Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/V1kWM0qm_lfcIkDQN5-hXvTWEto.roa
File: V1kWM0qm_lfcIkDQN5-hXvTWEto.roa (raw, json)
Hash identifier: XobJrAWm+wRxyeEQqurpPMIK0fUJ97CAi+wnyZceV/A=
Subject key identifier: 57:59:16:33:4A:A6:FE:57:DC:22:40:D0:37:9F:A1:5E:F4:D6:12:DA
Certificate issuer: /CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Certificate serial: 01856E78E6FE20EEA53D70F0C5392150A0E0
Authority key identifier: C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/V1kWM0qm_lfcIkDQN5-hXvTWEto.roa
Signing time: Sun 01 Jan 2023 17:54:55 +0000
ROA not before: Sun 01 Jan 2023 17:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21005
IP address blocks: 176.122.210.0/23 maxlen: 23
176.122.211.0/24 maxlen: 24
176.122.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:e6:fe:20:ee:a5:3d:70:f0:c5:39:21:50:a0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Validity
Not Before: Jan 1 17:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=575916334aa6fe57dc2240d0379fa15ef4d612da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d4:71:a5:3f:ca:4e:fe:69:1f:e6:3c:50:c3:
48:eb:c7:6a:a3:c0:ae:04:7d:d2:2e:8b:99:7d:64:
c1:9f:25:78:a1:a9:02:f9:52:11:be:9a:1d:92:a8:
65:3a:8c:27:31:ba:11:67:3c:6f:c5:87:41:bb:af:
60:f5:0a:4d:02:45:1b:28:aa:c8:f7:0c:d4:3b:3f:
35:85:8e:c0:60:71:aa:49:9a:ca:9d:39:a9:32:98:
b3:51:0f:a3:32:93:f3:4f:e5:58:3e:80:a9:f6:dd:
ec:e2:03:2a:98:eb:68:f5:65:22:f8:0d:9c:87:f7:
f8:fa:96:a7:c8:ee:13:c1:09:39:1b:16:0a:91:3d:
d1:e2:62:fc:b3:7c:35:46:de:44:70:fe:f3:60:67:
ce:60:b9:9c:54:27:64:2a:f8:99:5f:11:40:ff:93:
fe:7f:e0:b9:69:2e:f5:19:46:01:ae:26:c4:1e:13:
e6:c4:2d:9a:a5:f2:b4:21:14:cd:6a:52:47:09:a5:
da:01:b0:46:04:b5:32:b7:fd:3d:87:1d:f6:13:92:
cb:ac:cc:90:54:a3:ad:89:d9:7a:fb:08:1a:f1:d6:
85:3e:16:9e:eb:2f:28:88:36:57:c8:e9:d0:a6:59:
7d:9d:b3:03:cd:d0:a3:cc:fd:43:10:33:fc:a2:6d:
73:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:59:16:33:4A:A6:FE:57:DC:22:40:D0:37:9F:A1:5E:F4:D6:12:DA
X509v3 Authority Key Identifier:
keyid:C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/V1kWM0qm_lfcIkDQN5-hXvTWEto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.210.0/23
Signature Algorithm: sha256WithRSAEncryption
30:98:db:d2:9b:b0:ca:06:b4:04:10:2c:5d:73:b8:fc:60:86:
ab:e0:c8:85:ea:3b:d5:42:c3:1e:6e:96:13:3a:0c:a5:f8:3e:
cf:e4:45:34:11:45:c5:52:e9:e4:72:a6:83:64:44:c4:5f:ee:
59:6f:0e:d1:7b:ab:9e:7e:48:77:c6:9c:d4:82:b0:d1:66:5e:
5e:53:d8:1a:78:29:b5:fd:b1:6f:15:89:f1:70:86:0d:91:5b:
5e:a6:63:5e:fa:a0:b5:66:86:43:84:11:b1:b6:dc:4d:f4:51:
3d:9d:78:7d:4a:8d:67:a8:c9:e2:4a:23:45:22:dc:54:d6:ed:
50:25:6a:40:b5:c4:1f:56:12:69:3d:21:b6:71:f6:f2:b7:49:
f6:b5:89:ce:f8:aa:44:76:ef:dc:10:fd:7b:ed:3d:a2:93:ea:
9a:c1:bb:74:07:3b:a9:50:e0:be:91:49:06:40:44:7a:ce:10:
69:22:60:4f:a9:6b:3a:d7:b5:d5:5a:66:ca:db:c6:18:bd:4a:
24:ed:96:e2:ee:61:74:35:80:c8:fe:d3:16:3c:20:a6:f7:2e:
0b:87:e3:2f:0c:16:15:89:dd:88:77:34:36:34:10:01:d0:a8:
ca:98:35:e3:c5:cc:03:d6:3f:02:cd:71:31:1e:9c:8e:43:06:
18:36:79:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueOb+IO6lPXDwxTkhUKDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGYwYmQwNGFhODQzZTY4MDgyZjZkZWNlMDc5ODczMmI2
Zjg4MzIwHhcNMjMwMTAxMTc1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzU5MTYzMzRhYTZmZTU3ZGMyMjQwZDAzNzlmYTE1ZWY0ZDYxMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNRxpT/KTv5pH+Y8UMNI68dqo8Cu
BH3SLouZfWTBnyV4oakC+VIRvpodkqhlOownMboRZzxvxYdBu69g9QpNAkUbKKrI
9wzUOz81hY7AYHGqSZrKnTmpMpizUQ+jMpPzT+VYPoCp9t3s4gMqmOto9WUi+A2c
h/f4+panyO4TwQk5GxYKkT3R4mL8s3w1Rt5EcP7zYGfOYLmcVCdkKviZXxFA/5P+
f+C5aS71GUYBribEHhPmxC2apfK0IRTNalJHCaXaAbBGBLUyt/09hx32E5LLrMyQ
VKOtidl6+wga8daFPhae6y8oiDZXyOnQpll9nbMDzdCjzP1DEDP8om1zewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFdZFjNKpv5X3CJA0DefoV701hLaMB8GA1UdIwQY
MBaAFMTfC9BKqEPmgIL23s4HmHMrb4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAt
Y2I5ZTFlZDc3OWFjLzEvVjFrV00wcW1fbGZjSWtEUU41LWhYdlRXRXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAtY2I5ZTFlZDc3OWFj
LzEveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHrSMA0G
CSqGSIb3DQEBCwUAA4IBAQAwmNvSm7DKBrQEECxdc7j8YIar4MiF6jvVQsMebpYT
Ogyl+D7P5EU0EUXFUunkcqaDZETEX+5Zbw7Re6uefkh3xpzUgrDRZl5eU9gaeCm1
/bFvFYnxcIYNkVtepmNe+qC1ZoZDhBGxttxN9FE9nXh9So1nqMniSiNFItxU1u1Q
JWpAtcQfVhJpPSG2cfbyt0n2tYnO+KpEdu/cEP177T2ik+qawbt0BzupUOC+kUkG
QER6zhBpImBPqWs617XVWmbK28YYvUok7Zbi7mF0NYDI/tMWPCCm9y4Lh+MvDBYV
id2IdzQ2NBAB0KjKmDXjxcwD1j8CzXExHpyOQwYYNnnw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:13 2024 by rpki-client on console-fra.rpki-client.org