Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/r3xM_TIYqWlLbfBJCCwREt20H_k.roa
File: r3xM_TIYqWlLbfBJCCwREt20H_k.roa (raw, json)
Hash identifier: Zi4U1iwcDsBB+bJQTMYvyw+EniBhGGAIqPRF8dq3HgA=
Subject key identifier: AF:7C:4C:FD:32:18:A9:69:4B:6D:F0:49:08:2C:11:12:DD:B4:1F:F9
Certificate issuer: /CN=58dcfb0ff4f28b8ffad6eb0dd29eb2b6af629a68
Certificate serial: 018858FF02C798B881E184FBEAC2BFBF7F10
Authority key identifier: 58:DC:FB:0F:F4:F2:8B:8F:FA:D6:EB:0D:D2:9E:B2:B6:AF:62:9A:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNz7D_Tyi4_61usN0p6ytq9immg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/r3xM_TIYqWlLbfBJCCwREt20H_k.roa
Signing time: Fri 26 May 2023 16:58:07 +0000
ROA not before: Fri 26 May 2023 16:58:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12046
IP address blocks: 94.138.224.0/20 maxlen: 20
185.222.76.0/22 maxlen: 24
2001:1a70::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:58:ff:02:c7:98:b8:81:e1:84:fb:ea:c2:bf:bf:7f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58dcfb0ff4f28b8ffad6eb0dd29eb2b6af629a68
Validity
Not Before: May 26 16:58:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af7c4cfd3218a9694b6df049082c1112ddb41ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7a:bb:26:81:05:22:79:82:08:be:4b:8e:ba:
25:99:a9:1c:55:5a:f6:4a:01:11:d6:33:df:1b:e9:
95:49:7b:db:77:15:b0:80:27:09:88:2e:e7:f1:06:
a0:7f:d8:db:d5:5a:44:d9:fb:17:d4:bb:50:c0:26:
4f:c8:0a:e6:ab:f5:14:b0:66:64:1d:ae:f6:6e:a8:
4a:ff:cc:46:07:04:50:74:b1:63:a6:e8:ae:c8:d4:
d8:e2:fd:79:6f:80:d0:2e:cc:6d:e9:24:3b:47:8b:
e9:50:87:b1:cd:f5:2d:52:13:f6:50:6a:0d:e3:c8:
b9:f6:ae:15:50:f7:8d:60:27:89:44:58:28:f3:86:
6f:1c:5d:47:5b:0d:1d:79:01:ae:31:0f:46:0a:b0:
d4:04:fd:1b:06:d1:58:5e:b5:c1:89:50:08:7f:9a:
b9:a0:17:7c:38:fa:29:d2:1a:1b:c4:5a:11:73:0e:
04:bd:58:94:68:b7:71:e3:b6:85:7e:5b:05:64:3f:
b7:7f:47:9c:ae:8c:45:c8:40:8a:b0:42:dd:6c:e0:
08:f5:d8:ba:91:01:b8:d8:1b:23:a2:bd:d9:a5:8c:
3c:14:c2:05:b8:75:77:ab:70:b9:0d:b7:f6:f6:3a:
a7:57:e7:55:05:c4:7e:97:1a:aa:79:4f:2e:2f:12:
94:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7C:4C:FD:32:18:A9:69:4B:6D:F0:49:08:2C:11:12:DD:B4:1F:F9
X509v3 Authority Key Identifier:
keyid:58:DC:FB:0F:F4:F2:8B:8F:FA:D6:EB:0D:D2:9E:B2:B6:AF:62:9A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNz7D_Tyi4_61usN0p6ytq9immg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/r3xM_TIYqWlLbfBJCCwREt20H_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/WNz7D_Tyi4_61usN0p6ytq9immg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.138.224.0/20
185.222.76.0/22
IPv6:
2001:1a70::/32
Signature Algorithm: sha256WithRSAEncryption
4f:00:81:36:3d:6b:05:ba:4f:77:60:8f:d7:41:30:74:c4:e4:
1c:96:31:57:17:91:38:d0:4a:25:14:c2:af:e1:e6:a7:5e:51:
e4:91:4d:f2:af:cb:7d:c5:14:d0:5e:01:b1:84:a9:9c:ff:ac:
70:d1:1b:4f:21:8a:65:75:24:91:24:5b:fe:53:3b:80:3c:90:
7b:60:7e:c4:ea:ea:9f:49:7c:fe:7c:74:07:43:63:fd:27:21:
89:c5:56:8c:40:c9:56:d8:77:41:25:9e:45:9c:9c:66:58:e9:
57:38:b3:e3:15:64:2a:3a:6f:c6:44:ad:c0:16:96:4e:39:de:
77:88:32:33:5b:e3:c9:56:26:ce:31:22:dc:81:8b:ae:da:e8:
49:c8:a3:8f:4a:2d:48:f3:fa:4b:27:cd:3a:61:b8:65:03:86:
69:89:af:4f:5e:e0:0d:dc:e3:9f:8c:28:a2:81:9c:06:6c:e9:
36:03:a3:1e:6c:5c:81:f8:30:62:83:63:5d:6f:9b:8c:a2:5c:
ec:46:62:15:20:3a:7e:ad:f2:bb:a7:00:22:43:d7:30:3c:fb:
a3:15:49:b3:35:38:63:9c:bc:7c:91:d6:7f:fa:a5:ba:6d:6b:
e5:74:3b:ca:90:7a:b5:b6:b0:d5:6e:2e:3d:26:31:55:d2:8c:
51:89:39:ba
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYhY/wLHmLiB4YT76sK/v38QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGNmYjBmZjRmMjhiOGZmYWQ2ZWIwZGQyOWViMmI2YWY2
MjlhNjgwHhcNMjMwNTI2MTY1ODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdjNGNmZDMyMThhOTY5NGI2ZGYwNDkwODJjMTExMmRkYjQxZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXq7JoEFInmCCL5LjrolmakcVVr2
SgER1jPfG+mVSXvbdxWwgCcJiC7n8Qagf9jb1VpE2fsX1LtQwCZPyArmq/UUsGZk
Ha72bqhK/8xGBwRQdLFjpuiuyNTY4v15b4DQLsxt6SQ7R4vpUIexzfUtUhP2UGoN
48i59q4VUPeNYCeJRFgo84ZvHF1HWw0deQGuMQ9GCrDUBP0bBtFYXrXBiVAIf5q5
oBd8OPop0hobxFoRcw4EvViUaLdx47aFflsFZD+3f0ecroxFyECKsELdbOAI9di6
kQG42Bsjor3ZpYw8FMIFuHV3q3C5Dbf29jqnV+dVBcR+lxqqeU8uLxKUIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK98TP0yGKlpS23wSQgsERLdtB/5MB8GA1UdIwQY
MBaAFFjc+w/08ouP+tbrDdKesravYppoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV056N0RfVHlpNF82MXVzTjBwNnl0cTlpbW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNjYzZGYtYWMxYy00NTI5LThjOGIt
NzEyMTM1YTZiNzUwLzEvcjN4TV9USVlxV2xMYmZCSkNDd1JFdDIwSF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNjYzZGYtYWMxYy00NTI5LThjOGItNzEyMTM1YTZiNzUw
LzEvV056N0RfVHlpNF82MXVzTjBwNnl0cTlpbW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXorgAwQC
ud5MMA0EAgACMAcDBQAgARpwMA0GCSqGSIb3DQEBCwUAA4IBAQBPAIE2PWsFuk93
YI/XQTB0xOQcljFXF5E40EolFMKv4eanXlHkkU3yr8t9xRTQXgGxhKmc/6xw0RtP
IYpldSSRJFv+UzuAPJB7YH7E6uqfSXz+fHQHQ2P9JyGJxVaMQMlW2HdBJZ5FnJxm
WOlXOLPjFWQqOm/GRK3AFpZOOd53iDIzW+PJVibOMSLcgYuu2uhJyKOPSi1I8/pL
J806YbhlA4Zpia9PXuAN3OOfjCiigZwGbOk2A6MebFyB+DBig2Ndb5uMolzsRmIV
IDp+rfK7pwAiQ9cwPPujFUmzNThjnLx8kdZ/+qW6bWvldDvKkHq1trDVbi49JjFV
0oxRiTm6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:05 2024 by rpki-client on console-ams.rpki-client.org