Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/b1015d-4122-4174-82a5-4bbf645b10d3/1/pkAYABxwXCUcg-5DBn5-mO4IDtE.roa
File: pkAYABxwXCUcg-5DBn5-mO4IDtE.roa (raw, json)
Hash identifier: XvvrRGGzdseNiFKBxx/3/JQQCqtt7KmUrhPlJh4Yoxg=
Subject key identifier: A6:40:18:00:1C:70:5C:25:1C:83:EE:43:06:7E:7E:98:EE:08:0E:D1
Certificate issuer: /CN=60f72537edf1dc0b7f694453450bca4aeef83f64
Certificate serial: 01856DE63942203E3AB33CA067FA2145A90A
Authority key identifier: 60:F7:25:37:ED:F1:DC:0B:7F:69:44:53:45:0B:CA:4A:EE:F8:3F:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPclN-3x3At_aURTRQvKSu74P2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/b1015d-4122-4174-82a5-4bbf645b10d3/1/pkAYABxwXCUcg-5DBn5-mO4IDtE.roa
Signing time: Sun 01 Jan 2023 15:14:42 +0000
ROA not before: Sun 01 Jan 2023 15:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213048
IP address blocks: 83.136.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:39:42:20:3e:3a:b3:3c:a0:67:fa:21:45:a9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60f72537edf1dc0b7f694453450bca4aeef83f64
Validity
Not Before: Jan 1 15:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a64018001c705c251c83ee43067e7e98ee080ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:62:ee:67:ea:a1:61:3a:5e:b8:17:f0:0b:1b:
36:83:35:2f:e2:8d:31:64:66:71:77:d7:fe:af:f3:
91:ea:c4:23:f1:5d:e3:80:20:7b:b7:4f:34:30:bc:
72:ba:02:ef:28:04:8c:e2:b5:0c:02:62:95:56:18:
7a:e6:0a:0b:f4:ff:6d:d3:42:e4:e4:8f:ff:3e:0f:
d5:31:e9:82:14:55:fb:63:05:1f:de:70:98:f5:16:
a0:ab:a9:c8:30:15:6d:04:4b:49:ba:d8:a6:90:9f:
da:3f:69:b8:72:42:bd:3a:64:b9:05:3b:37:4a:36:
e6:ed:a0:4f:f8:c4:a4:08:02:d1:f1:09:c3:e8:b2:
82:63:c4:36:93:3e:34:24:0c:fe:e6:98:75:90:d2:
11:bf:40:95:a8:13:f3:6a:11:19:c3:8e:2e:27:47:
3a:03:33:c3:71:7b:ba:aa:9f:6a:dc:ff:dc:cc:e7:
c1:d0:ab:39:bd:24:fd:0c:0c:b5:75:a0:6b:48:c0:
c3:89:e4:1a:a5:8c:01:2e:95:39:71:7e:d2:a0:4b:
ee:6c:be:ff:0d:96:17:1d:22:80:cf:5e:78:47:ef:
5c:bd:79:67:98:3a:64:b6:a0:9d:f8:24:1b:b9:41:
8a:43:aa:cf:66:7a:30:24:95:cc:67:31:1d:16:91:
1b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:40:18:00:1C:70:5C:25:1C:83:EE:43:06:7E:7E:98:EE:08:0E:D1
X509v3 Authority Key Identifier:
keyid:60:F7:25:37:ED:F1:DC:0B:7F:69:44:53:45:0B:CA:4A:EE:F8:3F:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPclN-3x3At_aURTRQvKSu74P2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/b1015d-4122-4174-82a5-4bbf645b10d3/1/pkAYABxwXCUcg-5DBn5-mO4IDtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/b1015d-4122-4174-82a5-4bbf645b10d3/1/YPclN-3x3At_aURTRQvKSu74P2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.220.0/24
Signature Algorithm: sha256WithRSAEncryption
49:97:43:1e:f2:11:38:00:1d:06:8e:f6:7f:cf:96:3f:85:7d:
81:2b:27:f2:ee:ad:c6:52:a4:44:ca:f0:8a:1a:4a:bd:c4:62:
d6:de:31:bc:7c:9a:ae:bc:d9:9d:78:96:60:2c:95:db:f1:8c:
5a:34:aa:2e:47:9b:34:f9:b3:1e:1a:4b:e3:92:74:b1:2a:c9:
e5:0c:5c:b5:4e:8e:82:24:d9:2e:82:59:cd:2c:9c:53:2f:ab:
10:47:7f:4f:c8:a6:1b:a0:83:66:80:1b:38:91:a7:b3:97:57:
83:46:cb:74:c5:d5:31:92:04:c9:51:dc:f2:a6:e0:27:99:cf:
1a:17:bd:b8:0c:75:b2:b7:e9:e6:02:21:c0:0d:09:db:e3:08:
1a:12:9e:1a:f3:96:95:c4:bd:5c:61:c9:9a:29:22:c4:27:b0:
be:bd:79:d5:ea:ac:4e:72:5f:97:56:de:93:54:92:e0:2a:43:
54:2a:29:c4:3d:3d:e3:fe:04:a9:9a:54:08:01:3b:a7:46:80:
28:38:ee:f6:f0:e3:b5:54:5e:06:0c:cc:b3:d5:68:03:bd:dc:
78:eb:4f:49:02:44:8d:71:d9:22:aa:b4:fb:b7:71:98:47:51:
67:00:1d:49:d3:02:f3:84:d9:37:8b:58:e4:71:31:3e:be:56:
5b:c6:ad:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5jlCID46szygZ/ohRakKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZjcyNTM3ZWRmMWRjMGI3ZjY5NDQ1MzQ1MGJjYTRhZWVm
ODNmNjQwHhcNMjMwMTAxMTUxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQwMTgwMDFjNzA1YzI1MWM4M2VlNDMwNjdlN2U5OGVlMDgwZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumLuZ+qhYTpeuBfwCxs2gzUv4o0x
ZGZxd9f+r/OR6sQj8V3jgCB7t080MLxyugLvKASM4rUMAmKVVhh65goL9P9t00Lk
5I//Pg/VMemCFFX7YwUf3nCY9Ragq6nIMBVtBEtJutimkJ/aP2m4ckK9OmS5BTs3
Sjbm7aBP+MSkCALR8QnD6LKCY8Q2kz40JAz+5ph1kNIRv0CVqBPzahEZw44uJ0c6
AzPDcXu6qp9q3P/czOfB0Ks5vST9DAy1daBrSMDDieQapYwBLpU5cX7SoEvubL7/
DZYXHSKAz154R+9cvXlnmDpktqCd+CQbuUGKQ6rPZnowJJXMZzEdFpEbFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZAGAAccFwlHIPuQwZ+fpjuCA7RMB8GA1UdIwQY
MBaAFGD3JTft8dwLf2lEU0ULykru+D9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBjbE4tM3gzQXRfYVVSVFJRdktTdTc0UDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iMTAxNWQtNDEyMi00MTc0LTgyYTUt
NGJiZjY0NWIxMGQzLzEvcGtBWUFCeHdYQ1VjZy01REJuNS1tTzRJRHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iMTAxNWQtNDEyMi00MTc0LTgyYTUtNGJiZjY0NWIxMGQz
LzEvWVBjbE4tM3gzQXRfYVVSVFJRdktTdTc0UDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU4jcMA0G
CSqGSIb3DQEBCwUAA4IBAQBJl0Me8hE4AB0GjvZ/z5Y/hX2BKyfy7q3GUqREyvCK
Gkq9xGLW3jG8fJquvNmdeJZgLJXb8YxaNKouR5s0+bMeGkvjknSxKsnlDFy1To6C
JNkuglnNLJxTL6sQR39PyKYboINmgBs4kaezl1eDRst0xdUxkgTJUdzypuAnmc8a
F724DHWyt+nmAiHADQnb4wgaEp4a85aVxL1cYcmaKSLEJ7C+vXnV6qxOcl+XVt6T
VJLgKkNUKinEPT3j/gSpmlQIATunRoAoOO728OO1VF4GDMyz1WgDvdx4609JAkSN
cdkiqrT7t3GYR1FnAB1J0wLzhNk3i1jkcTE+vlZbxq33
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:46 2024 by rpki-client on console-fra.rpki-client.org