Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/X2n85007jSwmDEp_3wA_Wf7UNdc.roa
File: X2n85007jSwmDEp_3wA_Wf7UNdc.roa (raw, json)
Hash identifier: jMxJvay3dVte/TGbAQTheite+WnyeWO6Apg5j/aPik8=
Subject key identifier: 5F:69:FC:E7:4D:3B:8D:2C:26:0C:4A:7F:DF:00:3F:59:FE:D4:35:D7
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018756D1CADD1DE4D232C676D1AA80609377
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/X2n85007jSwmDEp_3wA_Wf7UNdc.roa
Signing time: Thu 06 Apr 2023 13:46:42 +0000
ROA not before: Thu 06 Apr 2023 13:46:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 213.142.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:d1:ca:dd:1d:e4:d2:32:c6:76:d1:aa:80:60:93:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Apr 6 13:46:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f69fce74d3b8d2c260c4a7fdf003f59fed435d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7c:8a:7f:f7:37:04:02:d0:d8:71:70:af:d5:
3f:e8:a9:a3:16:75:2c:25:f9:9e:f7:4f:c1:64:0e:
d7:f4:02:cb:e6:4b:1c:b4:a7:f6:c8:07:1f:b7:b0:
ee:bb:4b:4c:0b:59:17:06:33:38:89:db:bb:bb:cc:
52:6e:08:b7:d1:f0:24:69:19:a5:77:af:96:fd:47:
30:06:5b:86:19:81:25:af:cc:a8:6c:35:e7:48:60:
b3:cf:49:3d:f7:b9:9c:e9:de:d5:7b:c3:0a:99:6e:
f1:53:28:c7:eb:1c:1a:4b:4d:fc:ae:3e:e8:cd:e2:
0a:c0:27:54:cd:0a:c2:aa:12:60:68:a2:0c:bf:b3:
c0:3e:e2:0a:4b:ca:b3:48:c4:f5:dc:59:e3:75:af:
e7:20:d0:61:1f:6f:4d:7f:dc:02:d2:7e:04:ed:f6:
6f:41:02:24:4c:5b:ad:90:66:fd:4a:24:22:dd:22:
01:bc:d5:8e:28:77:b0:af:03:70:7d:1a:19:15:7a:
65:7d:8f:51:fe:e9:18:c0:b5:07:12:82:48:ea:85:
79:97:a7:cb:90:39:ea:f2:00:1a:7d:47:f3:55:28:
e6:7e:0b:e6:e2:7f:58:82:64:ae:ac:98:2a:9b:8a:
8a:42:16:59:f7:19:03:9c:ad:00:1c:a8:a2:3f:b4:
82:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:69:FC:E7:4D:3B:8D:2C:26:0C:4A:7F:DF:00:3F:59:FE:D4:35:D7
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/X2n85007jSwmDEp_3wA_Wf7UNdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.149.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:67:b0:dd:45:43:93:1c:3e:b2:60:ed:87:9e:67:3a:b7:5d:
f2:1d:32:d5:53:a7:02:4d:12:0a:4e:55:44:45:d3:c3:e9:cd:
2e:b7:e8:33:b1:6d:0f:68:a7:5b:f9:c0:c3:3d:52:40:35:63:
dd:47:a5:37:88:33:41:f1:92:6a:af:12:a9:1d:1c:dc:5f:4d:
c3:71:18:ca:9a:29:7b:a2:48:36:ba:22:5c:21:7a:9a:4c:7d:
9d:db:09:b1:bf:ab:0a:56:a2:c5:d2:06:42:b9:99:c7:09:7c:
ea:e7:05:31:65:c0:fb:25:f9:1c:fe:09:4a:23:0d:4f:c3:c0:
65:e6:1e:4b:82:47:59:4b:a6:8c:27:9c:21:00:4c:bf:bd:d2:
b3:5a:35:f6:db:06:a3:86:a0:27:d7:4e:b2:80:25:b6:9b:29:
1e:25:7d:1b:1f:4d:a8:ba:25:99:bc:34:83:25:4d:7a:1e:78:
1e:ae:d9:77:d5:90:00:85:fc:a1:a2:26:7d:73:69:ff:bb:2e:
d4:86:34:9f:64:6e:f8:77:a3:0f:35:54:82:64:87:93:88:64:
2f:09:71:68:7e:2c:34:6b:80:ce:d6:9a:c3:31:f0:d8:27:b4:
85:34:48:f3:b3:ca:b1:12:6b:ea:57:24:11:20:30:eb:d3:af:
ff:05:3d:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdW0crdHeTSMsZ20aqAYJN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwNDA2MTM0NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjY5ZmNlNzRkM2I4ZDJjMjYwYzRhN2ZkZjAwM2Y1OWZlZDQzNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHyKf/c3BALQ2HFwr9U/6KmjFnUs
Jfme90/BZA7X9ALL5ksctKf2yAcft7Duu0tMC1kXBjM4idu7u8xSbgi30fAkaRml
d6+W/UcwBluGGYElr8yobDXnSGCzz0k997mc6d7Ve8MKmW7xUyjH6xwaS038rj7o
zeIKwCdUzQrCqhJgaKIMv7PAPuIKS8qzSMT13Fnjda/nINBhH29Nf9wC0n4E7fZv
QQIkTFutkGb9SiQi3SIBvNWOKHewrwNwfRoZFXplfY9R/ukYwLUHEoJI6oV5l6fL
kDnq8gAafUfzVSjmfgvm4n9YgmSurJgqm4qKQhZZ9xkDnK0AHKiiP7SCFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9p/OdNO40sJgxKf98AP1n+1DXXMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvWDJuODUwMDdqU3dtREVwXzN3QV9XZjdVTmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Y6VMA0G
CSqGSIb3DQEBCwUAA4IBAQDDZ7DdRUOTHD6yYO2Hnmc6t13yHTLVU6cCTRIKTlVE
RdPD6c0ut+gzsW0PaKdb+cDDPVJANWPdR6U3iDNB8ZJqrxKpHRzcX03DcRjKmil7
okg2uiJcIXqaTH2d2wmxv6sKVqLF0gZCuZnHCXzq5wUxZcD7Jfkc/glKIw1Pw8Bl
5h5LgkdZS6aMJ5whAEy/vdKzWjX22wajhqAn106ygCW2mykeJX0bH02ouiWZvDSD
JU16Hngertl31ZAAhfyhoiZ9c2n/uy7UhjSfZG74d6MPNVSCZIeTiGQvCXFofiw0
a4DO1prDMfDYJ7SFNEjzs8qxEmvqVyQRIDDr06//BT0A
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:24 2024 by rpki-client on console-fra.rpki-client.org