Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/F3vQ4JKZtSXaO7-vPCP4x50-smQ.roa
File: F3vQ4JKZtSXaO7-vPCP4x50-smQ.roa (raw, json)
Hash identifier: 1jkpWkhIqR9tDIXLzmC8JIGcg/RbPSBBTq8++n+scEo=
Subject key identifier: 17:7B:D0:E0:92:99:B5:25:DA:3B:BF:AF:3C:23:F8:C7:9D:3E:B2:64
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 018571B0F02D7374E006736BA56B1BEDC565
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/F3vQ4JKZtSXaO7-vPCP4x50-smQ.roa
Signing time: Mon 02 Jan 2023 08:54:59 +0000
ROA not before: Mon 02 Jan 2023 08:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211895
IP address blocks: 193.36.132.0/24 maxlen: 24
91.218.20.0/24 maxlen: 24
188.239.191.0/24 maxlen: 24
2a07:e040::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:f0:2d:73:74:e0:06:73:6b:a5:6b:1b:ed:c5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Jan 2 08:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=177bd0e09299b525da3bbfaf3c23f8c79d3eb264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:30:4b:92:5b:73:54:ef:60:07:df:b3:9f:82:
f7:89:54:f9:60:49:88:b3:2f:f3:41:4b:95:69:0d:
ac:f3:eb:67:77:a1:fb:73:3b:44:87:0b:3c:85:dd:
f4:83:42:44:00:0a:1e:0a:4c:4c:82:bd:61:55:87:
51:9f:c5:36:1f:c9:03:46:4f:c3:7a:e6:b9:a8:d2:
cc:c6:ff:fa:da:28:1d:ea:7b:0f:e9:be:c4:ef:54:
d9:2e:13:92:6c:58:3e:13:8a:7c:da:82:67:32:1a:
c4:d0:d6:2c:ea:f1:23:95:d3:51:1b:6f:be:d9:c3:
76:bf:0c:93:19:cc:f5:a6:a7:51:1a:05:73:74:57:
cc:94:71:3e:7b:a8:63:11:e6:66:d6:25:90:49:f6:
df:ad:2a:78:21:4c:2d:8c:0a:5f:67:5f:ce:c7:d6:
dc:7c:5d:f9:b8:0a:0e:f6:46:00:f8:46:53:79:9d:
88:2b:78:13:70:a2:82:b3:fd:be:63:1f:52:96:3b:
d9:82:8a:31:01:25:64:d5:0b:27:f8:10:48:5b:d3:
bb:a4:33:37:7d:4f:d3:e1:20:1f:01:d3:d0:fe:cb:
d8:75:27:78:28:0a:13:a5:24:19:ae:67:b4:46:6e:
f4:0b:b4:03:d0:14:fe:68:e2:7d:4e:92:ba:90:e4:
95:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:7B:D0:E0:92:99:B5:25:DA:3B:BF:AF:3C:23:F8:C7:9D:3E:B2:64
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/F3vQ4JKZtSXaO7-vPCP4x50-smQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.20.0/24
188.239.191.0/24
193.36.132.0/24
IPv6:
2a07:e040::/32
Signature Algorithm: sha256WithRSAEncryption
75:8d:e4:00:10:21:08:bf:d9:ac:e2:57:e1:93:2a:5d:f8:6b:
7f:a0:75:5b:9e:7b:e5:5d:9a:da:00:73:a4:ca:08:94:79:71:
63:6c:14:44:89:72:02:cf:f6:4e:2e:94:83:ef:b1:ee:e1:a5:
bb:2c:9d:c8:c5:76:e9:b0:70:aa:b6:d5:36:92:18:d9:3b:44:
42:45:65:ea:f2:6e:41:dd:db:f8:09:9f:9f:d6:d4:58:94:ad:
82:f3:6f:ea:4c:ad:1b:34:c5:14:79:e6:47:d8:c6:32:77:be:
ce:d6:2d:2c:5f:86:21:f1:ce:65:46:45:7b:01:a3:61:4c:ac:
17:8e:47:3d:e6:79:96:0a:40:cf:81:51:84:bd:e7:82:69:4f:
de:d0:c3:3b:d2:a5:ac:f2:fe:5c:1b:f8:1a:64:11:d8:be:00:
f6:77:37:6d:b1:91:96:9c:42:d7:1d:87:80:b8:bf:94:67:06:
1b:ad:71:43:6c:93:62:66:6d:57:74:7c:5d:8c:9e:5a:63:1d:
01:12:31:7a:b3:c1:a4:18:f5:70:31:35:6d:5b:a8:13:1f:e6:
32:98:bc:55:e3:97:1e:eb:58:88:6b:c8:50:48:86:db:5f:bb:
c3:bd:1f:da:3f:1d:44:d5:a0:59:e8:f3:10:f0:93:e3:5c:e4:
04:70:65:76
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxsPAtc3TgBnNrpWsb7cVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjMwMTAyMDg1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzdiZDBlMDkyOTliNTI1ZGEzYmJmYWYzYzIzZjhjNzlkM2ViMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizBLkltzVO9gB9+zn4L3iVT5YEmI
sy/zQUuVaQ2s8+tnd6H7cztEhws8hd30g0JEAAoeCkxMgr1hVYdRn8U2H8kDRk/D
eua5qNLMxv/62igd6nsP6b7E71TZLhOSbFg+E4p82oJnMhrE0NYs6vEjldNRG2++
2cN2vwyTGcz1pqdRGgVzdFfMlHE+e6hjEeZm1iWQSfbfrSp4IUwtjApfZ1/Ox9bc
fF35uAoO9kYA+EZTeZ2IK3gTcKKCs/2+Yx9SljvZgooxASVk1Qsn+BBIW9O7pDM3
fU/T4SAfAdPQ/svYdSd4KAoTpSQZrme0Rm70C7QD0BT+aOJ9TpK6kOSVtwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBd70OCSmbUl2ju/rzwj+MedPrJkMB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvRjN2UTRKS1p0U1hhTzctdlBDUDR4NTAtc21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9oUAwQA
vO+/AwQAwSSEMA0EAgACMAcDBQAqB+BAMA0GCSqGSIb3DQEBCwUAA4IBAQB1jeQA
ECEIv9ms4lfhkypd+Gt/oHVbnnvlXZraAHOkygiUeXFjbBREiXICz/ZOLpSD77Hu
4aW7LJ3IxXbpsHCqttU2khjZO0RCRWXq8m5B3dv4CZ+f1tRYlK2C82/qTK0bNMUU
eeZH2MYyd77O1i0sX4Yh8c5lRkV7AaNhTKwXjkc95nmWCkDPgVGEveeCaU/e0MM7
0qWs8v5cG/gaZBHYvgD2dzdtsZGWnELXHYeAuL+UZwYbrXFDbJNiZm1XdHxdjJ5a
Yx0BEjF6s8GkGPVwMTVtW6gTH+YymLxV45ce61iIa8hQSIbbX7vDvR/aPx1E1aBZ
6PMQ8JPjXOQEcGV2
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:33 2024 by rpki-client on console-ams.rpki-client.org