Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/xM1iislgVci6onCt3Jz6WC8VTjM.roa
File: xM1iislgVci6onCt3Jz6WC8VTjM.roa (raw, json)
Hash identifier: xChPFj0ASLo7uVPEaXEAnTxn66K+tHZ3MUlw6XbSUf4=
Subject key identifier: C4:CD:62:8A:C9:60:55:C8:BA:A2:70:AD:DC:9C:FA:58:2F:15:4E:33
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 01856BCA455E5B23121845F4F0AF1087E744
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/xM1iislgVci6onCt3Jz6WC8VTjM.roa
Signing time: Sun 01 Jan 2023 05:24:56 +0000
ROA not before: Sun 01 Jan 2023 05:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20811
IP address blocks: 77.74.112.0/21 maxlen: 24
185.111.144.0/22 maxlen: 24
109.69.248.0/21 maxlen: 24
2a02:54c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:45:5e:5b:23:12:18:45:f4:f0:af:10:87:e7:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Jan 1 05:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4cd628ac96055c8baa270addc9cfa582f154e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:88:e1:a6:29:08:9e:0a:55:6c:2b:35:dc:48:
57:15:1e:72:2f:dd:8a:fb:44:66:11:b4:4b:9f:81:
88:c3:3f:85:f4:b3:cd:72:29:e1:41:b3:72:e0:c5:
19:12:d6:b4:05:1b:e5:7b:cc:d0:8c:be:fd:c1:56:
d9:c5:32:b4:9e:ab:70:54:ec:5a:93:e1:ec:ce:3f:
35:a6:96:ea:17:f9:6d:21:0c:1d:43:1c:b8:53:f8:
24:eb:d4:cd:97:0f:39:70:58:63:f0:e8:e8:ef:50:
1f:97:93:cd:89:05:e0:2b:4c:23:d2:b2:d9:be:b4:
c4:9f:28:30:37:dd:43:d4:fa:21:45:6b:65:00:01:
79:db:4e:70:f4:a5:45:33:43:44:1e:05:14:0a:3f:
eb:a8:c0:8c:3d:69:14:a1:87:6e:f9:45:ed:cd:4b:
84:1a:23:65:37:36:fc:dc:9b:b3:c7:c2:42:dd:f2:
25:cc:0c:83:45:fa:e2:a6:b9:e2:da:cf:df:3d:17:
11:5c:6e:d6:d5:e0:0a:90:97:46:da:bf:bf:f0:db:
d7:56:f7:90:5c:47:99:65:d8:38:96:5f:9e:95:95:
26:73:3a:c6:42:2b:98:39:02:cb:6f:5f:99:ce:22:
18:1e:e6:b0:82:fd:9c:72:82:52:b5:15:44:38:d8:
a8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CD:62:8A:C9:60:55:C8:BA:A2:70:AD:DC:9C:FA:58:2F:15:4E:33
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/xM1iislgVci6onCt3Jz6WC8VTjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.112.0/21
109.69.248.0/21
185.111.144.0/22
IPv6:
2a02:54c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:01:e0:9d:19:30:39:9b:34:99:57:15:ae:88:07:62:79:78:
cb:9f:fd:3d:6d:08:10:af:fa:a4:1d:e3:41:7e:d2:d1:27:a9:
28:bc:77:e1:27:c4:0a:c7:e2:1f:01:aa:bb:1d:6b:47:bd:b2:
66:05:b8:9e:e0:43:b6:bc:28:1b:62:a1:80:03:aa:0c:2c:2d:
8d:09:89:39:80:d7:f0:86:6b:8e:6a:86:12:a4:c1:c3:ac:b3:
39:c7:ec:88:96:12:28:86:3e:28:f1:84:fa:57:df:a8:da:18:
78:f7:cd:14:9b:14:e2:e5:0a:03:19:82:04:e7:66:ec:81:8d:
b9:c2:f7:38:26:82:77:6b:58:50:fa:d6:e0:24:b4:f7:25:0c:
06:82:e6:de:38:c4:11:10:0b:16:a9:ac:b1:89:a6:28:1b:bc:
95:3b:c0:11:3c:b3:76:02:34:d2:6a:60:30:ec:2b:9a:5c:95:
da:be:f7:29:4b:08:28:c8:91:54:01:bd:3a:80:45:4d:ce:95:
6c:18:6d:e3:da:27:20:d9:8d:8b:d3:dc:3a:9c:f3:2d:40:04:
bd:a6:1b:3e:f8:b6:79:c0:25:5b:9c:27:c9:93:b5:be:f7:d0:
74:76:80:46:44:82:40:59:e2:a7:0e:a1:49:d1:37:9d:63:3d:
ca:f9:6a:e6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrykVeWyMSGEX08K8Qh+dEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjMwMTAxMDUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGNkNjI4YWM5NjA1NWM4YmFhMjcwYWRkYzljZmE1ODJmMTU0ZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIjhpikIngpVbCs13EhXFR5yL92K
+0RmEbRLn4GIwz+F9LPNcinhQbNy4MUZEta0BRvle8zQjL79wVbZxTK0nqtwVOxa
k+Hszj81ppbqF/ltIQwdQxy4U/gk69TNlw85cFhj8Ojo71Afl5PNiQXgK0wj0rLZ
vrTEnygwN91D1PohRWtlAAF5205w9KVFM0NEHgUUCj/rqMCMPWkUoYdu+UXtzUuE
GiNlNzb83Juzx8JC3fIlzAyDRfriprni2s/fPRcRXG7W1eAKkJdG2r+/8NvXVveQ
XEeZZdg4ll+elZUmczrGQiuYOQLLb1+ZziIYHuawgv2ccoJStRVEONioZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMTNYorJYFXIuqJwrdyc+lgvFU4zMB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEveE0xaWlzbGdWY2k2b25DdDNKejZXQzhWVGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDTUpwAwQD
bUX4AwQCuW+QMA0EAgACMAcDBQMqAlTAMA0GCSqGSIb3DQEBCwUAA4IBAQCTAeCd
GTA5mzSZVxWuiAdieXjLn/09bQgQr/qkHeNBftLRJ6kovHfhJ8QKx+IfAaq7HWtH
vbJmBbie4EO2vCgbYqGAA6oMLC2NCYk5gNfwhmuOaoYSpMHDrLM5x+yIlhIohj4o
8YT6V9+o2hh4980UmxTi5QoDGYIE52bsgY25wvc4JoJ3a1hQ+tbgJLT3JQwGgube
OMQREAsWqayxiaYoG7yVO8ARPLN2AjTSamAw7CuaXJXavvcpSwgoyJFUAb06gEVN
zpVsGG3j2icg2Y2L09w6nPMtQAS9phs++LZ5wCVbnCfJk7W+99B0doBGRIJAWeKn
DqFJ0TedYz3K+Wrm
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:37 2024 by rpki-client on console-ams.rpki-client.org