Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/mDDI5TSDGkG9uJb8p7H_K_lexSI.roa
File: mDDI5TSDGkG9uJb8p7H_K_lexSI.roa (raw, json)
Hash identifier: p6EKkn9mpf1p6yd7rxxMweyTf0/lS465zemS8jSVxIY=
Subject key identifier: 98:30:C8:E5:34:83:1A:41:BD:B8:96:FC:A7:B1:FF:2B:F9:5E:C5:22
Certificate issuer: /CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0
Certificate serial: 01856CE60BEEF82B815B609B1FF9DC6D6F87
Authority key identifier: 1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/mDDI5TSDGkG9uJb8p7H_K_lexSI.roa
Signing time: Sun 01 Jan 2023 10:34:53 +0000
ROA not before: Sun 01 Jan 2023 10:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2202
IP address blocks: 193.56.111.0/24 maxlen: 24
193.56.108.0/24 maxlen: 24
193.56.109.0/24 maxlen: 24
193.56.110.0/24 maxlen: 24
193.56.229.0/24 maxlen: 24
193.56.230.0/24 maxlen: 24
193.56.228.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:0b:ee:f8:2b:81:5b:60:9b:1f:f9:dc:6d:6f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0
Validity
Not Before: Jan 1 10:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9830c8e534831a41bdb896fca7b1ff2bf95ec522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:73:e2:b5:85:c2:26:c7:a3:83:72:50:8f:cb:
d7:73:6c:4b:18:15:99:38:c7:5c:5c:b4:a4:22:39:
63:d7:b4:1a:13:f3:8b:82:95:c0:f0:f9:2c:35:6f:
f8:c6:d2:b8:7f:e9:6d:70:8e:bc:d8:04:69:0a:ea:
a6:ae:f0:64:c8:7e:46:70:97:65:33:94:2a:f0:4b:
64:08:91:f4:06:8c:0a:e9:1c:5d:49:c3:b1:21:c0:
9e:89:72:a7:73:1e:26:be:ae:d9:8a:29:60:6c:40:
1b:72:07:d9:e0:35:30:c0:08:0d:5b:fe:2c:66:92:
b5:bc:ef:77:17:75:c5:7a:d7:24:24:27:94:30:3a:
22:87:79:10:22:86:45:36:9d:78:23:c1:aa:22:f9:
67:30:ee:aa:52:9c:ba:29:29:c9:6b:86:96:7b:da:
d0:83:8f:2d:b4:c7:5d:75:a3:1c:d6:bf:ff:e4:8e:
b9:82:6f:af:f1:50:c0:1d:3e:6e:e2:fb:5b:59:17:
b6:23:5c:63:86:8c:88:1a:77:a3:79:29:16:47:94:
c2:6f:4b:9c:c7:1a:8e:aa:69:6b:61:37:83:3b:5f:
14:b1:c3:5d:e7:25:21:3f:5d:10:bd:8f:ff:23:97:
be:18:05:76:bf:8e:76:cc:3b:a1:4d:f0:fc:5e:1a:
91:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:30:C8:E5:34:83:1A:41:BD:B8:96:FC:A7:B1:FF:2B:F9:5E:C5:22
X509v3 Authority Key Identifier:
keyid:1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/mDDI5TSDGkG9uJb8p7H_K_lexSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.108.0/22
193.56.228.0-193.56.230.255
Signature Algorithm: sha256WithRSAEncryption
b0:5c:de:ba:1d:16:fa:2c:f3:ca:4f:fb:61:75:ed:ed:30:cf:
dc:9d:59:24:9a:3a:c0:57:9a:03:9b:b6:90:b5:54:4b:78:c6:
7a:63:b2:10:0c:b3:ff:69:0e:0e:0d:69:fd:8e:0b:d8:0c:9b:
02:89:79:33:d1:88:4b:67:ed:43:48:0d:39:3d:13:26:73:cf:
3d:72:f2:dd:dc:40:6e:60:ed:54:75:49:6e:3f:87:6b:9d:10:
f7:a9:bd:31:0b:9c:c3:eb:2a:6f:16:32:80:87:4b:45:ec:46:
63:b2:33:7c:c0:72:f6:b2:c7:c5:b6:ed:a2:cc:aa:83:29:cb:
ca:c4:25:95:aa:0b:34:2e:ba:0d:af:c3:93:dc:fc:3d:f2:e6:
b5:6b:56:89:7c:a1:6e:43:ff:b0:65:49:ea:fc:b3:a4:28:fe:
61:2f:4e:fe:1b:20:66:07:0a:94:17:dd:65:15:eb:bb:ea:49:
1d:57:e4:62:61:f1:4b:c0:6e:10:42:a6:48:a9:26:1a:da:75:
90:84:ff:84:bd:5c:b7:f5:a3:25:47:61:29:1b:fa:40:8b:c7:
ca:55:bb:f6:02:6e:10:f5:b4:ee:72:d7:c7:05:43:83:dd:c8:
ae:57:21:d0:32:d1:8b:43:b6:ab:fb:85:31:a0:ab:1e:01:3c:
ca:07:c3:a6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVs5gvu+CuBW2CbH/ncbW+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWM1MmYxNTUyZjZlYTBmMDY0ZDdhM2I3OWRiNWMxY2Yx
NjZiZDAwHhcNMjMwMTAxMTAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODMwYzhlNTM0ODMxYTQxYmRiODk2ZmNhN2IxZmYyYmY5NWVjNTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnPitYXCJsejg3JQj8vXc2xLGBWZ
OMdcXLSkIjlj17QaE/OLgpXA8PksNW/4xtK4f+ltcI682ARpCuqmrvBkyH5GcJdl
M5Qq8EtkCJH0BowK6RxdScOxIcCeiXKncx4mvq7ZiilgbEAbcgfZ4DUwwAgNW/4s
ZpK1vO93F3XFetckJCeUMDoih3kQIoZFNp14I8GqIvlnMO6qUpy6KSnJa4aWe9rQ
g48ttMdddaMc1r//5I65gm+v8VDAHT5u4vtbWRe2I1xjhoyIGnejeSkWR5TCb0uc
xxqOqmlrYTeDO18UscNd5yUhP10QvY//I5e+GAV2v452zDuhTfD8XhqRfQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJgwyOU0gxpBvbiW/Kex/yv5XsUiMB8GA1UdIwQY
MBaAFB0cUvFVL26g8GTXo7edtcHPFmvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjIt
MjAxZDVhOWJiOGFhLzEvbURESTVUU0RHa0c5dUpiOHA3SF9LX2xleFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjItMjAxZDVhOWJiOGFh
LzEvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCwThsMAwD
BALBOOQDBADBOOYwDQYJKoZIhvcNAQELBQADggEBALBc3rodFvos88pP+2F17e0w
z9ydWSSaOsBXmgObtpC1VEt4xnpjshAMs/9pDg4Naf2OC9gMmwKJeTPRiEtn7UNI
DTk9EyZzzz1y8t3cQG5g7VR1SW4/h2udEPepvTELnMPrKm8WMoCHS0XsRmOyM3zA
cvayx8W27aLMqoMpy8rEJZWqCzQuug2vw5Pc/D3y5rVrVol8oW5D/7BlSer8s6Qo
/mEvTv4bIGYHCpQX3WUV67vqSR1X5GJh8UvAbhBCpkipJhradZCE/4S9XLf1oyVH
YSkb+kCLx8pVu/YCbhD1tO5y18cFQ4PdyK5XIdAy0YtDtqv7hTGgqx4BPMoHw6Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:56 2024 by rpki-client on console-fra.rpki-client.org