Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/04b6f7-3f64-474f-acd2-c4d88b13f13a/1/rr8ncFzaW0kIUs_d0g-eIsCQbcI.roa
File: rr8ncFzaW0kIUs_d0g-eIsCQbcI.roa (raw, json)
Hash identifier: Zn74+bgssWwgR87Y98tcRYSfhRosldJc5W5Hwty98g8=
Subject key identifier: AE:BF:27:70:5C:DA:5B:49:08:52:CF:DD:D2:0F:9E:22:C0:90:6D:C2
Certificate issuer: /CN=7d9e0a591cc52914cc700e3875ed75a91ec98c28
Certificate serial: 01856EC23E6AD0B09C6218F985670CF9DC86
Authority key identifier: 7D:9E:0A:59:1C:C5:29:14:CC:70:0E:38:75:ED:75:A9:1E:C9:8C:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZ4KWRzFKRTMcA44de11qR7JjCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/04b6f7-3f64-474f-acd2-c4d88b13f13a/1/rr8ncFzaW0kIUs_d0g-eIsCQbcI.roa
Signing time: Sun 01 Jan 2023 19:15:01 +0000
ROA not before: Sun 01 Jan 2023 19:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196954
IP address blocks: 185.63.124.0/22 maxlen: 22
130.255.120.0/21 maxlen: 21
2a04:9740::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:3e:6a:d0:b0:9c:62:18:f9:85:67:0c:f9:dc:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d9e0a591cc52914cc700e3875ed75a91ec98c28
Validity
Not Before: Jan 1 19:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aebf27705cda5b490852cfddd20f9e22c0906dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ff:af:e2:e6:5b:70:49:93:38:e4:20:2c:93:
0d:7b:33:32:86:b6:ae:1c:13:d4:b3:d0:21:2f:2e:
2a:92:96:b1:82:17:6f:d0:b0:a6:a7:b9:c3:7a:95:
00:c4:eb:90:ae:33:0b:39:b1:a7:9c:dd:f8:46:f5:
4c:d3:be:38:e6:bf:82:11:b9:ce:b3:d7:7a:0d:16:
48:16:19:7a:d6:5f:d7:1f:1c:b6:b4:3f:dd:b1:38:
4c:76:1f:1d:0c:bf:39:6d:fc:a1:10:ff:1f:f5:bb:
39:16:51:5a:56:ee:23:88:4e:c1:72:a9:89:94:59:
be:fc:58:46:f3:74:eb:0c:46:6d:f9:63:b7:98:18:
f0:fd:7e:6c:65:29:03:75:4f:58:26:0d:c0:89:ba:
fa:4d:42:a6:c4:d0:c4:4d:22:88:cd:65:76:58:51:
d5:83:88:1e:4a:59:26:1c:27:5d:da:e7:94:26:81:
b0:09:f9:e7:a5:3a:6e:34:9b:25:c9:0d:ce:13:fe:
c6:0b:99:4b:2e:67:06:0c:8f:a5:6e:94:53:4f:6f:
63:3d:21:53:63:23:6c:58:c0:cf:d2:f6:fd:18:55:
f5:ae:1a:ac:bc:9c:f4:43:cc:c0:d4:bb:0b:25:9c:
73:a9:ad:c8:1a:46:74:00:a9:fd:41:a5:58:70:b1:
f9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BF:27:70:5C:DA:5B:49:08:52:CF:DD:D2:0F:9E:22:C0:90:6D:C2
X509v3 Authority Key Identifier:
keyid:7D:9E:0A:59:1C:C5:29:14:CC:70:0E:38:75:ED:75:A9:1E:C9:8C:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZ4KWRzFKRTMcA44de11qR7JjCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/04b6f7-3f64-474f-acd2-c4d88b13f13a/1/rr8ncFzaW0kIUs_d0g-eIsCQbcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/04b6f7-3f64-474f-acd2-c4d88b13f13a/1/fZ4KWRzFKRTMcA44de11qR7JjCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.120.0/21
185.63.124.0/22
IPv6:
2a04:9740::/29
Signature Algorithm: sha256WithRSAEncryption
21:82:c2:7a:fa:36:0f:22:ee:ae:75:37:5d:41:10:02:19:1a:
5a:ec:d3:95:2b:c3:2a:bc:39:a7:ef:34:d5:60:1a:1c:aa:80:
86:72:cc:05:cb:d1:a3:45:15:bb:ee:4b:0c:11:3d:37:4a:98:
9b:46:c2:07:89:fc:3e:be:94:d7:a1:46:de:d0:82:5c:3c:4f:
d3:59:84:08:24:1f:c4:10:c1:48:a8:ac:fb:8a:79:ab:f7:81:
fd:9a:f1:ed:8a:b5:90:04:8c:a8:13:ff:43:c4:53:81:e7:47:
11:00:da:11:7b:54:22:dc:5e:eb:e5:02:62:24:ab:0a:ef:01:
31:1b:49:14:12:77:ba:8f:c5:ed:ed:b9:f0:51:d5:5b:07:bb:
17:42:6e:10:92:05:10:ba:c6:ba:b4:83:69:7a:7a:0d:0d:50:
9e:6e:d3:a6:10:33:3d:bc:e7:9e:a9:95:ca:1b:60:f5:a8:03:
18:f8:1b:26:ab:dd:1c:e9:36:b2:cb:35:3b:d5:c3:ff:ca:84:
92:47:33:00:9d:84:81:5d:ae:c4:5a:87:3a:f3:0c:9c:43:4f:
e7:4a:9c:64:ba:2b:47:bb:04:c7:45:3b:37:18:2c:bb:89:69:
03:ce:f8:06:96:16:ac:e9:1f:4a:aa:2f:2c:b4:2c:f4:3c:aa:
fe:10:e5:af
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuwj5q0LCcYhj5hWcM+dyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOWUwYTU5MWNjNTI5MTRjYzcwMGUzODc1ZWQ3NWE5MWVj
OThjMjgwHhcNMjMwMTAxMTkxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWJmMjc3MDVjZGE1YjQ5MDg1MmNmZGRkMjBmOWUyMmMwOTA2ZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv+v4uZbcEmTOOQgLJMNezMyhrau
HBPUs9AhLy4qkpaxghdv0LCmp7nDepUAxOuQrjMLObGnnN34RvVM07445r+CEbnO
s9d6DRZIFhl61l/XHxy2tD/dsThMdh8dDL85bfyhEP8f9bs5FlFaVu4jiE7BcqmJ
lFm+/FhG83TrDEZt+WO3mBjw/X5sZSkDdU9YJg3Aibr6TUKmxNDETSKIzWV2WFHV
g4geSlkmHCdd2ueUJoGwCfnnpTpuNJslyQ3OE/7GC5lLLmcGDI+lbpRTT29jPSFT
YyNsWMDP0vb9GFX1rhqsvJz0Q8zA1LsLJZxzqa3IGkZ0AKn9QaVYcLH51QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK6/J3Bc2ltJCFLP3dIPniLAkG3CMB8GA1UdIwQY
MBaAFH2eClkcxSkUzHAOOHXtdakeyYwoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlo0S1dSekZLUlRNY0E0NGRlMTFxUjdKakNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wNGI2ZjctM2Y2NC00NzRmLWFjZDIt
YzRkODhiMTNmMTNhLzEvcnI4bmNGemFXMGtJVXNfZDBnLWVJc0NRYmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wNGI2ZjctM2Y2NC00NzRmLWFjZDItYzRkODhiMTNmMTNh
LzEvZlo0S1dSekZLUlRNY0E0NGRlMTFxUjdKakNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDgv94AwQC
uT98MA0EAgACMAcDBQMqBJdAMA0GCSqGSIb3DQEBCwUAA4IBAQAhgsJ6+jYPIu6u
dTddQRACGRpa7NOVK8MqvDmn7zTVYBocqoCGcswFy9GjRRW77ksMET03SpibRsIH
ifw+vpTXoUbe0IJcPE/TWYQIJB/EEMFIqKz7inmr94H9mvHtirWQBIyoE/9DxFOB
50cRANoRe1Qi3F7r5QJiJKsK7wExG0kUEne6j8Xt7bnwUdVbB7sXQm4QkgUQusa6
tINpenoNDVCebtOmEDM9vOeeqZXKG2D1qAMY+Bsmq90c6TayyzU71cP/yoSSRzMA
nYSBXa7EWoc68wycQ0/nSpxkuitHuwTHRTs3GCy7iWkDzvgGlhas6R9Kqi8stCz0
PKr+EOWv
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:19 2024 by rpki-client on console-ams.rpki-client.org