Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/0ph5kWNF-4AuC__goOv1MsvVpzs.roa
File: 0ph5kWNF-4AuC__goOv1MsvVpzs.roa (raw, json)
Hash identifier: bgo/zyQUOIENjOXn1dP9SL8tuqsNYuXTVCt6HJDAIAk=
Subject key identifier: D2:98:79:91:63:45:FB:80:2E:0B:FF:E0:A0:EB:F5:32:CB:D5:A7:3B
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4C8A10DEC65D52EDB13F634DC39D4
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/0ph5kWNF-4AuC__goOv1MsvVpzs.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49353
IP address blocks: 171.22.164.0/22 maxlen: 22
2a05:a780::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c8:a1:0d:ec:65:d5:2e:db:13:f6:34:dc:39:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d29879916345fb802e0bffe0a0ebf532cbd5a73b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:47:02:74:41:01:04:b2:f9:92:5d:ed:ec:ce:
ac:ce:9b:c6:2f:aa:a4:30:f7:ce:0f:1f:95:80:e1:
f4:bf:3f:64:17:53:9c:d6:a6:49:2e:1f:df:12:49:
8d:92:42:1b:1d:f7:33:58:a3:27:03:f5:34:ee:af:
1a:eb:39:3e:39:90:7b:9c:74:72:3a:e2:3e:5d:28:
a3:4b:d0:63:62:a5:eb:7b:7d:ff:24:1b:a8:de:94:
fc:5b:40:af:ae:02:06:83:43:ad:fd:a6:53:13:25:
0a:11:22:69:b5:93:9d:ef:a1:28:d4:de:04:f3:5b:
89:8d:d7:3c:f1:a6:72:1a:4d:66:1a:17:8e:fd:b0:
15:55:20:42:c6:26:5e:41:05:08:64:ae:59:58:0a:
05:57:8f:f3:d2:9e:dc:c4:ff:97:bb:a6:23:4f:48:
91:ee:6e:ec:53:06:01:99:5a:41:ee:3b:79:13:f7:
ba:60:0c:e6:37:44:17:a0:a2:3a:65:cb:91:51:8d:
bc:82:f4:3e:3f:68:15:96:bf:84:4e:47:73:78:e3:
5b:13:d4:f9:a4:57:b2:1c:70:d9:a2:7e:f6:b2:06:
3b:af:fd:19:2e:95:d4:cd:e5:8f:53:8d:dd:5c:0d:
ce:95:0c:b4:a3:7f:66:3c:ac:0b:15:24:db:92:36:
3d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:98:79:91:63:45:FB:80:2E:0B:FF:E0:A0:EB:F5:32:CB:D5:A7:3B
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/0ph5kWNF-4AuC__goOv1MsvVpzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.164.0/22
IPv6:
2a05:a780::/29
Signature Algorithm: sha256WithRSAEncryption
ca:6e:4d:57:7d:93:4e:9e:69:93:cd:3f:04:36:7b:6d:1f:10:
67:a4:cc:51:3b:a3:67:fa:83:4b:80:7f:16:4f:06:0f:57:0b:
ab:bc:0e:8b:7f:49:c9:dd:1f:2f:38:1e:40:31:48:fb:ea:b2:
95:77:09:a9:6f:54:d4:55:43:15:94:80:1f:38:84:ba:1a:92:
7e:ba:ab:e9:7f:de:98:41:c1:3d:6a:c1:77:50:25:2f:ff:44:
89:c9:52:39:6e:16:84:b9:6e:70:f2:08:81:fb:29:02:e1:bc:
f2:cd:46:e0:c2:3b:e6:a3:b1:65:5a:26:09:95:85:44:e3:e2:
4a:38:da:b7:96:4f:e7:e4:bf:ca:b6:2e:ff:2a:27:9a:e6:2d:
b2:e9:3b:0d:27:46:72:0d:fb:0f:cb:89:28:52:7b:59:a0:fa:
e1:04:e6:f4:cd:e6:5e:9f:fb:ee:04:2d:5f:fc:db:7e:bb:45:
10:fd:b0:ef:ff:33:dd:55:b1:ae:b0:c0:62:0f:d5:be:ca:a5:
9e:7a:ba:e3:0f:21:7c:ef:91:33:b6:e4:3d:27:44:e8:37:ec:
51:70:cf:3f:4d:a9:01:14:ba:7b:88:66:a0:7a:5f:07:9e:0e:
12:49:cd:e9:99:60:97:e3:60:4a:b4:2f:7b:b9:9b:7b:74:b6:
cd:cd:84:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu1MihDexl1S7bE/Y03DnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjk4Nzk5MTYzNDVmYjgwMmUwYmZmZTBhMGViZjUzMmNiZDVhNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkcCdEEBBLL5kl3t7M6szpvGL6qk
MPfODx+VgOH0vz9kF1Oc1qZJLh/fEkmNkkIbHfczWKMnA/U07q8a6zk+OZB7nHRy
OuI+XSijS9BjYqXre33/JBuo3pT8W0CvrgIGg0Ot/aZTEyUKESJptZOd76Eo1N4E
81uJjdc88aZyGk1mGheO/bAVVSBCxiZeQQUIZK5ZWAoFV4/z0p7cxP+Xu6YjT0iR
7m7sUwYBmVpB7jt5E/e6YAzmN0QXoKI6ZcuRUY28gvQ+P2gVlr+ETkdzeONbE9T5
pFeyHHDZon72sgY7r/0ZLpXUzeWPU43dXA3OlQy0o39mPKwLFSTbkjY9AwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNKYeZFjRfuALgv/4KDr9TLL1ac7MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMHBoNWtXTkYtNEF1Q19fZ29PdjFNc3ZWcHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCqxakMA0E
AgACMAcDBQMqBaeAMA0GCSqGSIb3DQEBCwUAA4IBAQDKbk1XfZNOnmmTzT8ENntt
HxBnpMxRO6Nn+oNLgH8WTwYPVwurvA6Lf0nJ3R8vOB5AMUj76rKVdwmpb1TUVUMV
lIAfOIS6GpJ+uqvpf96YQcE9asF3UCUv/0SJyVI5bhaEuW5w8giB+ykC4bzyzUbg
wjvmo7FlWiYJlYVE4+JKONq3lk/n5L/Kti7/Kiea5i2y6TsNJ0ZyDfsPy4koUntZ
oPrhBOb0zeZen/vuBC1f/Nt+u0UQ/bDv/zPdVbGusMBiD9W+yqWeerrjDyF875Ez
tuQ9J0ToN+xRcM8/TakBFLp7iGagel8Hng4SSc3pmWCX42BKtC97uZt7dLbNzYTk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:35 2023 by rpki-client on console-ams.rpki-client.org