Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/1-lojsTi_eeKs-FCxuVr4kv0BMls.roa
File: 1-lojsTi_eeKs-FCxuVr4kv0BMls.roa (raw, json)
Hash identifier: I8Wm/EE2ZPsUpY4Thq9Cf4HRAwJTRqrUMkJtbjpEcdk=
Subject key identifier: FA:5A:23:B1:38:BF:79:E2:AC:F8:50:B1:B9:5A:F8:92:FD:01:32:5B
Certificate issuer: /CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Certificate serial: 01856D789FCC42F7B0046455E867EDEE95D6
Authority key identifier: B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/1-lojsTi_eeKs-FCxuVr4kv0BMls.roa
Signing time: Sun 01 Jan 2023 13:14:59 +0000
ROA not before: Sun 01 Jan 2023 13:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42477
IP address blocks: 81.25.16.0/21 maxlen: 21
109.234.40.0/21 maxlen: 21
2a00:1800::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:9f:cc:42:f7:b0:04:64:55:e8:67:ed:ee:95:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Validity
Not Before: Jan 1 13:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa5a23b138bf79e2acf850b1b95af892fd01325b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e2:f2:67:4c:4b:1c:9a:c8:cb:3c:c6:62:c4:
7a:5e:57:3c:20:7d:60:c1:5c:96:ed:14:41:92:4e:
b0:c5:e6:68:21:d0:6e:08:db:92:58:0b:08:44:6c:
59:c0:5b:dc:1b:5f:45:e0:1c:c3:8a:0e:9d:92:af:
89:b8:2f:92:28:2d:b8:b0:20:1d:4e:97:14:74:42:
fc:1c:f3:d3:cd:67:e0:45:b1:c1:be:3e:71:09:c8:
eb:42:58:06:08:8f:48:c6:76:03:78:c6:33:31:0f:
d4:40:f4:21:83:f4:31:2e:ba:56:82:5c:f1:2f:0a:
e6:72:3c:4c:18:e9:42:ff:2b:0e:cf:fe:f2:50:a0:
59:fe:50:29:ed:32:09:8b:d1:3f:fb:69:97:c1:21:
a8:b9:55:83:2a:29:09:31:64:7c:f4:86:ba:89:89:
df:3a:99:3d:15:1a:0f:a9:46:83:ce:4b:34:00:8c:
ac:74:8d:5c:c2:d1:f3:4c:cc:dd:0f:51:98:93:1a:
c2:50:4b:2b:09:d9:5f:86:60:bb:3a:bf:c9:0f:8f:
cc:f3:e4:28:9d:e8:6f:35:ad:aa:21:30:18:19:11:
62:7c:0f:08:5a:f5:7f:c4:e8:ab:d8:6a:81:45:65:
0b:a8:89:a5:65:7a:b2:39:fa:32:7c:a3:5a:1b:bc:
d2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5A:23:B1:38:BF:79:E2:AC:F8:50:B1:B9:5A:F8:92:FD:01:32:5B
X509v3 Authority Key Identifier:
keyid:B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/1-lojsTi_eeKs-FCxuVr4kv0BMls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/sxQ5IJVoAqjrS0Ynov9POYfsGj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.16.0/21
109.234.40.0/21
IPv6:
2a00:1800::/32
Signature Algorithm: sha256WithRSAEncryption
66:51:5f:00:80:a0:d5:81:c1:6c:0f:ae:37:4c:cb:4d:53:e1:
9e:21:7d:05:6f:0f:a2:39:16:a4:40:2e:e0:ec:d5:dd:cc:c9:
14:ee:a8:db:a7:9c:fa:01:cc:31:65:0f:45:61:f5:11:ab:3d:
b0:cb:1c:7a:2e:4f:0e:1d:f3:c6:67:10:3c:36:8e:cf:cc:cf:
c7:56:b0:44:e7:9a:c2:05:b5:5c:07:33:5a:45:fa:3c:5a:40:
6c:e4:70:ba:f8:43:47:01:37:ef:44:00:55:d6:9e:2d:78:c9:
11:0a:7a:60:f1:95:7f:1b:c5:dd:99:cf:d0:46:38:cf:df:9e:
b5:7f:01:3c:ab:97:89:52:cd:10:4a:d7:29:11:75:a4:3a:9e:
34:9a:ab:e4:6c:54:b6:58:40:f9:64:7d:4d:07:f5:88:ea:d9:
92:1c:01:8a:72:04:04:3e:23:6f:bd:91:ac:99:05:dd:46:76:
f6:d4:9d:fe:6a:4b:76:a1:4e:1c:94:c7:2d:93:88:fd:11:c7:
78:7d:46:90:7c:22:3a:3c:e5:0b:00:f6:6c:f1:13:01:f7:24:
24:09:e0:c8:d2:62:d7:d7:2d:a5:29:bc:31:38:78:0f:ce:ef:
a7:a8:11:e2:3a:b4:9a:df:cc:cd:1d:3e:33:60:ff:39:b2:f6:
5f:87:98:30
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVteJ/MQvewBGRV6Gft7pXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTQzOTIwOTU2ODAyYThlYjRiNDYyN2EyZmY0ZjM5ODdl
YzFhM2QwHhcNMjMwMTAxMTMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVhMjNiMTM4YmY3OWUyYWNmODUwYjFiOTVhZjg5MmZkMDEzMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOLyZ0xLHJrIyzzGYsR6Xlc8IH1g
wVyW7RRBkk6wxeZoIdBuCNuSWAsIRGxZwFvcG19F4BzDig6dkq+JuC+SKC24sCAd
TpcUdEL8HPPTzWfgRbHBvj5xCcjrQlgGCI9IxnYDeMYzMQ/UQPQhg/QxLrpWglzx
LwrmcjxMGOlC/ysOz/7yUKBZ/lAp7TIJi9E/+2mXwSGouVWDKikJMWR89Ia6iYnf
Opk9FRoPqUaDzks0AIysdI1cwtHzTMzdD1GYkxrCUEsrCdlfhmC7Or/JD4/M8+Qo
nehvNa2qITAYGRFifA8IWvV/xOir2GqBRWULqImlZXqyOfoyfKNaG7zSGQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPpaI7E4v3nirPhQsbla+JL9ATJbMB8GA1UdIwQY
MBaAFLMUOSCVaAKo60tGJ6L/TzmH7Bo9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzkt
NmVmMmI5ZDdmMTA0LzEvMS1sb2pzVGlfZWVLcy1GQ3h1VnI0a3YwQk1scy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmUvYTFjMTQyLTg5NDMtNDlmNC04Y2M5LTZlZjJiOWQ3ZjEw
NC8xL3N4UTVJSlZvQXFqclMwWW5vdjlQT1lmc0dqMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA1EZEAME
A23qKDANBAIAAjAHAwUAKgAYADANBgkqhkiG9w0BAQsFAAOCAQEAZlFfAICg1YHB
bA+uN0zLTVPhniF9BW8PojkWpEAu4OzV3czJFO6o26ec+gHMMWUPRWH1Eas9sMsc
ei5PDh3zxmcQPDaOz8zPx1awROeawgW1XAczWkX6PFpAbORwuvhDRwE370QAVdae
LXjJEQp6YPGVfxvF3ZnP0EY4z9+etX8BPKuXiVLNEErXKRF1pDqeNJqr5GxUtlhA
+WR9TQf1iOrZkhwBinIEBD4jb72RrJkF3UZ29tSd/mpLdqFOHJTHLZOI/RHHeH1G
kHwiOjzlCwD2bPETAfckJAngyNJi19ctpSm8MTh4D87vp6gR4jq0mt/MzR0+M2D/
ObL2X4eYMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:40 2024 by rpki-client on console-ams.rpki-client.org