Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/1-lHCmdAa34XOOU0LNxRiDgb1hv0.roa
File: 1-lHCmdAa34XOOU0LNxRiDgb1hv0.roa (raw, json)
Hash identifier: +yZmsMixddm9lzw19nCXZg92niNmD/UFpFLMMw+PpVs=
Subject key identifier: FA:51:C2:99:D0:1A:DF:85:CE:39:4D:0B:37:14:62:0E:06:F5:86:FD
Certificate issuer: /CN=07594568618898a9fb720ae09bed0ed1be4f857e
Certificate serial: 01856BF7F494D97D760C40DFBB6BC134F667
Authority key identifier: 07:59:45:68:61:88:98:A9:FB:72:0A:E0:9B:ED:0E:D1:BE:4F:85:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1lFaGGImKn7cgrgm-0O0b5PhX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/1-lHCmdAa34XOOU0LNxRiDgb1hv0.roa
Signing time: Sun 01 Jan 2023 06:14:49 +0000
ROA not before: Sun 01 Jan 2023 06:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57167
IP address blocks: 46.254.107.0/24 maxlen: 24
195.14.122.0/24 maxlen: 24
2a11:b100:b100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:f7:f4:94:d9:7d:76:0c:40:df:bb:6b:c1:34:f6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07594568618898a9fb720ae09bed0ed1be4f857e
Validity
Not Before: Jan 1 06:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa51c299d01adf85ce394d0b3714620e06f586fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b8:81:7e:d5:a0:ea:38:f9:8f:4e:ad:57:89:
74:36:f9:ff:f5:33:6c:a2:91:32:69:2a:97:55:40:
f1:66:02:51:05:e4:20:b5:1d:5a:bb:69:49:2b:61:
be:48:4f:cd:87:65:da:d2:1c:80:c7:cc:d9:9a:3f:
03:d7:39:66:35:9c:4d:cf:a1:76:5b:f5:6b:39:aa:
48:c5:e1:24:eb:40:eb:c0:5f:b3:c3:87:e5:f3:6b:
7b:8a:c6:fa:cc:cb:bf:1c:84:75:10:b4:25:23:d4:
74:bf:ef:a6:b1:4a:de:00:12:53:1a:c7:d6:7b:9e:
1f:d6:3c:63:ab:8c:39:d6:ec:d8:25:ed:ba:c9:58:
98:5d:f8:ab:9f:ea:97:e3:d1:65:fb:82:1a:f9:1d:
28:50:4a:f2:a4:e9:93:56:c6:e1:35:76:b7:d4:0f:
66:74:a6:58:91:b2:12:af:ab:f0:06:bb:36:ec:3c:
d0:c0:66:32:df:89:5a:47:a4:dd:11:d0:4a:cd:71:
ef:4e:fe:90:f4:b5:2d:e8:a1:2f:a1:be:c4:07:6f:
47:7f:f3:c9:a0:da:36:d9:59:5f:b9:b2:92:ff:ec:
2c:e3:8b:7a:fd:6a:eb:92:23:7b:ad:57:2d:a5:cf:
f1:70:52:61:bc:66:98:58:9e:8b:6b:b3:ac:ef:95:
0f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:51:C2:99:D0:1A:DF:85:CE:39:4D:0B:37:14:62:0E:06:F5:86:FD
X509v3 Authority Key Identifier:
keyid:07:59:45:68:61:88:98:A9:FB:72:0A:E0:9B:ED:0E:D1:BE:4F:85:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1lFaGGImKn7cgrgm-0O0b5PhX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/1-lHCmdAa34XOOU0LNxRiDgb1hv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/B1lFaGGImKn7cgrgm-0O0b5PhX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.107.0/24
195.14.122.0/24
IPv6:
2a11:b100:b100::/48
Signature Algorithm: sha256WithRSAEncryption
0f:a5:97:2b:5f:13:28:6d:0a:5e:1e:b4:76:6b:ca:34:21:0d:
a4:ef:44:d6:a6:93:04:9c:f5:2c:47:da:ea:0c:e9:25:73:84:
ff:59:de:16:d6:b2:0d:45:f0:5a:bf:f3:56:3b:10:62:a7:73:
f2:27:62:1b:b6:c7:4a:98:69:a9:f7:b3:ee:30:c1:b5:f8:00:
ea:85:6d:d2:5f:0e:5d:3f:c1:a7:ad:34:28:81:81:62:d9:05:
87:df:a7:5d:9e:d4:33:1f:0b:db:fb:35:23:37:64:a1:b7:69:
b3:fb:0d:bf:df:e1:13:c8:fa:36:e2:60:02:41:0b:2d:ee:86:
15:07:f2:1c:a9:d8:14:93:6f:ff:ed:b4:e9:03:7c:69:fd:20:
40:3e:71:83:fb:37:53:f0:12:33:d2:ec:02:cf:d8:4d:08:a9:
9a:18:38:93:82:99:b5:d9:f2:51:8a:2e:3d:53:8c:08:c0:a1:
a3:e2:90:a2:58:e4:0b:a7:e8:82:2f:3c:21:ff:0d:69:fd:a6:
14:d3:a3:8e:2f:97:be:39:f1:ea:d3:4e:66:90:fc:22:9a:f2:
9e:23:97:9a:3f:6c:8b:8c:a6:6c:d9:d0:28:b8:18:3b:8d:a0:
43:47:6d:fd:bb:c4:95:cf:1f:6c:6b:90:4f:5a:4f:ba:09:79:
83:11:b8:db
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVr9/SU2X12DEDfu2vBNPZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTk0NTY4NjE4ODk4YTlmYjcyMGFlMDliZWQwZWQxYmU0
Zjg1N2UwHhcNMjMwMTAxMDYxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTUxYzI5OWQwMWFkZjg1Y2UzOTRkMGIzNzE0NjIwZTA2ZjU4NmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLiBftWg6jj5j06tV4l0Nvn/9TNs
opEyaSqXVUDxZgJRBeQgtR1au2lJK2G+SE/Nh2Xa0hyAx8zZmj8D1zlmNZxNz6F2
W/VrOapIxeEk60DrwF+zw4fl82t7isb6zMu/HIR1ELQlI9R0v++msUreABJTGsfW
e54f1jxjq4w51uzYJe26yViYXfirn+qX49Fl+4Ia+R0oUErypOmTVsbhNXa31A9m
dKZYkbISr6vwBrs27DzQwGYy34laR6TdEdBKzXHvTv6Q9LUt6KEvob7EB29Hf/PJ
oNo22VlfubKS/+ws44t6/WrrkiN7rVctpc/xcFJhvGaYWJ6La7Os75UPbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPpRwpnQGt+FzjlNCzcUYg4G9Yb9MB8GA1UdIwQY
MBaAFAdZRWhhiJip+3IK4JvtDtG+T4V+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFsRmFHR0ltS243Y2dyZ20tME8wYjVQaFg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZmFkYTEtNjBmOS00ZWY3LTgxZDgt
MWVjY2JlNjdjNjYxLzEvMS1sSENtZEFhMzRYT09VMExOeFJpRGdiMWh2MC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWUvOWZhZGExLTYwZjktNGVmNy04MWQ4LTFlY2NiZTY3YzY2
MS8xL0IxbEZhR0dJbUtuN2NncmdtLTBPMGI1UGhYNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAC7+awME
AMMOejAPBAIAAjAJAwcAKhGxALEAMA0GCSqGSIb3DQEBCwUAA4IBAQAPpZcrXxMo
bQpeHrR2a8o0IQ2k70TWppMEnPUsR9rqDOklc4T/Wd4W1rINRfBav/NWOxBip3Py
J2IbtsdKmGmp97PuMMG1+ADqhW3SXw5dP8GnrTQogYFi2QWH36ddntQzHwvb+zUj
N2Sht2mz+w2/3+ETyPo24mACQQst7oYVB/IcqdgUk2//7bTpA3xp/SBAPnGD+zdT
8BIz0uwCz9hNCKmaGDiTgpm12fJRii49U4wIwKGj4pCiWOQLp+iCLzwh/w1p/aYU
06OOL5e+OfHq005mkPwimvKeI5eaP2yLjKZs2dAouBg7jaBDR239u8SVzx9sa5BP
Wk+6CXmDEbjb
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:19 2024 by rpki-client on console-fra.rpki-client.org