Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/1-T1ysvb4Y7OVyN09_RjzP6496g4.roa
File: 1-T1ysvb4Y7OVyN09_RjzP6496g4.roa (raw, json)
Hash identifier: NSk9o7aW7DC8SBnytDNe+0qvZkr5K2TEFwoVDLkUJgc=
Subject key identifier: F9:3D:72:B2:F6:F8:63:B3:95:C8:DD:3D:FD:18:F3:3F:AE:3D:EA:0E
Certificate issuer: /CN=01bfe882d13e803fc194373ea40d8a5a9e69f304
Certificate serial: 01857070679B5737062A243C4753FB573D7B
Authority key identifier: 01:BF:E8:82:D1:3E:80:3F:C1:94:37:3E:A4:0D:8A:5A:9E:69:F3:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/1-T1ysvb4Y7OVyN09_RjzP6496g4.roa
Signing time: Mon 02 Jan 2023 03:04:52 +0000
ROA not before: Mon 02 Jan 2023 03:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50785
IP address blocks: 185.128.172.0/22 maxlen: 22
81.18.16.0/20 maxlen: 21
185.152.224.0/22 maxlen: 22
5.144.40.0/21 maxlen: 21
2a06:d040::/29 maxlen: 29
2a02:d38::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:67:9b:57:37:06:2a:24:3c:47:53:fb:57:3d:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01bfe882d13e803fc194373ea40d8a5a9e69f304
Validity
Not Before: Jan 2 03:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f93d72b2f6f863b395c8dd3dfd18f33fae3dea0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:61:a5:7b:dd:9f:19:1f:0c:c6:bd:ac:27:2a:
ca:e1:6e:3b:df:79:5d:4f:02:d9:28:69:66:5e:20:
77:3e:61:9d:7e:f8:ee:13:94:71:66:5b:16:12:dd:
65:9d:2e:61:e0:10:81:75:be:8b:67:89:27:51:c7:
c4:af:83:2b:e2:a3:28:c4:8e:a5:77:1b:af:54:64:
6f:b6:89:d9:e4:ab:81:01:11:94:01:64:66:80:40:
7a:bd:1e:6b:cf:23:77:7b:d5:2b:36:8b:50:74:84:
e8:a7:b7:c4:01:cd:e1:71:40:68:85:a1:a4:26:19:
ae:3f:e7:ae:69:c2:dd:9b:9f:7f:50:80:36:8e:c2:
de:87:7e:b6:a9:a3:b8:a0:b3:de:5b:dd:b7:c8:b2:
1d:a3:34:60:87:63:28:14:d2:7c:ad:33:c0:83:44:
f8:0a:dd:ed:0d:df:d3:ce:4a:cf:df:ea:67:c5:55:
52:d5:7a:1b:0a:12:8d:37:da:b5:8e:0d:8f:bd:39:
f8:a5:a3:6b:3d:52:15:8e:13:9b:e6:46:25:9c:56:
bc:e0:54:f4:ac:07:a5:7c:cf:c0:a4:ba:74:40:a8:
8a:86:a7:bc:61:f8:3c:be:ca:59:67:fc:44:19:6d:
6c:38:d2:fa:5f:fc:2d:60:ce:bd:a9:af:99:6e:92:
cc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:3D:72:B2:F6:F8:63:B3:95:C8:DD:3D:FD:18:F3:3F:AE:3D:EA:0E
X509v3 Authority Key Identifier:
keyid:01:BF:E8:82:D1:3E:80:3F:C1:94:37:3E:A4:0D:8A:5A:9E:69:F3:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/1-T1ysvb4Y7OVyN09_RjzP6496g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.40.0/21
81.18.16.0/20
185.128.172.0/22
185.152.224.0/22
IPv6:
2a02:d38::/29
2a06:d040::/29
Signature Algorithm: sha256WithRSAEncryption
70:3d:46:02:52:17:97:e1:13:14:a4:d6:30:9b:62:29:b2:9a:
21:5d:ba:2a:01:7e:39:9a:c2:ee:81:31:6e:b2:0d:b0:55:4a:
69:e1:df:02:42:a6:4f:7e:7a:4f:06:20:a7:05:55:ca:dd:95:
7b:c3:d2:87:8e:70:d2:cf:6f:93:7e:39:13:e3:69:79:b3:39:
56:12:4c:5b:96:22:1e:8a:12:03:0e:cd:c0:ad:86:af:98:a5:
18:19:dc:70:e6:96:aa:46:4f:8c:5d:0f:c9:55:25:f8:10:a7:
6a:08:d1:6c:05:b3:79:03:35:4b:7c:92:ab:42:22:71:01:ad:
de:6b:0c:d3:3b:41:af:cf:b7:78:b0:d8:69:ac:ba:83:50:fc:
0e:47:20:ef:51:fb:20:aa:c3:7d:42:47:9f:65:78:6e:23:a5:
28:70:f7:af:3e:4c:26:31:3a:c4:cf:c3:54:74:26:c7:54:8c:
be:0a:bb:d0:62:5c:bb:7e:65:89:b2:0a:cc:df:73:8a:56:45:
f4:3a:cb:89:74:42:e4:0a:ed:4b:92:b3:86:c4:57:3b:b9:69:
f8:bc:c9:16:16:a6:18:95:95:a6:97:58:59:56:d5:9c:01:90:
36:0e:85:19:04:5f:a6:90:24:8c:81:4d:97:fb:dd:3a:de:1c:
41:07:de:01
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVwcGebVzcGKiQ8R1P7Vz17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYmZlODgyZDEzZTgwM2ZjMTk0MzczZWE0MGQ4YTVhOWU2
OWYzMDQwHhcNMjMwMTAyMDMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTNkNzJiMmY2Zjg2M2IzOTVjOGRkM2RmZDE4ZjMzZmFlM2RlYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGGle92fGR8Mxr2sJyrK4W4733ld
TwLZKGlmXiB3PmGdfvjuE5RxZlsWEt1lnS5h4BCBdb6LZ4knUcfEr4Mr4qMoxI6l
dxuvVGRvtonZ5KuBARGUAWRmgEB6vR5rzyN3e9UrNotQdITop7fEAc3hcUBohaGk
JhmuP+euacLdm59/UIA2jsLeh362qaO4oLPeW923yLIdozRgh2MoFNJ8rTPAg0T4
Ct3tDd/TzkrP3+pnxVVS1XobChKNN9q1jg2PvTn4paNrPVIVjhOb5kYlnFa84FT0
rAelfM/ApLp0QKiKhqe8Yfg8vspZZ/xEGW1sONL6X/wtYM69qa+ZbpLMvwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPk9crL2+GOzlcjdPf0Y8z+uPeoOMB8GA1UdIwQY
MBaAFAG/6ILRPoA/wZQ3PqQNilqeafMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWJfb2d0RS1nRF9CbERjLXBBMktXcDVwOHdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NmMwOGEtZWU1OS00NzcxLWE4ZjIt
MmE1NTM5OWE4MGIwLzEvMS1UMXlzdmI0WTdPVnlOMDlfUmp6UDY0OTZnNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzcvNjZjMDhhLWVlNTktNDc3MS1hOGYyLTJhNTUzOTlhODBi
MC8xL0FiX29ndEUtZ0RfQmxEYy1wQTJLV3A1cDh3US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBHBggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAwWQKAME
BFESEAMEArmArAMEArmY4DAUBAIAAjAOAwUDKgINOAMFAyoG0EAwDQYJKoZIhvcN
AQELBQADggEBAHA9RgJSF5fhExSk1jCbYimymiFduioBfjmawu6BMW6yDbBVSmnh
3wJCpk9+ek8GIKcFVcrdlXvD0oeOcNLPb5N+ORPjaXmzOVYSTFuWIh6KEgMOzcCt
hq+YpRgZ3HDmlqpGT4xdD8lVJfgQp2oI0WwFs3kDNUt8kqtCInEBrd5rDNM7Qa/P
t3iw2GmsuoNQ/A5HIO9R+yCqw31CR59leG4jpShw968+TCYxOsTPw1R0JsdUjL4K
u9BiXLt+ZYmyCszfc4pWRfQ6y4l0QuQK7UuSs4bEVzu5afi8yRYWphiVlaaXWFlW
1ZwBkDYOhRkEX6aQJIyBTZf73TreHEEH3gE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:34 2024 by rpki-client on console-fra.rpki-client.org