Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/11FY1n3A1vqBKZ2LZUTF-v0bv_I.roa
File: 11FY1n3A1vqBKZ2LZUTF-v0bv_I.roa (raw, json)
Hash identifier: Ib2IW472UsEkWaYiNkTSQB+SHuQSEVRq3ognurQ4294=
Subject key identifier: D7:51:58:D6:7D:C0:D6:FA:81:29:9D:8B:65:44:C5:FA:FD:1B:BF:F2
Certificate issuer: /CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Certificate serial: 0185718C46049C12797A64A89CAC130F734F
Authority key identifier: DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/11FY1n3A1vqBKZ2LZUTF-v0bv_I.roa
Signing time: Mon 02 Jan 2023 08:14:56 +0000
ROA not before: Mon 02 Jan 2023 08:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212329
IP address blocks: 91.236.64.0/22 maxlen: 24
185.216.48.0/24 maxlen: 24
2a10:a700::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:46:04:9c:12:79:7a:64:a8:9c:ac:13:0f:73:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Validity
Not Before: Jan 2 08:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d75158d67dc0d6fa81299d8b6544c5fafd1bbff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:13:2c:c4:0a:84:49:b4:ad:bd:23:5e:47:3c:
d4:10:f5:2f:a8:16:d0:42:40:fb:b2:7b:03:4a:8d:
17:46:66:4f:52:fd:17:4d:10:ad:41:e2:e0:69:5d:
0e:07:44:f5:86:81:95:91:0c:01:c1:0c:71:70:95:
f9:86:dc:33:44:7b:b0:1c:bf:fa:9a:4b:1c:a6:2c:
46:39:09:3d:1f:ed:59:fa:ce:55:dd:fd:64:2c:cd:
a6:78:34:e9:c5:07:c5:5e:68:60:46:a6:ea:76:29:
be:b9:cb:ce:cb:33:64:e7:88:c0:e6:fe:2e:95:24:
ad:fd:5c:98:29:89:a4:81:3e:23:be:a3:f1:f7:05:
c0:d8:38:02:ef:8d:ce:aa:ea:ac:ba:8f:c4:32:9f:
84:f2:fd:6d:48:fa:28:77:f3:ce:ac:a5:b4:7d:40:
68:c5:03:ec:bc:cb:5f:70:c1:6b:df:1f:bd:9c:d5:
96:dd:05:da:a2:a0:e1:83:38:cb:eb:76:79:2d:62:
01:70:2f:d2:ea:b4:0d:56:34:d3:ba:97:1b:51:1f:
1f:63:55:af:7e:f8:bf:53:5c:d5:b8:85:24:a9:13:
87:a9:e4:f2:3e:60:96:a4:22:35:d0:95:84:1b:f3:
ce:84:b0:6b:31:ca:f4:c1:6a:88:f5:0c:5f:e3:b2:
50:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:51:58:D6:7D:C0:D6:FA:81:29:9D:8B:65:44:C5:FA:FD:1B:BF:F2
X509v3 Authority Key Identifier:
keyid:DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/11FY1n3A1vqBKZ2LZUTF-v0bv_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.64.0/22
185.216.48.0/24
IPv6:
2a10:a700::/29
Signature Algorithm: sha256WithRSAEncryption
6e:41:de:42:8b:eb:5c:dc:af:3c:fe:ea:03:a2:3d:a6:b6:fd:
2f:a6:33:bf:0d:93:94:c4:ed:c6:11:cb:98:62:18:f6:4a:4a:
a4:3d:60:15:25:3f:43:a2:c0:f6:01:b5:b9:56:ed:3a:ce:73:
38:cb:32:d2:6c:3d:cc:8f:97:8d:ec:17:95:c9:70:0b:60:e5:
08:13:3c:c0:ff:59:57:bb:c9:9c:c9:4c:16:55:99:77:8d:ce:
2b:52:58:d7:1f:61:3c:61:a5:92:eb:a9:ec:c0:d0:76:00:97:
53:09:17:84:40:61:de:25:38:e8:66:64:6d:b9:e1:ac:49:a1:
59:6e:3e:23:3d:13:e9:e3:c6:e8:0c:cf:20:cf:ee:17:83:38:
3d:64:c1:d5:e9:b9:04:80:e1:d2:9e:0a:74:d9:0e:56:48:92:
78:53:80:c2:67:d8:04:b0:8e:b5:04:1c:72:92:16:0c:23:f8:
40:19:e6:76:b4:65:3b:43:93:24:5b:b0:24:a1:9f:a5:c9:3b:
4a:ab:02:d1:31:ba:ca:86:26:88:7c:98:a3:d8:cf:5a:8b:df:
d1:f6:03:ac:fd:2a:2c:48:d9:2d:9b:18:be:5b:e0:da:a7:86:
f5:4a:e1:62:d0:55:48:e5:d3:db:60:71:88:73:18:1e:b7:92:
be:a5:d4:dc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxjEYEnBJ5emSonKwTD3NPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZmFlN2Q0ZTY5ZDQyZTRmNGM5NWQ5OWY0ODJiOWE5NDRk
YmVmYzgwHhcNMjMwMTAyMDgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzUxNThkNjdkYzBkNmZhODEyOTlkOGI2NTQ0YzVmYWZkMWJiZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRMsxAqESbStvSNeRzzUEPUvqBbQ
QkD7snsDSo0XRmZPUv0XTRCtQeLgaV0OB0T1hoGVkQwBwQxxcJX5htwzRHuwHL/6
mkscpixGOQk9H+1Z+s5V3f1kLM2meDTpxQfFXmhgRqbqdim+ucvOyzNk54jA5v4u
lSSt/VyYKYmkgT4jvqPx9wXA2DgC743Oquqsuo/EMp+E8v1tSPood/POrKW0fUBo
xQPsvMtfcMFr3x+9nNWW3QXaoqDhgzjL63Z5LWIBcC/S6rQNVjTTupcbUR8fY1Wv
fvi/U1zVuIUkqROHqeTyPmCWpCI10JWEG/POhLBrMcr0wWqI9Qxf47JQXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNdRWNZ9wNb6gSmdi2VExfr9G7/yMB8GA1UdIwQY
MBaAFNz659TmnULk9MldmfSCualE2+/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYt
MzcyNzNkZjM5MDFjLzEvMTFGWTFuM0ExdnFCS1oyTFpVVEYtdjBidl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYtMzcyNzNkZjM5MDFj
LzEvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW+xAAwQA
udgwMA0EAgACMAcDBQMqEKcAMA0GCSqGSIb3DQEBCwUAA4IBAQBuQd5Ci+tc3K88
/uoDoj2mtv0vpjO/DZOUxO3GEcuYYhj2SkqkPWAVJT9DosD2AbW5Vu06znM4yzLS
bD3Mj5eN7BeVyXALYOUIEzzA/1lXu8mcyUwWVZl3jc4rUljXH2E8YaWS66nswNB2
AJdTCReEQGHeJTjoZmRtueGsSaFZbj4jPRPp48boDM8gz+4Xgzg9ZMHV6bkEgOHS
ngp02Q5WSJJ4U4DCZ9gEsI61BBxykhYMI/hAGeZ2tGU7Q5MkW7AkoZ+lyTtKqwLR
MbrKhiaIfJij2M9ai9/R9gOs/SosSNktmxi+W+Dap4b1SuFi0FVI5dPbYHGIcxge
t5K+pdTc
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:43 2024 by rpki-client on console-fra.rpki-client.org