Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/V5NcLx-F-s3zQBU5yG-C_6f8kac.roa
File: V5NcLx-F-s3zQBU5yG-C_6f8kac.roa (raw, json)
Hash identifier: w75cYViRxJWhMSruw5mAjbfDpdZe1Vz26sx5VhEG1IM=
Subject key identifier: 57:93:5C:2F:1F:85:FA:CD:F3:40:15:39:C8:6F:82:FF:A7:FC:91:A7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187364D19772DE84C2F760CADB24B526611
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/V5NcLx-F-s3zQBU5yG-C_6f8kac.roa
Signing time: Fri 31 Mar 2023 06:13:54 +0000
ROA not before: Fri 31 Mar 2023 06:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42874
IP address blocks: 171.22.102.0/24 maxlen: 24
171.22.103.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:36:4d:19:77:2d:e8:4c:2f:76:0c:ad:b2:4b:52:66:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 31 06:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57935c2f1f85facdf3401539c86f82ffa7fc91a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e5:a8:4a:64:a8:aa:c3:c1:67:5b:d2:86:2d:
b9:7a:0a:57:5f:11:37:e0:6d:ae:4a:ad:9b:78:1d:
8b:72:b2:59:16:13:90:97:47:fe:44:84:6f:27:72:
8e:fb:97:c0:bc:8e:d6:36:19:62:be:fa:8b:35:e6:
d2:0e:e5:da:1b:89:ac:66:22:10:8f:6a:89:6d:27:
7f:f7:7a:11:d3:62:fb:73:ed:5b:36:c4:b6:88:2e:
8c:de:9a:1a:1d:19:76:46:22:3c:bc:78:46:ce:c2:
5e:0b:12:25:66:bc:b6:38:e5:58:a1:3a:26:f5:a3:
c7:c6:88:b5:04:e2:11:b6:9b:da:b0:0c:e6:bb:4b:
1d:d7:f4:6f:ff:bc:05:b0:d1:50:d0:41:61:a7:ca:
a9:d9:85:2b:5f:98:20:1c:45:a8:63:37:35:54:b2:
85:45:f7:17:a8:f3:49:6a:16:89:bc:25:cd:24:7f:
b8:52:9a:db:fa:bd:e8:66:ca:c8:78:c9:ff:63:02:
dd:c1:43:d9:6f:eb:f8:f2:72:f5:60:b2:85:be:b3:
07:ca:a3:fa:3c:fa:30:49:3b:f9:36:8c:75:52:81:
fe:1f:ea:dd:7b:6a:46:07:be:f0:7c:ca:4c:50:8d:
82:99:2e:fe:e3:39:3a:16:00:35:80:25:9f:7e:f2:
aa:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:93:5C:2F:1F:85:FA:CD:F3:40:15:39:C8:6F:82:FF:A7:FC:91:A7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/V5NcLx-F-s3zQBU5yG-C_6f8kac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.102.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:56:99:9d:af:9e:40:c8:14:c7:2e:87:04:7c:a1:1e:1f:d4:
87:cf:4f:dc:bb:a3:c4:7e:b5:c3:b1:00:b7:9b:67:2a:e4:1c:
34:c5:8b:03:a7:5c:94:0e:8c:8f:73:d2:ab:54:52:65:05:cd:
3c:fc:41:af:ac:b2:c9:84:e7:db:48:fa:b2:42:02:30:35:55:
71:fc:94:cb:00:64:8f:e4:43:7d:89:dc:16:d2:03:94:2d:2a:
21:d1:b3:f9:0f:bd:01:18:3b:db:8b:d6:a7:05:3f:10:53:6a:
6c:c2:6a:70:8f:71:f7:17:47:2e:b8:2c:64:2f:12:63:8e:83:
c8:54:36:12:19:2d:71:95:2f:06:ad:30:62:12:10:97:bd:d1:
ec:2c:d4:63:04:2f:93:4a:c0:7a:52:94:8b:18:77:dd:8e:0a:
d1:c0:f9:76:4b:23:1b:f8:f5:d0:23:c1:3d:9c:82:89:5d:6c:
96:49:d5:04:74:8e:5b:30:25:af:fc:50:e4:f0:fd:3a:81:14:
83:e9:a0:0a:69:e1:45:2e:f0:31:82:af:5c:57:a2:f6:a1:fe:
ee:a7:9d:d0:6a:80:25:cd:b0:80:09:4a:51:fd:f0:c4:c3:df:
64:b3:ea:c9:b4:a9:b0:a7:e6:9f:ef:5a:7b:ff:4c:06:10:bd:
5a:00:5f:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc2TRl3LehML3YMrbJLUmYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzMxMDYxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzkzNWMyZjFmODVmYWNkZjM0MDE1MzljODZmODJmZmE3ZmM5MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+WoSmSoqsPBZ1vShi25egpXXxE3
4G2uSq2beB2LcrJZFhOQl0f+RIRvJ3KO+5fAvI7WNhlivvqLNebSDuXaG4msZiIQ
j2qJbSd/93oR02L7c+1bNsS2iC6M3poaHRl2RiI8vHhGzsJeCxIlZry2OOVYoTom
9aPHxoi1BOIRtpvasAzmu0sd1/Rv/7wFsNFQ0EFhp8qp2YUrX5ggHEWoYzc1VLKF
RfcXqPNJahaJvCXNJH+4Uprb+r3oZsrIeMn/YwLdwUPZb+v48nL1YLKFvrMHyqP6
PPowSTv5Nox1UoH+H+rde2pGB77wfMpMUI2CmS7+4zk6FgA1gCWffvKquwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFeTXC8fhfrN80AVOchvgv+n/JGnMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVjVOY0x4LUYtczN6UUJVNXlHLUNfNmY4a2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBqxZmMA0G
CSqGSIb3DQEBCwUAA4IBAQBqVpmdr55AyBTHLocEfKEeH9SHz0/cu6PEfrXDsQC3
m2cq5Bw0xYsDp1yUDoyPc9KrVFJlBc08/EGvrLLJhOfbSPqyQgIwNVVx/JTLAGSP
5EN9idwW0gOULSoh0bP5D70BGDvbi9anBT8QU2pswmpwj3H3F0cuuCxkLxJjjoPI
VDYSGS1xlS8GrTBiEhCXvdHsLNRjBC+TSsB6UpSLGHfdjgrRwPl2SyMb+PXQI8E9
nIKJXWyWSdUEdI5bMCWv/FDk8P06gRSD6aAKaeFFLvAxgq9cV6L2of7up53QaoAl
zbCACUpR/fDEw99ks+rJtKmwp+af71p7/0wGEL1aAF+v
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org