Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/84887c-6809-4425-bce9-3b5b71cbb322/1/7Reww-adbY7qT95vB3SGjmykPBs.roa
File: 7Reww-adbY7qT95vB3SGjmykPBs.roa (raw, json)
Hash identifier: LDQl6ctsJkCtTK7I7uHV0rgVrTKWyGV6UldNjydcRjQ=
Subject key identifier: ED:17:B0:C3:E6:9D:6D:8E:EA:4F:DE:6F:07:74:86:8E:6C:A4:3C:1B
Certificate issuer: /CN=dd4e3892f46b107852c3eae1b27dccf60fab99bd
Certificate serial: 01856E8B056C15334ABBE8C25E2F67084FDC
Authority key identifier: DD:4E:38:92:F4:6B:10:78:52:C3:EA:E1:B2:7D:CC:F6:0F:AB:99:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3U44kvRrEHhSw-rhsn3M9g-rmb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/84887c-6809-4425-bce9-3b5b71cbb322/1/7Reww-adbY7qT95vB3SGjmykPBs.roa
Signing time: Sun 01 Jan 2023 18:14:42 +0000
ROA not before: Sun 01 Jan 2023 18:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206988
IP address blocks: 141.98.200.0/22 maxlen: 22
141.98.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:05:6c:15:33:4a:bb:e8:c2:5e:2f:67:08:4f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4e3892f46b107852c3eae1b27dccf60fab99bd
Validity
Not Before: Jan 1 18:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed17b0c3e69d6d8eea4fde6f0774868e6ca43c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:98:0f:cb:23:12:b6:01:39:64:ca:de:d8:68:
42:52:5c:eb:46:87:cf:e4:be:f7:9b:4d:78:98:2a:
58:a8:d9:f9:67:d0:f8:29:e8:3a:2f:e1:3b:1f:28:
3c:88:c5:de:5c:5c:85:e7:e7:ca:11:55:58:4a:f3:
2f:4b:7b:a2:e4:2e:c1:20:45:a2:0c:df:b3:b5:ab:
6d:0d:88:86:ce:8a:da:fa:0b:79:9d:eb:a7:a8:f1:
fc:a4:82:e6:ce:60:fc:a0:ca:ac:3c:68:24:6a:03:
40:28:fe:60:0c:e5:bb:82:c1:ff:29:8a:6d:23:f0:
5c:0d:5e:f6:ef:f2:a5:5e:69:6d:0d:0c:d8:ad:a4:
f0:81:a6:3c:6b:31:74:eb:b6:e2:1f:fa:4c:71:44:
25:c1:c7:ad:21:07:68:07:26:89:5f:68:7d:ee:f8:
03:b5:3d:77:bb:00:a3:2a:2a:42:29:a1:8c:b2:e4:
aa:4a:a4:8b:00:e6:49:6f:7f:a5:69:29:83:a3:15:
2d:92:76:43:82:e0:5a:46:09:e7:5b:2f:e1:72:ef:
e1:02:a8:5f:e9:70:9a:76:80:44:e1:45:83:36:fb:
b8:a6:e6:73:d2:eb:4c:f3:f9:c1:c8:90:56:bf:79:
18:25:20:4c:14:2c:9a:25:98:89:f6:0b:54:cb:e3:
cc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:17:B0:C3:E6:9D:6D:8E:EA:4F:DE:6F:07:74:86:8E:6C:A4:3C:1B
X509v3 Authority Key Identifier:
keyid:DD:4E:38:92:F4:6B:10:78:52:C3:EA:E1:B2:7D:CC:F6:0F:AB:99:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3U44kvRrEHhSw-rhsn3M9g-rmb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/84887c-6809-4425-bce9-3b5b71cbb322/1/7Reww-adbY7qT95vB3SGjmykPBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/84887c-6809-4425-bce9-3b5b71cbb322/1/3U44kvRrEHhSw-rhsn3M9g-rmb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.200.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:0e:62:9a:a6:47:93:63:a2:48:98:cb:43:04:49:56:52:88:
82:4c:8b:48:c3:bd:24:6a:01:74:60:1e:4e:08:98:a6:19:ed:
9a:9e:de:67:a0:ac:25:bd:c7:4f:e0:8f:43:a8:54:07:60:c3:
d9:b7:34:32:c0:f9:32:a6:b7:b9:8e:8e:52:60:90:cb:b2:12:
9b:b0:8a:1e:44:9f:2d:85:35:f6:fb:ba:31:32:ed:69:47:e1:
cf:45:7c:c4:4a:d4:91:20:5d:07:96:33:22:2e:15:12:ce:aa:
e1:d0:22:bd:01:97:7b:d4:1a:50:06:2c:f6:b4:aa:ab:86:67:
4b:ff:bb:b1:11:18:7b:f4:6c:e3:f0:21:dd:7a:c2:31:28:b2:
9f:61:dd:66:67:80:d8:19:f2:f9:dc:df:e9:4f:d3:b5:a4:78:
d6:d5:61:13:4e:51:63:7c:ad:f3:c2:78:73:60:a2:9d:ad:d5:
cf:29:01:43:43:2b:9a:fb:bd:73:35:48:b9:c0:86:ed:ed:7e:
65:d7:c2:07:be:56:44:35:3d:0b:25:b7:cf:6c:ab:3f:c7:1b:
42:4f:3a:0d:93:2c:b5:c2:b0:86:ee:01:0c:a9:58:36:02:ef:
3b:ea:d1:75:69:cb:d7:81:7a:8a:29:fe:a9:99:31:79:96:42:
ea:ff:e9:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuiwVsFTNKu+jCXi9nCE/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNGUzODkyZjQ2YjEwNzg1MmMzZWFlMWIyN2RjY2Y2MGZh
Yjk5YmQwHhcNMjMwMTAxMTgxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDE3YjBjM2U2OWQ2ZDhlZWE0ZmRlNmYwNzc0ODY4ZTZjYTQzYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpgPyyMStgE5ZMre2GhCUlzrRofP
5L73m014mCpYqNn5Z9D4Keg6L+E7Hyg8iMXeXFyF5+fKEVVYSvMvS3ui5C7BIEWi
DN+ztattDYiGzora+gt5neunqPH8pILmzmD8oMqsPGgkagNAKP5gDOW7gsH/KYpt
I/BcDV727/KlXmltDQzYraTwgaY8azF067biH/pMcUQlwcetIQdoByaJX2h97vgD
tT13uwCjKipCKaGMsuSqSqSLAOZJb3+laSmDoxUtknZDguBaRgnnWy/hcu/hAqhf
6XCadoBE4UWDNvu4puZz0utM8/nByJBWv3kYJSBMFCyaJZiJ9gtUy+PMkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0XsMPmnW2O6k/ebwd0ho5spDwbMB8GA1UdIwQY
MBaAFN1OOJL0axB4UsPq4bJ9zPYPq5m9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1U0NGt2UnJFSGhTdy1yaHNuM005Zy1ybWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NDg4N2MtNjgwOS00NDI1LWJjZTkt
M2I1YjcxY2JiMzIyLzEvN1Jld3ctYWRiWTdxVDk1dkIzU0dqbXlrUEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NDg4N2MtNjgwOS00NDI1LWJjZTktM2I1YjcxY2JiMzIy
LzEvM1U0NGt2UnJFSGhTdy1yaHNuM005Zy1ybWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjWLIMA0G
CSqGSIb3DQEBCwUAA4IBAQC6DmKapkeTY6JImMtDBElWUoiCTItIw70kagF0YB5O
CJimGe2ant5noKwlvcdP4I9DqFQHYMPZtzQywPkypre5jo5SYJDLshKbsIoeRJ8t
hTX2+7oxMu1pR+HPRXzEStSRIF0HljMiLhUSzqrh0CK9AZd71BpQBiz2tKqrhmdL
/7uxERh79Gzj8CHdesIxKLKfYd1mZ4DYGfL53N/pT9O1pHjW1WETTlFjfK3zwnhz
YKKdrdXPKQFDQyua+71zNUi5wIbt7X5l18IHvlZENT0LJbfPbKs/xxtCTzoNkyy1
wrCG7gEMqVg2Au876tF1acvXgXqKKf6pmTF5lkLq/+k1
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org