Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/Dt6lG8AQ8Iv7E68EOe0ikp5M9u8.roa
File: Dt6lG8AQ8Iv7E68EOe0ikp5M9u8.roa (raw, json)
Hash identifier: 5jZIdT24rpWFWZJtztzYrdYafD12NPXiYoFPM9gZZVo=
Subject key identifier: 0E:DE:A5:1B:C0:10:F0:8B:FB:13:AF:04:39:ED:22:92:9E:4C:F6:EF
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01856DAF6564C860F87E4E7FBF56C379971C
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/Dt6lG8AQ8Iv7E68EOe0ikp5M9u8.roa
Signing time: Sun 01 Jan 2023 14:14:49 +0000
ROA not before: Sun 01 Jan 2023 14:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202505
IP address blocks: 213.142.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:65:64:c8:60:f8:7e:4e:7f:bf:56:c3:79:97:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 14:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0edea51bc010f08bfb13af0439ed22929e4cf6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3e:2f:b9:cc:68:ab:4b:42:a4:6c:a8:3b:25:
56:2c:ea:32:06:f6:0d:da:38:f2:38:79:9f:90:10:
d6:21:34:e5:53:23:a2:a4:e9:8c:1e:07:6c:82:7d:
1d:b9:6b:99:2a:13:ca:f7:6b:aa:15:27:49:93:0e:
38:e3:3b:75:82:4e:49:f8:b9:41:bc:a6:00:30:cb:
79:14:0d:72:75:46:3e:8a:73:93:37:d1:c7:d0:68:
cc:61:a6:7e:f4:9f:00:3b:7e:d7:91:98:55:0f:91:
50:44:cf:8b:4c:20:cc:0b:2a:3c:8f:24:02:3e:73:
77:1e:e5:ec:ef:34:da:ff:6a:05:ea:04:a0:ec:e9:
e3:48:b9:e7:b3:76:66:e0:85:d3:5b:f7:31:dc:83:
15:43:21:25:78:d5:e2:7a:31:8d:91:9a:31:ab:b0:
0c:bb:9c:06:0f:7a:ed:00:8a:30:2e:28:ec:00:e7:
ac:5d:25:c7:38:db:91:14:be:67:e6:f7:fd:67:bf:
ea:cf:c7:91:99:33:24:81:7d:c0:44:74:a6:59:bb:
1e:5f:b9:62:1f:11:6c:83:c1:c1:c0:49:66:08:ee:
dd:13:d8:11:f0:9c:5b:21:eb:63:21:f0:22:83:08:
d4:f1:9c:63:08:1a:89:17:3d:d8:f8:e4:23:f9:81:
71:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DE:A5:1B:C0:10:F0:8B:FB:13:AF:04:39:ED:22:92:9E:4C:F6:EF
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/Dt6lG8AQ8Iv7E68EOe0ikp5M9u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.157.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:bf:7a:8e:cb:f1:7f:9c:99:ca:c5:35:13:d6:1e:d9:88:7f:
d8:01:6f:cf:05:0a:f4:8b:77:09:53:03:74:37:dd:aa:a4:ca:
54:20:46:5e:bc:2e:0d:12:73:48:be:71:46:7d:b4:ed:4c:f4:
79:79:5c:36:c0:23:fd:3c:3e:bd:22:1c:38:2d:60:ba:64:23:
13:f8:f3:af:2f:97:da:90:68:10:76:ee:7d:04:ae:f5:60:65:
aa:97:3e:60:b0:95:2d:18:36:f6:b5:cc:ec:7f:ef:cf:82:08:
24:35:6d:53:0c:16:d9:a7:a6:ca:f4:de:e2:67:6c:56:63:80:
02:df:48:9d:07:91:44:55:fa:aa:43:94:f7:48:ef:cf:06:06:
a4:ef:da:69:88:62:e2:79:10:3b:be:4a:21:b1:53:da:d0:b6:
2d:60:45:5f:ae:20:93:80:d9:b4:eb:34:0f:43:60:39:d4:79:
83:67:00:50:70:41:41:32:7f:92:68:e6:18:80:e7:b5:c0:0a:
da:6a:91:50:1e:9e:ba:b0:5e:0e:e4:18:04:8c:c9:26:64:01:
40:ef:06:c3:5d:ce:ab:b3:e3:f8:23:38:4e:1f:99:c9:bb:3a:
2d:0e:6f:b4:7d:0a:f9:be:f4:75:b6:79:3f:0a:69:fc:2c:a8:
97:d7:d1:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr2VkyGD4fk5/v1bDeZccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwMTAxMTQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRlYTUxYmMwMTBmMDhiZmIxM2FmMDQzOWVkMjI5MjllNGNmNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgj4vucxoq0tCpGyoOyVWLOoyBvYN
2jjyOHmfkBDWITTlUyOipOmMHgdsgn0duWuZKhPK92uqFSdJkw444zt1gk5J+LlB
vKYAMMt5FA1ydUY+inOTN9HH0GjMYaZ+9J8AO37XkZhVD5FQRM+LTCDMCyo8jyQC
PnN3HuXs7zTa/2oF6gSg7OnjSLnns3Zm4IXTW/cx3IMVQyEleNXiejGNkZoxq7AM
u5wGD3rtAIowLijsAOesXSXHONuRFL5n5vf9Z7/qz8eRmTMkgX3ARHSmWbseX7li
HxFsg8HBwElmCO7dE9gR8JxbIetjIfAigwjU8ZxjCBqJFz3Y+OQj+YFxUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7epRvAEPCL+xOvBDntIpKeTPbvMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvRHQ2bEc4QVE4SXY3RTY4RU9lMGlrcDVNOXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Y6dMA0G
CSqGSIb3DQEBCwUAA4IBAQAdv3qOy/F/nJnKxTUT1h7ZiH/YAW/PBQr0i3cJUwN0
N92qpMpUIEZevC4NEnNIvnFGfbTtTPR5eVw2wCP9PD69Ihw4LWC6ZCMT+POvL5fa
kGgQdu59BK71YGWqlz5gsJUtGDb2tczsf+/PgggkNW1TDBbZp6bK9N7iZ2xWY4AC
30idB5FEVfqqQ5T3SO/PBgak79ppiGLieRA7vkohsVPa0LYtYEVfriCTgNm06zQP
Q2A51HmDZwBQcEFBMn+SaOYYgOe1wAraapFQHp66sF4O5BgEjMkmZAFA7wbDXc6r
s+P4IzhOH5nJuzotDm+0fQr5vvR1tnk/Cmn8LKiX19Ew
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org