e:37:33:3b:a7:df:
65:6e:29:7e:ed:ac:a8:fc:53:bb:9b:25:b2:55:33:ef:0a:38:
07:b6:e5:b3:09:32:d3:b7:50:07:e2:b6:2a:5b:14:cc:af:71:
62:e1:9e:ae:6d:43:8b:36:4e:54:47:f1:8b:55:92:fc:a5:b3:
6b:15:aa:3f:e6:73:c5:88:a2:8c:2a:f3:a1:72:a7:fa:75:8b:
27:af:15:e8:2c:b4:69:e2:ed:9f:ed:b8:92:42:d1:67:77:30:
d0:7d:eb:12
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwFRvKmuJr9wCfO7z5Bdy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Yjg3YjNiMDljY2I2OWE2ZGUyMDQ2OGU5MGVjYmIxOGY1
ZWNiYjYwHhcNMjMwMTAyMDEyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzU3NmE4NWVjZjI5NGIzMTc0NDM5YTI5ZDBiYzRjODMxMTFiMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI502+3OJ049xN69+YXpmUewGhoO
3Av3lrPG3Ovo6LwsuzgWgLkZYCzd3/CC/sUVohOq2emDTzQz3kxSTEDu2wbtp2x+
fnKUGtbQ7ZaHVRHVVavg9x/CLxCjWgLavpZ0jlcrFLV/UJtms9I0VazuzuFHq5kA
vmGeo/FDykgiigeWevKy/Vz4/u3PtAafSAHqp9t/9m6rSLKd5z3jsOva2txpvrMb
fDi+QbZOJg429y7ywVSlYjvKpLez2YLFpecSkO8LJPBC8iSWl+LreSlUqSM7yo4k
Io6f63lXX5ySnPCqEtjbzGvN5M3IO4DMpcIHRAtKTLzR4veownGz5pvt4QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKdXaoXs8pSzF0Q5op0LxMgxEbGqMB8GA1UdIwQY
MBaAFLm4ezsJzLaabeIEaOkOy7GPXsu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJoN093bk10cHB0NGdSbzZRN0xzWTlleTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wMGRkYWYtM2JlNS00MjBkLTkxOWYt
M2I0Y2I5NzVhOWJjLzEvcDFkcWhlenlsTE1YUkRtaW5RdkV5REVSc2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wMGRkYWYtM2JlNS00MjBkLTkxOWYtM2I0Y2I5NzVhOWJj
LzEvdWJoN093bk10cHB0NGdSbzZRN0xzWTlleTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGXvaAAwQC
ubfsAwQAwgb2AwQCwpG4MA0EAgACMAcDBQAqABpAMA0GCSqGSIb3DQEBCwUAA4IB
AQC33xSR3FBZKex7qUEPyybnamrUS+HxxuVXBRHFNbSf5YuDrue/Yt+Ill2S+1s+
wZ9bz6cP4xLLDK1r1s7J22VWc3BXrmAb2jcLWkHU+fThVHYdZ+EZjUG+RcBogczF
yaihx/oFW+OykYUkPxPYyqSTc2DtSZdeaw9MjXMY2LTCt8Rln4ZFzMNEZh8Tybp2
yMe6b/r2DOIGY73NmrEeNzM7p99lbil+7ayo/FO7myWyVTPvCjgHtuWzCTLTt1AH
4rYqWxTMr3Fi4Z6ubUOLNk5UR/GLVZL8pbNrFao/5nPFiKKMKvOhcqf6dYsnrxXo
LLRp4u2f7biSQtFndzDQfesS
-----END CERTIFICATE-----
Generated at Mon Sep 4 09:46:20 2023 by rpki-client on console-ams.rpki-client.org