Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/l3TEvJ-o5oahLGgRNtWzIcLIWw8.roa
File: l3TEvJ-o5oahLGgRNtWzIcLIWw8.roa (raw, json)
Hash identifier: I157Adc/J5yjyaKZJg+rUxulonmHNAN2x5RCgK4d8gk=
Subject key identifier: 97:74:C4:BC:9F:A8:E6:86:A1:2C:68:11:36:D5:B3:21:C2:C8:5B:0F
Certificate issuer: /CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Certificate serial: 018A3B4FF85E7C066E165E8F1307A89BD517
Authority key identifier: 11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/l3TEvJ-o5oahLGgRNtWzIcLIWw8.roa
Signing time: Mon 28 Aug 2023 08:43:31 +0000
ROA not before: Mon 28 Aug 2023 08:43:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5598
IP address blocks: 176.101.96.0/19 maxlen: 24
176.101.97.144/28 maxlen: 28
176.101.97.128/28 maxlen: 28
176.101.96.96/27 maxlen: 27
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:4f:f8:5e:7c:06:6e:16:5e:8f:13:07:a8:9b:d5:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Validity
Not Before: Aug 28 08:43:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9774c4bc9fa8e686a12c681136d5b321c2c85b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:91:77:64:5b:db:25:ab:20:aa:f6:60:a0:23:
98:38:10:a0:f2:c5:35:7c:6e:81:81:53:d3:de:11:
eb:75:2d:b5:cd:30:aa:de:f1:fe:44:27:98:7a:98:
cc:8b:93:1c:a5:ed:57:23:92:62:72:d3:2a:27:06:
f7:0a:8f:a2:21:cf:ee:2d:18:11:7b:21:89:83:ab:
7b:64:da:ab:87:d0:75:a6:cc:d2:94:3c:87:8f:db:
7f:7a:ee:6b:38:96:5c:20:1c:fe:ef:ab:21:65:08:
9e:f8:f2:6e:cf:65:d8:cb:4d:bb:45:67:0b:a6:a5:
f0:7f:0a:3d:65:bb:65:5b:67:60:02:33:86:7f:a4:
b9:73:bd:b8:99:a4:ea:ed:1b:41:b6:44:b4:04:2d:
95:94:da:d4:c3:3b:b3:b5:c4:3d:d8:dd:03:a9:f3:
a3:1a:da:4b:3c:3b:c4:8a:ff:42:ee:31:72:22:ae:
a8:5c:bc:82:b1:8e:a2:13:bf:06:5a:79:ef:1a:0c:
aa:e6:54:e0:7d:b3:8a:d8:34:37:d8:89:a7:00:30:
74:ba:50:65:d8:5e:5d:54:d4:17:9b:3c:64:03:9f:
20:f1:9d:45:f1:75:9d:65:2c:f8:b3:b3:fa:14:f8:
45:ca:50:12:4d:56:28:a1:82:c1:00:02:03:4f:7e:
ab:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:74:C4:BC:9F:A8:E6:86:A1:2C:68:11:36:D5:B3:21:C2:C8:5B:0F
X509v3 Authority Key Identifier:
keyid:11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/l3TEvJ-o5oahLGgRNtWzIcLIWw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/EdGfiLDcG4kCVNuUqbYgRta-eUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.96.0/19
Signature Algorithm: sha256WithRSAEncryption
60:f3:cb:43:c0:e5:7a:b5:f7:d3:fa:14:82:74:ac:bc:e6:e2:
5c:37:93:fd:12:6e:cd:62:a3:d9:c5:78:92:50:bf:08:e1:ec:
f8:17:44:72:ee:ee:aa:f7:24:2c:05:cc:59:e6:66:e9:41:6e:
bf:a8:0b:fb:be:64:77:7c:29:7f:43:20:73:f2:12:76:a3:09:
bd:b5:ba:d2:95:1e:6f:57:30:51:2a:34:91:c3:b4:9e:f9:ea:
12:d6:62:60:8c:9c:17:23:2e:81:b9:f7:95:ef:0c:60:98:83:
30:f6:c7:2c:82:63:2c:5e:3e:54:2a:5a:c2:79:97:19:19:48:
a7:dd:65:4e:9e:a9:b3:d5:91:60:b5:17:bf:96:33:46:4b:65:
d5:91:e2:57:ad:ae:fd:34:5c:8e:35:7e:97:bc:29:0f:f9:aa:
64:09:15:29:a0:f8:c9:31:6a:71:04:5e:47:a7:ac:81:43:52:
fb:98:af:90:05:3c:70:29:49:5d:3d:8c:65:2a:d2:b0:92:69:
32:32:40:af:bd:dc:1d:88:82:ac:24:05:18:c2:c5:71:94:ca:
cb:2e:bd:00:e8:9f:bd:33:f1:c7:60:ff:0f:80:19:cf:d9:d3:
07:34:ef:ba:9a:bf:8c:14:38:05:35:53:e5:d7:5e:63:09:70:
c9:ac:ad:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo7T/hefAZuFl6PEweom9UXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDE5Zjg4YjBkYzFiODkwMjU0ZGI5NGE5YjYyMDQ2ZDZi
ZTc5NGIwHhcNMjMwODI4MDg0MzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzc0YzRiYzlmYThlNjg2YTEyYzY4MTEzNmQ1YjMyMWMyYzg1YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJF3ZFvbJasgqvZgoCOYOBCg8sU1
fG6BgVPT3hHrdS21zTCq3vH+RCeYepjMi5Mcpe1XI5JictMqJwb3Co+iIc/uLRgR
eyGJg6t7ZNqrh9B1pszSlDyHj9t/eu5rOJZcIBz+76shZQie+PJuz2XYy027RWcL
pqXwfwo9ZbtlW2dgAjOGf6S5c724maTq7RtBtkS0BC2VlNrUwzuztcQ92N0DqfOj
GtpLPDvEiv9C7jFyIq6oXLyCsY6iE78GWnnvGgyq5lTgfbOK2DQ32ImnADB0ulBl
2F5dVNQXmzxkA58g8Z1F8XWdZSz4s7P6FPhFylASTVYooYLBAAIDT36rfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJd0xLyfqOaGoSxoETbVsyHCyFsPMB8GA1UdIwQY
MBaAFBHRn4iw3BuJAlTblKm2IEbWvnlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQt
NDhiNDk1NWYwNjAwLzEvbDNURXZKLW81b2FoTEdnUk50V3pJY0xJV3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQtNDhiNDk1NWYwNjAw
LzEvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGVgMA0G
CSqGSIb3DQEBCwUAA4IBAQBg88tDwOV6tffT+hSCdKy85uJcN5P9Em7NYqPZxXiS
UL8I4ez4F0Ry7u6q9yQsBcxZ5mbpQW6/qAv7vmR3fCl/QyBz8hJ2owm9tbrSlR5v
VzBRKjSRw7Se+eoS1mJgjJwXIy6BufeV7wxgmIMw9scsgmMsXj5UKlrCeZcZGUin
3WVOnqmz1ZFgtRe/ljNGS2XVkeJXra79NFyONX6XvCkP+apkCRUpoPjJMWpxBF5H
p6yBQ1L7mK+QBTxwKUldPYxlKtKwkmkyMkCvvdwdiIKsJAUYwsVxlMrLLr0A6J+9
M/HHYP8PgBnP2dMHNO+6mr+MFDgFNVPl115jCXDJrK23
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:52 2024 by rpki-client on console-ams.rpki-client.org