Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/0zu7N2noL0J9GGa5tcJYYLNdmE4.roa
File: 0zu7N2noL0J9GGa5tcJYYLNdmE4.roa (raw, json)
Hash identifier: aiJvwc+i1FEi6qX4RNWNhTPHK50Xv1IvxPuK4r9vIF8=
Subject key identifier: D3:3B:BB:37:69:E8:2F:42:7D:18:66:B9:B5:C2:58:60:B3:5D:98:4E
Certificate issuer: /CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Certificate serial: 018572D5C8DB75A0970197133CA8866EC7C6
Authority key identifier: D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/0zu7N2noL0J9GGa5tcJYYLNdmE4.roa
Signing time: Mon 02 Jan 2023 14:14:51 +0000
ROA not before: Mon 02 Jan 2023 14:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33835
IP address blocks: 217.169.240.0/20 maxlen: 20
217.169.246.0/23 maxlen: 23
92.42.216.0/21 maxlen: 21
130.185.168.0/22 maxlen: 22
130.185.170.0/24 maxlen: 24
2a02:2440::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:c8:db:75:a0:97:01:97:13:3c:a8:86:6e:c7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Validity
Not Before: Jan 2 14:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d33bbb3769e82f427d1866b9b5c25860b35d984e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2b:fe:75:7a:eb:78:85:0d:09:42:21:84:0b:
3f:0d:c9:7d:60:bd:cd:a9:5c:10:4c:79:5f:3c:40:
1a:53:f1:49:6d:ef:fe:a3:c3:08:ae:5b:76:17:32:
88:fb:41:58:c8:07:d1:37:74:20:c3:cf:e2:2a:23:
69:8d:da:5f:f9:53:77:26:9e:85:32:26:e4:10:f2:
67:b6:bf:59:3a:65:de:94:70:20:56:ad:80:5a:c1:
19:cd:ce:52:3e:25:7b:41:56:bb:d4:99:d6:91:78:
7a:2f:95:1d:dd:a5:7a:d8:61:a7:39:89:55:1f:70:
86:a3:fe:fa:02:8b:6e:8b:99:0b:6c:9c:10:27:98:
95:fa:4c:6e:02:ee:9a:d1:34:02:e9:eb:37:73:d5:
8e:9b:1a:02:ea:3f:0b:ed:82:29:3d:b4:02:c4:28:
2d:4c:91:63:00:a4:7b:74:30:ab:35:a3:9d:87:b6:
4c:a9:c5:34:f2:97:63:6f:db:5d:28:14:06:d9:f3:
09:58:ed:4b:68:68:e9:aa:3b:f0:a0:ec:e4:f6:d8:
55:e1:ed:ff:c0:2c:7a:af:6c:ea:99:46:d3:ba:84:
03:3f:66:d9:8e:41:0f:0b:9a:2f:3a:48:f2:19:57:
62:56:8e:13:62:5d:6e:a2:19:ae:33:9f:02:4d:80:
50:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3B:BB:37:69:E8:2F:42:7D:18:66:B9:B5:C2:58:60:B3:5D:98:4E
X509v3 Authority Key Identifier:
keyid:D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/0zu7N2noL0J9GGa5tcJYYLNdmE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.216.0/21
130.185.168.0/22
217.169.240.0/20
IPv6:
2a02:2440::/32
Signature Algorithm: sha256WithRSAEncryption
27:37:6b:25:73:58:31:f2:dc:d5:02:2f:1f:95:ed:7d:6e:3d:
99:e0:8c:08:0c:32:19:dd:ec:6e:87:4f:40:92:99:05:5d:de:
3c:0f:8c:5d:c0:93:34:8d:29:85:48:79:e3:00:e6:58:85:5e:
86:1c:c3:34:a8:0d:29:5a:ef:22:76:43:00:5f:92:4e:0d:6d:
c4:6b:65:be:8a:a8:46:3e:a7:47:66:42:4b:64:b6:59:84:17:
7f:2d:14:38:75:43:15:74:af:3f:c3:fb:82:cf:10:41:92:e7:
32:c6:3d:4e:d9:87:a8:95:e0:7a:d6:dd:3a:04:0f:ac:c4:97:
de:85:80:e4:b3:25:c9:1a:23:b6:ca:08:82:b2:d1:1b:a7:4f:
73:0f:0c:8c:29:4d:ed:ab:d1:93:a2:f0:c7:a1:26:85:f8:ef:
26:0b:68:89:e2:26:cc:47:b5:df:3f:18:1f:9d:1a:9c:66:99:
e3:ec:c3:04:97:52:c1:d8:f3:59:d5:0f:c9:92:7b:02:bb:80:
ef:80:17:b7:4d:97:d8:ca:fc:fb:d2:7d:4b:93:57:f6:30:a1:
35:ef:89:6f:47:54:67:92:f8:55:c0:87:fe:f0:c4:07:91:a1:
05:e4:03:ac:9d:4b:83:ba:07:6d:d8:b9:4f:fe:51:00:cf:5b:
b2:b0:23:83
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVy1cjbdaCXAZcTPKiGbsfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODU1NWY5YTUyNzI3ZjZiY2Y3MTVjYjQ3NTBhMmE0YTZj
MzUxNjEwHhcNMjMwMTAyMTQxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNiYmIzNzY5ZTgyZjQyN2QxODY2YjliNWMyNTg2MGIzNWQ5ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCv+dXrreIUNCUIhhAs/Dcl9YL3N
qVwQTHlfPEAaU/FJbe/+o8MIrlt2FzKI+0FYyAfRN3Qgw8/iKiNpjdpf+VN3Jp6F
MibkEPJntr9ZOmXelHAgVq2AWsEZzc5SPiV7QVa71JnWkXh6L5Ud3aV62GGnOYlV
H3CGo/76Aotui5kLbJwQJ5iV+kxuAu6a0TQC6es3c9WOmxoC6j8L7YIpPbQCxCgt
TJFjAKR7dDCrNaOdh7ZMqcU08pdjb9tdKBQG2fMJWO1LaGjpqjvwoOzk9thV4e3/
wCx6r2zqmUbTuoQDP2bZjkEPC5ovOkjyGVdiVo4TYl1uohmuM58CTYBQowIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNM7uzdp6C9CfRhmubXCWGCzXZhOMB8GA1UdIwQY
MBaAFNSFVfmlJyf2vPcVy0dQoqSmw1FhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2Et
MDJhYmY4NTcyZmNiLzEvMHp1N04ybm9MMEo5R0dhNXRjSllZTE5kbUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2EtMDJhYmY4NTcyZmNi
LzEvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXCrYAwQC
grmoAwQE2anwMA0EAgACMAcDBQAqAiRAMA0GCSqGSIb3DQEBCwUAA4IBAQAnN2sl
c1gx8tzVAi8fle19bj2Z4IwIDDIZ3exuh09AkpkFXd48D4xdwJM0jSmFSHnjAOZY
hV6GHMM0qA0pWu8idkMAX5JODW3Ea2W+iqhGPqdHZkJLZLZZhBd/LRQ4dUMVdK8/
w/uCzxBBkucyxj1O2YeoleB61t06BA+sxJfehYDksyXJGiO2ygiCstEbp09zDwyM
KU3tq9GTovDHoSaF+O8mC2iJ4ibMR7XfPxgfnRqcZpnj7MMEl1LB2PNZ1Q/JknsC
u4DvgBe3TZfYyvz70n1Lk1f2MKE174lvR1RnkvhVwIf+8MQHkaEF5AOsnUuDugdt
2LlP/lEAz1uysCOD
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:33 2024 by rpki-client on console-fra.rpki-client.org