Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/p4tJgffabOW7f49tg-fdRPLaRpI.roa
File: p4tJgffabOW7f49tg-fdRPLaRpI.roa (raw, json)
Hash identifier: 7KJExdCDWUrexW8bViqKYiO2Whfb/W81lfcj+5vuCLI=
Subject key identifier: A7:8B:49:81:F7:DA:6C:E5:BB:7F:8F:6D:83:E7:DD:44:F2:DA:46:92
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 01856BAEC8592F2C24542ACDF7E6B35570A7
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/p4tJgffabOW7f49tg-fdRPLaRpI.roa
Signing time: Sun 01 Jan 2023 04:54:54 +0000
ROA not before: Sun 01 Jan 2023 04:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6723
IP address blocks: 185.5.252.0/22 maxlen: 24
178.255.176.0/21 maxlen: 24
2a01:6d80:f000::/36 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:c8:59:2f:2c:24:54:2a:cd:f7:e6:b3:55:70:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Jan 1 04:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a78b4981f7da6ce5bb7f8f6d83e7dd44f2da4692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5a:ea:4f:43:3c:b3:78:96:c0:77:5e:7d:c1:
57:9f:54:df:4b:3b:e8:62:7e:0d:af:7a:01:e4:1a:
e6:37:dd:93:6c:5a:c2:1a:3d:23:82:ab:6d:f0:ca:
a9:2e:51:69:bf:6e:3d:af:80:f0:31:2d:61:17:61:
2b:c0:e8:19:1a:d5:2c:15:47:a5:01:51:dc:cb:e5:
f6:0f:43:cc:14:4a:b1:dd:39:cd:d7:d8:d7:62:d4:
e6:61:5d:fd:43:a0:2d:c1:f7:3a:3a:35:90:24:b6:
14:f2:2a:8b:f2:48:be:13:7d:4b:30:48:4c:c0:e4:
95:96:42:ef:30:ae:2c:bc:8d:46:1c:18:25:1c:9b:
46:0b:9b:b1:56:f2:bc:fc:5e:54:94:5b:cc:3d:61:
c2:3d:15:58:e1:db:5b:84:e4:c7:1f:e2:7d:16:26:
21:8e:b6:dc:cc:2b:37:dc:a1:2b:7a:36:c6:1a:48:
16:bc:d0:e8:3a:2d:c9:1e:0f:52:0c:07:c9:20:de:
56:1d:b9:5f:04:51:50:fb:da:22:4d:ec:96:0b:54:
03:74:81:15:07:59:e0:76:b6:be:d2:fd:13:cf:c8:
0b:62:19:d3:29:6b:36:46:2d:3a:a6:5e:0d:7f:2e:
d7:6f:a8:1e:a3:dd:92:ef:fb:68:34:d1:8c:cd:7e:
20:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8B:49:81:F7:DA:6C:E5:BB:7F:8F:6D:83:E7:DD:44:F2:DA:46:92
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/p4tJgffabOW7f49tg-fdRPLaRpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.176.0/21
185.5.252.0/22
IPv6:
2a01:6d80:f000::/36
Signature Algorithm: sha256WithRSAEncryption
16:84:1c:e0:ac:52:d2:ea:49:40:7f:38:e6:cf:78:56:41:59:
e9:ab:42:cb:49:e8:90:9d:d9:51:ae:42:b0:55:44:d6:5c:20:
2d:c1:fa:0b:f5:52:61:42:09:e3:43:c1:d5:eb:81:78:10:11:
71:aa:7d:a8:d2:8b:95:f6:26:4e:ee:30:d4:d9:24:5c:b1:64:
e9:ec:33:f9:56:c4:7f:ea:7a:bf:ea:1d:5c:f4:05:c6:48:c0:
a7:9c:b3:24:23:bf:8c:fd:ab:04:da:39:72:c0:82:bb:8c:44:
25:db:51:4d:98:40:30:b1:11:f7:f7:1d:26:89:0e:9f:15:d7:
32:44:6a:00:28:a6:dc:03:c9:1c:ef:30:2e:48:19:3d:af:43:
22:61:6d:0c:0a:54:a6:18:0a:42:23:6d:f3:b2:81:f8:88:4c:
75:67:a6:a0:2a:ee:17:14:59:36:85:53:a2:18:36:d5:3c:7a:
5d:c3:38:9b:b4:53:9a:f6:cc:ad:d1:dc:5f:05:67:23:9b:d3:
37:1a:22:c1:6b:9a:57:d0:81:22:5d:e7:b6:19:ef:ad:63:34:
2f:73:82:36:50:fe:8d:fd:60:71:1c:d1:cd:06:1d:7c:6d:e1:
36:43:94:71:16:a0:32:c1:d2:0f:9c:57:c1:c1:0d:df:9f:98:
a3:dd:48:a3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVrrshZLywkVCrN9+azVXCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjMwMTAxMDQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhiNDk4MWY3ZGE2Y2U1YmI3ZjhmNmQ4M2U3ZGQ0NGYyZGE0NjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVrqT0M8s3iWwHdefcFXn1TfSzvo
Yn4Nr3oB5BrmN92TbFrCGj0jgqtt8MqpLlFpv249r4DwMS1hF2ErwOgZGtUsFUel
AVHcy+X2D0PMFEqx3TnN19jXYtTmYV39Q6Atwfc6OjWQJLYU8iqL8ki+E31LMEhM
wOSVlkLvMK4svI1GHBglHJtGC5uxVvK8/F5UlFvMPWHCPRVY4dtbhOTHH+J9FiYh
jrbczCs33KErejbGGkgWvNDoOi3JHg9SDAfJIN5WHblfBFFQ+9oiTeyWC1QDdIEV
B1ngdra+0v0Tz8gLYhnTKWs2Ri06pl4Nfy7Xb6geo92S7/toNNGMzX4gLwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKeLSYH32mzlu3+PbYPn3UTy2kaSMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvcDR0SmdmZmFiT1c3ZjQ5dGctZmRSUExhUnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDsv+wAwQC
uQX8MA4EAgACMAgDBgQqAW2A8DANBgkqhkiG9w0BAQsFAAOCAQEAFoQc4KxS0upJ
QH845s94VkFZ6atCy0nokJ3ZUa5CsFVE1lwgLcH6C/VSYUIJ40PB1euBeBARcap9
qNKLlfYmTu4w1NkkXLFk6ewz+VbEf+p6v+odXPQFxkjAp5yzJCO/jP2rBNo5csCC
u4xEJdtRTZhAMLER9/cdJokOnxXXMkRqACim3APJHO8wLkgZPa9DImFtDApUphgK
QiNt87KB+IhMdWemoCruFxRZNoVTohg21Tx6XcM4m7RTmvbMrdHcXwVnI5vTNxoi
wWuaV9CBIl3nthnvrWM0L3OCNlD+jf1gcRzRzQYdfG3hNkOUcRagMsHSD5xXwcEN
35+Yo91Iow==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:38 2024 by rpki-client on console-ams.rpki-client.org