Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/66khmpV9z4d-M5Pt63oINEjzccE.roa
File: 66khmpV9z4d-M5Pt63oINEjzccE.roa (raw, json)
Hash identifier: IFmhnnqNnzuYC1peg5AsqvYXmt4GEtrU+QWsvCw+1OM=
Subject key identifier: EB:A9:21:9A:95:7D:CF:87:7E:33:93:ED:EB:7A:08:34:48:F3:71:C1
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 01856D93EC8D0E73168AB07AD02975260676
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/66khmpV9z4d-M5Pt63oINEjzccE.roa
Signing time: Sun 01 Jan 2023 13:44:48 +0000
ROA not before: Sun 01 Jan 2023 13:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 31.131.164.0/22 maxlen: 22
91.219.16.0/23 maxlen: 23
91.219.16.0/22 maxlen: 23
91.219.18.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:ec:8d:0e:73:16:8a:b0:7a:d0:29:75:26:06:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Jan 1 13:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eba9219a957dcf877e3393edeb7a083448f371c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:99:1d:9e:d4:16:c5:30:bf:24:f6:28:8a:fa:
6c:0f:90:f9:79:37:16:78:8b:f6:35:15:c6:55:b5:
e5:84:1e:42:bc:1e:77:bd:d9:ef:30:58:01:ba:ee:
88:0a:b3:59:e2:ff:d5:c6:3c:c2:8f:5a:2b:83:55:
d4:43:8a:ae:71:5f:ad:d0:9a:c0:30:3d:ac:02:1d:
4a:1b:77:9b:0c:eb:00:a5:94:c9:7e:f7:81:c7:98:
ba:9a:8c:b4:cb:7c:88:de:02:5e:14:3a:35:cc:27:
57:15:90:0a:82:56:aa:a1:70:dd:5c:47:af:4e:fd:
0f:81:54:e5:26:b4:93:d5:1a:95:9e:91:e2:a4:fe:
8c:ad:a5:ee:7d:e8:00:ea:5f:86:f2:b3:c2:c1:4b:
f0:2b:4e:7a:0e:f1:7b:97:c8:09:67:ff:ca:89:8f:
50:6a:be:9c:65:b7:dd:78:f4:14:b0:7a:36:d2:cc:
84:36:a8:a1:3f:f2:39:d9:94:23:39:13:ed:1c:54:
ab:58:2a:cc:e8:08:a6:64:aa:10:85:11:8d:81:07:
ec:c9:db:8d:ab:42:63:df:d6:06:8d:ea:1e:d1:bf:
66:76:8a:8b:27:3b:14:3a:4e:69:4f:b4:50:45:79:
55:2d:00:00:fc:ac:01:49:44:30:48:45:5e:a4:ca:
ea:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A9:21:9A:95:7D:CF:87:7E:33:93:ED:EB:7A:08:34:48:F3:71:C1
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/66khmpV9z4d-M5Pt63oINEjzccE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.164.0/22
91.219.16.0/22
Signature Algorithm: sha256WithRSAEncryption
12:9c:84:d9:60:0b:b9:32:65:9d:19:80:cc:ce:2c:ef:77:bb:
af:de:85:3f:ed:bb:39:80:fa:68:29:0d:97:3b:ef:a4:ba:39:
13:22:b4:63:70:5e:da:b0:0a:ce:68:40:82:af:e3:c7:26:a9:
7e:7a:06:e3:3f:20:c1:d6:22:23:3c:46:7e:b7:25:e8:9b:94:
f5:cc:be:44:4b:49:3a:81:94:8f:40:e8:4b:69:c5:60:8d:cc:
cf:ee:bf:ad:bf:81:f4:fb:7a:80:74:df:6f:c5:12:78:0b:7d:
ca:63:f2:b1:68:e4:4b:60:d0:85:2e:77:fc:5a:db:98:a0:4a:
c7:65:a2:44:f1:4d:ae:85:7b:19:f1:e3:bc:03:7f:1d:dc:3c:
38:f6:84:83:1f:cc:8b:c3:e5:89:8b:8a:5e:d4:70:0c:77:66:
71:cc:df:8d:e4:11:be:56:7e:a0:4a:83:8f:44:bc:28:fd:6d:
80:eb:76:5c:c9:96:b8:d3:0e:12:c4:01:a4:62:77:0a:71:51:
16:13:96:66:99:f6:91:4b:55:39:a8:5b:ae:52:1a:7c:68:56:
2b:ca:c7:07:5b:84:52:d3:4a:6e:f1:6d:0d:37:63:fb:3e:cf:
e5:22:7c:20:6c:3b:b5:cf:68:72:2f:d9:d8:47:e6:fc:d7:7d:
2f:87:51:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtk+yNDnMWirB60Cl1JgZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwMTAxMTM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmE5MjE5YTk1N2RjZjg3N2UzMzkzZWRlYjdhMDgzNDQ4ZjM3MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJkdntQWxTC/JPYoivpsD5D5eTcW
eIv2NRXGVbXlhB5CvB53vdnvMFgBuu6ICrNZ4v/VxjzCj1org1XUQ4qucV+t0JrA
MD2sAh1KG3ebDOsApZTJfveBx5i6moy0y3yI3gJeFDo1zCdXFZAKglaqoXDdXEev
Tv0PgVTlJrST1RqVnpHipP6MraXufegA6l+G8rPCwUvwK056DvF7l8gJZ//KiY9Q
ar6cZbfdePQUsHo20syENqihP/I52ZQjORPtHFSrWCrM6AimZKoQhRGNgQfsyduN
q0Jj39YGjeoe0b9mdoqLJzsUOk5pT7RQRXlVLQAA/KwBSUQwSEVepMrqKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOupIZqVfc+HfjOT7et6CDRI83HBMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvNjZraG1wVjl6NGQtTTVQdDYzb0lORWp6Y2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4OkAwQC
W9sQMA0GCSqGSIb3DQEBCwUAA4IBAQASnITZYAu5MmWdGYDMzizvd7uv3oU/7bs5
gPpoKQ2XO++kujkTIrRjcF7asArOaECCr+PHJql+egbjPyDB1iIjPEZ+tyXom5T1
zL5ES0k6gZSPQOhLacVgjczP7r+tv4H0+3qAdN9vxRJ4C33KY/KxaORLYNCFLnf8
WtuYoErHZaJE8U2uhXsZ8eO8A38d3Dw49oSDH8yLw+WJi4pe1HAMd2ZxzN+N5BG+
Vn6gSoOPRLwo/W2A63ZcyZa40w4SxAGkYncKcVEWE5ZmmfaRS1U5qFuuUhp8aFYr
yscHW4RS00pu8W0NN2P7Ps/lInwgbDu1z2hyL9nYR+b8130vh1GF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:31 2023 by rpki-client on console-ams.rpki-client.org