Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/CKL1PhJwb7mNCDtE6N444MN-yVg.roa
File: CKL1PhJwb7mNCDtE6N444MN-yVg.roa (raw, json)
Hash identifier: EE2/dR6hDCIekmkR5I7ZTJ1p+al57Bi7VpD7MZksJug=
Subject key identifier: 08:A2:F5:3E:12:70:6F:B9:8D:08:3B:44:E8:DE:38:E0:C3:7E:C9:58
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0187D629E0A12165E05F51E81AF77D2EECC1
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/CKL1PhJwb7mNCDtE6N444MN-yVg.roa
Signing time: Mon 01 May 2023 07:14:41 +0000
ROA not before: Mon 01 May 2023 07:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208153
IP address blocks: 147.181.62.0/23 maxlen: 24
2a04:9a00:1110::/46 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d6:29:e0:a1:21:65:e0:5f:51:e8:1a:f7:7d:2e:ec:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: May 1 07:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08a2f53e12706fb98d083b44e8de38e0c37ec958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:07:1f:da:12:4f:6c:3b:d8:84:0a:f3:94:39:
aa:c5:39:d9:9e:56:4d:3e:a5:bc:55:7c:40:72:88:
b9:2c:af:09:e4:6c:45:87:09:09:b9:7b:d8:c5:48:
00:e4:58:12:e5:f6:1a:c7:bc:a0:ac:3c:25:f9:90:
5d:15:06:7a:6f:c6:d3:35:b5:34:67:12:6e:c2:0b:
db:9c:1e:c7:6f:bf:4a:4d:24:ac:ab:33:09:13:47:
d5:1c:f1:6b:2a:58:b3:da:99:2d:86:e1:50:2d:12:
07:d6:41:37:da:aa:f6:30:a1:5c:e7:d5:ab:0a:d6:
f2:3d:4a:8d:c2:1c:d3:a1:fc:97:17:b4:6a:aa:20:
61:57:6a:c6:08:04:08:60:16:ea:70:97:3c:24:e5:
e5:c8:39:db:f5:6e:4a:16:08:4e:90:05:c2:5b:4d:
c1:e7:9c:ba:46:e8:e1:bb:d7:72:f8:4e:c6:0f:1d:
c2:86:38:48:e8:5a:31:2a:23:fb:dd:91:e8:5d:3f:
cf:ce:43:9f:f5:e2:08:17:ea:31:4a:58:73:b0:51:
a1:bc:d2:d6:77:a7:20:b1:04:16:86:ce:07:ff:0d:
b4:20:29:e1:7f:86:77:1b:6d:5b:34:da:cf:55:48:
72:11:75:2f:9f:0a:9f:ad:df:e7:db:2f:a8:98:e9:
22:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A2:F5:3E:12:70:6F:B9:8D:08:3B:44:E8:DE:38:E0:C3:7E:C9:58
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/CKL1PhJwb7mNCDtE6N444MN-yVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.62.0/23
IPv6:
2a04:9a00:1110::/46
Signature Algorithm: sha256WithRSAEncryption
8f:84:d5:d3:90:2d:ca:44:07:a3:bc:67:04:3a:2b:c5:6e:64:
7e:75:63:64:f9:4e:ed:69:58:54:4a:90:29:62:c5:2b:fa:f1:
17:32:3c:49:85:18:9e:37:a3:52:f2:20:ce:f3:1f:d9:05:72:
c1:d2:55:af:65:06:a6:ad:ad:03:f6:ed:af:91:37:6d:0a:2b:
3b:c1:5a:82:a0:cf:0d:e4:35:0c:81:e8:2f:88:92:df:45:a7:
be:8c:a0:6d:73:c8:28:5d:15:a1:82:e3:6e:a8:df:4e:3f:06:
a6:c8:e7:9c:62:fd:29:78:95:91:25:94:59:0e:79:32:a2:84:
7a:a0:90:ee:ef:22:7e:f3:4b:76:c4:45:25:d0:23:04:4e:74:
26:a0:60:65:42:f2:49:2b:13:b4:51:a1:f0:cd:11:6a:02:3f:
87:68:3b:ac:4c:78:e7:6c:b0:b8:03:fe:0e:2e:68:df:ed:40:
12:2b:e9:78:95:3c:90:16:8e:1d:1c:4a:2f:bc:2d:f0:1a:de:
51:19:39:7a:90:b9:18:a2:df:d3:a6:4e:7f:13:ed:5f:d4:2a:
d6:e5:c5:d0:f6:1d:27:d7:65:99:ac:78:93:c5:e1:54:c0:21:
08:de:bb:50:00:59:76:1e:a6:a4:79:81:bb:77:8f:1e:c5:f0:
ba:b3:b2:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfWKeChIWXgX1HoGvd9LuzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwNTAxMDcxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGEyZjUzZTEyNzA2ZmI5OGQwODNiNDRlOGRlMzhlMGMzN2VjOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwcf2hJPbDvYhArzlDmqxTnZnlZN
PqW8VXxAcoi5LK8J5GxFhwkJuXvYxUgA5FgS5fYax7ygrDwl+ZBdFQZ6b8bTNbU0
ZxJuwgvbnB7Hb79KTSSsqzMJE0fVHPFrKliz2pkthuFQLRIH1kE32qr2MKFc59Wr
CtbyPUqNwhzTofyXF7RqqiBhV2rGCAQIYBbqcJc8JOXlyDnb9W5KFghOkAXCW03B
55y6Rujhu9dy+E7GDx3ChjhI6FoxKiP73ZHoXT/PzkOf9eIIF+oxSlhzsFGhvNLW
d6cgsQQWhs4H/w20ICnhf4Z3G21bNNrPVUhyEXUvnwqfrd/n2y+omOkitQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAii9T4ScG+5jQg7ROjeOODDfslYMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvQ0tMMVBoSndiN21OQ0R0RTZONDQ0TU4teVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBk7U+MA8E
AgACMAkDBwIqBJoAERAwDQYJKoZIhvcNAQELBQADggEBAI+E1dOQLcpEB6O8ZwQ6
K8VuZH51Y2T5Tu1pWFRKkClixSv68RcyPEmFGJ43o1LyIM7zH9kFcsHSVa9lBqat
rQP27a+RN20KKzvBWoKgzw3kNQyB6C+Ikt9Fp76MoG1zyChdFaGC426o304/BqbI
55xi/Sl4lZEllFkOeTKihHqgkO7vIn7zS3bERSXQIwROdCagYGVC8kkrE7RRofDN
EWoCP4doO6xMeOdssLgD/g4uaN/tQBIr6XiVPJAWjh0cSi+8LfAa3lEZOXqQuRii
39OmTn8T7V/UKtblxdD2HSfXZZmseJPF4VTAIQjeu1AAWXYepqR5gbt3jx7F8Lqz
sro=
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:15 2024 by rpki-client on console-fra.rpki-client.org