Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/rcPsDlD_Lx28-zEs-vVrvFdLkZ8.roa
File: rcPsDlD_Lx28-zEs-vVrvFdLkZ8.roa (raw, json)
Hash identifier: UlDc3wT1dj8yZbGX1E0Z0056c7jGtubIkTNK7iPnD1E=
Subject key identifier: AD:C3:EC:0E:50:FF:2F:1D:BC:FB:31:2C:FA:F5:6B:BC:57:4B:91:9F
Certificate issuer: /CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Certificate serial: 018A260CAEFEDA37F69838C790E21C2213D3
Authority key identifier: AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/rcPsDlD_Lx28-zEs-vVrvFdLkZ8.roa
Signing time: Thu 24 Aug 2023 05:38:00 +0000
ROA not before: Thu 24 Aug 2023 05:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15412
IP address blocks: 85.95.24.0/22 maxlen: 24
80.77.0.0/20 maxlen: 24
62.216.128.0/19 maxlen: 24
89.17.96.0/19 maxlen: 19
2001:1a00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:0c:ae:fe:da:37:f6:98:38:c7:90:e2:1c:22:13:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Validity
Not Before: Aug 24 05:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adc3ec0e50ff2f1dbcfb312cfaf56bbc574b919f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:57:cd:7e:c8:9e:e1:0e:03:f6:20:17:cd:9e:
54:7f:d7:0f:d3:3c:74:ce:46:95:f3:4e:26:c8:9c:
d5:04:75:3a:bc:af:18:ac:28:b7:09:7a:5c:02:96:
d1:c4:99:31:35:84:5a:8f:d9:aa:fe:2f:54:c4:39:
08:84:46:45:99:5b:07:11:ec:5a:51:70:4b:ae:6d:
5a:12:4c:bf:1c:0e:6c:0b:ec:e3:1f:c6:1f:17:83:
52:ed:5a:40:aa:6e:a8:fb:24:89:98:cc:75:ca:0c:
86:51:23:25:bd:ec:35:16:4d:ec:08:9a:eb:96:88:
b8:00:37:a0:29:8b:0e:26:54:69:f7:27:15:78:d5:
a5:c0:75:a9:ee:ad:69:88:2f:b2:2a:09:05:9a:ee:
4e:41:85:0e:4d:e0:d7:3c:2f:10:08:e0:47:29:61:
48:51:06:e3:8f:a4:49:13:56:ed:89:24:c3:8f:6d:
3e:f5:82:1a:9d:86:74:61:9e:3f:e7:60:07:89:d2:
1d:21:e0:70:6c:9e:3a:87:1b:2b:25:a5:39:ab:be:
90:33:9e:36:d4:9a:83:f8:6b:7c:4d:1c:aa:1b:06:
08:e5:69:27:22:f5:d8:46:ce:14:d5:a2:dc:14:c7:
99:67:44:8d:7b:c7:75:e4:3b:86:a5:25:ff:89:8e:
2f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C3:EC:0E:50:FF:2F:1D:BC:FB:31:2C:FA:F5:6B:BC:57:4B:91:9F
X509v3 Authority Key Identifier:
keyid:AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/rcPsDlD_Lx28-zEs-vVrvFdLkZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.128.0/19
80.77.0.0/20
85.95.24.0/22
89.17.96.0/19
IPv6:
2001:1a00::/32
Signature Algorithm: sha256WithRSAEncryption
45:ca:52:ad:3b:08:89:34:b7:75:08:6d:80:f7:f2:6a:85:5b:
64:44:87:af:6d:e1:05:07:f4:6e:71:76:3e:fe:64:58:fa:9f:
cf:16:b6:b1:b8:42:6e:67:c7:9f:1a:f8:22:57:42:96:79:a9:
7e:f5:a3:29:95:70:c9:da:9c:f4:13:e6:f8:72:d0:14:8f:33:
ec:05:2d:ae:d2:da:25:f6:d2:53:f7:85:9c:1e:96:47:c1:bc:
22:19:20:99:7c:93:26:fa:a4:b7:76:1f:b8:69:98:ea:bb:40:
f0:99:76:c3:3a:53:0b:05:2f:cd:b0:7b:45:4e:c7:f7:cc:39:
0e:c9:2a:5b:d3:16:66:22:e3:ae:24:e2:bb:d9:4e:68:04:1a:
b3:fe:67:09:5b:ef:58:da:c6:62:b8:34:67:c2:b3:54:d2:d7:
1e:6d:11:11:11:8b:7d:ca:0e:c2:23:d1:e0:fb:22:07:40:bf:
d7:b3:79:b5:a7:da:25:04:b8:8d:5b:6d:c0:96:97:a6:cd:e8:
4f:bf:f6:29:ec:8e:a6:31:74:78:a9:3e:72:33:c4:1e:5b:9c:
b6:da:40:43:be:db:50:31:6a:15:e9:ba:a7:6d:67:57:ea:8f:
08:e3:53:e5:bc:06:34:10:1c:7d:04:4b:aa:87:f2:d1:c7:49:
cc:6c:29:da
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYomDK7+2jf2mDjHkOIcIhPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhM2FlZDkxZjI5YjJjYzdkM2UwNWYyNDBkOTkxMzc1ODFk
OWI1YjMwHhcNMjMwODI0MDUzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGMzZWMwZTUwZmYyZjFkYmNmYjMxMmNmYWY1NmJiYzU3NGI5MTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilfNfsie4Q4D9iAXzZ5Uf9cP0zx0
zkaV804myJzVBHU6vK8YrCi3CXpcApbRxJkxNYRaj9mq/i9UxDkIhEZFmVsHEexa
UXBLrm1aEky/HA5sC+zjH8YfF4NS7VpAqm6o+ySJmMx1ygyGUSMlvew1Fk3sCJrr
loi4ADegKYsOJlRp9ycVeNWlwHWp7q1piC+yKgkFmu5OQYUOTeDXPC8QCOBHKWFI
UQbjj6RJE1btiSTDj20+9YIanYZ0YZ4/52AHidIdIeBwbJ46hxsrJaU5q76QM542
1JqD+Gt8TRyqGwYI5WknIvXYRs4U1aLcFMeZZ0SNe8d15DuGpSX/iY4vZQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK3D7A5Q/y8dvPsxLPr1a7xXS5GfMB8GA1UdIwQY
MBaAFKo67ZHymyzH0+BfJA2ZE3WB2bWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYt
MDRlMWViMmE5MzI4LzEvcmNQc0RsRF9MeDI4LXpFcy12VnJ2RmRMa1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYtMDRlMWViMmE5MzI4
LzEvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFPtiAAwQE
UE0AAwQCVV8YAwQFWRFgMA0EAgACMAcDBQAgARoAMA0GCSqGSIb3DQEBCwUAA4IB
AQBFylKtOwiJNLd1CG2A9/JqhVtkRIevbeEFB/RucXY+/mRY+p/PFraxuEJuZ8ef
GvgiV0KWeal+9aMplXDJ2pz0E+b4ctAUjzPsBS2u0tol9tJT94WcHpZHwbwiGSCZ
fJMm+qS3dh+4aZjqu0DwmXbDOlMLBS/NsHtFTsf3zDkOySpb0xZmIuOuJOK72U5o
BBqz/mcJW+9Y2sZiuDRnwrNU0tcebREREYt9yg7CI9Hg+yIHQL/Xs3m1p9olBLiN
W23AlpemzehPv/Yp7I6mMXR4qT5yM8QeW5y22kBDvttQMWoV6bqnbWdX6o8I41Pl
vAY0EBx9BEuqh/LRx0nMbCna
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:01 2024 by rpki-client on console-fra.rpki-client.org