Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/iF5FU3LpHEWuN5nZPfup5IdCKZU.roa
File: iF5FU3LpHEWuN5nZPfup5IdCKZU.roa (raw, json)
Hash identifier: 7Mri4S0HC5u/ZwYDZf+935+2iYxKNP6aKvdCRu32+F8=
Subject key identifier: 88:5E:45:53:72:E9:1C:45:AE:37:99:D9:3D:FB:A9:E4:87:42:29:95
Certificate issuer: /CN=52411e52dab7d0be2674313b6b5d2e74bd11360e
Certificate serial: 01856F54B3451B2A962F2A5BCEC9D40E983D
Authority key identifier: 52:41:1E:52:DA:B7:D0:BE:26:74:31:3B:6B:5D:2E:74:BD:11:36:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkEeUtq30L4mdDE7a10udL0RNg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/iF5FU3LpHEWuN5nZPfup5IdCKZU.roa
Signing time: Sun 01 Jan 2023 21:54:59 +0000
ROA not before: Sun 01 Jan 2023 21:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201299
IP address blocks: 217.198.189.0/24 maxlen: 24
2a11:ffc0::/29 maxlen: 42
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:b3:45:1b:2a:96:2f:2a:5b:ce:c9:d4:0e:98:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52411e52dab7d0be2674313b6b5d2e74bd11360e
Validity
Not Before: Jan 1 21:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=885e455372e91c45ae3799d93dfba9e487422995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:67:92:a2:1b:7f:c0:8e:ad:88:57:6e:04:f0:
fd:0a:46:6e:17:2b:8d:35:3c:c6:fc:37:2a:12:a3:
28:7e:00:3c:b5:95:d7:71:87:18:84:38:07:ee:c8:
39:07:8f:d3:d4:b5:5f:7b:23:c9:f9:33:73:36:74:
22:b4:d5:2a:80:76:82:fd:15:bc:33:34:26:26:ab:
6a:8b:17:06:91:16:2e:20:39:6c:9c:0a:c4:1c:a7:
4a:d4:bf:09:ed:4c:64:06:f5:43:41:43:99:ee:59:
ab:83:40:84:3e:21:e9:20:4e:6c:b6:a1:de:0e:37:
fb:f3:c2:e8:dd:79:a4:d9:04:2f:c2:e8:91:65:8e:
0f:6c:d6:c0:4a:2b:ae:7d:d4:04:36:68:37:8d:e8:
55:bc:34:3b:8f:07:91:ec:ae:55:ea:14:85:c6:c9:
ab:87:84:7a:27:e3:1a:d0:7e:0f:57:d3:66:ff:d3:
65:0d:53:77:35:19:0b:dd:d7:83:a7:df:0b:96:3d:
f1:20:01:24:42:79:f0:ea:ce:fb:bf:14:57:66:27:
69:d1:f2:b9:e1:f9:2d:39:3d:4a:81:dd:2a:54:95:
e6:9a:1a:4d:3d:39:8c:a0:f8:89:ba:3f:3a:36:4b:
68:04:30:c0:be:bc:59:af:a2:8f:cf:4f:ef:16:97:
69:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5E:45:53:72:E9:1C:45:AE:37:99:D9:3D:FB:A9:E4:87:42:29:95
X509v3 Authority Key Identifier:
keyid:52:41:1E:52:DA:B7:D0:BE:26:74:31:3B:6B:5D:2E:74:BD:11:36:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkEeUtq30L4mdDE7a10udL0RNg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/iF5FU3LpHEWuN5nZPfup5IdCKZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/UkEeUtq30L4mdDE7a10udL0RNg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.189.0/24
IPv6:
2a11:ffc0::/29
Signature Algorithm: sha256WithRSAEncryption
95:09:d8:f7:cb:c1:39:d9:88:f2:e4:26:84:d5:ea:8c:52:94:
78:42:a6:c0:d4:62:02:72:27:a7:26:21:e2:e0:b9:02:95:30:
fb:60:6e:b9:4f:6e:d6:7a:fa:63:e6:06:fa:87:31:85:d0:46:
72:6e:82:ed:94:0b:a5:93:15:3d:28:22:a8:82:84:49:ab:47:
ec:35:fa:46:dd:75:56:04:b5:85:0b:e1:a6:c4:f3:35:af:0e:
d2:e1:6a:a4:e6:1e:32:7f:6a:8b:45:8b:17:34:0e:0a:e2:0c:
c1:0c:1d:3f:f7:4e:8f:b2:dd:42:83:3f:e7:77:ec:cb:a2:a5:
fd:65:78:0b:6c:82:4d:7a:dd:d4:e2:97:51:e5:1c:b3:c2:11:
44:7c:bd:5e:2a:91:94:96:7e:f1:53:5c:28:f1:25:ce:9a:26:
70:c8:ae:e1:af:48:75:6f:18:74:1c:a8:87:4e:50:12:f8:a3:
6c:c2:7d:89:04:58:73:e2:2d:9e:c9:98:bc:ff:54:95:c0:a0:
54:d9:34:be:35:50:e4:04:b8:d7:4f:e3:e6:4a:5b:e6:6f:f7:
c0:48:e0:97:08:4e:9b:50:b8:7e:4d:d8:61:11:ac:5c:dd:f4:
b9:fd:60:e4:56:56:63:de:fc:de:d5:80:92:8f:1d:03:b7:ba:
b2:93:7f:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvVLNFGyqWLypbzsnUDpg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNDExZTUyZGFiN2QwYmUyNjc0MzEzYjZiNWQyZTc0YmQx
MTM2MGUwHhcNMjMwMTAxMjE1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODVlNDU1MzcyZTkxYzQ1YWUzNzk5ZDkzZGZiYTllNDg3NDIyOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWeSoht/wI6tiFduBPD9CkZuFyuN
NTzG/DcqEqMofgA8tZXXcYcYhDgH7sg5B4/T1LVfeyPJ+TNzNnQitNUqgHaC/RW8
MzQmJqtqixcGkRYuIDlsnArEHKdK1L8J7UxkBvVDQUOZ7lmrg0CEPiHpIE5stqHe
Djf788Lo3Xmk2QQvwuiRZY4PbNbASiuufdQENmg3jehVvDQ7jweR7K5V6hSFxsmr
h4R6J+Ma0H4PV9Nm/9NlDVN3NRkL3deDp98Llj3xIAEkQnnw6s77vxRXZidp0fK5
4fktOT1Kgd0qVJXmmhpNPTmMoPiJuj86NktoBDDAvrxZr6KPz0/vFpdpIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIheRVNy6RxFrjeZ2T37qeSHQimVMB8GA1UdIwQY
MBaAFFJBHlLat9C+JnQxO2tdLnS9ETYOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWtFZVV0cTMwTDRtZERFN2ExMHVkTDBSTmc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85YjFkODUtNzE5OC00YWY2LWE2MzIt
ZDBjZmU0MzAxNmRlLzEvaUY1RlUzTHBIRVd1TjVuWlBmdXA1SWRDS1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85YjFkODUtNzE5OC00YWY2LWE2MzItZDBjZmU0MzAxNmRl
LzEvVWtFZVV0cTMwTDRtZERFN2ExMHVkTDBSTmc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2ca9MA0E
AgACMAcDBQMqEf/AMA0GCSqGSIb3DQEBCwUAA4IBAQCVCdj3y8E52Yjy5CaE1eqM
UpR4QqbA1GICcienJiHi4LkClTD7YG65T27Wevpj5gb6hzGF0EZyboLtlAulkxU9
KCKogoRJq0fsNfpG3XVWBLWFC+GmxPM1rw7S4Wqk5h4yf2qLRYsXNA4K4gzBDB0/
906Pst1Cgz/nd+zLoqX9ZXgLbIJNet3U4pdR5RyzwhFEfL1eKpGUln7xU1wo8SXO
miZwyK7hr0h1bxh0HKiHTlAS+KNswn2JBFhz4i2eyZi8/1SVwKBU2TS+NVDkBLjX
T+PmSlvmb/fASOCXCE6bULh+TdhhEaxc3fS5/WDkVlZj3vze1YCSjx0Dt7qyk38g
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:18 2024 by rpki-client on console-ams.rpki-client.org