Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/D5aztubkwOk8D6Llbz52XT5LYGg.roa
File: D5aztubkwOk8D6Llbz52XT5LYGg.roa (raw, json)
Hash identifier: 82p7RNIaHEBKo3J3CtJIY5Er6SBKXfXN0CL0Mva8rII=
Subject key identifier: 0F:96:B3:B6:E6:E4:C0:E9:3C:0F:A2:E5:6F:3E:76:5D:3E:4B:60:68
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 018570705AC2BE56FB263E76CDC30B3931AA
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/D5aztubkwOk8D6Llbz52XT5LYGg.roa
Signing time: Mon 02 Jan 2023 03:04:49 +0000
ROA not before: Mon 02 Jan 2023 03:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199256
IP address blocks: 193.120.55.0/24 maxlen: 24
193.120.164.0/23 maxlen: 23
194.125.118.0/24 maxlen: 24
193.120.22.0/24 maxlen: 24
193.120.40.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:5a:c2:be:56:fb:26:3e:76:cd:c3:0b:39:31:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Jan 2 03:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f96b3b6e6e4c0e93c0fa2e56f3e765d3e4b6068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b9:fc:f5:66:a6:ce:c2:b7:3e:c6:af:89:b4:
90:80:09:ae:0c:89:27:d9:85:c6:b7:55:27:ab:89:
df:e7:fd:13:2b:e6:96:9b:dc:72:05:2e:3c:99:fe:
2d:c5:53:3c:88:cc:02:b3:4a:37:33:d0:d1:f9:61:
bb:60:7f:53:38:37:94:1b:30:30:c3:28:2c:55:60:
8d:f9:83:62:01:b9:10:ba:06:4f:19:b8:53:6a:3f:
ac:5a:86:5b:d0:53:1a:30:35:18:55:1b:a3:eb:b3:
ce:fc:4d:42:8a:cb:94:95:02:b9:97:c6:e4:d8:96:
6e:87:d0:30:af:ca:09:d2:a9:49:1f:cf:75:17:0e:
f0:fe:da:4d:89:e4:75:0a:54:7b:57:08:6f:9a:f2:
cf:17:f7:99:a2:76:b9:8f:a6:c7:5d:dd:d8:fe:7c:
24:11:47:f6:22:9a:5d:13:c1:28:cd:90:05:ac:68:
ab:0c:73:35:f1:83:55:9a:52:3e:33:60:dd:08:dd:
1e:97:60:76:d2:a9:89:48:48:16:b3:30:4d:43:1e:
73:e4:c7:6c:9e:c8:0f:8f:dc:d8:0f:4a:a6:fc:b1:
29:37:c0:4b:b7:d1:bc:ce:8b:54:49:06:60:57:17:
0b:b9:3e:c7:26:da:20:40:ef:ad:82:bb:9e:cd:3b:
7f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:96:B3:B6:E6:E4:C0:E9:3C:0F:A2:E5:6F:3E:76:5D:3E:4B:60:68
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/D5aztubkwOk8D6Llbz52XT5LYGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.120.22.0/24
193.120.40.0/23
193.120.55.0/24
193.120.164.0/23
194.125.118.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:13:af:f7:94:92:b2:6f:b1:24:a5:68:55:7d:12:4f:da:50:
23:26:5d:2a:0f:10:c4:47:90:09:49:43:5e:7c:41:46:4b:60:
b5:b3:62:9b:1c:7b:10:c0:f0:82:9d:2e:fe:d9:8a:80:5c:b2:
94:71:d5:56:d9:43:b0:e7:c7:84:3d:c0:f8:0b:8d:40:a5:a2:
12:04:f8:17:84:c6:ec:27:a6:27:c9:d7:0d:3d:fc:ec:66:75:
9c:6d:ad:20:89:d9:a2:d5:9e:d2:fa:04:16:a1:a1:ab:8e:a5:
4d:de:52:23:4b:d5:1d:81:32:e7:4e:c8:07:fa:bb:74:09:e5:
f5:e0:b4:80:85:43:49:7e:a5:c4:fc:55:c7:22:b1:49:ff:83:
90:af:fa:92:1a:39:66:b5:57:dd:4b:9e:bc:07:ba:2b:e2:52:
af:1a:cc:fe:86:95:77:b6:04:d9:2d:bd:32:e4:b0:45:1e:50:
7c:74:ed:20:ae:47:00:87:10:41:3e:f5:65:cd:97:8f:d2:ba:
a4:3a:db:ef:a1:c3:d2:f7:66:60:fe:18:6a:9b:b5:53:ef:50:
f1:3d:78:ff:ba:e1:0e:d3:6e:15:1d:d7:2e:13:3b:97:5d:ca:
ff:22:4f:0c:c5:6c:e3:12:a3:56:b5:f1:b2:8e:53:8d:37:11:
72:2f:bd:01
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwcFrCvlb7Jj52zcMLOTGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjMwMTAyMDMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjk2YjNiNmU2ZTRjMGU5M2MwZmEyZTU2ZjNlNzY1ZDNlNGI2MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLn89WamzsK3PsavibSQgAmuDIkn
2YXGt1Unq4nf5/0TK+aWm9xyBS48mf4txVM8iMwCs0o3M9DR+WG7YH9TODeUGzAw
wygsVWCN+YNiAbkQugZPGbhTaj+sWoZb0FMaMDUYVRuj67PO/E1CisuUlQK5l8bk
2JZuh9Awr8oJ0qlJH891Fw7w/tpNieR1ClR7VwhvmvLPF/eZona5j6bHXd3Y/nwk
EUf2IppdE8EozZAFrGirDHM18YNVmlI+M2DdCN0el2B20qmJSEgWszBNQx5z5Mds
nsgPj9zYD0qm/LEpN8BLt9G8zotUSQZgVxcLuT7HJtogQO+tgruezTt/9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA+Ws7bm5MDpPA+i5W8+dl0+S2BoMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEvRDVhenR1Ymt3T2s4RDZMbGJ6NTJYVDVMWUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXgWAwQB
wXgoAwQAwXg3AwQBwXikAwQAwn12MA0GCSqGSIb3DQEBCwUAA4IBAQCNE6/3lJKy
b7EkpWhVfRJP2lAjJl0qDxDER5AJSUNefEFGS2C1s2KbHHsQwPCCnS7+2YqAXLKU
cdVW2UOw58eEPcD4C41ApaISBPgXhMbsJ6YnydcNPfzsZnWcba0gidmi1Z7S+gQW
oaGrjqVN3lIjS9UdgTLnTsgH+rt0CeX14LSAhUNJfqXE/FXHIrFJ/4OQr/qSGjlm
tVfdS568B7or4lKvGsz+hpV3tgTZLb0y5LBFHlB8dO0grkcAhxBBPvVlzZeP0rqk
OtvvocPS92Zg/hhqm7VT71DxPXj/uuEO024VHdcuEzuXXcr/Ik8MxWzjEqNWtfGy
jlONNxFyL70B
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:55 2024 by rpki-client on console-ams.rpki-client.org