Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/IlI3xirprBDsH93TL4iFRr4UkUE.roa
File: IlI3xirprBDsH93TL4iFRr4UkUE.roa (raw, json)
Hash identifier: p3/+BrYkftYV7VMYh0wvwAUUAjDVF8MINL7rPP+OJ7k=
Subject key identifier: 22:52:37:C6:2A:E9:AC:10:EC:1F:DD:D3:2F:88:85:46:BE:14:91:41
Certificate issuer: /CN=1cd8b25cceac38c99372bf72b00c6c8b6418e923
Certificate serial: 018AF4ED111BD92BA3B37A2978F31A119C68
Authority key identifier: 1C:D8:B2:5C:CE:AC:38:C9:93:72:BF:72:B0:0C:6C:8B:64:18:E9:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/IlI3xirprBDsH93TL4iFRr4UkUE.roa
Signing time: Tue 03 Oct 2023 09:44:51 +0000
ROA not before: Tue 03 Oct 2023 09:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39686
IP address blocks: 193.53.16.0/22 maxlen: 24
193.53.20.0/23 maxlen: 24
2a00:f620:1::/48 maxlen: 64
2a00:f620:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:ed:11:1b:d9:2b:a3:b3:7a:29:78:f3:1a:11:9c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cd8b25cceac38c99372bf72b00c6c8b6418e923
Validity
Not Before: Oct 3 09:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=225237c62ae9ac10ec1fddd32f888546be149141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e0:03:e4:94:fe:07:ed:32:95:9a:3d:09:dc:
22:e6:a6:d1:d2:7e:28:6a:f5:6f:63:b3:1e:75:66:
f5:bd:6e:8b:8e:37:9c:2f:60:95:65:78:9c:2b:a3:
59:c1:23:54:c5:ff:97:2c:e0:47:7b:dc:98:b2:74:
c2:45:c0:f1:f3:f9:0a:d2:1d:e2:0e:d9:15:83:cf:
52:76:c9:d2:97:2d:04:d2:75:30:4a:b1:15:55:39:
63:ab:1b:e6:50:37:f2:bd:d5:0c:7b:3a:b5:a9:fd:
2b:18:01:e4:70:7d:70:5f:29:8e:61:ac:eb:30:9d:
8c:09:3f:4d:21:ca:ca:bc:48:ae:0e:29:07:10:2b:
8c:a5:66:7c:30:fb:fb:a5:d1:bc:bc:69:8c:2d:67:
06:14:97:52:7d:8a:06:eb:01:12:fe:f6:5c:5e:7f:
4e:3b:2c:87:d7:ea:7d:14:24:e2:7e:e5:c3:45:9e:
f2:0a:9c:58:e3:77:b1:81:8e:42:07:b1:79:ff:b2:
36:40:ea:54:a7:72:7b:35:31:1b:83:ad:b1:16:95:
6f:4c:0c:1c:86:0d:c8:d0:ba:3b:c5:b0:79:52:0b:
fe:b3:bc:94:b5:f6:27:df:88:8f:de:70:d4:90:d4:
8b:b5:1d:54:41:07:9d:85:64:8d:aa:ed:aa:89:b4:
ca:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:52:37:C6:2A:E9:AC:10:EC:1F:DD:D3:2F:88:85:46:BE:14:91:41
X509v3 Authority Key Identifier:
keyid:1C:D8:B2:5C:CE:AC:38:C9:93:72:BF:72:B0:0C:6C:8B:64:18:E9:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/IlI3xirprBDsH93TL4iFRr4UkUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/HNiyXM6sOMmTcr9ysAxsi2QY6SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.16.0-193.53.21.255
IPv6:
2a00:f620:1::-2a00:f620:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:92:ec:7f:43:6b:75:b1:9c:a5:12:4c:ea:29:b0:26:14:45:
18:0e:a3:c6:33:da:74:ed:57:e7:7f:4a:49:c4:66:d5:0c:89:
8f:c4:95:f9:3d:4b:fe:23:97:e3:2c:7c:2d:0f:1a:dc:8d:01:
7a:c0:be:21:19:a0:ab:d1:85:32:f2:c1:fc:c2:46:c9:9c:a6:
8b:ba:f8:e8:e4:88:9c:e9:3b:bb:8e:52:9f:43:40:b6:e5:34:
c6:9d:ee:3f:21:51:4c:ae:42:b6:75:e6:48:0c:5d:66:8c:88:
2e:89:a8:9d:70:3d:15:aa:07:18:89:69:9f:54:98:42:30:5c:
2f:6a:72:19:da:39:2f:72:12:8b:f1:b7:84:fe:a1:21:2b:19:
7a:b1:a6:c5:9a:8a:9f:ae:6b:c9:6c:64:d3:43:b1:10:ea:94:
df:28:69:3c:f6:76:b9:32:2b:2f:a6:a8:12:83:55:0b:3b:cd:
f0:90:b9:7c:e5:23:09:3b:8d:90:07:5c:83:9b:39:ee:8e:32:
12:4b:98:b2:22:4f:9e:bc:b3:3f:5f:c9:bd:b8:52:39:f9:8e:
c1:9e:d0:5a:e9:7e:cc:5b:e1:25:d0:72:bf:3f:84:b1:55:df:
18:c5:78:5b:88:bb:7f:62:00:10:a8:f9:2d:71:97:0e:16:3d:
fd:8e:62:a7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYr07REb2Sujs3opePMaEZxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDhiMjVjY2VhYzM4Yzk5MzcyYmY3MmIwMGM2YzhiNjQx
OGU5MjMwHhcNMjMxMDAzMDk0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjUyMzdjNjJhZTlhYzEwZWMxZmRkZDMyZjg4ODU0NmJlMTQ5MTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuAD5JT+B+0ylZo9Cdwi5qbR0n4o
avVvY7MedWb1vW6LjjecL2CVZXicK6NZwSNUxf+XLOBHe9yYsnTCRcDx8/kK0h3i
DtkVg89SdsnSly0E0nUwSrEVVTljqxvmUDfyvdUMezq1qf0rGAHkcH1wXymOYazr
MJ2MCT9NIcrKvEiuDikHECuMpWZ8MPv7pdG8vGmMLWcGFJdSfYoG6wES/vZcXn9O
OyyH1+p9FCTifuXDRZ7yCpxY43exgY5CB7F5/7I2QOpUp3J7NTEbg62xFpVvTAwc
hg3I0Lo7xbB5Ugv+s7yUtfYn34iP3nDUkNSLtR1UQQedhWSNqu2qibTK7QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCJSN8Yq6awQ7B/d0y+IhUa+FJFBMB8GA1UdIwQY
MBaAFBzYslzOrDjJk3K/crAMbItkGOkjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5peVhNNnNPTW1UY3I5eXNBeHNpMlFZNlNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9iNmM3ODMtZjU1ZC00ZWFkLThjNmEt
MTk2MzNmMDhlZDZhLzEvSWxJM3hpcnByQkRzSDkzVEw0aUZScjRVa1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9iNmM3ODMtZjU1ZC00ZWFkLThjNmEtMTk2MzNmMDhlZDZh
LzEvSE5peVhNNnNPTW1UY3I5eXNBeHNpMlFZNlNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBATBNRAD
BAHBNRQwGgQCAAIwFDASAwcAKgD2IAABAwcAKgD2IAACMA0GCSqGSIb3DQEBCwUA
A4IBAQBDkux/Q2t1sZylEkzqKbAmFEUYDqPGM9p07Vfnf0pJxGbVDImPxJX5PUv+
I5fjLHwtDxrcjQF6wL4hGaCr0YUy8sH8wkbJnKaLuvjo5Iic6Tu7jlKfQ0C25TTG
ne4/IVFMrkK2deZIDF1mjIguiaidcD0VqgcYiWmfVJhCMFwvanIZ2jkvchKL8beE
/qEhKxl6sabFmoqfrmvJbGTTQ7EQ6pTfKGk89na5MisvpqgSg1ULO83wkLl85SMJ
O42QB1yDmznujjISS5iyIk+evLM/X8m9uFI5+Y7BntBa6X7MW+El0HK/P4SxVd8Y
xXhbiLt/YgAQqPktcZcOFj39jmKn
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:57 2024 by rpki-client on console-fra.rpki-client.org