Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/al8H-VmLVNssw9OZKl6jbtQncuI.roa
File: al8H-VmLVNssw9OZKl6jbtQncuI.roa (raw, json)
Hash identifier: qxzxkMhBaYIxbbaBQgkX44WKOtXXXyVRchgOTRBmFVY=
Subject key identifier: 6A:5F:07:F9:59:8B:54:DB:2C:C3:D3:99:2A:5E:A3:6E:D4:27:72:E2
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139C5A7D859D3A5CB62ED0692EB3904
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/al8H-VmLVNssw9OZKl6jbtQncuI.roa
Signing time: Mon 02 Jan 2023 06:44:49 +0000
ROA not before: Mon 02 Jan 2023 06:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12660
IP address blocks: 194.225.40.0/22 maxlen: 22
194.225.40.0/21 maxlen: 21
194.225.44.0/22 maxlen: 22
94.184.128.0/21 maxlen: 21
94.184.128.0/22 maxlen: 22
94.184.132.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c5:a7:d8:59:d3:a5:cb:62:ed:06:92:eb:39:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a5f07f9598b54db2cc3d3992a5ea36ed42772e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:71:0a:9c:84:c3:c7:28:61:c2:16:37:34:
f2:e1:0e:9f:9b:82:27:31:d0:0f:a1:a0:d6:b0:98:
a7:a4:d2:03:a3:da:ff:5c:d3:0a:93:84:2b:09:b7:
82:5b:64:58:b0:33:fa:cc:ea:00:96:de:92:7a:13:
37:ee:0b:ba:ee:a8:50:06:2e:04:4f:83:cd:28:ba:
f4:a5:1d:a9:93:82:fb:07:33:1b:a8:08:db:c2:a2:
d7:28:f3:83:f9:17:4b:99:29:94:64:20:d9:7f:48:
b7:0c:42:f1:5e:46:f0:f2:5a:bd:ff:34:9b:66:a0:
6c:2b:61:f4:91:3f:47:74:e4:4a:9c:bc:df:c9:c1:
26:a8:37:79:13:61:e5:2f:56:81:50:bc:71:c3:ec:
a5:a0:45:39:9a:e8:65:91:fe:07:02:9c:d7:87:76:
12:66:42:62:21:fe:6b:86:28:d0:dc:b2:5e:b5:c0:
c4:35:21:72:ca:e8:8c:2f:30:02:55:e3:85:0b:04:
47:50:87:46:64:49:99:4f:2a:0b:cf:d8:b3:d6:d9:
a0:2a:7c:1c:0a:6f:5d:6f:69:ac:cb:4a:20:a1:c0:
f4:b6:95:20:e9:8c:af:ba:1f:f2:ca:fe:ef:be:a4:
b4:4a:ad:27:b3:51:f5:70:f5:cd:04:cc:34:5d:94:
e8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5F:07:F9:59:8B:54:DB:2C:C3:D3:99:2A:5E:A3:6E:D4:27:72:E2
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/al8H-VmLVNssw9OZKl6jbtQncuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.128.0/21
194.225.40.0/21
Signature Algorithm: sha256WithRSAEncryption
96:8c:48:33:98:0a:c1:bf:52:e7:55:99:b2:8c:28:11:99:88:
1d:92:4c:45:60:40:a4:c9:a3:74:f7:bc:f5:7c:90:a0:03:84:
c2:a7:5e:a7:44:a1:4e:12:b7:79:1a:4a:8b:2c:2c:c4:77:ac:
bf:57:52:66:8a:6f:89:ff:f1:15:e6:9f:f0:8f:bf:2e:18:31:
22:a1:f3:75:f5:51:53:de:f7:f5:f3:24:f4:69:64:9d:70:4e:
a8:0f:74:75:01:28:6c:2a:99:01:e8:bc:9f:66:59:ae:7d:ad:
79:6b:92:2f:fc:83:68:4a:b5:9f:9b:cc:27:6f:ba:8a:16:00:
a7:dc:39:46:f2:ee:b8:2b:cb:f3:82:7a:c5:6a:e8:1e:6c:b9:
f3:d7:7b:1c:56:95:e5:e3:9e:56:3c:41:65:fa:ce:31:b0:f8:
44:42:8a:58:b7:5b:00:48:1a:41:f3:9b:d6:68:a7:2e:9c:63:
c2:e1:3a:e9:94:3b:06:00:22:df:1f:f6:24:95:21:d7:5c:d8:
0f:bd:33:d5:23:92:20:ab:4c:c5:9d:1b:04:9d:04:d3:58:26:
48:fd:a4:f1:c2:0b:18:ff:d6:25:9a:59:55:4a:d2:6d:23:e7:
43:95:a5:e7:18:1c:e0:06:fc:fe:22:04:7c:fe:96:e4:d7:52:
6d:6b:e4:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxOcWn2FnTpcti7QaS6zkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVmMDdmOTU5OGI1NGRiMmNjM2QzOTkyYTVlYTM2ZWQ0Mjc3MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx5xCpyEw8coYcIWNzTy4Q6fm4In
MdAPoaDWsJinpNIDo9r/XNMKk4QrCbeCW2RYsDP6zOoAlt6SehM37gu67qhQBi4E
T4PNKLr0pR2pk4L7BzMbqAjbwqLXKPOD+RdLmSmUZCDZf0i3DELxXkbw8lq9/zSb
ZqBsK2H0kT9HdORKnLzfycEmqDd5E2HlL1aBULxxw+yloEU5muhlkf4HApzXh3YS
ZkJiIf5rhijQ3LJetcDENSFyyuiMLzACVeOFCwRHUIdGZEmZTyoLz9iz1tmgKnwc
Cm9db2msy0ogocD0tpUg6Yyvuh/yyv7vvqS0Sq0ns1H1cPXNBMw0XZToAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGpfB/lZi1TbLMPTmSpeo27UJ3LiMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvYWw4SC1WbUxWTnNzdzlPWktsNmpidFFuY3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXriAAwQD
wuEoMA0GCSqGSIb3DQEBCwUAA4IBAQCWjEgzmArBv1LnVZmyjCgRmYgdkkxFYECk
yaN097z1fJCgA4TCp16nRKFOErd5GkqLLCzEd6y/V1Jmim+J//EV5p/wj78uGDEi
ofN19VFT3vf18yT0aWSdcE6oD3R1AShsKpkB6LyfZlmufa15a5Iv/INoSrWfm8wn
b7qKFgCn3DlG8u64K8vzgnrFaugebLnz13scVpXl455WPEFl+s4xsPhEQopYt1sA
SBpB85vWaKcunGPC4TrplDsGACLfH/YklSHXXNgPvTPVI5Igq0zFnRsEnQTTWCZI
/aTxwgsY/9YlmllVStJtI+dDlaXnGBzgBvz+IgR8/pbk11Jta+RW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:49 2023 by rpki-client on console-fra.rpki-client.org