Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/9HXpPtnyPcxCeZJ_4ObFYVIXbvE.roa
File: 9HXpPtnyPcxCeZJ_4ObFYVIXbvE.roa (raw, json)
Hash identifier: 81WQhmTn7jzNpUCSJB05vFTkx5uDAqIH5sS/0OPVX+o=
Subject key identifier: F4:75:E9:3E:D9:F2:3D:CC:42:79:92:7F:E0:E6:C5:61:52:17:6E:F1
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 01856F9DB1EDAB96512E1822623DB08F9349
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/9HXpPtnyPcxCeZJ_4ObFYVIXbvE.roa
Signing time: Sun 01 Jan 2023 23:14:43 +0000
ROA not before: Sun 01 Jan 2023 23:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59675
IP address blocks: 213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 22
213.185.84.0/23 maxlen: 23
31.220.150.0/24 maxlen: 24
185.5.10.0/23 maxlen: 23
185.5.8.0/23 maxlen: 23
128.0.144.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.148.0/23 maxlen: 23
128.0.146.0/23 maxlen: 23
128.0.154.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
2a02:45c0::/32 maxlen: 32
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b1:ed:ab:96:51:2e:18:22:62:3d:b0:8f:93:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Jan 1 23:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f475e93ed9f23dcc4279927fe0e6c56152176ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:24:74:11:63:bf:d3:4f:8c:1d:0b:1f:12:b1:
0f:a7:2a:94:c5:83:8a:75:2f:72:ea:6e:81:77:ca:
95:a7:ae:2a:1b:59:ad:7a:0b:b0:6f:fd:87:7a:ae:
4f:48:24:e8:90:0d:e7:96:fd:b7:cb:67:2c:b6:db:
98:3e:47:af:0f:64:85:a9:be:6d:86:98:9f:a4:e9:
8d:4d:50:e3:24:c2:cf:a8:15:7d:e3:13:13:af:64:
21:3f:7d:6d:8e:0c:1f:7c:a1:6d:a0:a0:04:26:56:
fc:00:04:eb:ca:46:1f:54:1e:8c:15:be:c2:82:35:
91:9e:d6:d2:82:e2:e5:b2:66:d9:3e:ad:18:eb:e6:
23:18:79:a5:19:d5:0e:46:10:37:41:22:bd:93:4f:
04:fe:b0:16:d1:a8:b2:ca:9d:67:5d:94:0a:6d:19:
d1:ad:91:43:74:b6:74:24:2a:51:cc:63:89:2a:db:
0e:f2:af:60:a4:1b:bf:3e:11:bc:e0:f2:cb:d7:22:
45:8a:a9:c7:e4:35:a0:f5:2c:ab:51:83:54:cc:fa:
8a:ca:73:43:93:5d:f2:98:6c:f9:19:c0:4c:6a:7d:
24:0b:34:88:5e:ec:ee:c7:e2:62:a7:47:da:bb:71:
49:14:8e:9f:0e:7b:cb:57:52:c9:21:e1:3f:95:68:
50:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:75:E9:3E:D9:F2:3D:CC:42:79:92:7F:E0:E6:C5:61:52:17:6E:F1
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/9HXpPtnyPcxCeZJ_4ObFYVIXbvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
06:28:08:06:61:16:f8:56:37:25:46:1a:e8:65:e4:19:a8:07:
a2:01:ec:21:cf:18:4a:09:45:e2:e1:94:f9:e4:1d:38:89:fe:
b1:e8:88:b2:c7:e7:dc:df:ea:9e:85:49:d3:c0:99:2e:c2:51:
10:94:f0:14:5c:fa:b5:9f:63:18:ca:60:0b:e3:38:cc:4e:1c:
4d:2d:25:85:bd:6b:8d:83:6a:fb:11:73:f3:46:4f:4b:2a:b3:
4a:0b:f8:5d:38:a5:47:52:2e:9a:72:ca:be:e5:6d:8b:37:c7:
12:7f:c6:f9:64:fe:76:71:82:65:10:9a:e2:89:9d:f6:6f:9b:
2f:54:d0:e9:a8:f5:26:ea:f6:b1:48:d1:ba:fd:01:c6:1b:52:
1c:cf:62:3d:50:af:f9:12:4d:68:8e:de:06:e7:05:5c:48:0b:
02:c0:7f:88:b3:55:14:20:de:f3:96:f6:7e:c6:1f:96:57:c8:
e4:a1:34:0e:97:b9:fd:f9:0a:30:03:78:6d:85:fb:d9:2f:32:
6b:7f:c9:10:99:b8:75:72:e1:73:6f:69:f3:90:12:ba:8a:e5:
42:96:18:2a:4f:34:af:49:78:c6:7f:2a:c8:48:e8:c6:e6:74:
36:37:25:07:1c:b5:b9:3d:54:c6:de:ae:bb:81:ef:97:eb:e0:
4b:3d:26:0a
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVvnbHtq5ZRLhgiYj2wj5NJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjMwMTAxMjMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDc1ZTkzZWQ5ZjIzZGNjNDI3OTkyN2ZlMGU2YzU2MTUyMTc2ZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiR0EWO/00+MHQsfErEPpyqUxYOK
dS9y6m6Bd8qVp64qG1mteguwb/2Heq5PSCTokA3nlv23y2csttuYPkevD2SFqb5t
hpifpOmNTVDjJMLPqBV94xMTr2QhP31tjgwffKFtoKAEJlb8AATrykYfVB6MFb7C
gjWRntbSguLlsmbZPq0Y6+YjGHmlGdUORhA3QSK9k08E/rAW0aiyyp1nXZQKbRnR
rZFDdLZ0JCpRzGOJKtsO8q9gpBu/PhG84PLL1yJFiqnH5DWg9SyrUYNUzPqKynND
k13ymGz5GcBMan0kCzSIXuzux+Jip0fau3FJFI6fDnvLV1LJIeE/lWhQFwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPR16T7Z8j3MQnmSf+DmxWFSF27xMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvOUhYcFB0bnlQY3hDZVpKXzRPYkZZVklYYnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEABigIBmEW+FY3JUYa6GXkGagHogHsIc8YSglF4uGU
+eQdOIn+seiIssfn3N/qnoVJ08CZLsJREJTwFFz6tZ9jGMpgC+M4zE4cTS0lhb1r
jYNq+xFz80ZPSyqzSgv4XTilR1IumnLKvuVtizfHEn/G+WT+dnGCZRCa4omd9m+b
L1TQ6aj1Jur2sUjRuv0BxhtSHM9iPVCv+RJNaI7eBucFXEgLAsB/iLNVFCDe85b2
fsYfllfI5KE0Dpe5/fkKMAN4bYX72S8ya3/JEJm4dXLhc29p85ASuorlQpYYKk80
r0l4xn8qyEjoxuZ0NjclBxy1uT1Uxt6uu4Hvl+vgSz0mCg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org