Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/AfSiTJqf1eBB4V7howp02d54XFo.roa
File: AfSiTJqf1eBB4V7howp02d54XFo.roa (raw, json)
Hash identifier: G1LIDEM52nDwZWqFxiuPBhYpV3yrf1takLljuX3YBlk=
Subject key identifier: 01:F4:A2:4C:9A:9F:D5:E0:41:E1:5E:E1:A3:0A:74:D9:DE:78:5C:5A
Certificate issuer: /CN=1f046cde8512802b14933b34a22f7765e295d2ab
Certificate serial: 01857255AB54827DDF032215E39E0A30E994
Authority key identifier: 1F:04:6C:DE:85:12:80:2B:14:93:3B:34:A2:2F:77:65:E2:95:D2:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/AfSiTJqf1eBB4V7howp02d54XFo.roa
Signing time: Mon 02 Jan 2023 11:54:54 +0000
ROA not before: Mon 02 Jan 2023 11:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198292
IP address blocks: 134.255.164.0/22 maxlen: 22
134.255.160.0/22 maxlen: 22
134.255.172.0/22 maxlen: 22
185.11.224.0/22 maxlen: 22
5.133.48.0/22 maxlen: 22
5.133.61.0/24 maxlen: 24
5.133.62.0/24 maxlen: 24
5.133.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:ab:54:82:7d:df:03:22:15:e3:9e:0a:30:e9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f046cde8512802b14933b34a22f7765e295d2ab
Validity
Not Before: Jan 2 11:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01f4a24c9a9fd5e041e15ee1a30a74d9de785c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ab:cb:25:a0:bd:7e:2c:31:82:7c:ce:af:e9:
2e:81:ab:f4:ec:7b:50:8a:14:8c:92:fd:ed:39:99:
c9:e2:15:60:88:50:03:14:25:ac:5f:88:88:43:4a:
e5:4d:7c:fb:da:5f:a8:2e:fd:68:4f:ec:e6:00:6d:
70:a7:8e:12:31:9e:56:0f:a6:69:14:0b:10:d9:e5:
22:31:b5:ff:c9:d6:2f:6e:1d:12:76:ca:b1:15:d0:
3d:f3:c0:41:82:d4:12:4e:af:e6:14:4c:e2:89:a8:
d2:0c:77:e4:eb:ef:60:ea:82:88:aa:39:29:7a:8e:
ec:3a:71:be:cf:fb:af:3e:17:bf:28:06:44:ce:e5:
84:6b:11:b6:04:a1:b7:bc:1f:7c:d3:07:af:ea:b8:
32:40:7a:87:36:85:4e:3f:26:c1:3c:e3:0d:59:61:
1a:5e:23:4f:6c:d5:bf:0f:26:8a:eb:dd:c0:2a:10:
a9:ac:d9:c3:35:10:83:13:08:c2:7c:00:73:d7:0e:
df:f9:6d:e1:2b:5c:f0:6e:a7:9b:73:e2:33:57:a9:
9e:c3:ed:15:6a:0c:f2:0b:be:7a:8e:ee:bf:62:99:
4c:34:a0:3e:56:3a:f5:95:77:da:63:a2:2e:c3:1f:
0f:0b:c1:76:7b:76:71:f3:18:33:7d:f6:a0:61:da:
f3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F4:A2:4C:9A:9F:D5:E0:41:E1:5E:E1:A3:0A:74:D9:DE:78:5C:5A
X509v3 Authority Key Identifier:
keyid:1F:04:6C:DE:85:12:80:2B:14:93:3B:34:A2:2F:77:65:E2:95:D2:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/AfSiTJqf1eBB4V7howp02d54XFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/HwRs3oUSgCsUkzs0oi93ZeKV0qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.48.0/22
5.133.61.0-5.133.63.255
134.255.160.0/21
134.255.172.0/22
185.11.224.0/22
Signature Algorithm: sha256WithRSAEncryption
59:ff:22:9a:92:bf:7c:cd:a0:db:70:65:2a:6e:d2:3d:a4:84:
b8:22:90:86:12:3a:09:51:6d:a0:6f:72:b3:e6:8b:35:9a:a5:
a0:9c:53:d1:c0:1d:02:d5:7a:fe:1c:08:58:d5:92:82:f0:af:
e9:f3:d0:fc:9e:2d:40:37:a9:4a:6c:a9:dd:3e:85:53:50:4c:
c3:27:14:24:4d:66:e1:d9:5a:e8:93:38:41:28:20:21:27:78:
bf:b8:05:4f:b5:cc:38:8d:14:ec:21:18:c0:19:78:64:47:cb:
e2:73:0f:f7:4c:30:fc:59:5d:4a:09:33:29:97:90:76:23:c5:
1f:c1:1d:e1:ee:bc:ab:e5:7b:42:b8:5f:6a:7e:6c:aa:c4:0a:
a4:d4:23:52:ba:74:69:aa:e0:83:a9:e8:58:f0:e7:94:4d:e0:
c0:3c:8b:b2:3a:ad:11:27:91:be:cd:82:af:b0:b2:d7:0b:ca:
e7:c7:26:a9:35:e4:dd:a3:b4:d2:3e:05:c5:00:57:df:99:3c:
95:c4:95:15:d0:75:df:44:1d:a5:e0:4f:83:ae:63:60:b6:98:
09:99:b8:42:52:86:e0:d4:7d:7c:b4:12:3c:7d:0d:80:87:a8:
e0:58:b9:ae:e3:5d:26:82:83:7f:1e:6d:a6:3f:92:ad:4b:d5:
ea:e2:02:23
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVyVatUgn3fAyIV454KMOmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDQ2Y2RlODUxMjgwMmIxNDkzM2IzNGEyMmY3NzY1ZTI5
NWQyYWIwHhcNMjMwMTAyMTE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY0YTI0YzlhOWZkNWUwNDFlMTVlZTFhMzBhNzRkOWRlNzg1YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06vLJaC9fiwxgnzOr+kugav07HtQ
ihSMkv3tOZnJ4hVgiFADFCWsX4iIQ0rlTXz72l+oLv1oT+zmAG1wp44SMZ5WD6Zp
FAsQ2eUiMbX/ydYvbh0SdsqxFdA988BBgtQSTq/mFEziiajSDHfk6+9g6oKIqjkp
eo7sOnG+z/uvPhe/KAZEzuWEaxG2BKG3vB980wev6rgyQHqHNoVOPybBPOMNWWEa
XiNPbNW/DyaK693AKhCprNnDNRCDEwjCfABz1w7f+W3hK1zwbqebc+IzV6mew+0V
agzyC756ju6/YplMNKA+Vjr1lXfaY6Iuwx8PC8F2e3Zx8xgzffagYdrzzwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAH0okyan9XgQeFe4aMKdNneeFxaMB8GA1UdIwQY
MBaAFB8EbN6FEoArFJM7NKIvd2XildKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdSczNvVVNnQ3NVa3pzMG9pOTNaZUtWMHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84MGU3NDAtMmM4Yy00NWE2LTkzOGMt
MjE5YjlmNmY5MDg3LzEvQWZTaVRKcWYxZUJCNFY3aG93cDAyZDU0WEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84MGU3NDAtMmM4Yy00NWE2LTkzOGMtMjE5YjlmNmY5MDg3
LzEvSHdSczNvVVNnQ3NVa3pzMG9pOTNaZUtWMHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBYUwMAwD
BAAFhT0DBAYFhQADBAOG/6ADBAKG/6wDBAK5C+AwDQYJKoZIhvcNAQELBQADggEB
AFn/IpqSv3zNoNtwZSpu0j2khLgikIYSOglRbaBvcrPmizWapaCcU9HAHQLVev4c
CFjVkoLwr+nz0PyeLUA3qUpsqd0+hVNQTMMnFCRNZuHZWuiTOEEoICEneL+4BU+1
zDiNFOwhGMAZeGRHy+JzD/dMMPxZXUoJMymXkHYjxR/BHeHuvKvle0K4X2p+bKrE
CqTUI1K6dGmq4IOp6Fjw55RN4MA8i7I6rREnkb7Ngq+wstcLyufHJqk15N2jtNI+
BcUAV9+ZPJXElRXQdd9EHaXgT4OuY2C2mAmZuEJShuDUfXy0Ejx9DYCHqOBYua7j
XSaCg38ebaY/kq1L1eriAiM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:04 2024 by rpki-client on console-fra.rpki-client.org