Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/2e393e-1e5b-4b0f-ba76-a0cfe12f3d51/1/ETxTnOBG-ghklNfJYcrfpsC2YN0.roa
File: ETxTnOBG-ghklNfJYcrfpsC2YN0.roa (raw, json)
Hash identifier: XDVszM+8g1+xp79y50ONC7GA4U8PQloid1EWWtzeyu8=
Subject key identifier: 11:3C:53:9C:E0:46:FA:08:64:94:D7:C9:61:CA:DF:A6:C0:B6:60:DD
Certificate issuer: /CN=8f3dcffca5795a47fcc2e138ce5473e800098295
Certificate serial: 01856E14417E7BC30E1C4EB1B5C33294E32A
Authority key identifier: 8F:3D:CF:FC:A5:79:5A:47:FC:C2:E1:38:CE:54:73:E8:00:09:82:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jz3P_KV5Wkf8wuE4zlRz6AAJgpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/2e393e-1e5b-4b0f-ba76-a0cfe12f3d51/1/ETxTnOBG-ghklNfJYcrfpsC2YN0.roa
Signing time: Sun 01 Jan 2023 16:04:59 +0000
ROA not before: Sun 01 Jan 2023 16:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20574
IP address blocks: 185.119.100.0/22 maxlen: 22
178.21.80.0/21 maxlen: 21
193.108.42.0/23 maxlen: 23
2a03:900::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:41:7e:7b:c3:0e:1c:4e:b1:b5:c3:32:94:e3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3dcffca5795a47fcc2e138ce5473e800098295
Validity
Not Before: Jan 1 16:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=113c539ce046fa086494d7c961cadfa6c0b660dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a6:2d:91:c0:03:cb:fa:9a:cd:c1:33:88:a5:
9c:6e:d4:0c:94:42:a9:5f:00:8e:df:da:0a:3a:49:
03:94:cb:a4:bf:11:4b:b1:54:7a:a7:25:7d:ce:f9:
45:d1:ab:77:7e:5f:3a:4e:e6:a8:26:2e:f6:b1:e5:
f2:ff:b7:60:48:44:5e:34:74:3a:17:53:05:8a:07:
53:e7:3c:d3:25:99:8a:25:5c:ef:ea:af:88:04:c5:
60:63:7c:f3:0b:e4:ec:d4:75:09:39:40:28:55:0f:
f7:7f:af:b1:3d:df:d8:b1:31:34:6b:a1:30:25:84:
83:93:85:1c:95:2b:b8:aa:13:60:23:3e:8d:53:50:
68:de:0b:3e:05:23:87:82:c6:db:0e:65:ad:de:6d:
c6:ac:e4:90:5f:91:e2:09:2a:de:36:1a:0c:0a:75:
d3:ad:5e:d3:fc:00:cd:db:69:5b:c1:19:6d:36:ca:
25:06:da:6f:03:7b:63:f2:22:83:60:57:21:b6:43:
af:6a:ca:46:ea:d0:d7:a1:e4:6b:cb:82:96:03:2a:
6d:5c:51:a7:e0:55:87:f2:05:68:f7:3a:e3:f2:5e:
4c:40:f8:e0:71:c5:8b:66:8a:42:b2:f6:b1:43:8b:
56:eb:a8:d6:b6:47:1f:3d:8e:7e:6a:dd:5c:1f:bf:
1a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:3C:53:9C:E0:46:FA:08:64:94:D7:C9:61:CA:DF:A6:C0:B6:60:DD
X509v3 Authority Key Identifier:
keyid:8F:3D:CF:FC:A5:79:5A:47:FC:C2:E1:38:CE:54:73:E8:00:09:82:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jz3P_KV5Wkf8wuE4zlRz6AAJgpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e393e-1e5b-4b0f-ba76-a0cfe12f3d51/1/ETxTnOBG-ghklNfJYcrfpsC2YN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e393e-1e5b-4b0f-ba76-a0cfe12f3d51/1/jz3P_KV5Wkf8wuE4zlRz6AAJgpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.80.0/21
185.119.100.0/22
193.108.42.0/23
IPv6:
2a03:900::/32
Signature Algorithm: sha256WithRSAEncryption
85:66:18:9b:2a:db:f9:0a:e4:bc:60:ed:6a:61:7e:15:39:47:
6f:14:47:48:08:2a:6f:f1:91:b7:62:d7:51:bf:cc:f5:c5:dc:
97:27:3c:39:34:d7:0b:98:40:65:9c:ba:b1:3d:7b:6b:83:14:
37:9f:0a:fe:14:16:76:a4:a4:36:3e:46:71:4b:53:2d:c2:b1:
9e:0b:22:a9:54:4f:cb:ed:04:fa:63:bd:0f:71:e7:73:54:f8:
cc:29:a0:1b:7d:48:d6:1d:a3:1f:8a:4c:c8:87:fa:b4:95:aa:
39:cf:0b:5e:57:6e:a6:74:18:f9:75:b2:25:b3:fb:34:17:83:
c3:88:b8:e3:fb:23:50:7d:b6:0e:59:64:96:31:1d:29:61:90:
c8:cb:ed:23:7d:0a:f7:1d:1f:12:a3:4e:08:6d:37:45:7f:36:
90:d5:72:16:26:58:d5:66:a6:fc:37:ff:1f:5f:93:2a:88:ef:
1d:91:ec:24:50:a0:9e:9c:06:5d:fa:49:0f:e9:60:75:87:52:
5e:44:38:a6:c1:8b:94:22:39:b4:0b:2b:bc:f7:b7:31:33:29:
3a:1e:91:28:56:5f:56:fd:73:db:6b:c3:ea:d9:fc:5e:0d:ab:
cc:58:af:60:8d:02:de:6b:ae:5b:38:2e:d7:bc:3d:95:f4:ae:
4f:d4:68:83
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuFEF+e8MOHE6xtcMylOMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmM2RjZmZjYTU3OTVhNDdmY2MyZTEzOGNlNTQ3M2U4MDAw
OTgyOTUwHhcNMjMwMTAxMTYwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTNjNTM5Y2UwNDZmYTA4NjQ5NGQ3Yzk2MWNhZGZhNmMwYjY2MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqYtkcADy/qazcEziKWcbtQMlEKp
XwCO39oKOkkDlMukvxFLsVR6pyV9zvlF0at3fl86TuaoJi72seXy/7dgSEReNHQ6
F1MFigdT5zzTJZmKJVzv6q+IBMVgY3zzC+Ts1HUJOUAoVQ/3f6+xPd/YsTE0a6Ew
JYSDk4UclSu4qhNgIz6NU1Bo3gs+BSOHgsbbDmWt3m3GrOSQX5HiCSreNhoMCnXT
rV7T/ADN22lbwRltNsolBtpvA3tj8iKDYFchtkOvaspG6tDXoeRry4KWAyptXFGn
4FWH8gVo9zrj8l5MQPjgccWLZopCsvaxQ4tW66jWtkcfPY5+at1cH78alQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBE8U5zgRvoIZJTXyWHK36bAtmDdMB8GA1UdIwQY
MBaAFI89z/yleVpH/MLhOM5Uc+gACYKVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanozUF9LVjVXa2Y4d3VFNHpsUno2QUFKZ3BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8yZTM5M2UtMWU1Yi00YjBmLWJhNzYt
YTBjZmUxMmYzZDUxLzEvRVR4VG5PQkctZ2hrbE5mSlljcmZwc0MyWU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8yZTM5M2UtMWU1Yi00YjBmLWJhNzYtYTBjZmUxMmYzZDUx
LzEvanozUF9LVjVXa2Y4d3VFNHpsUno2QUFKZ3BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDshVQAwQC
uXdkAwQBwWwqMA0EAgACMAcDBQAqAwkAMA0GCSqGSIb3DQEBCwUAA4IBAQCFZhib
Ktv5CuS8YO1qYX4VOUdvFEdICCpv8ZG3YtdRv8z1xdyXJzw5NNcLmEBlnLqxPXtr
gxQ3nwr+FBZ2pKQ2PkZxS1MtwrGeCyKpVE/L7QT6Y70PcedzVPjMKaAbfUjWHaMf
ikzIh/q0lao5zwteV26mdBj5dbIls/s0F4PDiLjj+yNQfbYOWWSWMR0pYZDIy+0j
fQr3HR8So04IbTdFfzaQ1XIWJljVZqb8N/8fX5MqiO8dkewkUKCenAZd+kkP6WB1
h1JeRDimwYuUIjm0Cyu897cxMyk6HpEoVl9W/XPba8Pq2fxeDavMWK9gjQLea65b
OC7XvD2V9K5P1GiD
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:48 2024 by rpki-client on console-ams.rpki-client.org