Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/xUkgy1pJoTw86a2VI0C_07Nenzw.roa
File: xUkgy1pJoTw86a2VI0C_07Nenzw.roa (raw, json)
Hash identifier: cuLwm2UGW+zh0xyEpQ6/jMZYSdfMUPI7IwPlUqNDpoo=
Subject key identifier: C5:49:20:CB:5A:49:A1:3C:3C:E9:AD:95:23:40:BF:D3:B3:5E:9F:3C
Certificate issuer: /CN=e7f9a8a239683263e755e12c97d2d7a432d0b377
Certificate serial: 01856D0AB8C13E1D9EEFBB8432F293A35E15
Authority key identifier: E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/xUkgy1pJoTw86a2VI0C_07Nenzw.roa
Signing time: Sun 01 Jan 2023 11:14:57 +0000
ROA not before: Sun 01 Jan 2023 11:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48220
IP address blocks: 217.198.64.0/21 maxlen: 21
217.198.72.0/21 maxlen: 21
2a00:1de8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:b8:c1:3e:1d:9e:ef:bb:84:32:f2:93:a3:5e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f9a8a239683263e755e12c97d2d7a432d0b377
Validity
Not Before: Jan 1 11:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c54920cb5a49a13c3ce9ad952340bfd3b35e9f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:37:87:4b:a9:d5:89:62:b0:4c:47:40:0b:19:
f5:7c:3e:3a:e5:17:22:22:87:a1:57:44:e9:6a:e7:
d5:b3:b7:c4:55:13:ae:d8:6e:79:a5:42:67:22:08:
c7:00:41:67:1e:3d:09:f7:37:af:b1:f0:0a:fd:be:
69:b3:b2:72:72:2c:c0:cb:e3:b3:ab:a2:0f:ab:db:
68:f9:5b:77:98:bd:64:f1:a0:25:3e:7c:da:56:d2:
51:fb:3b:60:cc:ae:cb:0f:43:46:ea:9b:94:aa:02:
92:ed:84:b0:d7:da:14:df:db:07:89:8e:ad:7e:c2:
31:f6:7d:7b:84:42:f9:f2:30:4c:fe:0e:9b:61:60:
01:38:d7:74:10:c0:97:3d:bb:4d:2c:21:f5:a2:93:
64:5e:69:7e:4a:79:43:e5:79:d4:70:23:17:5a:e9:
4c:7e:21:83:b0:f6:7d:e1:00:32:ba:e2:09:5c:42:
f7:99:7c:cc:50:e1:df:c1:84:c0:75:ca:33:06:51:
bb:41:ca:b5:5a:6c:5f:3b:4b:d2:c9:36:14:dc:f7:
1f:28:10:7e:1c:46:c2:e3:f4:8e:a2:12:ac:68:bf:
1a:53:f2:d2:ce:9d:c1:0b:18:ab:0a:b4:b7:05:22:
8d:b0:72:a1:96:bc:46:80:3f:98:ee:d3:6f:dc:46:
2f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:49:20:CB:5A:49:A1:3C:3C:E9:AD:95:23:40:BF:D3:B3:5E:9F:3C
X509v3 Authority Key Identifier:
keyid:E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/xUkgy1pJoTw86a2VI0C_07Nenzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.64.0/20
IPv6:
2a00:1de8::/32
Signature Algorithm: sha256WithRSAEncryption
81:aa:1c:27:94:f7:e6:36:c7:21:e9:56:54:5d:e0:b9:38:0f:
ba:08:4d:2d:48:3c:1f:c6:db:27:bd:cf:ed:02:8c:23:a8:59:
ac:d7:03:9a:00:b0:57:a4:2f:64:a7:48:e2:72:97:9c:59:4f:
b1:43:6b:d5:e9:1d:7c:3a:fb:77:09:70:b1:0c:39:fa:e6:ae:
eb:ab:7d:cf:78:a4:ff:b3:58:94:db:e1:9c:93:7e:4a:d8:81:
ea:c2:d6:f1:d4:cd:97:ee:fa:f7:1c:1b:92:5c:da:60:0c:42:
c1:21:f9:f0:1a:b3:38:55:4c:09:8d:fa:47:f0:67:b2:d7:5f:
56:75:7a:a6:24:47:60:b9:58:15:72:89:85:ed:4e:63:88:7d:
b9:e5:14:c0:17:c7:db:42:9f:15:54:f9:8c:b2:42:57:29:cb:
d0:c9:3a:0e:1d:97:62:b0:64:7c:03:b7:cf:ff:eb:5b:6a:40:
dc:c3:57:ac:53:f7:50:e9:a0:f5:34:3b:0c:48:d2:fe:6a:d5:
50:23:f2:af:b5:ea:4c:44:4d:72:f4:4b:49:27:d3:b6:d8:dd:
1d:55:dd:59:40:71:53:4a:2b:7b:24:9c:5f:6b:90:ef:93:19:
cb:34:9b:ec:9f:33:b9:1c:1a:00:92:8c:ce:8f:59:1b:47:6f:
a5:aa:99:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtCrjBPh2e77uEMvKTo14VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZjlhOGEyMzk2ODMyNjNlNzU1ZTEyYzk3ZDJkN2E0MzJk
MGIzNzcwHhcNMjMwMTAxMTExNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQ5MjBjYjVhNDlhMTNjM2NlOWFkOTUyMzQwYmZkM2IzNWU5ZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTeHS6nViWKwTEdACxn1fD465Rci
IoehV0TpaufVs7fEVROu2G55pUJnIgjHAEFnHj0J9zevsfAK/b5ps7JycizAy+Oz
q6IPq9to+Vt3mL1k8aAlPnzaVtJR+ztgzK7LD0NG6puUqgKS7YSw19oU39sHiY6t
fsIx9n17hEL58jBM/g6bYWABONd0EMCXPbtNLCH1opNkXml+SnlD5XnUcCMXWulM
fiGDsPZ94QAyuuIJXEL3mXzMUOHfwYTAdcozBlG7Qcq1WmxfO0vSyTYU3PcfKBB+
HEbC4/SOohKsaL8aU/LSzp3BCxirCrS3BSKNsHKhlrxGgD+Y7tNv3EYvqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVJIMtaSaE8POmtlSNAv9OzXp88MB8GA1UdIwQY
MBaAFOf5qKI5aDJj51XhLJfS16Qy0LN3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9tb29qbG9NbVBuVmVFc2w5TFhwRExRczNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yNTQ4YTQtNzcxNS00MTM0LTgxMzIt
MmJmMGEzYmNjNGYxLzEveFVrZ3kxcEpvVHc4NmEyVkkwQ18wN05lbnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8yNTQ4YTQtNzcxNS00MTM0LTgxMzItMmJmMGEzYmNjNGYx
LzEvNV9tb29qbG9NbVBuVmVFc2w5TFhwRExRczNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2cZAMA0E
AgACMAcDBQAqAB3oMA0GCSqGSIb3DQEBCwUAA4IBAQCBqhwnlPfmNsch6VZUXeC5
OA+6CE0tSDwfxtsnvc/tAowjqFms1wOaALBXpC9kp0jicpecWU+xQ2vV6R18Ovt3
CXCxDDn65q7rq33PeKT/s1iU2+Gck35K2IHqwtbx1M2X7vr3HBuSXNpgDELBIfnw
GrM4VUwJjfpH8Gey119WdXqmJEdguVgVcomF7U5jiH255RTAF8fbQp8VVPmMskJX
KcvQyToOHZdisGR8A7fP/+tbakDcw1esU/dQ6aD1NDsMSNL+atVQI/KvtepMRE1y
9EtJJ9O22N0dVd1ZQHFTSit7JJxfa5DvkxnLNJvsnzO5HBoAkozOj1kbR2+lqpl4
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:51 2024 by rpki-client on console-ams.rpki-client.org