Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/TrU5y-_mxxfiUu3xrY2to_PVnSQ.roa
File: TrU5y-_mxxfiUu3xrY2to_PVnSQ.roa (raw, json)
Hash identifier: sNGU8p5j3MCTj2VhA9KoU6AFdS0sVpEeKl/13m5LIU4=
Subject key identifier: 4E:B5:39:CB:EF:E6:C7:17:E2:52:ED:F1:AD:8D:AD:A3:F3:D5:9D:24
Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Certificate serial: 018572E7FF8F83A0E5B968C06B642B813183
Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/TrU5y-_mxxfiUu3xrY2to_PVnSQ.roa
Signing time: Mon 02 Jan 2023 14:34:44 +0000
ROA not before: Mon 02 Jan 2023 14:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20253
IP address blocks: 146.19.181.0/24 maxlen: 26
217.20.49.0/24 maxlen: 24
217.20.48.0/24 maxlen: 24
217.20.51.0/24 maxlen: 24
217.20.50.0/24 maxlen: 24
2a12:45c7:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e7:ff:8f:83:a0:e5:b9:68:c0:6b:64:2b:81:31:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Validity
Not Before: Jan 2 14:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4eb539cbefe6c717e252edf1ad8dada3f3d59d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e2:d3:75:1c:77:7d:8f:e4:28:98:15:89:a3:
2e:f9:8e:a0:2b:1c:2e:61:ba:78:fa:41:a2:1d:3c:
74:19:cd:a1:32:cb:b6:d7:7c:fd:54:4d:21:ce:f4:
5f:7a:eb:e2:e2:7f:b1:42:11:19:55:6c:4c:14:24:
03:68:3a:27:56:7f:89:c4:8f:f9:b1:2c:aa:f7:e6:
f5:f0:78:58:04:3a:78:f5:fb:9d:10:74:9e:d5:70:
13:03:61:3b:be:93:4c:b6:c5:1f:2b:f6:b3:57:83:
60:cd:bd:df:31:da:b9:59:04:b0:b0:9a:98:31:ea:
ad:3d:25:b3:58:0a:06:ec:f2:e3:a9:91:89:a9:ef:
e3:d0:80:d0:90:41:01:40:e0:30:58:ce:c2:7c:8b:
d8:76:d1:d5:7e:c3:84:35:d6:a8:4e:e1:7d:78:58:
7c:be:d4:57:2c:54:13:a6:1a:3c:24:ca:e7:83:9f:
7f:0f:8d:38:c1:77:41:62:99:4b:5a:82:36:4a:c6:
4a:1e:40:f9:1d:01:85:e5:aa:fd:df:88:12:67:62:
74:26:13:62:9f:c6:05:69:e0:ca:62:0d:03:13:1f:
55:99:56:13:69:a3:53:14:e8:cf:8f:d7:f5:2a:84:
e0:ea:83:30:57:d4:9a:fe:7f:cf:fb:e4:e4:bf:ba:
3a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B5:39:CB:EF:E6:C7:17:E2:52:ED:F1:AD:8D:AD:A3:F3:D5:9D:24
X509v3 Authority Key Identifier:
keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/TrU5y-_mxxfiUu3xrY2to_PVnSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.181.0/24
217.20.48.0/22
IPv6:
2a12:45c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
bc:20:41:29:14:28:9b:9d:a4:2f:20:ec:39:65:44:b0:26:3c:
4d:85:b4:e9:8d:62:db:57:b3:06:4b:6d:18:5f:9e:d4:8e:f4:
28:22:f2:46:8a:3c:c3:bf:af:d7:86:a0:31:5a:30:42:05:d6:
d0:76:a9:41:ce:22:85:b0:28:45:d4:93:89:7a:ab:5b:f2:0a:
b0:91:93:89:a9:0f:e4:f4:81:f1:5d:1c:50:81:7b:a6:bf:62:
0c:57:4a:2c:a2:e8:cb:11:be:67:93:18:ef:58:05:50:ed:3b:
80:24:16:38:ce:72:fd:af:c9:46:f6:90:42:f3:f3:4e:f4:a2:
75:ba:7e:5a:3c:b1:44:cf:86:6e:de:19:4d:18:25:f0:5a:6c:
c7:de:3d:b4:2b:46:01:78:05:e2:69:bd:7d:4d:e5:92:d4:4b:
20:38:eb:ab:11:7c:37:e6:d0:a3:10:7f:a0:43:fc:13:15:c7:
37:8a:b3:94:09:39:7b:75:4e:c8:4e:86:bd:c9:08:9e:77:08:
a7:bb:0a:f8:c0:3b:16:f5:c3:82:07:8a:53:65:86:1a:04:4f:
2a:a9:96:63:79:c8:e7:99:20:4e:13:c8:89:d7:22:41:e3:a0:
dd:59:f2:9f:de:e5:88:9a:a8:f1:4d:e2:04:39:88:86:b7:9d:
e3:63:fc:31
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVy5/+Pg6DluWjAa2QrgTGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2
YThjZWUwHhcNMjMwMTAyMTQzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWI1MzljYmVmZTZjNzE3ZTI1MmVkZjFhZDhkYWRhM2YzZDU5ZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleLTdRx3fY/kKJgViaMu+Y6gKxwu
Ybp4+kGiHTx0Gc2hMsu213z9VE0hzvRfeuvi4n+xQhEZVWxMFCQDaDonVn+JxI/5
sSyq9+b18HhYBDp49fudEHSe1XATA2E7vpNMtsUfK/azV4Ngzb3fMdq5WQSwsJqY
MeqtPSWzWAoG7PLjqZGJqe/j0IDQkEEBQOAwWM7CfIvYdtHVfsOENdaoTuF9eFh8
vtRXLFQTpho8JMrng59/D404wXdBYplLWoI2SsZKHkD5HQGF5ar934gSZ2J0JhNi
n8YFaeDKYg0DEx9VmVYTaaNTFOjPj9f1KoTg6oMwV9Sa/n/P++Tkv7o67wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFE61Ocvv5scX4lLt8a2NraPz1Z0kMB8GA1UdIwQY
MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt
NTIwNThmOGE5YTFhLzEvVHJVNXktX214eGZpVXUzeHJZMnRvX1BWblNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh
LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAkhO1AwQC
2RQwMA8EAgACMAkDBwAqEkXH//8wDQYJKoZIhvcNAQELBQADggEBALwgQSkUKJud
pC8g7DllRLAmPE2FtOmNYttXswZLbRhfntSO9Cgi8kaKPMO/r9eGoDFaMEIF1tB2
qUHOIoWwKEXUk4l6q1vyCrCRk4mpD+T0gfFdHFCBe6a/YgxXSiyi6MsRvmeTGO9Y
BVDtO4AkFjjOcv2vyUb2kELz8070onW6flo8sUTPhm7eGU0YJfBabMfePbQrRgF4
BeJpvX1N5ZLUSyA466sRfDfm0KMQf6BD/BMVxzeKs5QJOXt1TshOhr3JCJ53CKe7
CvjAOxb1w4IHilNlhhoETyqplmN5yOeZIE4TyInXIkHjoN1Z8p/e5YiaqPFN4gQ5
iIa3neNj/DE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:27 2023 by rpki-client on console-fra.rpki-client.org