Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-c0lcCGlLJQd_VALxkLiFe9_8LY.roa
File: 1-c0lcCGlLJQd_VALxkLiFe9_8LY.roa (raw, json)
Hash identifier: QI0/Bb+JJdHW1FIq/uiT9pCA6tJR1kCtBma889XImhQ=
Subject key identifier: F9:CD:25:70:21:A5:2C:94:1D:FD:50:0B:C6:42:E2:15:EF:7F:F0:B6
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01889A3582EDD59A7D33F39C36EFCE948BAE
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-c0lcCGlLJQd_VALxkLiFe9_8LY.roa
Signing time: Thu 08 Jun 2023 08:52:58 +0000
ROA not before: Thu 08 Jun 2023 08:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44834
IP address blocks: 188.130.236.0/23 maxlen: 24
109.248.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:35:82:ed:d5:9a:7d:33:f3:9c:36:ef:ce:94:8b:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 8 08:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9cd257021a52c941dfd500bc642e215ef7ff0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c3:0a:73:33:31:b5:06:11:f1:c4:a3:ba:9a:
30:8d:a8:16:64:52:1a:09:b0:2a:6a:0f:11:f9:5b:
8d:f4:fe:e1:c7:6c:a6:71:72:ed:b0:4e:ea:9f:a2:
71:13:bb:be:cc:61:14:4e:f6:9b:0c:16:70:a7:be:
d0:2d:ee:a7:37:43:1a:54:f0:b6:3f:96:d8:8e:e7:
4d:59:07:2a:ef:a7:c9:f1:65:81:5d:a8:e7:1b:de:
c2:6b:eb:06:94:6d:a0:58:6b:0b:de:56:25:bc:67:
3b:c0:20:98:85:de:1d:ef:44:70:fb:78:b2:9d:42:
a2:82:28:e2:65:76:1b:19:25:cd:ed:98:bc:e1:44:
f1:47:34:23:1a:4b:0e:29:81:25:94:6b:5b:de:0f:
f2:73:61:a9:77:06:eb:eb:43:f1:11:c4:a7:b0:71:
c4:4f:b5:b5:1a:38:c0:84:bb:0b:81:a0:53:01:d3:
24:78:3f:89:ec:ef:37:de:2e:10:ad:3d:b6:40:07:
f8:57:f1:91:44:b3:31:e9:58:5e:b3:0e:66:ff:0b:
45:46:b1:66:8d:46:da:fd:f2:6a:5e:ad:2b:23:9e:
07:85:26:69:e9:48:eb:43:84:c6:8e:e6:b4:26:d7:
3c:08:fa:cf:c8:a2:c6:01:98:22:bf:bf:a6:fe:df:
46:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:CD:25:70:21:A5:2C:94:1D:FD:50:0B:C6:42:E2:15:EF:7F:F0:B6
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-c0lcCGlLJQd_VALxkLiFe9_8LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.255.0/24
188.130.236.0/23
Signature Algorithm: sha256WithRSAEncryption
85:03:90:25:a9:b1:7c:36:28:1e:d2:9c:1b:ee:84:8f:3e:cb:
ec:77:8a:b4:16:53:42:c9:d7:7f:21:ae:60:b1:13:b4:a2:fe:
75:6c:5a:52:cf:e6:e1:c9:5e:bb:b7:ab:da:74:b8:5a:f8:2a:
7d:93:2b:a9:eb:58:07:48:01:33:60:fc:79:a5:28:3f:fa:fe:
20:92:4b:39:03:7f:46:fe:4b:21:22:ec:73:bd:fc:9c:2b:53:
7c:f2:e0:0b:52:d8:bc:54:d6:22:d5:96:28:48:f0:1c:5c:75:
ef:8b:44:84:7f:c5:02:85:af:40:24:01:1c:e5:99:28:02:8a:
d7:7f:d3:43:f1:82:9a:ea:37:0b:65:25:e9:f3:ae:75:cb:2d:
6d:10:d9:8b:68:76:f1:42:f5:5a:33:83:9b:fb:85:7e:23:64:
84:aa:b0:4c:11:98:bd:b5:3e:75:68:7c:1c:18:b7:e3:77:7e:
59:97:f9:78:0c:17:2f:46:04:84:f9:c7:6e:07:dc:81:a8:e5:
74:f2:2c:7c:f0:2d:93:28:51:74:bc:66:fa:e9:95:5f:f2:c3:
17:de:dd:06:f9:c4:9b:ca:85:5a:96:7c:3f:84:d9:84:3a:8b:
15:ed:2c:10:e4:32:86:6e:06:2c:35:d5:92:ed:61:36:2d:ae:
94:c2:26:20
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYiaNYLt1Zp9M/OcNu/OlIuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwNjA4MDg1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWNkMjU3MDIxYTUyYzk0MWRmZDUwMGJjNjQyZTIxNWVmN2ZmMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsMKczMxtQYR8cSjupowjagWZFIa
CbAqag8R+VuN9P7hx2ymcXLtsE7qn6JxE7u+zGEUTvabDBZwp77QLe6nN0MaVPC2
P5bYjudNWQcq76fJ8WWBXajnG97Ca+sGlG2gWGsL3lYlvGc7wCCYhd4d70Rw+3iy
nUKigijiZXYbGSXN7Zi84UTxRzQjGksOKYEllGtb3g/yc2Gpdwbr60PxEcSnsHHE
T7W1GjjAhLsLgaBTAdMkeD+J7O833i4QrT22QAf4V/GRRLMx6Vhesw5m/wtFRrFm
jUba/fJqXq0rI54HhSZp6UjrQ4TGjua0Jtc8CPrPyKLGAZgiv7+m/t9GzQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPnNJXAhpSyUHf1QC8ZC4hXvf/C2MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvMS1jMGxjQ0dsTEpRZF9WQUx4a0xpRmU5XzhMWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvMzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1
ZS8xL2lGdUZkd2JheFU0Z3lnMFJ2V1FXeTJOQ0E3US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG34/wME
AbyC7DANBgkqhkiG9w0BAQsFAAOCAQEAhQOQJamxfDYoHtKcG+6Ejz7L7HeKtBZT
QsnXfyGuYLETtKL+dWxaUs/m4cleu7er2nS4WvgqfZMrqetYB0gBM2D8eaUoP/r+
IJJLOQN/Rv5LISLsc738nCtTfPLgC1LYvFTWItWWKEjwHFx174tEhH/FAoWvQCQB
HOWZKAKK13/TQ/GCmuo3C2Ul6fOudcstbRDZi2h28UL1WjODm/uFfiNkhKqwTBGY
vbU+dWh8HBi343d+WZf5eAwXL0YEhPnHbgfcgajldPIsfPAtkyhRdLxm+umVX/LD
F97dBvnEm8qFWpZ8P4TZhDqLFe0sEOQyhm4GLDXVku1hNi2ulMImIA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:58 2024 by rpki-client on console-ams.rpki-client.org