Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/1xREQ5c-_H2nn8h_DmDfUwL_bGY.roa
File: 1xREQ5c-_H2nn8h_DmDfUwL_bGY.roa (raw, json)
Hash identifier: GUmzncBUZy+VZecG1BZA4U1eM/kXIXwnE1feJjAUnI8=
Subject key identifier: D7:14:44:43:97:3E:FC:7D:A7:9F:C8:7F:0E:60:DF:53:02:FF:6C:66
Certificate issuer: /CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Certificate serial: 01856FD504698731287EE3E4826BE498E24E
Authority key identifier: A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/1xREQ5c-_H2nn8h_DmDfUwL_bGY.roa
Signing time: Mon 02 Jan 2023 00:15:09 +0000
ROA not before: Mon 02 Jan 2023 00:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50343
IP address blocks: 109.233.152.0/21 maxlen: 24
185.169.112.0/22 maxlen: 24
2a01:8780::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:04:69:87:31:28:7e:e3:e4:82:6b:e4:98:e2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Validity
Not Before: Jan 2 00:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7144443973efc7da79fc87f0e60df5302ff6c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9b:1f:ef:84:6c:66:af:09:3f:c5:75:f0:dc:
fe:d8:32:6a:52:f4:ac:9d:51:4f:7a:d8:01:9f:16:
26:3e:82:41:ff:92:0f:57:d8:ee:87:62:80:db:17:
ff:22:e6:03:6c:31:d6:c5:55:26:e8:84:ad:4e:40:
44:9a:89:c6:36:d4:cb:62:33:2d:00:f7:68:31:7e:
b7:1c:39:01:47:96:c9:6d:f4:bc:c9:95:7d:4f:c8:
c5:0e:bd:a3:10:23:bd:a7:68:fe:6d:5a:a4:08:2a:
cf:d7:a2:39:47:77:f0:d0:28:da:e7:58:c5:bb:12:
8e:10:14:c9:da:4e:01:df:ba:38:a7:c0:3d:59:3d:
ac:88:48:24:1f:6e:81:7c:ce:0e:af:75:2f:10:91:
5a:c1:ee:86:c2:26:24:b2:bb:b2:bd:19:c8:f0:e2:
ad:a5:d1:71:53:16:f1:75:de:4f:9b:e9:6e:32:c7:
0f:bc:82:5b:03:9a:15:ae:5f:73:39:df:70:a1:c4:
c4:d3:25:88:5f:10:a2:11:fc:09:36:7c:cd:65:51:
e1:5b:f4:fd:44:09:d8:2d:cc:d9:2a:b0:b6:f4:06:
b2:62:f5:49:54:5c:5b:d0:b7:da:d9:58:5e:ce:a4:
66:57:38:38:71:07:cf:02:89:85:c1:c0:50:57:a7:
a7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:14:44:43:97:3E:FC:7D:A7:9F:C8:7F:0E:60:DF:53:02:FF:6C:66
X509v3 Authority Key Identifier:
keyid:A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/1xREQ5c-_H2nn8h_DmDfUwL_bGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.152.0/21
185.169.112.0/22
IPv6:
2a01:8780::/29
Signature Algorithm: sha256WithRSAEncryption
03:96:aa:80:99:75:78:3d:50:d7:ed:5b:3e:5b:b6:93:55:7b:
0b:df:ec:9a:23:88:aa:3c:4a:49:e4:1c:64:42:4f:6e:83:25:
af:a6:a5:99:e1:9f:64:54:88:b4:fd:9c:41:56:39:f4:ff:a2:
b7:18:99:25:c0:79:cc:ff:8b:00:d9:6a:30:4e:70:f7:89:d8:
29:4b:c0:d5:87:42:77:18:63:34:d9:47:7b:cb:49:56:42:e8:
da:fc:38:5c:78:9c:bb:fc:27:45:d6:18:e3:72:eb:b4:16:61:
bf:e1:f2:a5:2e:ec:69:72:5f:4f:06:ae:58:f7:19:58:fa:36:
e8:70:3d:1b:ff:44:f5:05:3d:0a:9a:7b:9e:34:78:21:8b:33:
b2:2a:8b:1a:cf:10:40:40:63:03:32:cb:13:66:b2:d8:af:49:
0b:f4:2c:d3:57:72:dd:45:c2:39:ab:f8:89:86:f4:9b:3d:41:
23:a6:28:a2:19:b4:70:e6:45:43:14:c3:ba:a2:29:04:aa:81:
ab:fb:69:06:54:18:de:f1:dd:af:59:56:4c:8d:49:28:d2:e7:
9b:93:7d:ba:91:ca:6d:ce:78:09:66:87:f1:0b:00:3b:c5:b2:
eb:62:c1:fe:42:e7:50:be:4d:64:22:ee:0d:a7:37:2d:f2:86:
1a:be:bc:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv1QRphzEofuPkgmvkmOJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTkwZjZlZmQ3OWVhNzMzM2Y5YmNjZDg1YTA0MzUyZDkx
NWIyMzkwHhcNMjMwMTAyMDAxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE0NDQ0Mzk3M2VmYzdkYTc5ZmM4N2YwZTYwZGY1MzAyZmY2YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpsf74RsZq8JP8V18Nz+2DJqUvSs
nVFPetgBnxYmPoJB/5IPV9juh2KA2xf/IuYDbDHWxVUm6IStTkBEmonGNtTLYjMt
APdoMX63HDkBR5bJbfS8yZV9T8jFDr2jECO9p2j+bVqkCCrP16I5R3fw0Cja51jF
uxKOEBTJ2k4B37o4p8A9WT2siEgkH26BfM4Or3UvEJFawe6GwiYksruyvRnI8OKt
pdFxUxbxdd5Pm+luMscPvIJbA5oVrl9zOd9wocTE0yWIXxCiEfwJNnzNZVHhW/T9
RAnYLczZKrC29AayYvVJVFxb0Lfa2VhezqRmVzg4cQfPAomFwcBQV6enJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNcUREOXPvx9p5/Ifw5g31MC/2xmMB8GA1UdIwQY
MBaAFKMZD279eepzM/m8zYWgQ1LZFbI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUt
NWY0Yjg3YWRhNGI1LzEvMXhSRVE1Yy1fSDJubjhoX0RtRGZVd0xfYkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUtNWY0Yjg3YWRhNGI1
LzEvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbemYAwQC
ualwMA0EAgACMAcDBQMqAYeAMA0GCSqGSIb3DQEBCwUAA4IBAQADlqqAmXV4PVDX
7Vs+W7aTVXsL3+yaI4iqPEpJ5BxkQk9ugyWvpqWZ4Z9kVIi0/ZxBVjn0/6K3GJkl
wHnM/4sA2WowTnD3idgpS8DVh0J3GGM02Ud7y0lWQuja/DhceJy7/CdF1hjjcuu0
FmG/4fKlLuxpcl9PBq5Y9xlY+jbocD0b/0T1BT0KmnueNHghizOyKosazxBAQGMD
MssTZrLYr0kL9CzTV3LdRcI5q/iJhvSbPUEjpiiiGbRw5kVDFMO6oikEqoGr+2kG
VBje8d2vWVZMjUko0uebk326kcptzngJZofxCwA7xbLrYsH+QudQvk1kIu4Npzct
8oYavrwl
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:14 2024 by rpki-client on console-fra.rpki-client.org