Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/1tPMLkxKiTVoAEjZx-8-h06PVgI.roa
File: 1tPMLkxKiTVoAEjZx-8-h06PVgI.roa (raw, json)
Hash identifier: 2XF7dR6KnkDmbBx2fsJXvuMZKscvhuCWRvEwEwXBIvg=
Subject key identifier: D6:D3:CC:2E:4C:4A:89:35:68:00:48:D9:C7:EF:3E:87:4E:8F:56:02
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139C513380BF3E1B95342F0C86B90F6
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/1tPMLkxKiTVoAEjZx-8-h06PVgI.roa
Signing time: Mon 02 Jan 2023 06:44:49 +0000
ROA not before: Mon 02 Jan 2023 06:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6736
IP address blocks: 94.184.0.0/16 maxlen: 24
185.62.232.0/22 maxlen: 22
194.225.0.0/16 maxlen: 24
2001:678:b0::/46 maxlen: 48
2001:14e8::/32 maxlen: 48
2001:14e8::/48 maxlen: 48
2001:14e8:1::/48 maxlen: 48
2001:14e8:0:405::405/128 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c5:13:38:0b:f3:e1:b9:53:42:f0:c8:6b:90:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6d3cc2e4c4a8935680048d9c7ef3e874e8f5602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2c:69:9a:08:2c:6a:ad:8e:99:60:8d:7c:56:
bf:92:dd:ca:c4:6a:a1:d8:03:b4:ed:85:7c:0e:ed:
02:1a:7f:96:58:32:e4:98:8e:44:23:83:77:df:4d:
02:51:a7:39:a2:b8:c7:4d:fa:85:dd:65:e2:12:d9:
d9:76:5d:9b:45:24:84:a7:f8:99:b7:5a:45:ee:65:
d0:d7:12:9d:ab:4a:b3:1c:2b:95:3c:cf:d5:e2:69:
92:f8:fa:85:fe:da:0e:7c:21:9d:ad:2e:b7:c3:c3:
43:fc:82:43:ec:58:05:12:ac:f0:f2:b1:53:87:e4:
37:7f:21:be:d4:c4:42:49:8b:6c:6d:1f:68:f0:48:
ee:d8:f1:fc:df:2f:c9:f0:ce:46:f8:71:b3:bf:ea:
59:7d:80:1e:dd:74:52:73:4d:8f:c1:bd:d3:26:7a:
d2:4f:d9:40:ad:53:1f:99:e9:50:61:80:33:74:a7:
f0:23:45:9a:fe:84:85:5b:5c:b3:55:80:05:9c:83:
db:4d:b2:f9:48:07:1a:d7:36:4d:08:3a:00:e6:ec:
89:3e:f4:f7:53:87:ea:ba:59:ef:c4:a9:7a:52:59:
e4:7f:7d:fb:61:60:a5:c3:60:fe:2c:07:0f:99:c3:
e6:bd:00:af:a2:a4:5b:32:37:0c:a1:43:67:50:61:
8f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D3:CC:2E:4C:4A:89:35:68:00:48:D9:C7:EF:3E:87:4E:8F:56:02
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/1tPMLkxKiTVoAEjZx-8-h06PVgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.0.0/16
185.62.232.0/22
194.225.0.0/16
IPv6:
2001:678:b0::/46
2001:14e8::/32
Signature Algorithm: sha256WithRSAEncryption
1d:0f:33:21:e6:2c:86:63:6e:71:f3:16:85:fb:23:30:57:d9:
11:dc:7c:0f:c1:3e:d3:aa:cc:c9:b9:0c:7b:d8:5d:78:12:2c:
9a:f0:15:a4:18:21:d6:c2:fa:b6:45:e9:40:8c:1c:5c:15:aa:
39:94:45:ac:33:2a:a9:40:f9:a0:78:1e:36:13:98:64:b8:02:
4f:06:b9:45:57:47:e4:ea:2c:49:f4:8d:2a:fa:5d:70:99:8c:
97:f8:75:25:e1:b7:66:97:62:7b:46:92:23:78:3e:a5:98:5e:
14:ae:70:d0:e2:f6:98:10:b9:3d:e8:86:ea:4f:a1:44:b3:05:
c3:d8:f4:a0:ee:3b:dd:34:1c:fa:29:75:e0:67:ac:34:8c:74:
22:83:91:a4:d0:d2:9c:9e:e3:1b:55:c0:74:43:76:85:c7:c4:
66:c3:4c:04:26:2e:bc:36:7e:27:2d:57:4c:4b:0e:cb:3b:17:
29:69:20:48:6e:f0:8f:c2:6d:07:3a:3d:d1:bc:93:15:67:17:
b6:67:69:23:4a:ea:de:d3:b0:39:71:62:84:cd:19:fb:62:f7:
ff:6d:42:7d:24:8b:0a:94:d5:1b:53:3d:9d:3b:2b:51:5f:17:
d5:a0:70:f3:76:9e:df:ff:c1:ce:48:50:88:06:26:ec:00:4a:
19:c0:d8:0b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVxOcUTOAvz4blTQvDIa5D2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQzY2MyZTRjNGE4OTM1NjgwMDQ4ZDljN2VmM2U4NzRlOGY1NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjixpmggsaq2OmWCNfFa/kt3KxGqh
2AO07YV8Du0CGn+WWDLkmI5EI4N3300CUac5orjHTfqF3WXiEtnZdl2bRSSEp/iZ
t1pF7mXQ1xKdq0qzHCuVPM/V4mmS+PqF/toOfCGdrS63w8ND/IJD7FgFEqzw8rFT
h+Q3fyG+1MRCSYtsbR9o8Eju2PH83y/J8M5G+HGzv+pZfYAe3XRSc02Pwb3TJnrS
T9lArVMfmelQYYAzdKfwI0Wa/oSFW1yzVYAFnIPbTbL5SAca1zZNCDoA5uyJPvT3
U4fqulnvxKl6Ulnkf337YWClw2D+LAcPmcPmvQCvoqRbMjcMoUNnUGGPWwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNbTzC5MSok1aABI2cfvPodOj1YCMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvMXRQTUxreEtpVFZvQUVqWngtOC1oMDZQVmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAWBAIAATAQAwMAXrgDBAK5
PugDAwDC4TAWBAIAAjAQAwcCIAEGeACwAwUAIAEU6DANBgkqhkiG9w0BAQsFAAOC
AQEAHQ8zIeYshmNucfMWhfsjMFfZEdx8D8E+06rMybkMe9hdeBIsmvAVpBgh1sL6
tkXpQIwcXBWqOZRFrDMqqUD5oHgeNhOYZLgCTwa5RVdH5OosSfSNKvpdcJmMl/h1
JeG3Zpdie0aSI3g+pZheFK5w0OL2mBC5PeiG6k+hRLMFw9j0oO473TQc+il14Ges
NIx0IoORpNDSnJ7jG1XAdEN2hcfEZsNMBCYuvDZ+Jy1XTEsOyzsXKWkgSG7wj8Jt
Bzo90byTFWcXtmdpI0rq3tOwOXFihM0Z+2L3/21CfSSLCpTVG1M9nTsrUV8X1aBw
83ae3//BzkhQiAYm7ABKGcDYCw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:42 2024 by rpki-client on console-ams.rpki-client.org