Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/63cqUFaHuhwoda8-kOZbrUEAacA.roa
File: 63cqUFaHuhwoda8-kOZbrUEAacA.roa (raw, json)
Hash identifier: 2Ev3PEZwz1acotfmvgecOgq0GJ3stbSrj81OiTyhaFE=
Subject key identifier: EB:77:2A:50:56:87:BA:1C:28:75:AF:3E:90:E6:5B:AD:41:00:69:C0
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 018573718BE5E6C0194BFEE30BA852DB1D43
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/63cqUFaHuhwoda8-kOZbrUEAacA.roa
Signing time: Mon 02 Jan 2023 17:04:59 +0000
ROA not before: Mon 02 Jan 2023 17:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209990
IP address blocks: 185.23.202.0/23 maxlen: 23
2a0d:f9c0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:8b:e5:e6:c0:19:4b:fe:e3:0b:a8:52:db:1d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Jan 2 17:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb772a505687ba1c2875af3e90e65bad410069c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:dd:17:77:af:fc:0e:13:c1:f1:60:a9:d9:22:
3d:f4:97:c8:f5:61:09:32:02:f9:f0:f3:9d:e7:1d:
b4:d4:b0:c9:2f:78:ad:c5:01:4a:1c:41:89:b4:ef:
d1:55:03:62:de:f1:ff:99:76:c3:11:56:5e:22:6c:
99:47:8d:dc:c5:2b:85:af:7c:dd:d0:b9:0b:4e:f5:
2c:31:72:07:a0:c6:04:42:41:b1:f8:bd:69:9e:44:
1a:1c:4c:13:50:5c:17:bf:fc:5c:78:3e:30:4b:6c:
c0:69:8b:c0:dc:55:31:5e:20:68:3b:64:e2:71:32:
71:90:e4:2b:1d:5c:36:8a:7c:67:3b:6c:ac:1b:1a:
93:29:0c:0a:07:ff:f1:6c:17:56:1a:99:22:20:4b:
78:df:c0:ad:6d:9b:7b:d6:33:6f:41:68:91:82:01:
51:26:90:b0:86:fd:af:1a:4b:ab:84:f3:2c:b2:ff:
61:3b:9a:89:a5:a9:c7:79:c4:36:17:f1:2d:91:88:
22:ea:a8:9b:e9:01:3f:63:2e:57:c7:6a:f7:62:06:
5f:09:96:86:43:3a:c8:a3:d8:d2:99:c7:f5:1b:fc:
78:53:99:dd:37:77:e9:09:18:fa:ef:e5:73:b4:89:
cd:89:58:86:52:2e:72:4e:d4:b2:a3:1b:66:b6:f3:
8f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:77:2A:50:56:87:BA:1C:28:75:AF:3E:90:E6:5B:AD:41:00:69:C0
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/63cqUFaHuhwoda8-kOZbrUEAacA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.202.0/23
IPv6:
2a0d:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:90:87:3b:7e:f5:a3:a1:f1:20:68:56:65:b7:19:69:b0:7e:
15:50:03:a7:57:d9:4d:08:fe:1e:19:0c:65:00:e0:68:b7:86:
6f:6c:d1:84:ce:cb:03:50:b0:90:92:19:02:5c:39:77:02:17:
c0:74:7e:ce:a7:bb:61:41:15:f0:4d:b9:38:37:d8:4b:85:f0:
1a:2b:b0:be:c9:8e:a3:e3:09:15:01:7d:22:f7:04:ee:96:b3:
5f:22:b3:2a:f4:29:51:7e:e6:a3:29:45:b6:31:9d:0e:7f:52:
83:d8:89:2a:27:0b:0c:cc:58:22:00:16:6b:d5:3b:0e:57:8a:
d0:23:d0:85:be:b0:a9:f0:43:e8:b0:9d:67:4f:11:1a:0b:2c:
ee:dd:c4:f9:63:f1:2b:93:9d:9d:32:23:6d:6c:76:fc:11:3f:
09:a7:0b:41:60:63:bd:0d:75:f2:71:6a:5e:91:cf:b2:ac:ae:
b8:ee:1d:39:14:b4:eb:0c:97:5f:09:66:93:8a:32:c8:ea:b7:
76:3e:3d:44:21:ac:2a:9c:ca:66:d4:f3:07:74:b3:75:dd:67:
1d:b9:6a:ae:d6:92:f4:17:e2:77:dc:71:18:7a:f1:2e:60:d3:
d1:0f:c1:23:8b:8e:1c:bf:ec:b8:50:bc:e6:17:2f:5e:4a:83:
97:84:2c:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzcYvl5sAZS/7jC6hS2x1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0
ZTQzZWEwHhcNMjMwMTAyMTcwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc3MmE1MDU2ODdiYTFjMjg3NWFmM2U5MGU2NWJhZDQxMDA2OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn90Xd6/8DhPB8WCp2SI99JfI9WEJ
MgL58POd5x201LDJL3itxQFKHEGJtO/RVQNi3vH/mXbDEVZeImyZR43cxSuFr3zd
0LkLTvUsMXIHoMYEQkGx+L1pnkQaHEwTUFwXv/xceD4wS2zAaYvA3FUxXiBoO2Ti
cTJxkOQrHVw2inxnO2ysGxqTKQwKB//xbBdWGpkiIEt438CtbZt71jNvQWiRggFR
JpCwhv2vGkurhPMssv9hO5qJpanHecQ2F/EtkYgi6qib6QE/Yy5Xx2r3YgZfCZaG
QzrIo9jSmcf1G/x4U5ndN3fpCRj67+VztInNiViGUi5yTtSyoxtmtvOPEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOt3KlBWh7ocKHWvPpDmW61BAGnAMB8GA1UdIwQY
MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt
ZmVhMGFmZjM1OWY1LzEvNjNjcVVGYUh1aHdvZGE4LWtPWmJyVUVBYWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1
LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuRfKMA0E
AgACMAcDBQMqDfnAMA0GCSqGSIb3DQEBCwUAA4IBAQBpkIc7fvWjofEgaFZltxlp
sH4VUAOnV9lNCP4eGQxlAOBot4ZvbNGEzssDULCQkhkCXDl3AhfAdH7Op7thQRXw
Tbk4N9hLhfAaK7C+yY6j4wkVAX0i9wTulrNfIrMq9ClRfuajKUW2MZ0Of1KD2Ikq
JwsMzFgiABZr1TsOV4rQI9CFvrCp8EPosJ1nTxEaCyzu3cT5Y/Erk52dMiNtbHb8
ET8JpwtBYGO9DXXycWpekc+yrK647h05FLTrDJdfCWaTijLI6rd2Pj1EIawqnMpm
1PMHdLN13WcduWqu1pL0F+J33HEYevEuYNPRD8Eji44cv+y4ULzmFy9eSoOXhCx7
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:15 2024 by rpki-client on console-ams.rpki-client.org