Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/D8kYV4o6bWZy-cmJcgaBxD5tkKs.roa
File: D8kYV4o6bWZy-cmJcgaBxD5tkKs.roa (raw, json)
Hash identifier: uCMsxXsbFgscp86vOg9PaFuBkWcFyxt4WFoZmYnZwHU=
Subject key identifier: 0F:C9:18:57:8A:3A:6D:66:72:F9:C9:89:72:06:81:C4:3E:6D:90:AB
Certificate issuer: /CN=5f1a427072b31d44784c375dfae42278e71fa836
Certificate serial: 018571308B85DB217F5D898B69DC88C1D8C4
Authority key identifier: 5F:1A:42:70:72:B3:1D:44:78:4C:37:5D:FA:E4:22:78:E7:1F:A8:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/D8kYV4o6bWZy-cmJcgaBxD5tkKs.roa
Signing time: Mon 02 Jan 2023 06:34:44 +0000
ROA not before: Mon 02 Jan 2023 06:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399382
IP address blocks: 213.173.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:8b:85:db:21:7f:5d:89:8b:69:dc:88:c1:d8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1a427072b31d44784c375dfae42278e71fa836
Validity
Not Before: Jan 2 06:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fc918578a3a6d6672f9c989720681c43e6d90ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:06:ac:56:65:59:af:68:ae:e5:45:a7:92:
68:bf:e8:05:3f:19:de:af:af:48:41:84:1c:e0:7c:
f9:dd:f8:8e:96:cf:59:a0:30:2c:21:da:01:e4:de:
c8:5a:ed:c6:31:fe:e3:95:18:91:21:77:86:4e:c2:
47:76:cc:1f:23:72:49:d0:8c:82:50:4c:9a:65:1c:
6e:66:df:e8:dc:a2:30:98:58:ad:3c:99:8e:1f:94:
dd:67:88:0f:eb:61:7d:90:56:01:12:95:88:5e:0d:
78:b3:34:cf:73:a0:dc:e7:8d:77:aa:2f:a8:0a:6f:
7a:17:1a:73:0c:ed:c6:cc:06:32:56:87:22:65:7a:
44:34:1f:f3:b5:fa:de:67:90:b1:a5:4b:2f:e1:04:
41:e0:1f:1e:23:2c:1f:40:50:53:0c:29:b4:f6:bd:
cd:fd:98:1c:a6:d7:e0:01:37:82:fc:a5:ca:8f:09:
f6:74:55:18:04:4a:5e:0d:3f:f5:94:92:9e:37:7f:
a4:53:34:0d:31:4b:a5:0a:ec:21:aa:4b:69:e8:ce:
ed:c1:5b:27:cd:63:1b:7c:06:83:52:33:67:24:2f:
01:c4:5a:89:a0:35:ae:d0:d0:a7:52:1c:90:0d:6b:
ab:42:41:b3:91:e4:c2:60:74:17:c8:55:e5:e9:56:
0a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C9:18:57:8A:3A:6D:66:72:F9:C9:89:72:06:81:C4:3E:6D:90:AB
X509v3 Authority Key Identifier:
keyid:5F:1A:42:70:72:B3:1D:44:78:4C:37:5D:FA:E4:22:78:E7:1F:A8:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/D8kYV4o6bWZy-cmJcgaBxD5tkKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/XxpCcHKzHUR4TDdd-uQieOcfqDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.173.36.0/24
Signature Algorithm: sha256WithRSAEncryption
14:4d:2f:45:08:f7:08:c0:ad:53:f9:07:ea:c3:90:e1:ed:9d:
45:cf:4c:fb:e7:3a:c5:a2:6c:4c:1f:f9:45:54:83:57:c3:a2:
d3:71:98:a5:a0:71:0c:c0:4f:c7:49:07:e2:9e:73:21:19:81:
23:ef:26:b9:09:16:b6:96:1b:ea:76:d3:f3:c4:b9:a8:d1:a7:
00:2e:22:56:4f:5b:14:7a:0a:c0:c3:37:70:b2:43:07:35:df:
83:35:b7:64:c8:fb:c5:b2:69:1a:c7:30:cd:95:1e:cc:8d:a7:
be:4f:f2:66:69:c8:66:99:85:42:29:1c:f8:a4:b4:45:66:42:
87:a3:97:d0:a3:8f:a1:6f:54:0b:99:4c:d0:2d:ae:a6:95:a4:
c3:2e:cf:99:b6:39:52:96:28:d7:4e:4d:07:f5:25:3b:e8:43:
64:c9:43:81:87:b9:88:a8:d0:34:8b:b6:36:46:f9:b2:73:42:
84:8a:f1:01:fd:f9:ba:51:68:71:96:36:68:87:d9:5e:7f:29:
92:3e:03:f6:2a:56:0f:38:a7:8d:6c:7c:5c:c3:88:dc:93:e2:
74:9b:0b:d3:62:90:0b:0e:02:fa:19:53:1e:fe:b3:78:85:4a:
fb:76:7f:2d:ae:e3:70:ab:90:2f:77:83:bc:3f:cb:ca:19:4c:
c7:65:9c:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMIuF2yF/XYmLadyIwdjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWE0MjcwNzJiMzFkNDQ3ODRjMzc1ZGZhZTQyMjc4ZTcx
ZmE4MzYwHhcNMjMwMTAyMDYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmM5MTg1NzhhM2E2ZDY2NzJmOWM5ODk3MjA2ODFjNDNlNmQ5MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK4GrFZlWa9oruVFp5Jov+gFPxne
r69IQYQc4Hz53fiOls9ZoDAsIdoB5N7IWu3GMf7jlRiRIXeGTsJHdswfI3JJ0IyC
UEyaZRxuZt/o3KIwmFitPJmOH5TdZ4gP62F9kFYBEpWIXg14szTPc6Dc5413qi+o
Cm96FxpzDO3GzAYyVociZXpENB/ztfreZ5CxpUsv4QRB4B8eIywfQFBTDCm09r3N
/ZgcptfgATeC/KXKjwn2dFUYBEpeDT/1lJKeN3+kUzQNMUulCuwhqktp6M7twVsn
zWMbfAaDUjNnJC8BxFqJoDWu0NCnUhyQDWurQkGzkeTCYHQXyFXl6VYKnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/JGFeKOm1mcvnJiXIGgcQ+bZCrMB8GA1UdIwQY
MBaAFF8aQnBysx1EeEw3XfrkInjnH6g2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhwQ2NIS3pIVVI0VERkZC11UWllT2NmcURZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8wNzdmNjQtYjg0My00NjlmLTg1NDct
ZGQyMGJiMjA4YmJhLzEvRDhrWVY0bzZiV1p5LWNtSmNnYUJ4RDV0a0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8wNzdmNjQtYjg0My00NjlmLTg1NDctZGQyMGJiMjA4YmJh
LzEvWHhwQ2NIS3pIVVI0VERkZC11UWllT2NmcURZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1a0kMA0G
CSqGSIb3DQEBCwUAA4IBAQAUTS9FCPcIwK1T+Qfqw5Dh7Z1Fz0z75zrFomxMH/lF
VINXw6LTcZiloHEMwE/HSQfinnMhGYEj7ya5CRa2lhvqdtPzxLmo0acALiJWT1sU
egrAwzdwskMHNd+DNbdkyPvFsmkaxzDNlR7Mjae+T/JmachmmYVCKRz4pLRFZkKH
o5fQo4+hb1QLmUzQLa6mlaTDLs+ZtjlSlijXTk0H9SU76ENkyUOBh7mIqNA0i7Y2
Rvmyc0KEivEB/fm6UWhxljZoh9lefymSPgP2KlYPOKeNbHxcw4jck+J0mwvTYpAL
DgL6GVMe/rN4hUr7dn8truNwq5Avd4O8P8vKGUzHZZwJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:19 2024 by rpki-client on console-fra.rpki-client.org