Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/r5Ns2dO0fMMwJorntJ_yhNo7vC4.roa
File: r5Ns2dO0fMMwJorntJ_yhNo7vC4.roa (raw, json)
Hash identifier: +P3T+z9DZ+ghuapu8s5e4pMLG2A7dPINQHgThJ5SpKs=
Subject key identifier: AF:93:6C:D9:D3:B4:7C:C3:30:26:8A:E7:B4:9F:F2:84:DA:3B:BC:2E
Certificate issuer: /CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Certificate serial: 01856F9DED2053781C84180F87D39040F0E1
Authority key identifier: 07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/r5Ns2dO0fMMwJorntJ_yhNo7vC4.roa
Signing time: Sun 01 Jan 2023 23:14:58 +0000
ROA not before: Sun 01 Jan 2023 23:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51319
IP address blocks: 185.164.8.0/22 maxlen: 22
178.251.144.0/21 maxlen: 21
2a02:2340::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ed:20:53:78:1c:84:18:0f:87:d3:90:40:f0:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Validity
Not Before: Jan 1 23:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af936cd9d3b47cc330268ae7b49ff284da3bbc2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e6:ac:81:80:83:cf:18:13:fe:93:f9:00:dc:
67:8e:06:d8:68:fc:e8:04:b3:d0:dc:f4:ec:e7:bd:
4b:6d:d9:00:53:a9:f5:29:8c:54:a5:82:48:f4:33:
ac:1f:88:ec:49:5a:c1:3f:76:75:c8:4a:82:02:b9:
82:10:c8:8c:7c:c0:d0:96:e1:94:38:a3:78:56:2a:
27:0f:3b:77:eb:ac:0b:3b:8f:cc:17:6b:ed:02:ac:
4c:c6:6b:2d:0f:97:2d:02:70:e3:16:b2:58:2a:01:
09:d3:6b:f6:d5:4b:6f:22:ac:06:f0:dd:e2:ee:aa:
e0:28:48:f6:80:cf:85:b8:28:63:9f:4d:77:b5:28:
93:1f:85:f8:41:32:54:01:de:ed:e9:80:6c:d4:5f:
19:0a:c0:13:43:1a:8a:95:d6:cb:f6:95:d8:6c:39:
6a:80:f3:da:0c:a3:83:4d:3f:0b:62:25:94:07:1b:
4f:55:82:44:2e:09:6a:91:10:ef:87:84:73:ea:e8:
9e:c3:5f:d0:63:61:a7:1a:40:63:8b:a3:65:45:44:
25:08:ad:57:d9:0b:7f:65:28:45:37:df:6e:82:65:
f7:5f:d5:3a:45:10:ee:4d:26:29:90:3f:e5:3e:24:
71:05:95:f9:fc:1d:54:df:92:b0:41:98:af:4c:8a:
b8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:93:6C:D9:D3:B4:7C:C3:30:26:8A:E7:B4:9F:F2:84:DA:3B:BC:2E
X509v3 Authority Key Identifier:
keyid:07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/r5Ns2dO0fMMwJorntJ_yhNo7vC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.144.0/21
185.164.8.0/22
IPv6:
2a02:2340::/32
Signature Algorithm: sha256WithRSAEncryption
4b:10:81:8c:15:06:71:24:63:4a:06:d2:16:63:c0:67:60:9b:
d8:92:44:d4:53:d9:58:ec:d4:63:a8:96:65:c0:33:51:94:57:
64:00:3f:fe:88:20:91:ba:41:68:2f:77:e5:8a:e0:56:24:e0:
41:9d:cf:64:4c:2b:46:4a:e4:31:e9:53:74:07:a5:db:41:85:
4e:23:53:cf:c3:84:19:8f:51:c6:32:87:7d:bc:ee:1c:85:46:
aa:79:c0:03:33:df:93:69:a6:5d:07:68:89:31:7e:e8:27:87:
ae:e1:3c:6e:c7:b3:af:ee:24:13:90:c5:8c:c5:25:ee:2e:98:
c6:bf:61:83:89:b9:e6:37:ec:16:59:bf:db:07:8e:58:ad:dc:
1f:98:85:1d:b8:d4:84:a7:76:fa:66:19:15:53:3d:a4:34:66:
c9:66:c4:b6:21:63:7d:41:14:f5:38:04:e9:1e:8a:eb:2a:20:
00:99:65:5e:e4:45:dc:9d:b2:bb:24:6d:31:ce:d5:61:79:15:
f9:9a:64:56:29:01:ae:87:c8:81:b5:72:9b:24:9a:20:aa:f6:
a6:08:23:79:f3:64:fe:b7:59:d8:bf:70:74:fe:49:c5:0e:e4:
dc:d3:e4:ce:ea:15:1b:1d:95:d4:cd:3c:24:65:63:6b:31:56:
56:f5:f2:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvne0gU3gchBgPh9OQQPDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZGEwM2M5YzgyNjg1YWU2ZDZiM2QyMWQ2ODRiYmNmNDY4
YmY3NWIwHhcNMjMwMTAxMjMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjkzNmNkOWQzYjQ3Y2MzMzAyNjhhZTdiNDlmZjI4NGRhM2JiYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+asgYCDzxgT/pP5ANxnjgbYaPzo
BLPQ3PTs571LbdkAU6n1KYxUpYJI9DOsH4jsSVrBP3Z1yEqCArmCEMiMfMDQluGU
OKN4VionDzt366wLO4/MF2vtAqxMxmstD5ctAnDjFrJYKgEJ02v21UtvIqwG8N3i
7qrgKEj2gM+FuChjn013tSiTH4X4QTJUAd7t6YBs1F8ZCsATQxqKldbL9pXYbDlq
gPPaDKODTT8LYiWUBxtPVYJELglqkRDvh4Rz6uiew1/QY2GnGkBji6NlRUQlCK1X
2Qt/ZShFN99ugmX3X9U6RRDuTSYpkD/lPiRxBZX5/B1U35KwQZivTIq4WwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK+TbNnTtHzDMCaK57Sf8oTaO7wuMB8GA1UdIwQY
MBaAFAfaA8nIJoWubWs9IdaEu89Gi/dbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kZWVmMjItMjYyNC00OWI2LWEyM2It
YWEwMWRjZDNkZmE3LzEvcjVOczJkTzBmTU13Sm9ybnRKX3loTm83dkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9kZWVmMjItMjYyNC00OWI2LWEyM2ItYWEwMWRjZDNkZmE3
LzEvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsvuQAwQC
uaQIMA0EAgACMAcDBQAqAiNAMA0GCSqGSIb3DQEBCwUAA4IBAQBLEIGMFQZxJGNK
BtIWY8BnYJvYkkTUU9lY7NRjqJZlwDNRlFdkAD/+iCCRukFoL3fliuBWJOBBnc9k
TCtGSuQx6VN0B6XbQYVOI1PPw4QZj1HGMod9vO4chUaqecADM9+TaaZdB2iJMX7o
J4eu4Txux7Ov7iQTkMWMxSXuLpjGv2GDibnmN+wWWb/bB45YrdwfmIUduNSEp3b6
ZhkVUz2kNGbJZsS2IWN9QRT1OATpHorrKiAAmWVe5EXcnbK7JG0xztVheRX5mmRW
KQGuh8iBtXKbJJogqvamCCN582T+t1nYv3B0/knFDuTc0+TO6hUbHZXUzTwkZWNr
MVZW9fJg
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:17 2024 by rpki-client on console-ams.rpki-client.org