Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/k0j2KiuydEddNZ5hK2SEkD-HHMQ.roa
File: k0j2KiuydEddNZ5hK2SEkD-HHMQ.roa (raw, json)
Hash identifier: 137/7byVbm4GR8Otlwu76XAf4Knh5T/92SeEqmTjxnI=
Subject key identifier: 93:48:F6:2A:2B:B2:74:47:5D:35:9E:61:2B:64:84:90:3F:87:1C:C4
Certificate issuer: /CN=1954e32570bbfb9af11c2381e81c797c2f40087c
Certificate serial: 01856CAF39130A60902273803CC504EB052C
Authority key identifier: 19:54:E3:25:70:BB:FB:9A:F1:1C:23:81:E8:1C:79:7C:2F:40:08:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/k0j2KiuydEddNZ5hK2SEkD-HHMQ.roa
Signing time: Sun 01 Jan 2023 09:35:00 +0000
ROA not before: Sun 01 Jan 2023 09:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213050
IP address blocks: 149.3.168.0/24 maxlen: 24
144.2.168.0/22 maxlen: 24
2a0c:6ac0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:39:13:0a:60:90:22:73:80:3c:c5:04:eb:05:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1954e32570bbfb9af11c2381e81c797c2f40087c
Validity
Not Before: Jan 1 09:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9348f62a2bb274475d359e612b6484903f871cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7e:a1:c3:1e:9c:3b:aa:75:71:82:87:24:44:
5d:1c:50:94:0a:f2:96:a8:06:2b:70:5e:f5:04:60:
91:4b:c2:5a:91:e1:57:1f:f9:2b:e5:bb:98:40:e0:
82:05:f7:e1:2c:c7:2d:ab:a1:02:23:93:12:47:07:
8b:cc:02:82:62:b9:9e:88:b6:7c:3e:b4:23:e3:46:
a7:d7:af:eb:e6:a5:b2:05:57:b8:2d:c3:0b:f3:59:
22:25:5b:d2:71:9a:28:e0:72:25:20:78:c2:52:4f:
d8:30:b0:d9:83:c2:0e:70:22:33:1e:00:d1:07:22:
1b:5a:17:12:ed:a3:10:2d:41:3b:d5:79:aa:d3:18:
42:25:bd:5e:37:ac:3b:55:58:1f:c8:7a:c9:e3:9d:
7f:b1:4e:f1:fb:a3:ce:9c:c1:4b:1d:83:b7:1d:c5:
02:76:24:00:80:7c:f3:b3:2e:6b:19:f5:10:d0:dd:
22:07:f4:dc:26:b1:6e:cd:12:10:b5:ee:96:0b:69:
b1:52:1f:af:27:6f:45:e6:44:81:66:ef:d5:a6:c8:
95:f2:6b:b8:e1:13:ab:98:5c:64:7d:f6:cc:25:8c:
53:fd:b4:96:ad:e0:5b:f2:f8:d1:81:57:b0:48:dd:
cc:9f:28:a4:cb:0f:b7:5d:48:a4:b3:4c:86:de:12:
90:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:48:F6:2A:2B:B2:74:47:5D:35:9E:61:2B:64:84:90:3F:87:1C:C4
X509v3 Authority Key Identifier:
keyid:19:54:E3:25:70:BB:FB:9A:F1:1C:23:81:E8:1C:79:7C:2F:40:08:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/k0j2KiuydEddNZ5hK2SEkD-HHMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.168.0/22
149.3.168.0/24
IPv6:
2a0c:6ac0::/29
Signature Algorithm: sha256WithRSAEncryption
c8:13:88:dd:f3:85:bf:9b:1b:8b:3c:7d:11:a1:19:ba:37:5f:
7e:b2:b2:ce:65:3e:b9:91:8c:9c:32:54:af:cd:a3:07:91:41:
6f:21:24:08:37:b2:f7:83:91:a8:e5:b5:26:ce:47:fb:54:67:
3b:20:ae:8a:10:68:45:e4:8c:ff:3e:dc:9c:3c:b3:c8:39:b0:
dc:b9:2e:4f:c4:68:6a:de:94:05:2c:ea:1e:74:5b:33:2a:9f:
31:79:34:8a:a9:15:aa:94:3f:b6:ab:a3:a2:e0:59:3b:4a:a8:
40:ce:09:3f:b8:a2:2a:24:4b:5f:e9:2a:72:dc:bb:84:ba:be:
c5:c5:61:ed:34:10:1b:23:c3:5c:fe:19:a6:74:ba:02:dd:0c:
27:03:0c:49:57:5c:39:0e:50:7e:d9:1e:c3:aa:1f:7f:07:b9:
97:c2:30:d2:5b:67:db:b6:73:11:22:15:38:82:d2:01:90:9c:
49:20:bb:ef:1e:f6:94:78:4d:a9:35:56:0f:f7:ba:c7:71:0c:
4e:1c:04:ff:79:97:35:d9:b5:45:c2:f8:55:fa:12:e6:8e:c9:
41:a5:1a:18:f3:c1:97:95:ec:a3:20:6d:c5:b9:f2:3d:e0:6a:
be:88:59:aa:bb:13:ee:a5:47:f3:91:5f:8e:48:5c:88:a7:31:
c8:66:72:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsrzkTCmCQInOAPMUE6wUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NTRlMzI1NzBiYmZiOWFmMTFjMjM4MWU4MWM3OTdjMmY0
MDA4N2MwHhcNMjMwMTAxMDkzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQ4ZjYyYTJiYjI3NDQ3NWQzNTllNjEyYjY0ODQ5MDNmODcxY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX6hwx6cO6p1cYKHJERdHFCUCvKW
qAYrcF71BGCRS8JakeFXH/kr5buYQOCCBffhLMctq6ECI5MSRweLzAKCYrmeiLZ8
PrQj40an16/r5qWyBVe4LcML81kiJVvScZoo4HIlIHjCUk/YMLDZg8IOcCIzHgDR
ByIbWhcS7aMQLUE71Xmq0xhCJb1eN6w7VVgfyHrJ451/sU7x+6POnMFLHYO3HcUC
diQAgHzzsy5rGfUQ0N0iB/TcJrFuzRIQte6WC2mxUh+vJ29F5kSBZu/VpsiV8mu4
4ROrmFxkffbMJYxT/bSWreBb8vjRgVewSN3Mnyikyw+3XUiks0yG3hKQDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJNI9iorsnRHXTWeYStkhJA/hxzEMB8GA1UdIwQY
MBaAFBlU4yVwu/ua8RwjgegceXwvQAh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1ZUakpYQzctNXJ4SENPQjZCeDVmQzlBQ0h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81YzdjN2QtNGQyZS00ODNjLTg5Y2Qt
MjY4MTZjYTkyY2EwLzEvazBqMktpdXlkRWRkTlo1aEsyU0VrRC1ISE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81YzdjN2QtNGQyZS00ODNjLTg5Y2QtMjY4MTZjYTkyY2Ew
LzEvR1ZUakpYQzctNXJ4SENPQjZCeDVmQzlBQ0h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCkAKoAwQA
lQOoMA0EAgACMAcDBQMqDGrAMA0GCSqGSIb3DQEBCwUAA4IBAQDIE4jd84W/mxuL
PH0RoRm6N19+srLOZT65kYycMlSvzaMHkUFvISQIN7L3g5Go5bUmzkf7VGc7IK6K
EGhF5Iz/PtycPLPIObDcuS5PxGhq3pQFLOoedFszKp8xeTSKqRWqlD+2q6Oi4Fk7
SqhAzgk/uKIqJEtf6Spy3LuEur7FxWHtNBAbI8Nc/hmmdLoC3QwnAwxJV1w5DlB+
2R7Dqh9/B7mXwjDSW2fbtnMRIhU4gtIBkJxJILvvHvaUeE2pNVYP97rHcQxOHAT/
eZc12bVFwvhV+hLmjslBpRoY88GXleyjIG3FufI94Gq+iFmquxPupUfzkV+OSFyI
pzHIZnL5
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:58 2024 by rpki-client on console-fra.rpki-client.org