Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/xAozmE4j-PxmAXbahZ22iQ8QteA.roa
File: xAozmE4j-PxmAXbahZ22iQ8QteA.roa (raw, json)
Hash identifier: 9uwfxSaOXDbu2y8YTJT2Q78RWN5tSXeCHUSYcMUWZ6k=
Subject key identifier: C4:0A:33:98:4E:23:F8:FC:66:01:76:DA:85:9D:B6:89:0F:10:B5:E0
Certificate issuer: /CN=1792806c34f57583899dc52dca407e25cf9d3622
Certificate serial: 01875A3122ED88FE684B50932A23836A508D
Authority key identifier: 17:92:80:6C:34:F5:75:83:89:9D:C5:2D:CA:40:7E:25:CF:9D:36:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5KAbDT1dYOJncUtykB-Jc-dNiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/xAozmE4j-PxmAXbahZ22iQ8QteA.roa
Signing time: Fri 07 Apr 2023 05:29:42 +0000
ROA not before: Fri 07 Apr 2023 05:29:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15969
IP address blocks: 185.7.170.0/23 maxlen: 23
185.7.168.0/23 maxlen: 23
46.227.240.0/23 maxlen: 23
46.227.246.0/23 maxlen: 23
46.227.242.0/23 maxlen: 23
46.227.244.0/24 maxlen: 24
46.227.245.0/24 maxlen: 24
2a01:7600::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5a:31:22:ed:88:fe:68:4b:50:93:2a:23:83:6a:50:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1792806c34f57583899dc52dca407e25cf9d3622
Validity
Not Before: Apr 7 05:29:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c40a33984e23f8fc660176da859db6890f10b5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1a:17:b5:32:1f:23:5d:00:50:58:64:a9:fa:
2f:d2:f5:8d:35:18:b2:f4:5c:c2:f8:58:1b:58:9c:
45:a1:6f:c7:36:89:10:37:fd:17:14:a2:e9:59:ae:
1c:92:8b:2b:af:b6:99:e0:5d:9d:4f:f5:ca:a3:e0:
0f:f0:bd:65:4d:aa:10:db:a6:2f:fa:0e:fd:f5:a5:
bb:ec:cc:97:b1:e8:39:f6:28:b3:31:08:db:f8:b2:
65:b9:b4:b4:5d:63:80:e6:2b:8e:e7:ab:8b:75:52:
5d:28:bb:a8:18:bd:3d:f4:a5:f9:98:ab:50:a2:a8:
2a:c3:cd:2d:ec:4d:1b:45:85:a4:9d:31:00:d7:d1:
3e:8e:d5:02:d5:c3:8b:aa:1a:92:9f:be:4c:c2:3c:
2f:d7:b9:a4:4d:07:97:d3:79:0f:86:b2:f0:57:38:
14:34:bf:b1:24:4b:03:b1:96:7d:e0:c1:09:60:d2:
9d:9b:4f:6c:b4:be:99:59:26:18:5e:12:8d:96:77:
ff:6f:72:a5:4f:0b:8f:68:cc:0a:0b:6a:c0:e2:ec:
a3:dc:71:57:6e:d0:c2:1d:7e:3a:b4:62:3b:4f:48:
c1:55:98:1d:13:a9:61:1b:7a:19:13:0f:42:12:8a:
57:ac:2d:74:58:ec:0e:e5:7a:cd:0d:a0:15:9d:e5:
31:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0A:33:98:4E:23:F8:FC:66:01:76:DA:85:9D:B6:89:0F:10:B5:E0
X509v3 Authority Key Identifier:
keyid:17:92:80:6C:34:F5:75:83:89:9D:C5:2D:CA:40:7E:25:CF:9D:36:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5KAbDT1dYOJncUtykB-Jc-dNiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/xAozmE4j-PxmAXbahZ22iQ8QteA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/F5KAbDT1dYOJncUtykB-Jc-dNiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.240.0/21
185.7.168.0/22
IPv6:
2a01:7600::/29
Signature Algorithm: sha256WithRSAEncryption
0b:68:65:91:c9:7c:26:19:51:e0:e1:32:a4:e2:29:9f:09:cf:
48:cf:e5:cc:8c:fe:dd:34:ac:a4:f3:57:31:b1:ed:91:f4:4a:
bd:81:aa:a4:ca:54:b1:62:7d:6a:df:e0:24:69:9d:92:2f:96:
b0:8f:68:51:a0:09:92:d7:9b:07:0a:ba:79:a3:4a:c9:9f:3f:
79:3d:bd:3b:af:9b:a7:86:70:df:b0:40:2d:b9:db:e4:a8:bf:
26:fd:8b:3d:9c:17:ad:60:9e:4d:53:4b:91:12:78:50:6c:3f:
81:03:54:d7:0a:45:4b:af:9a:e1:db:b1:37:b3:ae:d3:5b:71:
50:ca:4e:7c:98:b4:b6:f5:f3:c2:c5:84:41:f3:73:c0:6b:6e:
f7:47:d0:43:7b:a2:31:e8:01:c5:66:96:47:1d:b2:94:bb:1d:
28:72:27:18:86:51:c6:ff:cd:2f:dc:07:f6:e8:e2:52:48:c7:
24:73:cf:4c:ea:73:80:c3:2b:c2:43:d0:f9:39:51:ca:34:40:
0a:4c:20:7c:f8:5a:43:76:00:bb:0c:6c:8d:62:c6:53:d4:aa:
7b:f4:c0:4c:e9:25:54:df:af:2b:a5:af:ed:25:ef:64:5e:9d:
c3:eb:5c:61:00:7b:bd:0f:55:51:93:33:dd:13:c2:82:4e:42:
3e:77:10:da
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYdaMSLtiP5oS1CTKiODalCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTI4MDZjMzRmNTc1ODM4OTlkYzUyZGNhNDA3ZTI1Y2Y5
ZDM2MjIwHhcNMjMwNDA3MDUyOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDBhMzM5ODRlMjNmOGZjNjYwMTc2ZGE4NTlkYjY4OTBmMTBiNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBoXtTIfI10AUFhkqfov0vWNNRiy
9FzC+FgbWJxFoW/HNokQN/0XFKLpWa4ckosrr7aZ4F2dT/XKo+AP8L1lTaoQ26Yv
+g799aW77MyXseg59iizMQjb+LJlubS0XWOA5iuO56uLdVJdKLuoGL099KX5mKtQ
oqgqw80t7E0bRYWknTEA19E+jtUC1cOLqhqSn75Mwjwv17mkTQeX03kPhrLwVzgU
NL+xJEsDsZZ94MEJYNKdm09stL6ZWSYYXhKNlnf/b3KlTwuPaMwKC2rA4uyj3HFX
btDCHX46tGI7T0jBVZgdE6lhG3oZEw9CEopXrC10WOwO5XrNDaAVneUxmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMQKM5hOI/j8ZgF22oWdtokPELXgMB8GA1UdIwQY
MBaAFBeSgGw09XWDiZ3FLcpAfiXPnTYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVLQWJEVDFkWU9KbmNVdHlrQi1KYy1kTmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NjUyMGYtN2JkOC00ZmM4LThjN2Yt
N2VmMmQ3MGQ3MDhmLzEveEFvem1FNGotUHhtQVhiYWhaMjJpUThRdGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NjUyMGYtN2JkOC00ZmM4LThjN2YtN2VmMmQ3MGQ3MDhm
LzEvRjVLQWJEVDFkWU9KbmNVdHlrQi1KYy1kTmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLuPwAwQC
uQeoMA0EAgACMAcDBQMqAXYAMA0GCSqGSIb3DQEBCwUAA4IBAQALaGWRyXwmGVHg
4TKk4imfCc9Iz+XMjP7dNKyk81cxse2R9Eq9gaqkylSxYn1q3+AkaZ2SL5awj2hR
oAmS15sHCrp5o0rJnz95Pb07r5unhnDfsEAtudvkqL8m/Ys9nBetYJ5NU0uREnhQ
bD+BA1TXCkVLr5rh27E3s67TW3FQyk58mLS29fPCxYRB83PAa273R9BDe6Ix6AHF
ZpZHHbKUux0ocicYhlHG/80v3Af26OJSSMckc89M6nOAwyvCQ9D5OVHKNEAKTCB8
+FpDdgC7DGyNYsZT1Kp79MBM6SVU368rpa/tJe9kXp3D61xhAHu9D1VRkzPdE8KC
TkI+dxDa
-----END CERTIFICATE-----
Generated at Sun Dec 17 21:10:45 2023 by rpki-client on console-ams.rpki-client.org