Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/lSs6OhZDc7TZWBORvzQnJIP8_Uw.roa
File: lSs6OhZDc7TZWBORvzQnJIP8_Uw.roa (raw, json)
Hash identifier: lcyRqKJxVmkxNkZzqrcII77GcofGgzh6lrrX4d+xzw0=
Subject key identifier: 95:2B:3A:3A:16:43:73:B4:D9:58:13:91:BF:34:27:24:83:FC:FD:4C
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01899149E694DF706871CAB6376BA9C0A852
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/lSs6OhZDc7TZWBORvzQnJIP8_Uw.roa
Signing time: Wed 26 Jul 2023 08:21:26 +0000
ROA not before: Wed 26 Jul 2023 08:21:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42423
IP address blocks: 193.168.184.0/23 maxlen: 24
193.168.187.0/24 maxlen: 24
194.1.167.0/24 maxlen: 24
2a09:1400::/30 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:49:e6:94:df:70:68:71:ca:b6:37:6b:a9:c0:a8:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jul 26 08:21:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=952b3a3a164373b4d9581391bf34272483fcfd4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ac:43:e6:8b:17:e7:c6:a6:a8:0e:ac:b4:9d:
19:5f:09:08:30:da:c6:af:52:ba:c5:6c:69:92:27:
68:d5:97:ea:08:be:51:0f:7f:47:14:68:a3:1b:ad:
6d:0f:3d:68:61:04:eb:ef:df:21:58:a1:d3:b9:a0:
ed:d9:01:5b:ed:1d:a8:29:d1:bc:9c:19:3e:23:59:
2f:d9:d0:d2:c7:87:41:b4:a5:4a:23:44:41:64:73:
c1:db:ed:04:ac:5b:11:6e:46:dd:89:ce:ef:8e:56:
72:63:1f:1b:30:69:45:6c:b2:8a:d1:7c:f5:ca:03:
37:d4:56:b6:ce:1a:3d:0a:30:80:9d:2e:52:27:b9:
a8:25:f5:ca:b6:81:8a:ce:85:65:9e:69:dc:10:cc:
40:90:1e:88:24:75:90:0d:93:56:de:a6:17:4f:cb:
51:e8:b9:85:3b:c3:07:b3:1c:98:76:f6:84:df:ea:
06:e0:b9:cf:d2:dc:8f:af:6f:ec:8e:e6:f5:7b:3b:
3d:4e:b5:46:f7:5f:4c:e8:28:eb:15:20:d2:86:87:
8d:6b:be:b5:29:48:41:15:c7:d7:d7:ba:a4:8d:ad:
4b:f9:92:03:68:b6:fd:f2:8d:06:6b:4f:20:f2:b0:
9e:4e:27:95:eb:57:7b:8d:19:1b:ae:ce:ff:3e:13:
51:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2B:3A:3A:16:43:73:B4:D9:58:13:91:BF:34:27:24:83:FC:FD:4C
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/lSs6OhZDc7TZWBORvzQnJIP8_Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.184.0/23
193.168.187.0/24
194.1.167.0/24
IPv6:
2a09:1400::/30
Signature Algorithm: sha256WithRSAEncryption
cb:62:51:91:a2:66:0a:d3:78:e3:b7:57:b4:d1:ed:77:55:90:
a1:aa:46:d8:d6:05:14:b9:3e:d3:97:f3:fb:bd:7d:57:ca:29:
46:fe:c6:0a:09:b2:14:81:bf:65:82:f1:1a:8f:ff:d5:18:87:
06:42:87:71:95:bb:1f:2a:9e:22:15:4a:2b:4e:67:f2:e8:6a:
39:85:b7:4c:2c:d3:cd:8c:2f:cc:32:60:95:6c:69:fa:a0:82:
b0:a8:94:ac:75:5b:d0:e4:70:8a:c5:21:b0:43:ff:39:ae:b3:
7f:20:de:8e:a7:e8:44:6f:ca:08:9d:40:05:53:e7:ba:4c:3d:
13:25:75:7c:d7:ca:32:ef:c5:0c:99:53:d9:de:03:3d:1e:c3:
6e:8c:5e:2c:17:f4:2a:e1:6d:a1:01:f2:d6:51:da:68:ca:a1:
bb:d6:ec:10:a9:ac:ef:a4:87:eb:6c:cf:39:16:6b:c4:3d:25:
b6:9c:c8:8e:4a:8d:52:0b:3f:a3:93:77:97:37:72:de:13:8d:
48:8b:1c:35:0e:7b:8e:43:b1:6c:58:d5:18:18:51:ac:9f:dd:
29:76:83:10:a3:c2:fb:1a:52:de:3b:a9:19:ed:da:ad:92:b5:
2b:c4:bb:b0:31:55:ad:7b:cc:6f:0a:54:8e:59:19:58:62:6f:
61:22:02:1a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYmRSeaU33Boccq2N2upwKhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjMwNzI2MDgyMTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTJiM2EzYTE2NDM3M2I0ZDk1ODEzOTFiZjM0MjcyNDgzZmNmZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKxD5osX58amqA6stJ0ZXwkIMNrG
r1K6xWxpkido1ZfqCL5RD39HFGijG61tDz1oYQTr798hWKHTuaDt2QFb7R2oKdG8
nBk+I1kv2dDSx4dBtKVKI0RBZHPB2+0ErFsRbkbdic7vjlZyYx8bMGlFbLKK0Xz1
ygM31Fa2zho9CjCAnS5SJ7moJfXKtoGKzoVlnmncEMxAkB6IJHWQDZNW3qYXT8tR
6LmFO8MHsxyYdvaE3+oG4LnP0tyPr2/sjub1ezs9TrVG919M6CjrFSDShoeNa761
KUhBFcfX17qkja1L+ZIDaLb98o0Ga08g8rCeTieV61d7jRkbrs7/PhNRywIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJUrOjoWQ3O02VgTkb80JySD/P1MMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvbFNzNk9oWkRjN1RaV0JPUnZ6UW5KSVA4X1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwai4AwQA
wai7AwQAwgGnMA0EAgACMAcDBQIqCRQAMA0GCSqGSIb3DQEBCwUAA4IBAQDLYlGR
omYK03jjt1e00e13VZChqkbY1gUUuT7Tl/P7vX1XyilG/sYKCbIUgb9lgvEaj//V
GIcGQodxlbsfKp4iFUorTmfy6Go5hbdMLNPNjC/MMmCVbGn6oIKwqJSsdVvQ5HCK
xSGwQ/85rrN/IN6Op+hEb8oInUAFU+e6TD0TJXV818oy78UMmVPZ3gM9HsNujF4s
F/Qq4W2hAfLWUdpoyqG71uwQqazvpIfrbM85FmvEPSW2nMiOSo1SCz+jk3eXN3Le
E41Iixw1DnuOQ7FsWNUYGFGsn90pdoMQo8L7GlLeO6kZ7dqtkrUrxLuwMVWte8xv
ClSOWRlYYm9hIgIa
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:32 2024 by rpki-client on console-fra.rpki-client.org