Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/76f921-6217-4e95-b445-10cd20fab386/1/3ut4mWOteH5e9QvfYO78Rx21J4w.roa
File: 3ut4mWOteH5e9QvfYO78Rx21J4w.roa (raw, json)
Hash identifier: vXawCBr+4HpvgPjSPJL5hGJ4OKofsYHTwS55utGHZmo=
Subject key identifier: DE:EB:78:99:63:AD:78:7E:5E:F5:0B:DF:60:EE:FC:47:1D:B5:27:8C
Certificate issuer: /CN=150b7ff9bc1962ebcec0be435ccc272d751a1c16
Certificate serial: 01857103008D5D654F74E8093F236F4363DB
Authority key identifier: 15:0B:7F:F9:BC:19:62:EB:CE:C0:BE:43:5C:CC:27:2D:75:1A:1C:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQt_-bwZYuvOwL5DXMwnLXUaHBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/76f921-6217-4e95-b445-10cd20fab386/1/3ut4mWOteH5e9QvfYO78Rx21J4w.roa
Signing time: Mon 02 Jan 2023 05:45:00 +0000
ROA not before: Mon 02 Jan 2023 05:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197825
IP address blocks: 176.10.56.0/24 maxlen: 24
176.10.57.0/24 maxlen: 24
176.10.58.0/24 maxlen: 24
176.10.59.0/24 maxlen: 24
176.10.60.0/24 maxlen: 24
176.10.61.0/24 maxlen: 24
176.10.62.0/24 maxlen: 24
176.10.63.0/24 maxlen: 24
2a06:2083::/32 maxlen: 32
2a06:2087::/32 maxlen: 32
2a06:2080::/32 maxlen: 32
2a06:2086::/32 maxlen: 32
2a06:2081::/32 maxlen: 32
2a06:2085::/32 maxlen: 32
2a06:2084::/32 maxlen: 32
2a06:2082::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:00:8d:5d:65:4f:74:e8:09:3f:23:6f:43:63:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=150b7ff9bc1962ebcec0be435ccc272d751a1c16
Validity
Not Before: Jan 2 05:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=deeb789963ad787e5ef50bdf60eefc471db5278c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:84:95:f8:a8:47:87:80:a6:46:6a:b4:4e:8c:
41:40:03:da:f7:19:cb:4d:b6:16:52:49:ba:31:5e:
fa:0a:70:f8:00:7b:ea:fd:69:a9:de:eb:e6:76:80:
7d:b1:51:6c:40:89:5a:a2:19:fe:76:a3:f7:cf:c8:
83:cf:95:b6:f3:e7:a1:18:5a:f5:df:db:59:9a:b0:
ad:e4:60:9c:05:13:aa:ac:41:bd:67:7c:73:38:c7:
59:cc:77:3e:92:56:67:64:2a:ae:48:66:a9:5e:37:
29:1f:99:73:3b:a4:49:f6:73:02:a1:9a:2c:1e:4a:
cc:69:0a:e4:8e:3e:d9:42:de:81:c3:cb:aa:34:1b:
04:63:a0:6e:45:8a:e5:53:73:d8:44:df:60:6b:f8:
b2:eb:0f:96:ff:88:da:26:1a:17:7d:1d:63:01:e9:
c0:e5:34:08:3e:9d:5d:bf:eb:57:46:a4:10:37:29:
99:9e:5f:a2:4a:cd:e0:f5:f0:39:10:a7:ed:2f:73:
00:de:07:0b:45:48:ae:c8:3d:f5:f0:57:c2:b8:29:
e8:b8:fe:b5:4a:bc:85:cf:e0:e4:a6:f5:76:d6:7f:
90:77:39:ac:82:ca:ca:e9:0a:de:1d:a9:29:95:e4:
38:f5:d6:60:96:6d:2a:f5:7c:a5:81:26:09:2e:d6:
f2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:EB:78:99:63:AD:78:7E:5E:F5:0B:DF:60:EE:FC:47:1D:B5:27:8C
X509v3 Authority Key Identifier:
keyid:15:0B:7F:F9:BC:19:62:EB:CE:C0:BE:43:5C:CC:27:2D:75:1A:1C:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQt_-bwZYuvOwL5DXMwnLXUaHBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/76f921-6217-4e95-b445-10cd20fab386/1/3ut4mWOteH5e9QvfYO78Rx21J4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/76f921-6217-4e95-b445-10cd20fab386/1/FQt_-bwZYuvOwL5DXMwnLXUaHBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.56.0/21
IPv6:
2a06:2080::/29
Signature Algorithm: sha256WithRSAEncryption
7a:76:20:65:f6:d6:b4:65:e4:94:bf:e8:b2:6a:53:5a:d1:00:
d8:b8:71:25:1d:25:d3:88:c3:8f:a1:31:b0:29:c6:0f:08:75:
54:b8:6e:8f:ff:c4:b1:11:a0:5d:94:f2:16:4e:fd:62:21:54:
39:97:21:4f:44:f6:22:06:6c:f0:09:5c:e5:1a:c4:5a:96:7c:
f5:f5:28:de:17:37:34:2c:94:e4:bf:98:82:e2:dc:02:39:ae:
32:75:66:7c:56:98:91:be:d6:a1:04:30:f7:6c:df:bc:11:21:
94:b1:4a:48:47:0f:95:ff:e5:6d:9e:9d:23:96:81:4f:a5:c9:
79:34:af:84:df:8c:18:95:b0:43:44:14:c4:da:22:14:76:d8:
0f:2c:17:3d:6a:76:ec:b8:7f:d4:40:28:7a:2b:d8:47:cf:42:
a8:36:60:9f:6e:6d:ed:6f:43:fa:76:4d:ba:62:c3:77:e9:fa:
7c:06:5f:3f:05:0b:c8:0e:ef:53:3b:10:81:17:f7:c2:a5:ee:
a3:ca:4f:7c:f0:d9:8b:25:0b:15:ec:eb:dd:18:5a:c2:9c:ef:
f2:32:4e:30:50:69:11:7b:37:6f:4d:89:eb:1f:27:fc:cc:5c:
05:aa:45:57:09:03:fd:1a:1e:3b:5d:fd:27:aa:0a:b5:db:b4:
89:a3:0e:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxAwCNXWVPdOgJPyNvQ2PbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MGI3ZmY5YmMxOTYyZWJjZWMwYmU0MzVjY2MyNzJkNzUx
YTFjMTYwHhcNMjMwMTAyMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWViNzg5OTYzYWQ3ODdlNWVmNTBiZGY2MGVlZmM0NzFkYjUyNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroSV+KhHh4CmRmq0ToxBQAPa9xnL
TbYWUkm6MV76CnD4AHvq/Wmp3uvmdoB9sVFsQIlaohn+dqP3z8iDz5W28+ehGFr1
39tZmrCt5GCcBROqrEG9Z3xzOMdZzHc+klZnZCquSGapXjcpH5lzO6RJ9nMCoZos
HkrMaQrkjj7ZQt6Bw8uqNBsEY6BuRYrlU3PYRN9ga/iy6w+W/4jaJhoXfR1jAenA
5TQIPp1dv+tXRqQQNymZnl+iSs3g9fA5EKftL3MA3gcLRUiuyD318FfCuCnouP61
SryFz+DkpvV21n+QdzmsgsrK6QreHakpleQ49dZglm0q9XylgSYJLtbyVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN7reJljrXh+XvUL32Du/EcdtSeMMB8GA1UdIwQY
MBaAFBULf/m8GWLrzsC+Q1zMJy11GhwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlF0Xy1id1pZdXZPd0w1RFhNd25MWFVhSEJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS83NmY5MjEtNjIxNy00ZTk1LWI0NDUt
MTBjZDIwZmFiMzg2LzEvM3V0NG1XT3RlSDVlOVF2ZllPNzhSeDIxSjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS83NmY5MjEtNjIxNy00ZTk1LWI0NDUtMTBjZDIwZmFiMzg2
LzEvRlF0Xy1id1pZdXZPd0w1RFhNd25MWFVhSEJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsAo4MA0E
AgACMAcDBQMqBiCAMA0GCSqGSIb3DQEBCwUAA4IBAQB6diBl9ta0ZeSUv+iyalNa
0QDYuHElHSXTiMOPoTGwKcYPCHVUuG6P/8SxEaBdlPIWTv1iIVQ5lyFPRPYiBmzw
CVzlGsRalnz19SjeFzc0LJTkv5iC4twCOa4ydWZ8VpiRvtahBDD3bN+8ESGUsUpI
Rw+V/+Vtnp0jloFPpcl5NK+E34wYlbBDRBTE2iIUdtgPLBc9anbsuH/UQCh6K9hH
z0KoNmCfbm3tb0P6dk26YsN36fp8Bl8/BQvIDu9TOxCBF/fCpe6jyk988NmLJQsV
7OvdGFrCnO/yMk4wUGkRezdvTYnrHyf8zFwFqkVXCQP9Gh47Xf0nqgq127SJow55
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:06 2024 by rpki-client on console-fra.rpki-client.org