Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/nWSogXDs6ZsLp1aYJzSJVWo3F80.roa
File: nWSogXDs6ZsLp1aYJzSJVWo3F80.roa (raw, json)
Hash identifier: fjvj8clhZYw7Ijk7LrRHj7Htgm/Za/7tu9WpCwWusic=
Subject key identifier: 9D:64:A8:81:70:EC:E9:9B:0B:A7:56:98:27:34:89:55:6A:37:17:CD
Certificate issuer: /CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Certificate serial: 018570CBFDEFBADDBCB6485F7877C1E615D1
Authority key identifier: 19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/nWSogXDs6ZsLp1aYJzSJVWo3F80.roa
Signing time: Mon 02 Jan 2023 04:44:55 +0000
ROA not before: Mon 02 Jan 2023 04:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202246
IP address blocks: 109.204.176.0/20 maxlen: 20
185.128.16.0/22 maxlen: 22
2a10:a5c5::/32 maxlen: 32
2a10:a5c3::/32 maxlen: 32
2a10:a5c7::/32 maxlen: 32
2a10:a5c1::/32 maxlen: 32
2a10:a5c0::/29 maxlen: 29
2a10:a5c4::/32 maxlen: 32
2a10:a5c2::/32 maxlen: 32
2a10:a5c0::/32 maxlen: 32
2a10:a5c6::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:fd:ef:ba:dd:bc:b6:48:5f:78:77:c1:e6:15:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Validity
Not Before: Jan 2 04:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d64a88170ece99b0ba75698273489556a3717cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:18:bb:49:37:4f:b2:db:57:17:aa:40:fe:52:
ee:ae:51:02:ab:de:e0:81:0c:53:f5:46:01:80:5f:
32:ab:85:43:6a:b8:a7:6b:b4:82:7b:12:ae:10:6a:
37:ad:e6:7c:37:44:62:72:bd:da:69:f4:06:c5:5d:
c7:9d:a5:51:c0:36:f0:ae:d4:f3:69:7a:e0:31:6c:
42:30:23:19:fc:f9:59:a1:fb:c1:74:d9:5e:25:5f:
ce:0e:9d:c2:d5:12:f2:bd:c5:92:fc:09:41:b2:d1:
11:7f:23:95:18:6d:8b:5e:47:f7:d5:9c:2e:05:ba:
53:03:2b:6d:14:31:f8:e3:b2:57:81:1f:d0:e4:ad:
79:8b:89:26:9b:93:f7:d9:cb:7f:09:96:d2:ea:4f:
54:01:53:07:88:c9:5e:37:19:a4:4c:19:57:a2:06:
0c:98:59:80:14:8a:64:f5:80:5f:1a:68:bd:db:9c:
b0:a0:f8:cd:31:33:db:0d:f0:87:22:7a:48:b1:68:
6d:98:fe:fd:f2:71:a2:56:18:80:c4:9e:2d:01:94:
c0:64:fe:d6:fb:50:64:e6:66:d9:1a:f4:a7:74:c9:
eb:ed:ef:00:43:8d:71:54:94:8f:79:22:2e:c5:1b:
14:da:4e:51:52:45:78:49:4d:c9:de:84:a7:f4:30:
d2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:64:A8:81:70:EC:E9:9B:0B:A7:56:98:27:34:89:55:6A:37:17:CD
X509v3 Authority Key Identifier:
keyid:19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/nWSogXDs6ZsLp1aYJzSJVWo3F80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.204.176.0/20
185.128.16.0/22
IPv6:
2a10:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:87:9a:e8:bb:2a:85:cf:06:ff:c6:11:80:e0:34:35:50:de:
96:05:6a:b2:5e:f4:2a:cb:b2:74:b9:f4:c9:b7:bf:14:a6:6c:
cd:28:93:b6:61:1f:ae:9f:f6:c1:19:98:e8:61:25:ea:fd:2a:
76:70:7e:7f:d3:3a:9a:77:11:1c:cb:41:fe:4c:29:c0:4f:79:
6c:95:9c:85:73:40:44:1e:da:ea:9f:cd:ad:c3:9b:c9:34:d3:
b3:c5:f6:de:45:50:2c:67:a3:51:79:00:27:99:c6:18:f2:00:
23:98:9d:31:26:13:68:6d:af:c5:a9:59:7c:fe:c2:46:d1:36:
ac:04:76:ff:e2:ba:31:4f:3b:a5:7f:dd:dc:93:43:68:f1:d1:
f6:2b:aa:cd:5a:dc:2f:8e:63:7d:e0:ef:4e:d4:6a:26:0e:c4:
bf:cb:96:8f:cc:a1:38:57:b6:3f:9d:f8:e5:b7:8c:90:37:f1:
e5:7c:cb:c1:fe:f8:30:7e:2f:1d:a5:cb:cb:e4:99:60:a3:6f:
b2:9e:6f:46:2f:48:2c:78:59:7f:54:07:56:61:33:df:00:dc:
42:e6:f0:67:16:29:2b:a3:e8:13:e3:c6:e6:ea:0b:f6:bd:72:
61:51:69:ee:6d:8f:f2:f5:17:7d:ba:3e:0f:ac:c4:2b:8f:03:
8a:86:56:73
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwy/3vut28tkhfeHfB5hXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTNjYjQ4NTY4MjFkMTRjZDJlMGI3NjdjMjkzMWEyMmMx
NTRlN2MwHhcNMjMwMTAyMDQ0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY0YTg4MTcwZWNlOTliMGJhNzU2OTgyNzM0ODk1NTZhMzcxN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Ri7STdPsttXF6pA/lLurlECq97g
gQxT9UYBgF8yq4VDarina7SCexKuEGo3reZ8N0Ricr3aafQGxV3HnaVRwDbwrtTz
aXrgMWxCMCMZ/PlZofvBdNleJV/ODp3C1RLyvcWS/AlBstERfyOVGG2LXkf31Zwu
BbpTAyttFDH447JXgR/Q5K15i4kmm5P32ct/CZbS6k9UAVMHiMleNxmkTBlXogYM
mFmAFIpk9YBfGmi925ywoPjNMTPbDfCHInpIsWhtmP798nGiVhiAxJ4tAZTAZP7W
+1Bk5mbZGvSndMnr7e8AQ41xVJSPeSIuxRsU2k5RUkV4SU3J3oSn9DDS6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ1kqIFw7OmbC6dWmCc0iVVqNxfNMB8GA1UdIwQY
MBaAFBkTy0hWgh0UzS4LdnwpMaIsFU58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTkt
MDc3OWRmMWRkNjRkLzEvbldTb2dYRHM2WnNMcDFhWUp6U0pWV28zRjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTktMDc3OWRmMWRkNjRk
LzEvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEbcywAwQC
uYAQMA0EAgACMAcDBQMqEKXAMA0GCSqGSIb3DQEBCwUAA4IBAQCPh5rouyqFzwb/
xhGA4DQ1UN6WBWqyXvQqy7J0ufTJt78UpmzNKJO2YR+un/bBGZjoYSXq/Sp2cH5/
0zqadxEcy0H+TCnAT3lslZyFc0BEHtrqn82tw5vJNNOzxfbeRVAsZ6NReQAnmcYY
8gAjmJ0xJhNoba/FqVl8/sJG0TasBHb/4roxTzulf93ck0No8dH2K6rNWtwvjmN9
4O9O1GomDsS/y5aPzKE4V7Y/nfjlt4yQN/HlfMvB/vgwfi8dpcvL5Jlgo2+ynm9G
L0gseFl/VAdWYTPfANxC5vBnFikro+gT48bm6gv2vXJhUWnubY/y9Rd9uj4PrMQr
jwOKhlZz
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:24 2024 by rpki-client on console-fra.rpki-client.org