Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/0x9bIYMxW-ZRBMCHX4ZOiwd5Nh8.roa
File: 0x9bIYMxW-ZRBMCHX4ZOiwd5Nh8.roa (raw, json)
Hash identifier: zlsCtYBPlo1phaawAr2I7GSbNvmEyuZV0sNimEOa7AI=
Subject key identifier: D3:1F:5B:21:83:31:5B:E6:51:04:C0:87:5F:86:4E:8B:07:79:36:1F
Certificate issuer: /CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Certificate serial: 0187B391FB4DD363756C7BA62C07149E534A
Authority key identifier: AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/0x9bIYMxW-ZRBMCHX4ZOiwd5Nh8.roa
Signing time: Mon 24 Apr 2023 14:01:41 +0000
ROA not before: Mon 24 Apr 2023 14:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21119
IP address blocks: 193.169.42.0/23 maxlen: 24
185.36.28.0/22 maxlen: 24
93.187.80.0/21 maxlen: 24
193.201.74.0/23 maxlen: 24
5.226.160.0/21 maxlen: 24
89.233.96.0/21 maxlen: 24
2a01:b8c0::/32 maxlen: 64
2a03:6240::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:91:fb:4d:d3:63:75:6c:7b:a6:2c:07:14:9e:53:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Validity
Not Before: Apr 24 14:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d31f5b2183315be65104c0875f864e8b0779361f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:12:1e:d2:12:30:e2:f5:d9:8f:76:2c:bc:dc:
21:52:a4:b4:e1:b9:0d:7f:58:af:45:d4:ab:9c:04:
5f:61:4b:f3:78:8e:29:8a:e8:e9:11:b0:2a:2c:14:
65:1b:8d:c5:69:81:7a:f7:ed:05:0d:e4:88:05:67:
e4:cc:6a:e4:26:da:b1:24:6c:ad:ea:e4:6e:9d:f9:
ec:ed:69:aa:b8:04:3a:22:9a:cf:70:52:05:d4:3c:
5c:35:72:12:31:20:dd:f5:54:4e:4e:22:42:76:22:
15:fd:be:7d:96:39:97:73:ff:f2:8a:74:7d:ed:c0:
b9:d0:2b:18:ac:f7:b2:ed:86:00:b7:bd:17:5c:e7:
ae:dc:a9:45:64:96:d8:e7:30:c6:b8:8e:88:ce:0c:
5b:f0:fb:ea:2c:a7:18:92:da:2d:da:2e:b1:a7:6b:
64:87:2b:ed:45:e0:7f:6c:00:7b:cc:da:2a:18:21:
c0:63:93:84:8d:6a:19:b5:38:ca:ef:56:cb:aa:fb:
f6:27:99:15:81:a6:3c:00:81:32:24:ec:4b:83:89:
19:a5:0a:bd:e3:71:b4:4f:89:17:a6:cd:64:13:c0:
ae:26:3e:8e:c5:fb:80:98:3d:c8:fd:4f:f9:d5:de:
d1:e5:0e:b8:60:7b:a2:4a:76:80:49:6a:fb:56:5f:
8b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:1F:5B:21:83:31:5B:E6:51:04:C0:87:5F:86:4E:8B:07:79:36:1F
X509v3 Authority Key Identifier:
keyid:AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/0x9bIYMxW-ZRBMCHX4ZOiwd5Nh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/rQt55LWcX82kk6IK0Y6UVYWdAxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.160.0/21
89.233.96.0/21
93.187.80.0/21
185.36.28.0/22
193.169.42.0/23
193.201.74.0/23
IPv6:
2a01:b8c0::/32
2a03:6240::/32
Signature Algorithm: sha256WithRSAEncryption
82:0e:8d:da:f4:05:91:11:93:83:f4:5d:68:08:bd:03:5e:d5:
eb:95:61:0b:a5:c5:8a:61:60:76:be:4f:0b:25:30:82:47:55:
3e:bd:1b:fb:13:45:44:c3:f5:81:73:9b:fc:db:dd:dd:13:cc:
17:c2:ef:cd:46:52:60:54:06:d7:2e:e5:51:c1:a0:19:0a:f0:
12:24:e4:93:8b:8e:ff:7e:24:ee:00:03:16:38:52:a5:44:0d:
e5:c8:a4:b0:9d:de:dd:47:b7:04:e0:58:56:e4:e1:1a:ea:d6:
68:73:0b:7a:44:d5:7a:25:f6:58:fc:2b:ee:1a:53:ab:13:14:
6b:2c:a7:3f:f3:30:aa:0d:c2:59:d0:6e:d0:c2:d1:a3:c2:88:
36:f7:af:56:08:c8:c2:f8:71:67:09:13:1f:77:7d:97:95:76:
81:6c:05:45:e5:4e:4b:6c:66:54:e0:8c:fa:e5:b2:7c:3d:94:
91:0e:2a:66:89:28:f7:76:aa:5a:53:22:48:f2:ab:94:17:63:
db:9a:ee:f7:bf:3d:77:a9:b3:40:40:31:ea:08:34:78:3c:fb:
97:6d:ed:ca:74:e1:41:e1:5d:23:af:23:5f:93:47:8f:8a:c7:
f9:cb:01:88:1d:c1:e1:47:cd:33:f9:42:20:b0:40:5e:e2:8c:
2c:85:17:49
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYezkftN02N1bHumLAcUnlNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGI3OWU0YjU5YzVmY2RhNDkzYTIwYWQxOGU5NDU1ODU5
ZDAzMWIwHhcNMjMwNDI0MTQwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzFmNWIyMTgzMzE1YmU2NTEwNGMwODc1Zjg2NGU4YjA3NzkzNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxIe0hIw4vXZj3YsvNwhUqS04bkN
f1ivRdSrnARfYUvzeI4piujpEbAqLBRlG43FaYF69+0FDeSIBWfkzGrkJtqxJGyt
6uRunfns7WmquAQ6IprPcFIF1DxcNXISMSDd9VROTiJCdiIV/b59ljmXc//yinR9
7cC50CsYrPey7YYAt70XXOeu3KlFZJbY5zDGuI6Izgxb8PvqLKcYktot2i6xp2tk
hyvtReB/bAB7zNoqGCHAY5OEjWoZtTjK71bLqvv2J5kVgaY8AIEyJOxLg4kZpQq9
43G0T4kXps1kE8CuJj6OxfuAmD3I/U/51d7R5Q64YHuiSnaASWr7Vl+LOQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFNMfWyGDMVvmUQTAh1+GTosHeTYfMB8GA1UdIwQY
MBaAFK0LeeS1nF/NpJOiCtGOlFWFnQMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQt
ZTNlYjRlOGEzOGRiLzEvMHg5YklZTXhXLVpSQk1DSFg0Wk9pd2Q1Tmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQtZTNlYjRlOGEzOGRi
LzEvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDBeKgAwQD
WelgAwQDXbtQAwQCuSQcAwQBwakqAwQBwclKMBQEAgACMA4DBQAqAbjAAwUAKgNi
QDANBgkqhkiG9w0BAQsFAAOCAQEAgg6N2vQFkRGTg/RdaAi9A17V65VhC6XFimFg
dr5PCyUwgkdVPr0b+xNFRMP1gXOb/Nvd3RPMF8LvzUZSYFQG1y7lUcGgGQrwEiTk
k4uO/34k7gADFjhSpUQN5ciksJ3e3Ue3BOBYVuThGurWaHMLekTVeiX2WPwr7hpT
qxMUayynP/Mwqg3CWdBu0MLRo8KINvevVgjIwvhxZwkTH3d9l5V2gWwFReVOS2xm
VOCM+uWyfD2UkQ4qZoko93aqWlMiSPKrlBdj25ru9789d6mzQEAx6gg0eDz7l23t
ynThQeFdI68jX5NHj4rH+csBiB3B4UfNM/lCILBAXuKMLIUXSQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:42 2023 by rpki-client on console-ams.rpki-client.org