Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/8nY1Xhh461BCL4LGs58XZiFuBw4.roa
File: 8nY1Xhh461BCL4LGs58XZiFuBw4.roa (raw, json)
Hash identifier: zWkr5YDUe53zPivDhfK+rmAEliwWqikHzJbjiTIGkGU=
Subject key identifier: F2:76:35:5E:18:78:EB:50:42:2F:82:C6:B3:9F:17:66:21:6E:07:0E
Certificate issuer: /CN=aba10057bcd00762eef43823c030e7e32d572241
Certificate serial: 01856F5DB0614082CF9D8BA482EF45DECAC1
Authority key identifier: AB:A1:00:57:BC:D0:07:62:EE:F4:38:23:C0:30:E7:E3:2D:57:22:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/8nY1Xhh461BCL4LGs58XZiFuBw4.roa
Signing time: Sun 01 Jan 2023 22:04:48 +0000
ROA not before: Sun 01 Jan 2023 22:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 160.202.22.0/24 maxlen: 24
160.202.20.0/24 maxlen: 24
160.202.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b0:61:40:82:cf:9d:8b:a4:82:ef:45:de:ca:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aba10057bcd00762eef43823c030e7e32d572241
Validity
Not Before: Jan 1 22:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f276355e1878eb50422f82c6b39f1766216e070e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7e:52:de:a4:2d:34:f4:96:9a:cb:8f:3a:45:
b0:31:08:af:a4:7e:a8:63:66:db:85:2b:a8:a1:98:
0e:70:ea:6d:cf:05:c4:fa:7b:88:a3:dc:04:b3:75:
a6:55:58:4a:6f:c8:2d:57:17:de:e6:8b:7c:b0:6c:
93:3f:bf:f9:e3:c7:bb:20:ad:d2:12:99:d7:24:50:
97:63:9e:a6:08:f3:ec:47:18:c7:3d:f6:df:33:4a:
ea:ff:50:ad:bd:8b:3b:55:06:07:64:b4:65:5f:6b:
ac:dd:94:d2:8d:6c:89:90:4f:76:12:7e:7a:70:78:
1c:d5:f9:57:b0:da:37:f5:4c:73:f1:4e:d4:ec:57:
ab:8f:62:00:16:27:93:00:d2:61:c8:99:18:e6:3e:
89:08:d3:53:e4:69:1f:2d:f7:fc:86:4b:b0:b0:39:
60:cf:45:5d:fb:1c:33:fe:a4:85:81:cf:42:c3:39:
a3:30:3d:32:e4:3f:bb:21:3b:78:0a:fd:8d:50:e2:
99:df:5d:b5:73:bf:ec:1f:8a:8f:2d:63:6d:52:17:
2f:6f:d4:e5:58:1c:89:35:a0:be:13:1e:38:96:80:
d8:60:8b:92:49:cb:6d:6b:7c:e6:ba:26:5a:9c:53:
3a:2d:f2:08:e2:c6:2a:d9:0d:b5:80:af:39:81:be:
f1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:76:35:5E:18:78:EB:50:42:2F:82:C6:B3:9F:17:66:21:6E:07:0E
X509v3 Authority Key Identifier:
keyid:AB:A1:00:57:BC:D0:07:62:EE:F4:38:23:C0:30:E7:E3:2D:57:22:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/8nY1Xhh461BCL4LGs58XZiFuBw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.202.20.0-160.202.22.255
Signature Algorithm: sha256WithRSAEncryption
4c:1d:d3:29:b0:bb:bf:ef:c0:8a:13:57:24:fe:cd:dd:7e:2f:
5b:10:5b:71:ec:ef:66:19:18:80:1a:fa:5b:d7:8f:97:64:10:
c4:23:f4:3c:cc:10:79:d1:0e:6d:63:e7:23:94:49:39:e5:a6:
4a:b7:93:1f:b2:c9:76:93:5d:27:41:d2:04:9d:8e:a8:8a:4b:
02:cc:1f:ef:81:f5:fb:f7:77:61:42:1e:55:20:54:e7:f1:a0:
93:0a:9d:0c:aa:55:23:12:98:d1:6f:23:44:13:f3:cd:47:ac:
6f:b9:c3:63:58:eb:48:cc:63:3a:d6:0c:26:98:70:cc:be:ad:
9f:6c:4d:bd:60:83:26:82:da:aa:ef:73:a2:fb:51:8d:32:0a:
52:d1:af:4a:8b:74:83:1f:8c:7d:85:cc:9b:10:29:bb:1b:05:
67:8b:10:5a:7e:6a:ce:92:de:72:93:64:59:8b:4a:a6:6b:8b:
ca:a5:d9:d3:bb:4b:64:89:83:a0:60:a3:bf:e2:40:b3:9e:bb:
8c:69:b0:d2:e6:5a:f2:40:16:5e:d3:e9:d1:49:94:d9:61:f5:
cb:67:01:2c:ab:c9:73:af:6f:10:2f:0f:d9:f6:cf:40:8e:87:
7b:5f:8a:59:c3:9c:54:e3:65:b9:b6:34:a2:a5:6f:71:05:12:
bd:38:43:e4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvXbBhQILPnYukgu9F3srBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTEwMDU3YmNkMDA3NjJlZWY0MzgyM2MwMzBlN2UzMmQ1
NzIyNDEwHhcNMjMwMTAxMjIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjc2MzU1ZTE4NzhlYjUwNDIyZjgyYzZiMzlmMTc2NjIxNmUwNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl35S3qQtNPSWmsuPOkWwMQivpH6o
Y2bbhSuooZgOcOptzwXE+nuIo9wEs3WmVVhKb8gtVxfe5ot8sGyTP7/548e7IK3S
EpnXJFCXY56mCPPsRxjHPfbfM0rq/1CtvYs7VQYHZLRlX2us3ZTSjWyJkE92En56
cHgc1flXsNo39Uxz8U7U7Ferj2IAFieTANJhyJkY5j6JCNNT5GkfLff8hkuwsDlg
z0Vd+xwz/qSFgc9CwzmjMD0y5D+7ITt4Cv2NUOKZ3121c7/sH4qPLWNtUhcvb9Tl
WByJNaC+Ex44loDYYIuSSctta3zmuiZanFM6LfII4sYq2Q21gK85gb7xzQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPJ2NV4YeOtQQi+CxrOfF2YhbgcOMB8GA1UdIwQY
MBaAFKuhAFe80Adi7vQ4I8Aw5+MtVyJBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZFQVY3elFCMkx1OURnandERG40eTFYSWtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi84MDM1M2QtNGYyMi00ZDk0LWJlYWQt
ZGQyMGUyOTk0Y2QwLzEvOG5ZMVhoaDQ2MUJDTDRMR3M1OFhaaUZ1Qnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi84MDM1M2QtNGYyMi00ZDk0LWJlYWQtZGQyMGUyOTk0Y2Qw
LzEvcTZFQVY3elFCMkx1OURnandERG40eTFYSWtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKgyhQD
BACgyhYwDQYJKoZIhvcNAQELBQADggEBAEwd0ymwu7/vwIoTVyT+zd1+L1sQW3Hs
72YZGIAa+lvXj5dkEMQj9DzMEHnRDm1j5yOUSTnlpkq3kx+yyXaTXSdB0gSdjqiK
SwLMH++B9fv3d2FCHlUgVOfxoJMKnQyqVSMSmNFvI0QT881HrG+5w2NY60jMYzrW
DCaYcMy+rZ9sTb1ggyaC2qrvc6L7UY0yClLRr0qLdIMfjH2FzJsQKbsbBWeLEFp+
as6S3nKTZFmLSqZri8ql2dO7S2SJg6Bgo7/iQLOeu4xpsNLmWvJAFl7T6dFJlNlh
9ctnASyryXOvbxAvD9n2z0COh3tfilnDnFTjZbm2NKKlb3EFEr04Q+Q=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:19 2024 by rpki-client on console-fra.rpki-client.org