Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/iG6czhMFrydwUythvfqLTpoRTR0.roa
File: iG6czhMFrydwUythvfqLTpoRTR0.roa (raw, json)
Hash identifier: VfgdDC0pngExEN0QeYrkVXnt56Df3VFRf0huhBNCcUQ=
Subject key identifier: 88:6E:9C:CE:13:05:AF:27:70:53:2B:61:BD:FA:8B:4E:9A:11:4D:1D
Certificate issuer: /CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Certificate serial: 01856B8A136736C4E2727D5E88BC1ECF9787
Authority key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/iG6czhMFrydwUythvfqLTpoRTR0.roa
Signing time: Sun 01 Jan 2023 04:14:49 +0000
ROA not before: Sun 01 Jan 2023 04:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50321
IP address blocks: 194.150.220.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:13:67:36:c4:e2:72:7d:5e:88:bc:1e:cf:97:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Validity
Not Before: Jan 1 04:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=886e9cce1305af2770532b61bdfa8b4e9a114d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:a5:14:7b:37:32:0f:21:a4:93:c8:37:26:
96:d0:9b:d4:5b:33:d2:63:9d:cc:b0:34:f8:9c:e1:
90:07:77:52:d8:ea:e8:22:3f:4a:3d:4e:d4:e2:7c:
f6:82:83:f3:81:ef:16:be:bd:8a:63:66:16:39:81:
9a:74:6c:de:d8:98:9e:28:34:58:4b:86:fe:4f:05:
81:41:2b:c7:a2:25:02:61:48:27:a9:ca:7c:50:10:
2e:84:ca:b1:9c:8e:b0:37:18:96:21:1b:c8:05:15:
5e:de:e5:72:4d:18:75:6c:a8:51:b7:aa:13:e3:bb:
d5:fe:87:04:1e:d9:ee:72:a1:d5:d5:66:d0:1a:a7:
a5:4a:6a:65:cc:50:9c:cd:94:45:c9:c1:29:8e:f4:
51:c8:f1:e6:8b:c0:77:61:ee:4a:43:95:96:6e:6e:
17:12:a2:93:79:c1:f0:c8:fa:d7:32:ab:20:8b:3d:
44:31:f8:e1:be:ac:cb:de:a4:a4:8f:17:12:1a:48:
5c:ad:c8:3a:62:26:bc:ba:d3:6b:85:15:ea:a0:37:
3d:52:0e:6f:c4:9c:a7:59:16:4e:fc:e7:0d:0b:70:
31:80:3d:cf:d4:3d:74:9a:fe:08:7c:92:07:52:b1:
66:04:16:a7:6c:66:eb:1a:a6:27:72:b9:d3:75:27:
3e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6E:9C:CE:13:05:AF:27:70:53:2B:61:BD:FA:8B:4E:9A:11:4D:1D
X509v3 Authority Key Identifier:
keyid:13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/iG6czhMFrydwUythvfqLTpoRTR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.220.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:33:36:44:32:0f:49:0b:cc:46:f7:1c:8f:d4:04:69:9f:32:
01:a0:23:e3:80:d4:3b:3b:dc:f9:c1:1c:4c:9e:28:16:a0:a3:
c5:ed:8e:a7:9e:3a:df:13:f6:c0:1c:77:e1:ec:ed:7f:df:c8:
88:a0:04:d9:91:31:74:ae:6a:a9:3f:e9:93:1a:01:3d:83:c3:
6e:dd:28:48:b5:5c:6e:c3:3c:b6:1c:bd:f7:07:ee:6d:df:90:
31:97:e8:38:48:18:f5:ae:23:51:6a:de:b3:a0:4f:1a:97:de:
9c:61:62:7b:90:79:2d:b8:2b:22:62:bd:0c:24:9f:18:8b:2f:
2c:55:90:dc:8a:a2:66:a7:66:82:9e:9b:78:bb:1a:57:37:74:
fb:79:91:06:d1:d5:a4:05:04:11:dc:39:67:48:36:af:28:99:
e3:5c:d1:65:2c:21:a7:08:ea:cb:d1:5a:c8:af:2f:bd:c6:84:
ce:52:e9:3d:8f:37:fa:48:6b:d9:61:9c:5b:8b:9a:bf:54:f8:
55:34:ca:3d:9c:ab:aa:36:9e:1a:2b:21:26:cb:6b:f8:44:0c:
58:2a:9e:17:6d:04:08:e4:1a:b0:de:11:b2:05:5a:b7:62:24:
b4:47:91:93:c3:cc:79:b5:11:52:55:6f:0b:a3:d4:56:20:69:
72:b9:79:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrihNnNsTicn1eiLwez5eHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjZiOTYwYTZmMWYwNDQzOWYwOTE4NmY5ZWNmNTMxYTlj
ZTI2NDgwHhcNMjMwMTAxMDQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZlOWNjZTEzMDVhZjI3NzA1MzJiNjFiZGZhOGI0ZTlhMTE0ZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBqlFHs3Mg8hpJPINyaW0JvUWzPS
Y53MsDT4nOGQB3dS2OroIj9KPU7U4nz2goPzge8Wvr2KY2YWOYGadGze2JieKDRY
S4b+TwWBQSvHoiUCYUgnqcp8UBAuhMqxnI6wNxiWIRvIBRVe3uVyTRh1bKhRt6oT
47vV/ocEHtnucqHV1WbQGqelSmplzFCczZRFycEpjvRRyPHmi8B3Ye5KQ5WWbm4X
EqKTecHwyPrXMqsgiz1EMfjhvqzL3qSkjxcSGkhcrcg6Yia8utNrhRXqoDc9Ug5v
xJynWRZO/OcNC3AxgD3P1D10mv4IfJIHUrFmBBanbGbrGqYncrnTdSc+QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhunM4TBa8ncFMrYb36i06aEU0dMB8GA1UdIwQY
MBaAFBNmuWCm8fBEOfCRhvns9TGpziZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjIt
YTk2NzE1OWY4ODdkLzEvaUc2Y3poTUZyeWR3VXl0aHZmcUxUcG9SVFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjItYTk2NzE1OWY4ODdk
LzEvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpbcMA0G
CSqGSIb3DQEBCwUAA4IBAQCaMzZEMg9JC8xG9xyP1ARpnzIBoCPjgNQ7O9z5wRxM
nigWoKPF7Y6nnjrfE/bAHHfh7O1/38iIoATZkTF0rmqpP+mTGgE9g8Nu3ShItVxu
wzy2HL33B+5t35Axl+g4SBj1riNRat6zoE8al96cYWJ7kHktuCsiYr0MJJ8Yiy8s
VZDciqJmp2aCnpt4uxpXN3T7eZEG0dWkBQQR3DlnSDavKJnjXNFlLCGnCOrL0VrI
ry+9xoTOUuk9jzf6SGvZYZxbi5q/VPhVNMo9nKuqNp4aKyEmy2v4RAxYKp4XbQQI
5Bqw3hGyBVq3YiS0R5GTw8x5tRFSVW8Lo9RWIGlyuXlK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:54 2023 by rpki-client on console-fra.rpki-client.org