Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/9yvVSEW7LaE8gRAFpYdsjBAtwXI.roa
File: 9yvVSEW7LaE8gRAFpYdsjBAtwXI.roa (raw, json)
Hash identifier: TKKGkroavptrqtQXx7oA4P225UMU9dXlbFqqqeSQxQQ=
Subject key identifier: F7:2B:D5:48:45:BB:2D:A1:3C:81:10:05:A5:87:6C:8C:10:2D:C1:72
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 0188375F7C7CD55542ADA72607A5B61B416E
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/9yvVSEW7LaE8gRAFpYdsjBAtwXI.roa
Signing time: Sat 20 May 2023 04:16:24 +0000
ROA not before: Sat 20 May 2023 04:16:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12660
IP address blocks: 194.225.40.0/24 maxlen: 24
194.225.40.0/22 maxlen: 22
194.225.40.0/21 maxlen: 21
194.225.44.0/22 maxlen: 22
94.184.128.0/22 maxlen: 22
94.184.128.0/21 maxlen: 21
94.184.132.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:37:5f:7c:7c:d5:55:42:ad:a7:26:07:a5:b6:1b:41:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: May 20 04:16:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f72bd54845bb2da13c811005a5876c8c102dc172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:dd:38:5a:6c:5c:ac:10:6f:43:45:1b:ff:9c:
37:8b:c6:f6:ad:2f:dc:b2:dd:8b:9c:4a:8b:27:8e:
b7:66:61:82:8f:3d:a3:2e:0c:2b:9c:41:58:aa:fd:
0d:d0:cf:e8:7c:16:b0:f9:2a:7c:90:72:88:db:ea:
52:26:08:d9:cc:40:93:e2:9c:c6:58:df:63:4f:18:
d4:3b:96:34:cd:e1:4b:3d:40:32:45:e5:60:0d:9e:
e5:4d:f6:4f:a9:d6:6d:d1:d3:d8:f9:04:84:4d:4d:
87:d1:98:c1:da:a6:ca:56:26:42:a4:0d:ac:17:06:
90:d3:be:d3:a6:76:a8:1e:79:9c:5c:3e:76:ee:a9:
9d:0a:3a:b1:fd:e4:0b:8a:01:46:57:a8:bd:95:39:
f4:75:b7:00:9c:bf:03:cd:43:97:6c:ef:15:3a:b9:
35:93:a4:46:8f:d5:0d:cb:a9:c5:98:df:0b:4f:d5:
eb:ea:7b:45:06:39:c5:c1:0e:23:a6:50:ed:47:82:
32:aa:6e:bb:bc:08:08:de:27:b8:cf:95:83:cb:6b:
e3:88:71:ab:ac:f6:9f:38:f6:0c:88:fe:2c:23:cf:
be:f9:03:7a:6d:74:29:8d:4f:f6:fe:5d:ba:e7:eb:
c2:9a:31:cf:74:2b:43:50:cc:52:07:2d:f3:8a:34:
e5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2B:D5:48:45:BB:2D:A1:3C:81:10:05:A5:87:6C:8C:10:2D:C1:72
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/9yvVSEW7LaE8gRAFpYdsjBAtwXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.128.0/21
194.225.40.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:62:cf:5c:90:49:2c:36:0f:49:b6:19:c6:f4:8d:0c:57:48:
d3:c8:7d:e1:21:f0:c7:53:54:6d:61:25:49:a6:d7:69:6a:57:
8f:cf:90:09:c9:5b:e2:4f:b8:fa:d9:33:a7:18:3a:b3:41:c1:
97:12:2b:03:de:6b:15:ea:0c:8d:b0:17:1e:04:19:87:e4:2c:
ac:8e:84:9b:9f:f4:e2:72:40:c7:8d:0b:79:20:c1:7d:b7:60:
ea:db:ae:fe:aa:43:0e:8a:a9:78:5e:60:00:e1:23:bd:27:db:
bf:1a:84:f4:84:0c:fe:78:f1:cc:18:59:36:f3:bb:44:9c:3e:
6d:bc:a0:f0:5d:3d:7f:69:09:a3:8e:8d:87:5c:a5:a7:13:52:
7e:57:10:10:1c:e7:d0:dc:90:be:50:7c:52:f3:7c:38:db:33:
e3:21:8d:fe:b7:cb:de:49:7f:b9:25:9c:88:fb:f7:eb:50:c8:
e3:5a:9f:cf:9c:f1:e2:27:89:98:f9:8a:a0:99:f8:52:eb:d5:
1e:97:fa:99:e5:81:5d:e2:a8:b0:9e:15:87:c6:88:85:e1:44:
83:f7:08:3c:e3:25:ef:ca:72:58:7c:80:bd:2f:10:12:b6:d5:
57:cc:cc:ff:bd:cb:f5:a1:6f:b3:cc:b4:5b:9b:71:d9:1d:8b:
88:98:17:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYg3X3x81VVCracmB6W2G0FuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwNTIwMDQxNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJiZDU0ODQ1YmIyZGExM2M4MTEwMDVhNTg3NmM4YzEwMmRjMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn904WmxcrBBvQ0Ub/5w3i8b2rS/c
st2LnEqLJ463ZmGCjz2jLgwrnEFYqv0N0M/ofBaw+Sp8kHKI2+pSJgjZzECT4pzG
WN9jTxjUO5Y0zeFLPUAyReVgDZ7lTfZPqdZt0dPY+QSETU2H0ZjB2qbKViZCpA2s
FwaQ077TpnaoHnmcXD527qmdCjqx/eQLigFGV6i9lTn0dbcAnL8DzUOXbO8VOrk1
k6RGj9UNy6nFmN8LT9Xr6ntFBjnFwQ4jplDtR4Iyqm67vAgI3ie4z5WDy2vjiHGr
rPafOPYMiP4sI8+++QN6bXQpjU/2/l265+vCmjHPdCtDUMxSBy3zijTlqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPcr1UhFuy2hPIEQBaWHbIwQLcFyMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvOXl2VlNFVzdMYUU4Z1JBRnBZZHNqQkF0d1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXriAAwQD
wuEoMA0GCSqGSIb3DQEBCwUAA4IBAQCqYs9ckEksNg9JthnG9I0MV0jTyH3hIfDH
U1RtYSVJptdpalePz5AJyVviT7j62TOnGDqzQcGXEisD3msV6gyNsBceBBmH5Cys
joSbn/TickDHjQt5IMF9t2Dq267+qkMOiql4XmAA4SO9J9u/GoT0hAz+ePHMGFk2
87tEnD5tvKDwXT1/aQmjjo2HXKWnE1J+VxAQHOfQ3JC+UHxS83w42zPjIY3+t8ve
SX+5JZyI+/frUMjjWp/PnPHiJ4mY+YqgmfhS69Uel/qZ5YFd4qiwnhWHxoiF4USD
9wg84yXvynJYfIC9LxASttVXzMz/vcv1oW+zzLRbm3HZHYuImBfX
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:42 2024 by rpki-client on console-ams.rpki-client.org