Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/1-t25bJ6LnDxJlVI7ktjNDUqqqJw.roa
File: 1-t25bJ6LnDxJlVI7ktjNDUqqqJw.roa (raw, json)
Hash identifier: JLOB0v2xW1pHK3klnXG748VDPoGNhiFRjApxHCpvXNY=
Subject key identifier: FA:DD:B9:6C:9E:8B:9C:3C:49:95:52:3B:92:D8:CD:0D:4A:AA:A8:9C
Certificate issuer: /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Certificate serial: 018770A1DC0EE851805834D106A3C8AE8199
Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/1-t25bJ6LnDxJlVI7ktjNDUqqqJw.roa
Signing time: Tue 11 Apr 2023 14:04:28 +0000
ROA not before: Tue 11 Apr 2023 14:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15774
IP address blocks: 188.168.160.0/21 maxlen: 32
188.244.128.0/17 maxlen: 32
188.168.188.0/23 maxlen: 32
188.168.128.0/24 maxlen: 32
188.244.216.0/21 maxlen: 32
188.244.224.0/20 maxlen: 32
188.168.96.0/23 maxlen: 32
188.168.92.0/22 maxlen: 32
188.168.4.0/23 maxlen: 32
188.168.10.0/23 maxlen: 32
188.168.8.0/23 maxlen: 32
188.168.0.0/16 maxlen: 32
188.168.8.0/22 maxlen: 32
188.168.224.0/22 maxlen: 32
188.168.13.0/24 maxlen: 32
188.168.232.0/21 maxlen: 32
188.168.15.0/24 maxlen: 32
188.168.14.0/24 maxlen: 32
188.168.240.0/21 maxlen: 32
188.168.33.0/24 maxlen: 32
2a02:618::/32 maxlen: 96
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:a1:dc:0e:e8:51:80:58:34:d1:06:a3:c8:ae:81:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Validity
Not Before: Apr 11 14:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faddb96c9e8b9c3c4995523b92d8cd0d4aaaa89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1f:44:92:e7:49:63:c5:36:e9:f5:17:85:5d:
90:de:d1:a5:e0:ef:59:41:bb:71:4f:71:c8:dc:7c:
1c:58:76:c8:30:bf:49:8b:bf:c4:e3:65:46:6a:1d:
9b:d5:66:44:e9:bd:9e:22:ce:62:fb:33:0d:71:9a:
98:c0:21:53:91:5b:3b:6b:89:75:03:5a:cd:09:e3:
66:fe:55:24:a8:7b:e3:1f:4a:46:c6:50:51:4d:93:
3b:ef:7d:fe:ae:f8:8f:29:f9:a5:89:79:5a:95:db:
5a:48:30:3e:a2:19:2d:fb:79:86:ab:a1:68:99:0c:
de:53:f1:78:12:38:a4:9b:d9:71:20:d0:8b:9b:97:
11:01:7a:c2:7c:63:65:1f:53:32:6a:2a:35:55:0a:
9a:f8:31:d8:c7:7e:a2:24:37:4d:c5:2d:b3:68:b2:
11:bc:31:36:86:96:c4:6e:e3:26:91:99:38:6c:f1:
50:7a:27:3c:39:26:e1:27:8b:1c:e9:22:7e:c0:b4:
56:44:af:af:18:07:ef:b1:18:e1:29:a5:e7:29:95:
94:a1:e4:ad:ae:31:3b:79:af:c8:77:39:93:4f:7e:
06:37:ac:65:4d:cb:79:a5:55:65:06:f5:0b:47:05:
f7:8f:52:44:75:de:3e:4b:6d:23:4c:8b:ac:16:33:
db:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DD:B9:6C:9E:8B:9C:3C:49:95:52:3B:92:D8:CD:0D:4A:AA:A8:9C
X509v3 Authority Key Identifier:
keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/1-t25bJ6LnDxJlVI7ktjNDUqqqJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.168.0.0/16
188.244.128.0/17
IPv6:
2a02:618::/32
Signature Algorithm: sha256WithRSAEncryption
7e:12:83:84:d0:e1:ae:7a:ac:84:b9:ce:f9:2b:51:1f:0a:c7:
51:ef:49:f8:63:3f:9d:f5:64:2a:2a:2b:4a:8a:a1:92:d6:e6:
dd:dc:54:ea:6f:9d:9c:72:89:e2:ff:70:8e:71:e0:f2:c6:43:
9f:88:71:49:24:7b:13:aa:68:1e:97:fb:77:99:3f:18:f1:e8:
81:e1:96:2d:83:fe:83:be:1b:9d:0a:4b:36:84:8c:97:00:18:
6d:c9:af:ee:90:48:7e:2b:0a:6d:3f:82:56:aa:4f:6b:ab:bb:
91:0a:ef:22:da:9f:8c:82:4d:fe:e6:17:4b:e4:71:33:71:9d:
f5:05:d9:b5:53:37:67:2a:e0:7c:c7:aa:3e:85:53:f6:2d:69:
0e:34:20:88:3d:b8:32:37:5d:22:8d:5c:58:ba:1a:93:88:20:
62:57:c4:75:65:95:4d:d4:dd:c7:5f:d6:5e:a3:8f:36:90:87:
b2:68:f3:aa:63:9b:ff:f0:ce:37:6a:69:71:79:cb:5c:54:b2:
ca:d8:d8:eb:26:85:36:74:f8:24:28:78:a3:9d:1e:06:f8:5f:
52:a3:90:f1:cb:a9:13:f7:b4:b4:53:bd:ba:aa:b0:8c:d0:91:
97:3d:2f:f4:2f:a0:24:a1:b8:4a:be:21:06:f6:4a:ad:82:55:
d7:b0:51:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYdwodwO6FGAWDTRBqPIroGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl
NjZiZWMwHhcNMjMwNDExMTQwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRkYjk2YzllOGI5YzNjNDk5NTUyM2I5MmQ4Y2QwZDRhYWFhODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR9EkudJY8U26fUXhV2Q3tGl4O9Z
QbtxT3HI3HwcWHbIML9Ji7/E42VGah2b1WZE6b2eIs5i+zMNcZqYwCFTkVs7a4l1
A1rNCeNm/lUkqHvjH0pGxlBRTZM7733+rviPKfmliXlaldtaSDA+ohkt+3mGq6Fo
mQzeU/F4Ejikm9lxINCLm5cRAXrCfGNlH1Myaio1VQqa+DHYx36iJDdNxS2zaLIR
vDE2hpbEbuMmkZk4bPFQeic8OSbhJ4sc6SJ+wLRWRK+vGAfvsRjhKaXnKZWUoeSt
rjE7ea/IdzmTT34GN6xlTct5pVVlBvULRwX3j1JEdd4+S20jTIusFjPblQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPrduWyei5w8SZVSO5LYzQ1KqqicMB8GA1UdIwQY
MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt
NmFhYTZiMDIxNjBkLzEvMS10MjViSjZMbkR4SmxWSTdrdGpORFVxcXFKdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWQvZTUwZjU0LTZmZGQtNGZlOS05ZmU5LTZhYWE2YjAyMTYw
ZC8xL3owcHhmNC1odXdOWkowSWpyTnJpSzNEbWEtdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDALyoAwQH
vPSAMA0EAgACMAcDBQAqAgYYMA0GCSqGSIb3DQEBCwUAA4IBAQB+EoOE0OGueqyE
uc75K1EfCsdR70n4Yz+d9WQqKitKiqGS1ubd3FTqb52cconi/3COceDyxkOfiHFJ
JHsTqmgel/t3mT8Y8eiB4ZYtg/6DvhudCks2hIyXABhtya/ukEh+KwptP4JWqk9r
q7uRCu8i2p+Mgk3+5hdL5HEzcZ31Bdm1UzdnKuB8x6o+hVP2LWkONCCIPbgyN10i
jVxYuhqTiCBiV8R1ZZVN1N3HX9Zeo482kIeyaPOqY5v/8M43amlxectcVLLK2Njr
JoU2dPgkKHijnR4G+F9So5Dxy6kT97S0U726qrCM0JGXPS/0L6AkobhKviEG9kqt
glXXsFFi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:06 2023 by rpki-client on console-fra.rpki-client.org