Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/aj1zwA9PC7dnTnEu2iKF3x8ma1k.roa
File: aj1zwA9PC7dnTnEu2iKF3x8ma1k.roa (raw, json)
Hash identifier: MQX5Q9as1nTO+G2DLEWPnsjtgje/LakMPEvexidZJmU=
Subject key identifier: 6A:3D:73:C0:0F:4F:0B:B7:67:4E:71:2E:DA:22:85:DF:1F:26:6B:59
Certificate issuer: /CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
Certificate serial: 01856CB8488CADAAD2924424A7FC7BB76E4B
Authority key identifier: E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/aj1zwA9PC7dnTnEu2iKF3x8ma1k.roa
Signing time: Sun 01 Jan 2023 09:44:54 +0000
ROA not before: Sun 01 Jan 2023 09:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 216.247.232.0/22 maxlen: 22
185.217.166.0/24 maxlen: 24
113.30.192.0/21 maxlen: 21
5.183.88.0/22 maxlen: 22
2a10:d502::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:48:8c:ad:aa:d2:92:44:24:a7:fc:7b:b7:6e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
Validity
Not Before: Jan 1 09:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a3d73c00f4f0bb7674e712eda2285df1f266b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:01:ec:74:6b:f5:e6:43:73:b2:ed:25:e9:5d:
10:d2:0c:ea:e3:6e:8a:cd:26:db:3c:d8:a3:18:a2:
58:8f:db:ff:4f:c8:fa:1b:32:e1:8f:e6:4a:3b:1a:
f6:ab:18:7c:bf:f2:dc:33:64:ba:f2:93:a9:14:a8:
c4:f5:d9:44:4d:47:31:49:8b:a5:3a:55:7b:58:0e:
fa:cb:1d:c9:dd:65:44:ca:b0:b9:37:58:ba:c7:e4:
20:c0:8d:0c:27:79:2d:40:ad:57:c7:1c:83:2b:a7:
ad:4e:92:c7:c7:5f:62:f3:14:89:da:e8:1c:01:6d:
2c:9c:71:3a:34:39:69:e9:2e:e6:8b:b6:26:cf:b4:
73:05:41:cf:2c:d4:32:59:d2:b5:54:5f:1f:5a:05:
56:bb:05:88:cf:c1:4d:91:22:78:a2:78:9a:89:41:
16:ff:2d:5c:0a:15:d5:a6:01:a6:a2:f0:b5:8c:a8:
05:d0:35:d6:5c:01:2e:14:20:01:ce:de:81:6d:3e:
c6:1e:2e:52:16:58:0b:4a:d8:36:3c:69:b0:43:83:
04:23:af:70:b1:e3:1c:5d:fa:a3:1b:50:a3:af:a6:
38:33:70:78:cc:02:35:1d:06:c9:f3:a4:dd:9c:36:
c0:20:96:23:6a:4e:76:55:a5:94:87:c3:32:e3:36:
05:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3D:73:C0:0F:4F:0B:B7:67:4E:71:2E:DA:22:85:DF:1F:26:6B:59
X509v3 Authority Key Identifier:
keyid:E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/aj1zwA9PC7dnTnEu2iKF3x8ma1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/5uRoerix623hq9BKB2F8htEYUY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.88.0/22
113.30.192.0/21
185.217.166.0/24
216.247.232.0/22
IPv6:
2a10:d502::/32
Signature Algorithm: sha256WithRSAEncryption
2d:40:90:cf:21:47:f5:ba:f1:ec:d2:e3:8f:0c:8c:63:4e:91:
1e:40:54:8c:12:69:6b:60:f1:0e:d3:51:74:0d:91:75:d2:5f:
59:24:be:40:b2:82:c4:5b:06:d0:01:54:7a:4b:ca:93:1d:8e:
d8:ec:4b:b2:1a:ab:3c:2c:98:01:52:3e:cf:d7:72:f4:d7:8e:
7c:52:ee:79:9a:9c:68:52:ee:e7:71:e9:41:90:0e:a9:f6:ae:
8d:bf:40:45:41:44:fb:96:cf:d0:50:60:a0:74:e5:15:86:9a:
41:cc:09:06:d3:ba:42:2d:21:d7:99:fe:67:ea:39:18:96:84:
b5:3f:37:29:52:05:70:c2:14:bf:b3:73:1a:8e:65:17:ff:31:
dc:7b:ff:67:92:5a:98:c5:bd:49:60:50:12:59:ca:fb:95:bd:
8f:af:48:70:62:3a:8f:58:38:9e:44:55:64:71:ac:8e:b4:5a:
94:d4:09:ad:5d:f4:30:f1:c7:ed:3b:69:03:ef:75:4e:ef:9a:
18:3e:29:8e:b2:05:78:33:c3:a4:12:5a:86:ef:84:a6:97:9e:
5b:cd:f5:29:39:22:07:85:d6:17:e1:ea:14:b9:64:fe:67:e7:
b3:d8:c4:f5:14:30:4d:4b:77:48:64:f3:04:45:8c:0d:57:56:
48:0e:b7:90
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsuEiMrarSkkQkp/x7t25LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZTQ2ODdhYjhiMWViNmRlMWFiZDA0YTA3NjE3Yzg2ZDEx
ODUxOGQwHhcNMjMwMTAxMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTNkNzNjMDBmNGYwYmI3Njc0ZTcxMmVkYTIyODVkZjFmMjY2YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowHsdGv15kNzsu0l6V0Q0gzq426K
zSbbPNijGKJYj9v/T8j6GzLhj+ZKOxr2qxh8v/LcM2S68pOpFKjE9dlETUcxSYul
OlV7WA76yx3J3WVEyrC5N1i6x+QgwI0MJ3ktQK1XxxyDK6etTpLHx19i8xSJ2ugc
AW0snHE6NDlp6S7mi7Ymz7RzBUHPLNQyWdK1VF8fWgVWuwWIz8FNkSJ4oniaiUEW
/y1cChXVpgGmovC1jKgF0DXWXAEuFCABzt6BbT7GHi5SFlgLStg2PGmwQ4MEI69w
seMcXfqjG1Cjr6Y4M3B4zAI1HQbJ86TdnDbAIJYjak52VaWUh8My4zYF6wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGo9c8APTwu3Z05xLtoihd8fJmtZMB8GA1UdIwQY
MBaAFObkaHq4sett4avQSgdhfIbRGFGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMt
MTM4YmJhYWM3ZmUyLzEvYWoxendBOVBDN2RuVG5FdTJpS0YzeDhtYTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMtMTM4YmJhYWM3ZmUy
LzEvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBbdYAwQD
cR7AAwQAudmmAwQC2PfoMA0EAgACMAcDBQAqENUCMA0GCSqGSIb3DQEBCwUAA4IB
AQAtQJDPIUf1uvHs0uOPDIxjTpEeQFSMEmlrYPEO01F0DZF10l9ZJL5AsoLEWwbQ
AVR6S8qTHY7Y7EuyGqs8LJgBUj7P13L01458Uu55mpxoUu7ncelBkA6p9q6Nv0BF
QUT7ls/QUGCgdOUVhppBzAkG07pCLSHXmf5n6jkYloS1PzcpUgVwwhS/s3MajmUX
/zHce/9nklqYxb1JYFASWcr7lb2Pr0hwYjqPWDieRFVkcayOtFqU1AmtXfQw8cft
O2kD73VO75oYPimOsgV4M8OkElqG74Sml55bzfUpOSIHhdYX4eoUuWT+Z+ez2MT1
FDBNS3dIZPMERYwNV1ZIDreQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:42 2024 by rpki-client on console-fra.rpki-client.org