Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/HTRaQT6dACEa1cuomsPZildCBZ0.roa
File: HTRaQT6dACEa1cuomsPZildCBZ0.roa (raw, json)
Hash identifier: rVah6SkQ8TLIgushqAsFbmOcYd/pK18uOdU/nDm/dRo=
Subject key identifier: 1D:34:5A:41:3E:9D:00:21:1A:D5:CB:A8:9A:C3:D9:8A:57:42:05:9D
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 0187094A260BC1CBC2C7B17490B5D1378EC3
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/HTRaQT6dACEa1cuomsPZildCBZ0.roa
Signing time: Wed 22 Mar 2023 12:27:46 +0000
ROA not before: Wed 22 Mar 2023 12:27:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50316
IP address blocks: 147.123.112.0/22 maxlen: 24
147.123.116.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:4a:26:0b:c1:cb:c2:c7:b1:74:90:b5:d1:37:8e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Mar 22 12:27:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d345a413e9d00211ad5cba89ac3d98a5742059d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:10:88:68:07:94:4d:80:6b:1b:ce:ab:52:87:
8c:1d:a8:45:7f:e8:75:0a:c7:80:bf:1f:cb:b5:2d:
57:97:b5:70:87:15:94:2b:62:04:f8:be:71:6b:78:
82:12:82:21:e2:36:0d:5f:71:67:f5:1b:7c:37:0a:
30:5e:ba:23:68:88:53:ae:2b:e1:03:6c:f5:ad:10:
fa:82:e4:fe:6a:9e:77:7a:15:9e:e0:0e:d3:38:50:
25:bc:51:96:4d:3d:90:2c:3e:f6:b3:a0:1a:57:b2:
71:e2:36:b9:7a:bd:1e:74:12:da:c5:f7:96:44:8c:
8a:67:66:23:5c:f3:77:51:c3:00:45:2d:d7:5e:56:
3d:32:e1:e3:6d:80:f4:84:0c:f3:31:45:96:4f:35:
73:be:aa:50:1f:bf:10:52:ac:87:03:b9:3c:18:3a:
76:f9:b6:d6:12:ac:7a:73:5e:bd:c0:ae:d7:73:36:
65:2d:4d:f8:63:fc:43:85:1a:4c:b4:72:94:b5:40:
bf:36:76:7c:1a:ea:e7:b7:a5:90:82:e8:a9:30:9b:
c3:5b:8a:f0:7f:9c:1f:5c:c1:22:5f:f1:9a:5c:44:
d8:1c:d6:3f:d0:46:83:fd:c9:a9:d4:ca:02:76:17:
35:8d:1e:77:89:f1:f9:3b:c4:1b:d7:b0:f6:fc:f9:
34:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:34:5A:41:3E:9D:00:21:1A:D5:CB:A8:9A:C3:D9:8A:57:42:05:9D
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/HTRaQT6dACEa1cuomsPZildCBZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.123.112.0/21
Signature Algorithm: sha256WithRSAEncryption
03:98:33:9b:a4:9f:ef:7d:41:25:85:43:9c:8a:c0:94:4c:a2:
6e:2d:3d:1f:fd:42:4d:d1:9c:62:96:7d:8b:a4:f3:ea:19:2b:
95:11:7c:fe:5a:a5:b7:54:36:f2:66:e4:80:b1:3b:df:42:97:
68:c7:3c:db:7d:fc:63:8d:d8:a5:d9:da:17:72:67:b3:d1:68:
7b:df:3e:c1:d6:fe:ac:f3:e9:51:ae:95:70:8e:95:f2:71:25:
67:5e:0b:53:71:b4:de:cc:90:3a:15:ed:1b:2f:0c:c7:fc:50:
8c:34:a3:47:87:93:54:16:51:57:32:70:03:29:d1:a5:98:88:
08:0d:b0:2f:ba:7d:65:e8:d8:78:7e:59:02:3f:b9:e6:93:ea:
21:7c:c2:6b:6c:05:62:c1:eb:15:7b:0e:4a:a9:9c:6e:8b:27:
6a:cf:82:37:7f:0b:37:19:ee:6c:de:7f:ac:21:f5:d3:80:44:
35:07:64:87:8f:72:c5:7a:d2:da:aa:f5:74:95:f7:eb:89:d2:
f0:a7:26:30:f5:05:a4:3d:22:23:d6:b3:fe:49:63:3f:18:e4:
ba:f6:3a:6e:59:45:57:23:2e:fd:31:08:fb:de:a4:a3:41:4b:
97:e0:2d:0a:ec:81:51:bb:d2:0b:6b:b2:f2:ae:9a:5e:4b:2e:
a4:0d:23:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcJSiYLwcvCx7F0kLXRN47DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjMwMzIyMTIyNzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDM0NWE0MTNlOWQwMDIxMWFkNWNiYTg5YWMzZDk4YTU3NDIwNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRCIaAeUTYBrG86rUoeMHahFf+h1
CseAvx/LtS1Xl7VwhxWUK2IE+L5xa3iCEoIh4jYNX3Fn9Rt8NwowXrojaIhTrivh
A2z1rRD6guT+ap53ehWe4A7TOFAlvFGWTT2QLD72s6AaV7Jx4ja5er0edBLaxfeW
RIyKZ2YjXPN3UcMARS3XXlY9MuHjbYD0hAzzMUWWTzVzvqpQH78QUqyHA7k8GDp2
+bbWEqx6c169wK7XczZlLU34Y/xDhRpMtHKUtUC/NnZ8Gurnt6WQguipMJvDW4rw
f5wfXMEiX/GaXETYHNY/0EaD/cmp1MoCdhc1jR53ifH5O8Qb17D2/Pk0ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB00WkE+nQAhGtXLqJrD2YpXQgWdMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvSFRSYVFUNmRBQ0VhMWN1b21zUFppbGRDQlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDk3twMA0G
CSqGSIb3DQEBCwUAA4IBAQADmDObpJ/vfUElhUOcisCUTKJuLT0f/UJN0Zxiln2L
pPPqGSuVEXz+WqW3VDbyZuSAsTvfQpdoxzzbffxjjdil2doXcmez0Wh73z7B1v6s
8+lRrpVwjpXycSVnXgtTcbTezJA6Fe0bLwzH/FCMNKNHh5NUFlFXMnADKdGlmIgI
DbAvun1l6Nh4flkCP7nmk+ohfMJrbAViwesVew5KqZxuiydqz4I3fws3Ge5s3n+s
IfXTgEQ1B2SHj3LFetLaqvV0lffridLwpyYw9QWkPSIj1rP+SWM/GOS69jpuWUVX
Iy79MQj73qSjQUuX4C0K7IFRu9ILa7LyrppeSy6kDSP4
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:45 2024 by rpki-client on console-ams.rpki-client.org