Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/72by00gUn6HK3dd7TNg0ifwxwdw.roa
File: 72by00gUn6HK3dd7TNg0ifwxwdw.roa (raw, json)
Hash identifier: Qr65MrEJlHgrrI8rjOYxJYzXUGuM0bcIwkgfVK/LkD4=
Subject key identifier: EF:66:F2:D3:48:14:9F:A1:CA:DD:D7:7B:4C:D8:34:89:FC:31:C1:DC
Certificate issuer: /CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Certificate serial: 01856B0A1932E00462F1B4E313E76F8B3B19
Authority key identifier: C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/72by00gUn6HK3dd7TNg0ifwxwdw.roa
Signing time: Sun 01 Jan 2023 01:55:01 +0000
ROA not before: Sun 01 Jan 2023 01:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 194.116.188.0/23 maxlen: 32
2001:7f8:15::/48 maxlen: 128
2a04:80c0::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:19:32:e0:04:62:f1:b4:e3:13:e7:6f:8b:3b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Validity
Not Before: Jan 1 01:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef66f2d348149fa1caddd77b4cd83489fc31c1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:38:ac:b5:09:4c:dd:92:5a:5e:76:f3:70:
5c:2e:98:37:e3:56:f2:af:94:19:64:7e:09:0e:b6:
77:dd:0d:8a:77:34:5c:01:6a:24:a4:a7:d4:26:19:
b8:d9:9b:fd:f4:08:c6:fb:4c:8c:da:a9:e7:58:f7:
a8:f0:92:bd:47:d9:a7:14:2c:04:61:a9:7e:49:a5:
9e:8b:d3:4a:ee:53:75:12:28:4d:34:07:fe:3f:32:
f8:ec:d1:ae:ca:83:2a:4a:ae:2d:0c:a1:b3:24:e4:
b0:1e:74:29:69:f4:73:c2:b5:2f:91:72:14:b0:6a:
05:2a:10:31:55:e1:17:65:95:49:ef:29:63:82:2c:
36:2d:28:88:ea:72:4d:ed:66:da:b8:f5:1d:cf:4c:
83:67:a4:6a:51:7d:6e:c4:a1:c7:c1:7b:70:9a:82:
e3:2b:8d:cb:66:bf:1f:72:82:66:79:01:e1:52:10:
25:74:8d:4b:9b:4d:f7:a5:da:a8:e1:8f:0b:7a:6b:
15:42:62:84:f3:c8:1a:7b:af:6c:3d:39:7b:dd:b8:
7e:d8:98:89:3c:8c:35:b9:41:ef:58:da:56:59:5f:
f0:23:35:41:c0:b2:f0:57:3b:71:9b:f8:33:25:59:
71:d2:ac:73:be:59:e1:aa:74:53:9d:57:82:98:07:
c7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:66:F2:D3:48:14:9F:A1:CA:DD:D7:7B:4C:D8:34:89:FC:31:C1:DC
X509v3 Authority Key Identifier:
keyid:C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/72by00gUn6HK3dd7TNg0ifwxwdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.188.0/23
IPv6:
2001:7f8:15::/48
2a04:80c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:01:76:15:50:1e:d7:84:b5:e8:2b:3f:04:5d:8e:32:fe:43:
7a:c7:c2:d7:30:26:1b:d5:56:a4:e1:c3:33:c4:a2:84:68:0a:
5a:cb:1a:1f:8c:be:22:62:b0:72:55:8c:f7:e7:85:72:fe:28:
3e:f7:66:04:7b:ae:4e:9c:cb:46:77:0f:38:f1:be:85:9d:7a:
20:10:92:ed:a5:3b:dd:76:7c:e5:93:ad:03:1b:88:81:93:99:
c0:60:96:b0:32:f4:db:de:3b:75:a0:58:aa:c9:dd:d3:9b:df:
ed:23:b3:1e:c1:c9:2c:17:5f:fb:3e:3f:71:dd:25:92:75:32:
c1:83:26:0e:0d:a8:ff:87:62:a4:a6:6b:83:fe:5b:50:4c:ac:
2a:42:6c:08:16:fb:bc:db:ec:86:89:e6:62:7f:79:11:75:b3:
25:84:cc:73:80:c1:d5:c0:49:5d:ab:f4:38:89:02:ff:86:87:
98:91:31:9c:1b:16:ab:86:bf:a1:b5:75:a5:d4:a7:69:de:27:
e0:cd:42:df:13:a7:28:10:85:30:b3:e5:3d:c3:20:d3:be:b5:
19:2c:59:6d:62:cf:c7:15:66:bc:34:98:d9:dc:3f:48:51:98:
95:30:d9:b0:c7:c8:19:19:09:96:3d:8e:49:fc:46:81:7d:9d:
e8:8c:67:d5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVrChky4ARi8bTjE+dvizsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDcxMGQ4YWMzMWIxZjZkYWY3MDQ2YzQ1Mzc0YWU4ZTQw
NWYxOGUwHhcNMjMwMTAxMDE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjY2ZjJkMzQ4MTQ5ZmExY2FkZGQ3N2I0Y2Q4MzQ4OWZjMzFjMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL44rLUJTN2SWl5283BcLpg341by
r5QZZH4JDrZ33Q2KdzRcAWokpKfUJhm42Zv99AjG+0yM2qnnWPeo8JK9R9mnFCwE
Yal+SaWei9NK7lN1EihNNAf+PzL47NGuyoMqSq4tDKGzJOSwHnQpafRzwrUvkXIU
sGoFKhAxVeEXZZVJ7yljgiw2LSiI6nJN7WbauPUdz0yDZ6RqUX1uxKHHwXtwmoLj
K43LZr8fcoJmeQHhUhAldI1Lm033pdqo4Y8LemsVQmKE88gae69sPTl73bh+2JiJ
PIw1uUHvWNpWWV/wIzVBwLLwVztxm/gzJVlx0qxzvlnhqnRTnVeCmAfHfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO9m8tNIFJ+hyt3Xe0zYNIn8McHcMB8GA1UdIwQY
MBaAFMHXENisMbH22vcEbEU3SujkBfGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2RjUTJLd3hzZmJhOXdSc1JUZEs2T1FGOFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kYjMzMDMtNzg3OS00YjY5LTg4NDgt
MTE1ZjE1YjIwZGU3LzEvNzJieTAwZ1VuNkhLM2RkN1ROZzBpZnd4d2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kYjMzMDMtNzg3OS00YjY5LTg4NDgtMTE1ZjE1YjIwZGU3
LzEvd2RjUTJLd3hzZmJhOXdSc1JUZEs2T1FGOFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBwnS8MBYE
AgACMBADBwAgAQf4ABUDBQMqBIDAMA0GCSqGSIb3DQEBCwUAA4IBAQCWAXYVUB7X
hLXoKz8EXY4y/kN6x8LXMCYb1Vak4cMzxKKEaApayxofjL4iYrByVYz354Vy/ig+
92YEe65OnMtGdw848b6FnXogEJLtpTvddnzlk60DG4iBk5nAYJawMvTb3jt1oFiq
yd3Tm9/tI7MewcksF1/7Pj9x3SWSdTLBgyYODaj/h2KkpmuD/ltQTKwqQmwIFvu8
2+yGieZif3kRdbMlhMxzgMHVwEldq/Q4iQL/hoeYkTGcGxarhr+htXWl1Kdp3ifg
zULfE6coEIUws+U9wyDTvrUZLFltYs/HFWa8NJjZ3D9IUZiVMNmwx8gZGQmWPY5J
/EaBfZ3ojGfV
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:53 2024 by rpki-client on console-fra.rpki-client.org