Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/c9GTiYmG7YxJVyr5ti36KT21oho.roa
File: c9GTiYmG7YxJVyr5ti36KT21oho.roa (raw, json)
Hash identifier: Mgauj6vmi66taQtFxFcgwCSjki67lFnTcDbR2O54iZo=
Subject key identifier: 73:D1:93:89:89:86:ED:8C:49:57:2A:F9:B6:2D:FA:29:3D:B5:A2:1A
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 0187B420D079DF841DB35D2FE745E5F18341
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/c9GTiYmG7YxJVyr5ti36KT21oho.roa
Signing time: Mon 24 Apr 2023 16:37:41 +0000
ROA not before: Mon 24 Apr 2023 16:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209411
IP address blocks: 209.16.142.0/23 maxlen: 23
45.141.168.0/22 maxlen: 24
2a0e:ce40::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:20:d0:79:df:84:1d:b3:5d:2f:e7:45:e5:f1:83:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Apr 24 16:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73d193898986ed8c49572af9b62dfa293db5a21a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ef:da:88:92:dc:1a:8b:b3:14:46:66:00:ba:
50:8f:57:40:32:ef:79:6e:88:d6:3d:f1:ea:5d:75:
89:8b:cf:3c:c6:df:7b:4b:71:6c:e0:77:f1:cc:2b:
73:1c:48:1e:ef:bc:ac:f0:c9:df:6f:7e:a4:91:52:
02:c5:e2:1f:7f:d4:a0:b8:3f:e2:d6:8c:e2:af:f9:
58:bf:71:51:55:e2:2a:d1:78:91:c8:43:0d:86:0a:
d4:fc:33:a1:92:a7:41:09:c3:a0:50:a7:1a:0d:19:
a0:15:6c:af:30:7b:5c:23:00:fb:77:24:85:f6:46:
3b:4f:93:a4:47:12:92:85:5f:18:ab:a1:d7:32:9c:
90:46:57:7c:9d:11:b1:ad:0b:cb:8c:f3:ce:86:bb:
7a:90:be:12:af:50:6d:53:30:70:03:44:61:57:84:
23:ee:23:23:d6:33:15:24:c1:b8:a1:ca:6e:82:2c:
43:6b:c5:1f:d7:54:79:79:77:65:1f:a7:77:11:ff:
94:c9:83:3f:1f:32:6d:a4:79:c9:8f:7b:31:9e:35:
3a:a8:47:27:ff:c1:af:a4:80:59:db:a2:e6:d0:11:
6d:50:53:57:31:f3:c7:a4:fd:02:d5:54:9a:43:08:
12:c0:fd:7b:11:1a:d7:38:6d:7e:ed:14:5f:a8:9d:
44:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D1:93:89:89:86:ED:8C:49:57:2A:F9:B6:2D:FA:29:3D:B5:A2:1A
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/c9GTiYmG7YxJVyr5ti36KT21oho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.168.0/22
209.16.142.0/23
IPv6:
2a0e:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
29:4d:cd:24:e4:25:50:59:1b:3a:ea:f8:57:3b:dd:c7:8d:04:
4e:95:7d:c5:f4:53:26:08:db:1d:a7:a4:eb:dd:fb:ac:27:11:
d3:12:cd:31:9a:08:47:64:27:1d:8d:1d:9c:47:89:36:4a:ed:
fa:51:d9:83:1f:56:5a:91:67:fe:ca:ac:68:fd:79:0a:14:4b:
15:c0:a8:29:62:d5:5f:bf:58:53:64:f3:c7:d9:27:8a:64:d0:
bb:ba:ba:8a:49:85:8b:1b:72:d4:43:89:76:56:9e:cc:97:96:
47:4b:82:6e:1f:91:2b:e6:44:d3:e8:8a:e2:62:46:49:12:74:
02:2d:5a:b3:45:ce:54:0d:c5:0f:08:2f:b6:7a:b5:b6:49:9f:
3d:69:72:b3:b4:da:07:cc:44:73:7b:ec:85:20:a7:97:97:13:
49:7c:00:2d:be:fa:e5:3a:68:27:a2:a8:57:b6:db:f5:30:87:
3f:e6:22:46:d7:8e:aa:bf:9d:cc:6d:1b:e5:1c:9f:6e:60:43:
36:a3:9f:68:70:ce:95:20:d6:95:ad:c4:08:18:8a:d7:d2:b3:
4f:85:ce:cd:9f:97:e8:a9:05:e7:44:f2:2d:e4:0d:67:b2:2b:
6f:66:35:b0:46:71:9c:4c:09:04:0b:ec:4d:8b:96:54:15:d4:
4a:42:f8:4b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYe0INB534Qds10v50Xl8YNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwNDI0MTYzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2QxOTM4OTg5ODZlZDhjNDk1NzJhZjliNjJkZmEyOTNkYjVhMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje/aiJLcGouzFEZmALpQj1dAMu95
bojWPfHqXXWJi888xt97S3Fs4HfxzCtzHEge77ys8Mnfb36kkVICxeIff9SguD/i
1ozir/lYv3FRVeIq0XiRyEMNhgrU/DOhkqdBCcOgUKcaDRmgFWyvMHtcIwD7dySF
9kY7T5OkRxKShV8Yq6HXMpyQRld8nRGxrQvLjPPOhrt6kL4Sr1BtUzBwA0RhV4Qj
7iMj1jMVJMG4ocpugixDa8Uf11R5eXdlH6d3Ef+UyYM/HzJtpHnJj3sxnjU6qEcn
/8GvpIBZ26Lm0BFtUFNXMfPHpP0C1VSaQwgSwP17ERrXOG1+7RRfqJ1EUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHPRk4mJhu2MSVcq+bYt+ik9taIaMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvYzlHVGlZbUc3WXhKVnlyNXRpMzZLVDIxb2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLY2oAwQB
0RCOMA0EAgACMAcDBQMqDs5AMA0GCSqGSIb3DQEBCwUAA4IBAQApTc0k5CVQWRs6
6vhXO93HjQROlX3F9FMmCNsdp6Tr3fusJxHTEs0xmghHZCcdjR2cR4k2Su36UdmD
H1ZakWf+yqxo/XkKFEsVwKgpYtVfv1hTZPPH2SeKZNC7urqKSYWLG3LUQ4l2Vp7M
l5ZHS4JuH5Er5kTT6IriYkZJEnQCLVqzRc5UDcUPCC+2erW2SZ89aXKztNoHzERz
e+yFIKeXlxNJfAAtvvrlOmgnoqhXttv1MIc/5iJG146qv53MbRvlHJ9uYEM2o59o
cM6VINaVrcQIGIrX0rNPhc7Nn5foqQXnRPIt5A1nsitvZjWwRnGcTAkEC+xNi5ZU
FdRKQvhL
-----END CERTIFICATE-----
Generated at Fri Jul 28 14:50:57 2023 by rpki-client on console-fra.rpki-client.org