Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_PdoZmInzlcb_uCsQW2n75wGfC4.roa
File: _PdoZmInzlcb_uCsQW2n75wGfC4.roa (raw, json)
Hash identifier: AANImbx5oH2E0GkU8r10ylUpzA/MjL7bNJvRnKNsqas=
Subject key identifier: FC:F7:68:66:62:27:CE:57:1B:FE:E0:AC:41:6D:A7:EF:9C:06:7C:2E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018B038277C70D875DCB45E94018F2B07F79
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_PdoZmInzlcb_uCsQW2n75wGfC4.roa
Signing time: Fri 06 Oct 2023 05:42:43 +0000
ROA not before: Fri 06 Oct 2023 05:42:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212517
IP address blocks: 202.133.88.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:03:82:77:c7:0d:87:5d:cb:45:e9:40:18:f2:b0:7f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 6 05:42:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcf768666227ce571bfee0ac416da7ef9c067c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8d:eb:34:a4:bb:a5:0b:a7:94:19:e7:be:41:
07:8c:30:4f:65:1b:a2:5a:78:3c:11:b5:96:b0:e0:
45:02:3b:05:df:d1:09:2a:cb:1a:4b:75:c1:00:82:
35:c7:51:c6:c8:6b:87:57:9b:32:1a:39:c4:e6:ff:
33:fd:fa:62:e4:29:24:68:b7:09:d3:9c:7d:2f:fa:
7f:4c:a0:6c:44:9a:7b:44:05:de:6c:70:fe:67:39:
b8:af:5e:94:8b:c2:a6:14:e0:30:7b:0a:16:92:b8:
3b:a6:1b:13:1a:cf:e4:a3:e7:9a:01:e7:eb:45:87:
84:b2:26:3d:5a:e1:a1:c6:d4:24:38:65:dc:f5:6c:
28:a1:8c:cc:52:36:eb:c9:4f:52:eb:5e:cc:cd:5a:
ad:86:ec:8e:51:1a:aa:f1:83:16:5d:05:6e:92:dc:
04:23:38:76:f1:8a:8a:7f:be:a0:fb:8d:29:5f:03:
94:de:4e:30:8e:1b:a6:de:22:4e:c6:48:4b:5d:e8:
d5:05:84:13:2a:f2:d5:bb:19:44:1a:4a:e0:dc:17:
b4:ff:b9:17:b0:02:4a:ad:6a:f8:66:54:38:88:2d:
4a:cf:60:50:80:47:c4:36:8b:3d:4f:7b:f9:b2:e5:
11:b0:51:5f:d3:53:4d:a3:49:62:56:3f:ad:7e:ee:
03:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F7:68:66:62:27:CE:57:1B:FE:E0:AC:41:6D:A7:EF:9C:06:7C:2E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_PdoZmInzlcb_uCsQW2n75wGfC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.133.88.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:4a:00:db:fc:b1:86:15:b8:e2:a2:5c:02:51:b6:92:49:db:
0d:cb:96:2b:56:b2:07:f2:49:94:bf:54:e1:a8:55:ca:b7:68:
ed:3c:f9:7a:b3:b9:b6:26:68:c8:d8:cf:da:dd:23:bc:ae:1d:
c8:30:14:9b:45:87:b6:39:44:67:b7:e6:03:0b:a5:50:70:3e:
00:11:f5:8a:a7:1e:2a:b5:22:0a:39:dd:d9:ff:68:98:17:68:
d3:04:a5:a5:0e:04:42:82:06:e1:77:55:90:ca:bd:18:9a:07:
9d:62:80:59:af:a7:19:c8:75:1a:6d:24:f1:fa:e2:b8:cb:8f:
9a:f4:f7:36:1d:35:3f:20:c6:54:69:70:96:b2:0e:db:cf:95:
d5:1b:60:8f:e2:a7:9a:29:c0:85:b0:c4:51:5b:19:0d:60:ba:
94:87:99:60:13:6e:f6:7c:9d:7e:8b:75:34:fd:2a:a3:2e:c0:
f9:02:70:07:01:76:ee:6a:d0:89:c8:39:39:c2:f0:ea:b6:d0:
63:48:75:5b:3b:01:af:3d:51:5c:44:2c:5e:e6:6f:4b:70:80:
bf:63:cc:63:69:7f:a1:45:3d:be:e8:f2:d7:9b:ba:57:e4:c4:
7f:08:23:e0:9c:2f:7d:55:5e:95:43:3e:1c:32:22:e4:5c:98:
55:38:a5:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsDgnfHDYddy0XpQBjysH95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDA2MDU0MjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y3Njg2NjYyMjdjZTU3MWJmZWUwYWM0MTZkYTdlZjljMDY3YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk43rNKS7pQunlBnnvkEHjDBPZRui
Wng8EbWWsOBFAjsF39EJKssaS3XBAII1x1HGyGuHV5syGjnE5v8z/fpi5CkkaLcJ
05x9L/p/TKBsRJp7RAXebHD+Zzm4r16Ui8KmFOAwewoWkrg7phsTGs/ko+eaAefr
RYeEsiY9WuGhxtQkOGXc9WwooYzMUjbryU9S617MzVqthuyOURqq8YMWXQVuktwE
Izh28YqKf76g+40pXwOU3k4wjhum3iJOxkhLXejVBYQTKvLVuxlEGkrg3Be0/7kX
sAJKrWr4ZlQ4iC1Kz2BQgEfENos9T3v5suURsFFf01NNo0liVj+tfu4D3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPz3aGZiJ85XG/7grEFtp++cBnwuMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvX1Bkb1ptSW56bGNiX3VDc1FXMm43NXdHZkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQByoVYMA0G
CSqGSIb3DQEBCwUAA4IBAQCOSgDb/LGGFbjiolwCUbaSSdsNy5YrVrIH8kmUv1Th
qFXKt2jtPPl6s7m2JmjI2M/a3SO8rh3IMBSbRYe2OURnt+YDC6VQcD4AEfWKpx4q
tSIKOd3Z/2iYF2jTBKWlDgRCggbhd1WQyr0YmgedYoBZr6cZyHUabSTx+uK4y4+a
9Pc2HTU/IMZUaXCWsg7bz5XVG2CP4qeaKcCFsMRRWxkNYLqUh5lgE272fJ1+i3U0
/SqjLsD5AnAHAXbuatCJyDk5wvDqttBjSHVbOwGvPVFcRCxe5m9LcIC/Y8xjaX+h
RT2+6PLXm7pX5MR/CCPgnC99VV6VQz4cMiLkXJhVOKUZ
-----END CERTIFICATE-----
Generated at Thu Oct 12 11:25:45 2023 by rpki-client on console-fra.rpki-client.org