Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/iBZgJ9il1pS_dqQ1Wud2P9ssei8.roa
File: iBZgJ9il1pS_dqQ1Wud2P9ssei8.roa (raw, json)
Hash identifier: aZwBLOpL+3wH5FG//qwbQOFOlBUF05tzJHwuvQug1r0=
Subject key identifier: 88:16:60:27:D8:A5:D6:94:BF:76:A4:35:5A:E7:76:3F:DB:2C:7A:2F
Certificate issuer: /CN=1cd8b25cceac38c99372bf72b00c6c8b6418e923
Certificate serial: 01898C473E18F786518C4CC6997A3C727BAF
Authority key identifier: 1C:D8:B2:5C:CE:AC:38:C9:93:72:BF:72:B0:0C:6C:8B:64:18:E9:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/iBZgJ9il1pS_dqQ1Wud2P9ssei8.roa
Signing time: Tue 25 Jul 2023 09:00:26 +0000
ROA not before: Tue 25 Jul 2023 09:00:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39686
IP address blocks: 193.53.16.0/22 maxlen: 24
193.53.20.0/23 maxlen: 24
2a00:f620:1::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:47:3e:18:f7:86:51:8c:4c:c6:99:7a:3c:72:7b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cd8b25cceac38c99372bf72b00c6c8b6418e923
Validity
Not Before: Jul 25 09:00:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88166027d8a5d694bf76a4355ae7763fdb2c7a2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:60:65:e9:f1:9f:64:71:62:8c:d4:a5:13:b9:
96:cd:99:aa:d3:d2:a6:33:0d:19:14:b5:94:c2:ad:
0e:ba:00:ab:ba:f0:0e:ca:6a:7e:4e:c7:5c:ad:70:
7e:aa:92:cb:00:f7:d1:f0:04:fe:6f:5a:96:ad:74:
42:14:ca:d0:0e:63:e3:f3:9e:f1:1d:8a:47:16:02:
e9:99:59:53:f9:a5:27:74:2b:32:4f:08:1f:14:9b:
58:c0:b2:32:c0:79:0e:59:f6:a0:bb:d5:59:f3:51:
ee:ad:3f:8b:45:18:a2:cd:05:5f:fe:57:a7:82:68:
d0:66:f6:84:3d:3a:f6:ca:08:33:2a:9b:25:cb:5e:
7d:73:33:d9:44:e3:d5:3c:4f:69:04:2f:8c:01:51:
22:58:c0:f3:a9:f3:c6:64:e5:5f:4f:92:ec:1e:b4:
03:8c:ca:09:fd:9b:01:86:82:a1:ae:13:2e:80:1b:
97:d5:da:e5:cd:67:05:38:32:3b:93:d5:97:b4:b9:
0c:f3:83:6b:36:5e:2c:e3:49:c8:47:7c:74:19:f8:
95:cd:8f:7b:65:c8:fe:ba:12:7d:a2:b6:35:dd:bf:
3c:1e:15:aa:55:51:a7:c6:ed:a4:dc:8e:b5:8f:3f:
73:90:e0:64:1a:b0:96:58:2c:61:26:4c:1f:af:29:
69:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:16:60:27:D8:A5:D6:94:BF:76:A4:35:5A:E7:76:3F:DB:2C:7A:2F
X509v3 Authority Key Identifier:
keyid:1C:D8:B2:5C:CE:AC:38:C9:93:72:BF:72:B0:0C:6C:8B:64:18:E9:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/iBZgJ9il1pS_dqQ1Wud2P9ssei8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/HNiyXM6sOMmTcr9ysAxsi2QY6SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.16.0-193.53.21.255
IPv6:
2a00:f620:1::/48
Signature Algorithm: sha256WithRSAEncryption
be:1e:c0:18:1a:4a:11:01:b0:e9:99:74:f1:3a:1b:19:d7:13:
56:30:56:08:b7:84:5e:93:af:f0:cc:6b:3c:d9:2c:e9:d8:e8:
16:72:ba:24:29:b7:1e:69:fd:01:d8:5f:9c:f4:7c:c3:28:f9:
84:30:53:73:f7:02:ce:b1:87:2c:ab:a1:a8:76:0f:d1:e2:3c:
32:e3:57:2d:3e:9a:c3:2e:77:d5:4a:d7:ba:ea:14:9b:23:14:
41:cb:35:94:37:7e:5f:d3:10:8b:0d:c5:b4:fe:cf:80:73:b4:
81:7e:98:fe:4a:78:9d:ac:8c:ac:ea:77:4f:3e:02:39:ea:0c:
6d:6e:9b:5f:c7:72:b3:d6:1f:17:e6:a4:dc:90:ab:89:52:b9:
7d:67:aa:8d:6e:d5:05:a6:67:39:2d:d1:ae:54:0b:a2:48:6b:
6e:d4:3b:73:20:28:23:91:5a:20:c8:6e:b4:cf:08:6f:95:7d:
72:d2:d5:7d:4d:a8:04:b6:c2:6c:2b:34:8e:35:09:23:67:4f:
30:8c:94:6f:3e:80:d1:35:3a:3e:8f:99:f5:09:f8:c0:94:c0:
e7:17:ad:5d:48:1d:7f:d7:23:e9:5c:5d:b7:2e:c8:3e:e8:32:
b7:ff:cb:20:f3:08:f7:7a:8d:38:6c:96:11:21:fc:27:fe:08:
03:9d:61:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYmMRz4Y94ZRjEzGmXo8cnuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDhiMjVjY2VhYzM4Yzk5MzcyYmY3MmIwMGM2YzhiNjQx
OGU5MjMwHhcNMjMwNzI1MDkwMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODE2NjAyN2Q4YTVkNjk0YmY3NmE0MzU1YWU3NzYzZmRiMmM3YTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mBl6fGfZHFijNSlE7mWzZmq09Km
Mw0ZFLWUwq0OugCruvAOymp+TsdcrXB+qpLLAPfR8AT+b1qWrXRCFMrQDmPj857x
HYpHFgLpmVlT+aUndCsyTwgfFJtYwLIywHkOWfagu9VZ81HurT+LRRiizQVf/len
gmjQZvaEPTr2yggzKpsly159czPZROPVPE9pBC+MAVEiWMDzqfPGZOVfT5LsHrQD
jMoJ/ZsBhoKhrhMugBuX1drlzWcFODI7k9WXtLkM84NrNl4s40nIR3x0GfiVzY97
Zcj+uhJ9orY13b88HhWqVVGnxu2k3I61jz9zkOBkGrCWWCxhJkwfrylpywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgWYCfYpdaUv3akNVrndj/bLHovMB8GA1UdIwQY
MBaAFBzYslzOrDjJk3K/crAMbItkGOkjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5peVhNNnNPTW1UY3I5eXNBeHNpMlFZNlNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9iNmM3ODMtZjU1ZC00ZWFkLThjNmEt
MTk2MzNmMDhlZDZhLzEvaUJaZ0o5aWwxcFNfZHFRMVd1ZDJQOXNzZWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9iNmM3ODMtZjU1ZC00ZWFkLThjNmEtMTk2MzNmMDhlZDZh
LzEvSE5peVhNNnNPTW1UY3I5eXNBeHNpMlFZNlNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBATBNRAD
BAHBNRQwDwQCAAIwCQMHACoA9iAAATANBgkqhkiG9w0BAQsFAAOCAQEAvh7AGBpK
EQGw6Zl08TobGdcTVjBWCLeEXpOv8MxrPNks6djoFnK6JCm3Hmn9AdhfnPR8wyj5
hDBTc/cCzrGHLKuhqHYP0eI8MuNXLT6awy531UrXuuoUmyMUQcs1lDd+X9MQiw3F
tP7PgHO0gX6Y/kp4nayMrOp3Tz4COeoMbW6bX8dys9YfF+ak3JCriVK5fWeqjW7V
BaZnOS3RrlQLokhrbtQ7cyAoI5FaIMhutM8Ib5V9ctLVfU2oBLbCbCs0jjUJI2dP
MIyUbz6A0TU6Po+Z9Qn4wJTA5xetXUgdf9cj6Vxdty7IPugyt//LIPMI93qNOGyW
ESH8J/4IA51h4w==
-----END CERTIFICATE-----
Generated at Tue Oct 3 10:33:27 2023 by rpki-client on console-ams.rpki-client.org