Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/XFklUtsR2fNzZuMcI_p_S0geEz0.roa
File: XFklUtsR2fNzZuMcI_p_S0geEz0.roa (raw, json)
Hash identifier: 6uMR/xa6unYkdWTlm7/wuC+fhRDLVtMsSfO3rD3bOKw=
Subject key identifier: 5C:59:25:52:DB:11:D9:F3:73:66:E3:1C:23:FA:7F:4B:48:1E:13:3D
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 01857371871D2384DD53C607156E5FC094C5
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/XFklUtsR2fNzZuMcI_p_S0geEz0.roa
Signing time: Mon 02 Jan 2023 17:04:57 +0000
ROA not before: Mon 02 Jan 2023 17:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56908
IP address blocks: 194.58.198.0/24 maxlen: 24
194.58.198.0/23 maxlen: 23
194.58.199.0/24 maxlen: 24
2a01:3f1:3000::/38 maxlen: 38
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:87:1d:23:84:dd:53:c6:07:15:6e:5f:c0:94:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 2 17:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c592552db11d9f37366e31c23fa7f4b481e133d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a3:6d:5d:23:82:9c:4d:72:1e:48:9b:e0:1a:
93:f6:9f:06:8b:d3:4e:33:0a:a9:d1:27:14:f6:61:
ac:05:9b:c3:8f:93:38:25:ba:45:dd:d5:03:4a:e5:
7b:1f:55:8e:e9:c0:0d:42:a4:eb:37:ab:d2:2e:de:
90:e8:63:11:32:e4:6d:3e:9c:c8:dd:cd:08:95:b9:
3b:c2:da:ae:c1:1b:f1:fe:73:44:16:3d:49:55:2c:
e6:6d:fa:44:dd:a4:9e:c6:c2:ea:7e:a7:c8:d6:27:
51:e4:ea:3f:39:76:8c:91:2f:86:79:ab:12:ec:64:
67:cd:f4:71:78:89:04:09:b9:01:cd:00:d4:e6:3c:
ec:cf:5e:0c:21:0f:32:9e:b8:b5:71:ec:48:8c:a5:
d3:9b:57:5b:c9:de:89:77:14:4e:26:94:e2:f5:2d:
a3:c8:35:38:e0:7d:60:c8:2e:d7:bd:cf:f7:ab:e5:
d6:7d:e6:2b:16:63:bc:5b:1a:00:e6:8a:92:51:16:
6c:97:98:c3:03:5b:ea:1f:2c:1e:db:1b:bc:80:d7:
c1:4c:fb:d6:2a:38:de:06:11:31:de:9a:da:01:ac:
fe:bc:bf:e1:46:09:ff:05:7d:72:91:a7:99:3d:47:
ea:52:e0:35:48:cf:96:2d:23:8d:6a:c5:f2:dc:6f:
0d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:59:25:52:DB:11:D9:F3:73:66:E3:1C:23:FA:7F:4B:48:1E:13:3D
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/XFklUtsR2fNzZuMcI_p_S0geEz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.198.0/23
IPv6:
2a01:3f1:3000::/38
Signature Algorithm: sha256WithRSAEncryption
88:db:51:94:70:87:e3:8d:5b:d7:6f:24:db:7e:53:ce:d9:e8:
18:3c:8e:62:91:d5:8e:98:8b:3f:85:f3:f8:70:92:f5:fe:80:
74:c3:0a:e8:1d:f6:70:b6:85:4b:56:fa:e9:93:d9:1f:49:00:
d1:06:c6:18:65:9a:4a:4e:37:bf:ba:b5:13:98:67:5a:e1:de:
1e:22:27:c2:87:42:a1:7c:0b:0d:7d:ad:fc:4f:ef:9a:c9:2c:
7f:a4:4a:b2:4a:f8:31:05:44:05:f6:d5:94:81:ae:59:b6:fc:
b8:0c:5e:88:85:ef:9b:40:81:84:b0:a5:f8:cc:e5:16:75:62:
70:77:76:ed:53:e2:90:01:03:8f:44:76:e6:fe:28:f6:39:29:
9c:1d:4d:61:6a:c9:e9:ea:c5:e6:79:23:c0:0b:81:97:1a:71:
f2:bb:a3:22:52:60:6d:a7:44:25:fa:f9:8e:84:b8:43:9f:ae:
5d:1d:97:c7:1a:2f:6f:d5:3b:8d:28:08:a4:ac:f7:95:0c:d3:
25:7f:73:70:27:92:84:7e:d1:9f:ba:dc:98:2a:ce:22:39:24:
e4:50:26:c0:72:c5:fc:99:88:ca:e4:8d:c0:ea:a5:9c:96:46:
d2:32:a2:4d:03:03:dd:94:b3:9f:6b:51:3f:7b:d6:7d:d0:c7:
f8:46:5c:80
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVzcYcdI4TdU8YHFW5fwJTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjMwMTAyMTcwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU5MjU1MmRiMTFkOWYzNzM2NmUzMWMyM2ZhN2Y0YjQ4MWUxMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqNtXSOCnE1yHkib4BqT9p8Gi9NO
Mwqp0ScU9mGsBZvDj5M4JbpF3dUDSuV7H1WO6cANQqTrN6vSLt6Q6GMRMuRtPpzI
3c0Ilbk7wtquwRvx/nNEFj1JVSzmbfpE3aSexsLqfqfI1idR5Oo/OXaMkS+GeasS
7GRnzfRxeIkECbkBzQDU5jzsz14MIQ8ynri1cexIjKXTm1dbyd6JdxROJpTi9S2j
yDU44H1gyC7Xvc/3q+XWfeYrFmO8WxoA5oqSURZsl5jDA1vqHywe2xu8gNfBTPvW
KjjeBhEx3praAaz+vL/hRgn/BX1ykaeZPUfqUuA1SM+WLSONasXy3G8NrwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFxZJVLbEdnzc2bjHCP6f0tIHhM9MB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvWEZrbFV0c1IyZk56WnVNY0lfcF9TMGdlRXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBwjrGMA4E
AgACMAgDBgIqAQPxMDANBgkqhkiG9w0BAQsFAAOCAQEAiNtRlHCH441b128k235T
ztnoGDyOYpHVjpiLP4Xz+HCS9f6AdMMK6B32cLaFS1b66ZPZH0kA0QbGGGWaSk43
v7q1E5hnWuHeHiInwodCoXwLDX2t/E/vmsksf6RKskr4MQVEBfbVlIGuWbb8uAxe
iIXvm0CBhLCl+MzlFnVicHd27VPikAEDj0R25v4o9jkpnB1NYWrJ6erF5nkjwAuB
lxpx8rujIlJgbadEJfr5joS4Q5+uXR2Xxxovb9U7jSgIpKz3lQzTJX9zcCeShH7R
n7rcmCrOIjkk5FAmwHLF/JmIyuSNwOqlnJZG0jKiTQMD3ZSzn2tRP3vWfdDH+EZc
gA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:54 2023 by rpki-client on console-fra.rpki-client.org