Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/c1BE3Tdddk18T-SFOicd98jTxvs.roa
File: c1BE3Tdddk18T-SFOicd98jTxvs.roa (raw, json)
Hash identifier: W7uv/8g9fGU4BQ2cddiLR7P3K4f7Y4WjsyZ59eEdHhA=
Subject key identifier: 73:50:44:DD:37:5D:76:4D:7C:4F:E4:85:3A:27:1D:F7:C8:D3:C6:FB
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 018570B0AB66B8DBA20AFA8D5AA7427CE99D
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/c1BE3Tdddk18T-SFOicd98jTxvs.roa
Signing time: Mon 02 Jan 2023 04:15:04 +0000
ROA not before: Mon 02 Jan 2023 04:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1853
IP address blocks: 193.170.0.0/15 maxlen: 15
78.104.0.0/16 maxlen: 16
193.171.1.0/24 maxlen: 24
185.154.40.0/22 maxlen: 22
2001:628::/29 maxlen: 29
2001:67c:1864::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:ab:66:b8:db:a2:0a:fa:8d:5a:a7:42:7c:e9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 2 04:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=735044dd375d764d7c4fe4853a271df7c8d3c6fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f5:49:e8:69:ee:fe:fe:8a:b3:d9:d1:39:4c:
a0:a4:81:b1:32:55:6c:09:77:44:3e:19:9e:3a:88:
ca:2b:e7:3d:72:60:12:e1:54:0c:91:e1:2f:b6:a0:
81:4a:3c:7d:bc:2d:94:12:75:93:88:e2:9c:e2:0e:
15:38:70:5f:5e:5b:98:7f:37:7b:c9:db:7b:29:f3:
6b:f6:41:95:fa:6f:07:4b:08:92:ad:f3:df:9d:a1:
cd:bd:3c:3f:94:fc:6b:a5:3b:d9:fa:4b:52:11:89:
f4:7e:d8:fc:f9:d4:9a:d9:c1:8c:38:c9:62:91:65:
d3:d9:ce:1d:93:11:2f:a2:3a:80:95:56:8c:48:9b:
2e:df:c5:c2:4d:98:04:16:3e:43:6b:e2:26:20:10:
e4:92:98:74:85:22:58:8a:5c:0e:17:cf:4a:86:aa:
92:5a:98:da:17:95:41:1d:c1:9f:78:6e:e1:98:f9:
f7:93:e5:da:93:48:ee:67:3f:b0:a4:c3:94:58:72:
aa:81:00:75:7e:ed:03:5c:0a:af:b6:1a:b3:b1:15:
f0:e6:35:99:ae:f1:13:a4:ff:4b:7d:44:af:85:b7:
43:46:32:8e:d4:1f:85:53:5b:a9:dc:34:de:88:8b:
54:c3:90:51:81:2e:c6:b7:e5:83:f8:d8:b1:b2:10:
b7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:50:44:DD:37:5D:76:4D:7C:4F:E4:85:3A:27:1D:F7:C8:D3:C6:FB
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/c1BE3Tdddk18T-SFOicd98jTxvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.104.0.0/16
185.154.40.0/22
193.170.0.0/15
IPv6:
2001:628::/29
2001:67c:1864::/48
Signature Algorithm: sha256WithRSAEncryption
40:25:37:af:af:f0:f6:d1:b8:0f:0f:c2:29:ad:9f:40:d9:e5:
64:87:ec:2b:8d:43:a4:88:a1:71:4f:9e:06:cd:a2:a7:03:de:
d8:a0:70:61:d6:6c:2c:be:51:35:53:4f:37:06:39:2e:6c:84:
20:37:be:6d:b9:47:52:ea:9b:13:08:b3:88:17:52:eb:e1:27:
c5:7c:96:a4:bb:99:52:d0:83:0b:4a:b7:41:19:6f:d7:be:a6:
9f:52:43:33:57:de:a4:32:01:af:df:f7:f8:8f:33:f9:27:66:
1d:b0:a5:db:ab:92:98:86:b6:56:b6:db:c9:d4:c5:e9:d8:f9:
f3:44:d0:6f:61:bb:e0:d3:fb:a5:84:65:d3:5a:f7:e6:e4:01:
f0:3f:c2:24:29:54:df:cf:f2:41:78:08:3c:92:33:0a:92:b2:
80:3c:1c:e9:39:ee:87:54:1f:8d:d5:d2:ee:f5:f1:fd:e0:66:
0a:2c:9a:e8:f0:4a:30:8f:aa:2e:c8:2c:a3:13:5b:c2:af:b4:
f7:06:73:05:57:dc:b9:f3:89:c0:90:28:82:67:5a:f1:3b:a8:
44:17:73:be:11:91:d2:a5:84:35:b2:16:2f:b7:51:66:71:40:
f2:61:d2:e5:f6:11:bc:f9:ea:ce:47:4c:47:fa:e3:62:b3:18:
a9:e2:5e:29
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVwsKtmuNuiCvqNWqdCfOmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjMwMTAyMDQxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzUwNDRkZDM3NWQ3NjRkN2M0ZmU0ODUzYTI3MWRmN2M4ZDNjNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPVJ6Gnu/v6Ks9nROUygpIGxMlVs
CXdEPhmeOojKK+c9cmAS4VQMkeEvtqCBSjx9vC2UEnWTiOKc4g4VOHBfXluYfzd7
ydt7KfNr9kGV+m8HSwiSrfPfnaHNvTw/lPxrpTvZ+ktSEYn0ftj8+dSa2cGMOMli
kWXT2c4dkxEvojqAlVaMSJsu38XCTZgEFj5Da+ImIBDkkph0hSJYilwOF89KhqqS
WpjaF5VBHcGfeG7hmPn3k+Xak0juZz+wpMOUWHKqgQB1fu0DXAqvthqzsRXw5jWZ
rvETpP9LfUSvhbdDRjKO1B+FU1up3DTeiItUw5BRgS7Gt+WD+NixshC3/wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHNQRN03XXZNfE/khTonHffI08b7MB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEvYzFCRTNUZGRkazE4VC1TRk9pY2Q5OGpUeHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAWBAIAATAQAwMATmgDBAK5
migDAwHBqjAWBAIAAjAQAwUDIAEGKAMHACABBnwYZDANBgkqhkiG9w0BAQsFAAOC
AQEAQCU3r6/w9tG4Dw/CKa2fQNnlZIfsK41DpIihcU+eBs2ipwPe2KBwYdZsLL5R
NVNPNwY5LmyEIDe+bblHUuqbEwiziBdS6+EnxXyWpLuZUtCDC0q3QRlv176mn1JD
M1fepDIBr9/3+I8z+SdmHbCl26uSmIa2VrbbydTF6dj580TQb2G74NP7pYRl01r3
5uQB8D/CJClU38/yQXgIPJIzCpKygDwc6Tnuh1QfjdXS7vXx/eBmCiya6PBKMI+q
LsgsoxNbwq+09wZzBVfcufOJwJAogmda8TuoRBdzvhGR0qWENbIWL7dRZnFA8mHS
5fYRvPnqzkdMR/rjYrMYqeJeKQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:10 2024 by rpki-client on console-fra.rpki-client.org