Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f7a6a3-71f3-4482-b0c5-fac346400369/1/0fUCcF1pTVuaTWDNEKKe8VoxCt8.roa
File: 0fUCcF1pTVuaTWDNEKKe8VoxCt8.roa (raw, json)
Hash identifier: y6QMXVtfuxX5xdeBLDP4MDpqOQSLojV9jKSrldXE458=
Subject key identifier: D1:F5:02:70:5D:69:4D:5B:9A:4D:60:CD:10:A2:9E:F1:5A:31:0A:DF
Certificate issuer: /CN=8acdb281fb65f028b7cdcab9c4706ea7c4594022
Certificate serial: 0185711522ED599B7CB1C0F388F7D47D9279
Authority key identifier: 8A:CD:B2:81:FB:65:F0:28:B7:CD:CA:B9:C4:70:6E:A7:C4:59:40:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is2ygftl8Ci3zcq5xHBup8RZQCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f7a6a3-71f3-4482-b0c5-fac346400369/1/0fUCcF1pTVuaTWDNEKKe8VoxCt8.roa
Signing time: Mon 02 Jan 2023 06:04:48 +0000
ROA not before: Mon 02 Jan 2023 06:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47655
IP address blocks: 176.111.72.0/24 maxlen: 24
194.152.35.0/24 maxlen: 24
176.111.74.0/24 maxlen: 24
194.152.34.0/23 maxlen: 23
176.111.73.0/24 maxlen: 24
176.111.72.0/21 maxlen: 21
2001:67c:2760::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:22:ed:59:9b:7c:b1:c0:f3:88:f7:d4:7d:92:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acdb281fb65f028b7cdcab9c4706ea7c4594022
Validity
Not Before: Jan 2 06:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1f502705d694d5b9a4d60cd10a29ef15a310adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:81:48:cc:91:2d:97:23:bd:ca:1c:03:6f:4f:
1d:9c:2a:ff:7d:f5:6f:ec:a7:7b:a7:8f:6c:09:b2:
3e:94:8c:47:89:b9:7b:99:ec:1c:87:00:23:58:70:
b5:9b:d4:c5:8c:2d:6c:d0:c9:a7:4d:8e:c0:7c:f8:
c9:80:3d:4b:16:28:d7:4a:05:8f:a5:b8:59:ab:0d:
6f:08:f7:1e:42:15:ae:ca:85:c1:bd:14:f6:0f:c5:
12:87:30:6c:18:3c:b2:a2:19:6d:3c:31:56:b2:19:
15:8a:02:82:c6:73:50:bf:7b:ae:d2:14:74:21:f9:
8d:e7:a4:7b:e9:e8:b3:2a:1a:a1:8c:98:59:c6:fa:
48:52:1e:7f:19:eb:c3:0c:9a:46:f1:26:ff:0c:41:
90:09:ac:c3:cc:eb:82:5f:7f:88:4c:bf:b3:a2:37:
88:2a:f0:9b:1d:a8:81:0b:f5:40:19:d1:9d:87:76:
bb:2e:bb:c7:1c:62:81:74:f1:7a:3e:5f:16:86:87:
c4:f9:ac:f6:7a:64:27:53:0b:18:fa:7d:06:13:b5:
c7:32:f3:c2:da:8e:bd:dd:a5:1a:42:f1:c4:f1:d4:
b9:17:cb:d9:9d:95:da:d4:59:5f:c8:16:0d:ff:31:
be:b8:ff:a1:30:2e:6c:bc:62:3b:ec:17:f3:19:b9:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F5:02:70:5D:69:4D:5B:9A:4D:60:CD:10:A2:9E:F1:5A:31:0A:DF
X509v3 Authority Key Identifier:
keyid:8A:CD:B2:81:FB:65:F0:28:B7:CD:CA:B9:C4:70:6E:A7:C4:59:40:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is2ygftl8Ci3zcq5xHBup8RZQCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f7a6a3-71f3-4482-b0c5-fac346400369/1/0fUCcF1pTVuaTWDNEKKe8VoxCt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f7a6a3-71f3-4482-b0c5-fac346400369/1/is2ygftl8Ci3zcq5xHBup8RZQCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.72.0/21
194.152.34.0/23
IPv6:
2001:67c:2760::/48
Signature Algorithm: sha256WithRSAEncryption
2c:4e:d9:1c:03:9b:e3:62:ed:a6:4d:7a:75:5f:27:07:4a:7f:
81:b4:c3:2a:17:a3:77:51:0a:e4:98:b3:b1:63:9d:54:9e:73:
ca:26:a6:6a:0e:98:97:bb:0f:94:59:c7:c1:59:2c:3b:0e:a0:
87:9d:72:4d:ec:7a:a0:44:c3:25:65:1a:bb:1b:03:0a:ad:50:
d0:c5:c6:79:eb:78:56:ca:b2:d0:36:35:0f:ee:66:9e:a9:1c:
b2:11:d9:47:d7:fb:f8:d9:64:f3:b2:36:64:e5:2b:69:c5:0b:
7e:f3:37:a4:6e:99:88:44:6f:62:a0:7e:f0:dd:76:27:ae:bc:
1a:0c:b1:24:3f:e2:bf:c4:c1:f8:58:ab:f5:c6:99:8e:8f:93:
14:03:6e:30:44:58:10:19:fa:31:27:85:0e:c2:87:51:a3:09:
5e:ce:3c:bf:62:8a:6f:6d:8b:f4:80:7e:96:bb:53:f1:6d:3e:
c0:31:bb:64:37:35:3a:ff:ca:a4:a4:f8:8a:08:5b:06:68:02:
b0:7e:21:08:72:b6:f8:3d:d2:77:59:9d:b1:95:a9:99:39:61:
f7:81:34:51:e0:81:84:6c:36:6b:29:ff:1c:c1:26:51:8f:89:
1e:96:40:2e:cd:64:e4:0a:98:2f:c6:e5:de:91:5e:70:38:3a:
1d:bb:03:4b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxFSLtWZt8scDziPfUfZJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2RiMjgxZmI2NWYwMjhiN2NkY2FiOWM0NzA2ZWE3YzQ1
OTQwMjIwHhcNMjMwMTAyMDYwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWY1MDI3MDVkNjk0ZDViOWE0ZDYwY2QxMGEyOWVmMTVhMzEwYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4FIzJEtlyO9yhwDb08dnCr/ffVv
7Kd7p49sCbI+lIxHibl7mewchwAjWHC1m9TFjC1s0MmnTY7AfPjJgD1LFijXSgWP
pbhZqw1vCPceQhWuyoXBvRT2D8UShzBsGDyyohltPDFWshkVigKCxnNQv3uu0hR0
IfmN56R76eizKhqhjJhZxvpIUh5/GevDDJpG8Sb/DEGQCazDzOuCX3+ITL+zojeI
KvCbHaiBC/VAGdGdh3a7LrvHHGKBdPF6Pl8WhofE+az2emQnUwsY+n0GE7XHMvPC
2o693aUaQvHE8dS5F8vZnZXa1FlfyBYN/zG+uP+hMC5svGI77BfzGbkpswIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNH1AnBdaU1bmk1gzRCinvFaMQrfMB8GA1UdIwQY
MBaAFIrNsoH7ZfAot83KucRwbqfEWUAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMyeWdmdGw4Q2kzemNxNXhIQnVwOFJaUUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mN2E2YTMtNzFmMy00NDgyLWIwYzUt
ZmFjMzQ2NDAwMzY5LzEvMGZVQ2NGMXBUVnVhVFdETkVLS2U4Vm94Q3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mN2E2YTMtNzFmMy00NDgyLWIwYzUtZmFjMzQ2NDAwMzY5
LzEvaXMyeWdmdGw4Q2kzemNxNXhIQnVwOFJaUUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDsG9IAwQB
wpgiMA8EAgACMAkDBwAgAQZ8J2AwDQYJKoZIhvcNAQELBQADggEBACxO2RwDm+Ni
7aZNenVfJwdKf4G0wyoXo3dRCuSYs7FjnVSec8ompmoOmJe7D5RZx8FZLDsOoIed
ck3seqBEwyVlGrsbAwqtUNDFxnnreFbKstA2NQ/uZp6pHLIR2UfX+/jZZPOyNmTl
K2nFC37zN6RumYhEb2KgfvDddieuvBoMsSQ/4r/EwfhYq/XGmY6PkxQDbjBEWBAZ
+jEnhQ7Ch1GjCV7OPL9iim9ti/SAfpa7U/FtPsAxu2Q3NTr/yqSk+IoIWwZoArB+
IQhytvg90ndZnbGVqZk5YfeBNFHggYRsNmsp/xzBJlGPiR6WQC7NZOQKmC/G5d6R
XnA4Oh27A0s=
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:07 2024 by rpki-client on console-fra.rpki-client.org