Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Xn7RGiHSpO1sy3pN-eAISF7TgaI.roa
File: Xn7RGiHSpO1sy3pN-eAISF7TgaI.roa (raw, json)
Hash identifier: pMel8sOK/LhC9mQzZoPfqBPGkeSGPChJIijo5iARAqs=
Subject key identifier: 5E:7E:D1:1A:21:D2:A4:ED:6C:CB:7A:4D:F9:E0:08:48:5E:D3:81:A2
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139C70EE3DAD28D906F2ADAD51B8025
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Xn7RGiHSpO1sy3pN-eAISF7TgaI.roa
Signing time: Mon 02 Jan 2023 06:44:49 +0000
ROA not before: Mon 02 Jan 2023 06:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29577
IP address blocks: 194.225.125.0/24 maxlen: 24
194.225.126.0/24 maxlen: 24
2001:14e8:8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c7:0e:e3:da:d2:8d:90:6f:2a:da:d5:1b:80:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e7ed11a21d2a4ed6ccb7a4df9e008485ed381a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:af:81:3c:22:9e:98:bd:85:97:6b:d4:fc:35:
b9:8f:7c:07:01:89:e8:23:2e:7e:82:cd:aa:43:13:
18:cc:0c:8e:24:87:06:0c:0c:50:c4:e3:b1:f1:63:
56:61:65:db:88:a5:14:12:27:87:87:15:b0:28:a7:
ac:30:af:28:17:f7:62:96:0a:6f:0f:ba:1e:c0:72:
78:d8:d1:d1:08:4c:d4:95:51:00:1b:a2:0c:5e:e0:
ed:3f:dd:63:bf:f9:9e:31:51:6f:ff:d4:d9:90:b9:
a2:84:3d:10:3f:10:01:a5:19:24:d7:f0:92:97:47:
97:d4:d2:fa:45:d9:5a:95:99:cf:08:5a:f9:ba:3d:
8c:b2:73:cb:d3:5c:2c:2f:f0:6b:3a:43:bc:22:eb:
a2:55:c9:32:b7:0d:59:0b:f1:8d:b4:98:97:24:43:
e9:3b:44:45:62:b8:c9:c3:6a:c7:50:69:6e:b9:b2:
4f:08:7b:3a:4d:a4:5a:00:c4:5c:fe:f0:e9:71:9c:
ed:43:11:e8:d1:35:54:c8:50:c0:c8:94:99:32:7a:
2f:22:7d:88:66:d5:db:67:52:79:86:18:2b:f2:04:
d1:3c:f6:c2:ce:74:93:3a:67:00:c4:aa:c1:8f:e6:
7d:0a:1b:91:d0:32:97:a2:e0:29:93:58:b6:3d:19:
2e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7E:D1:1A:21:D2:A4:ED:6C:CB:7A:4D:F9:E0:08:48:5E:D3:81:A2
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Xn7RGiHSpO1sy3pN-eAISF7TgaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.225.125.0-194.225.126.255
IPv6:
2001:14e8:8::/48
Signature Algorithm: sha256WithRSAEncryption
85:e2:22:2e:d6:25:87:65:98:71:a9:3e:f3:be:18:b2:f9:a7:
1e:96:ef:7a:d5:6a:79:a8:17:8f:96:47:ab:78:19:49:8b:02:
42:22:1b:65:1d:a5:fa:04:99:48:ec:8c:cb:e7:8f:4d:5c:66:
ae:9c:12:14:1f:1e:97:64:75:de:5b:19:35:f2:93:39:ec:84:
f5:60:48:92:4c:4b:1b:fc:68:78:0d:95:95:6b:af:c7:d7:1c:
93:b2:93:ff:f0:7c:a0:e3:1c:fa:4e:e7:f5:96:be:06:59:09:
ef:30:d8:14:9e:ba:10:bd:ab:af:fa:08:fc:98:a1:88:61:67:
07:13:65:d1:2e:b7:09:55:64:df:fa:b4:ce:10:0c:da:90:7f:
86:6d:3f:5b:73:62:29:09:b6:1a:a6:55:3c:60:43:7d:e0:55:
05:09:71:54:aa:84:14:ba:72:ed:01:20:49:57:2c:35:2c:80:
c3:19:9c:30:fa:46:ce:62:ad:d9:48:cc:41:cf:06:9f:89:52:
cc:ed:6f:7d:c3:9e:04:5d:63:05:75:6f:bf:52:25:f5:36:2a:
57:83:3e:7a:19:0e:00:59:ee:af:4c:e3:1c:63:66:3f:0f:cf:
6a:fb:d1:25:2f:65:51:f2:d8:19:22:14:be:47:d1:9b:1c:39:
52:cd:09:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVxOccO49rSjZBvKtrVG4AlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdlZDExYTIxZDJhNGVkNmNjYjdhNGRmOWUwMDg0ODVlZDM4MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq+BPCKemL2Fl2vU/DW5j3wHAYno
Iy5+gs2qQxMYzAyOJIcGDAxQxOOx8WNWYWXbiKUUEieHhxWwKKesMK8oF/dilgpv
D7oewHJ42NHRCEzUlVEAG6IMXuDtP91jv/meMVFv/9TZkLmihD0QPxABpRkk1/CS
l0eX1NL6RdlalZnPCFr5uj2MsnPL01wsL/BrOkO8IuuiVckytw1ZC/GNtJiXJEPp
O0RFYrjJw2rHUGluubJPCHs6TaRaAMRc/vDpcZztQxHo0TVUyFDAyJSZMnovIn2I
ZtXbZ1J5hhgr8gTRPPbCznSTOmcAxKrBj+Z9ChuR0DKXouApk1i2PRkudQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF5+0Roh0qTtbMt6TfngCEhe04GiMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvWG43UkdpSFNwTzFzeTNwTi1lQUlTRjdUZ2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBADC4X0D
BADC4X4wDwQCAAIwCQMHACABFOgACDANBgkqhkiG9w0BAQsFAAOCAQEAheIiLtYl
h2WYcak+874YsvmnHpbvetVqeagXj5ZHq3gZSYsCQiIbZR2l+gSZSOyMy+ePTVxm
rpwSFB8el2R13lsZNfKTOeyE9WBIkkxLG/xoeA2VlWuvx9cck7KT//B8oOMc+k7n
9Za+BlkJ7zDYFJ66EL2rr/oI/JihiGFnBxNl0S63CVVk3/q0zhAM2pB/hm0/W3Ni
KQm2GqZVPGBDfeBVBQlxVKqEFLpy7QEgSVcsNSyAwxmcMPpGzmKt2UjMQc8Gn4lS
zO1vfcOeBF1jBXVvv1Il9TYqV4M+ehkOAFnur0zjHGNmPw/PavvRJS9lUfLYGSIU
vkfRmxw5Us0JDA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:00 2024 by rpki-client on console-fra.rpki-client.org