Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/1-NiEl8Hs6zFYVG_-2_7TN1o03xo.roa
File: 1-NiEl8Hs6zFYVG_-2_7TN1o03xo.roa (raw, json)
Hash identifier: uFaus9Qq2P4Sja2BiyAoEKIom8DboLA9L0Vda7APU2w=
Subject key identifier: F8:D8:84:97:C1:EC:EB:31:58:54:6F:FE:DB:FE:D3:37:5A:34:DF:1A
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 018A4649511E0BEE3117047DF9CFC36EAA1E
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/1-NiEl8Hs6zFYVG_-2_7TN1o03xo.roa
Signing time: Wed 30 Aug 2023 11:52:04 +0000
ROA not before: Wed 30 Aug 2023 11:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15557
IP address blocks: 143.196.125.0/24 maxlen: 24
143.196.124.0/24 maxlen: 24
143.196.126.0/24 maxlen: 24
143.196.127.0/24 maxlen: 24
143.196.130.0/24 maxlen: 24
143.196.144.0/24 maxlen: 24
143.196.143.0/24 maxlen: 24
143.196.159.0/24 maxlen: 24
143.196.158.0/24 maxlen: 24
143.196.250.0/24 maxlen: 24
143.196.252.0/24 maxlen: 24
143.196.253.0/24 maxlen: 24
143.196.160.0/24 maxlen: 24
143.196.161.0/24 maxlen: 24
143.196.166.0/24 maxlen: 24
143.196.163.0/24 maxlen: 24
143.196.162.0/24 maxlen: 24
143.196.165.0/24 maxlen: 24
143.196.164.0/24 maxlen: 24
143.196.167.0/24 maxlen: 24
143.196.0.0/24 maxlen: 24
143.196.1.0/24 maxlen: 24
143.196.17.0/24 maxlen: 24
143.196.16.0/24 maxlen: 24
143.196.20.0/24 maxlen: 24
143.196.21.0/24 maxlen: 24
143.196.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:49:51:1e:0b:ee:31:17:04:7d:f9:cf:c3:6e:aa:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Aug 30 11:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8d88497c1eceb3158546ffedbfed3375a34df1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7b:37:32:48:6f:98:ab:8b:29:74:87:6c:2d:
2c:54:1f:af:38:91:73:5b:bd:43:60:91:e0:ac:63:
a2:46:b2:87:d5:25:b9:ea:70:ad:14:16:3b:c3:d9:
1d:12:e5:12:8f:12:d1:8f:45:99:e3:d4:72:5a:eb:
99:e8:9e:71:a3:62:62:65:16:bb:82:4a:8a:62:7c:
3a:ae:f6:1c:96:a8:40:87:16:d9:e4:ad:42:0d:70:
5e:b0:ab:2b:e1:17:21:44:24:ab:ba:9a:1f:c0:ae:
b7:f0:6e:ed:af:21:45:6a:b2:7c:2a:ed:82:5c:e1:
9d:16:95:3e:0f:44:09:44:85:12:cf:63:df:a0:5c:
e3:f2:5d:9a:37:60:22:b6:77:d3:86:0c:74:40:1d:
67:c1:57:89:aa:f9:09:ec:63:38:8e:be:40:1a:8d:
f1:44:ba:ac:b8:4b:11:d6:99:59:3d:20:1e:f5:85:
cc:67:e7:88:bd:00:fb:41:6d:b6:28:66:61:c4:83:
8e:13:13:cf:30:26:4b:e1:1c:a3:ca:19:c3:78:8c:
5a:86:e6:5b:69:15:08:66:b6:6f:a9:eb:c6:d8:a3:
b4:f1:90:0e:c2:bb:c9:6f:74:e6:ad:34:2f:8b:9f:
d9:95:57:c3:af:18:0e:e2:91:39:5d:04:66:99:0c:
0b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D8:84:97:C1:EC:EB:31:58:54:6F:FE:DB:FE:D3:37:5A:34:DF:1A
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/1-NiEl8Hs6zFYVG_-2_7TN1o03xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.0.0/23
143.196.16.0-143.196.18.255
143.196.20.0/23
143.196.124.0/22
143.196.130.0/24
143.196.143.0-143.196.144.255
143.196.158.0-143.196.167.255
143.196.250.0/24
143.196.252.0/23
Signature Algorithm: sha256WithRSAEncryption
35:7c:9b:b8:fc:45:c0:9b:65:8d:4c:97:76:c2:a9:9d:d5:13:
3a:7d:dd:0b:bc:ce:48:74:16:19:4a:fa:f4:d8:be:e3:93:e7:
eb:93:59:4c:44:0e:e4:75:99:7a:a4:67:dd:16:55:66:c4:d7:
a6:ad:06:ab:d0:17:5f:fb:79:81:de:26:cd:af:a9:50:b9:9a:
8d:c5:b8:23:94:99:08:91:5a:85:40:d4:e9:d8:0f:5d:da:18:
08:f4:b9:8d:1b:8d:b9:19:0c:5e:1e:1e:8a:82:25:e0:c6:83:
a7:1e:32:66:d1:d2:31:01:1b:99:14:d8:0c:12:7e:92:7e:77:
11:7f:15:6b:70:00:5a:79:5a:6d:2a:88:00:61:ce:ba:50:d5:
0a:f7:a0:11:8c:d2:b7:ba:92:52:d9:18:60:a7:eb:3d:ca:32:
6e:16:d4:78:00:a3:e4:4c:db:6a:43:a5:59:7a:6d:a1:cd:f8:
05:ee:f7:1e:55:0c:4e:3b:da:fd:71:ad:8a:cb:63:f7:23:64:
3b:38:95:d7:fb:3f:18:bf:db:b3:d1:c3:d5:cc:e6:63:1e:1c:
31:e7:d7:62:2c:45:bc:e4:14:78:af:b9:ee:55:f3:d9:83:48:
86:18:9b:4a:9c:63:7e:f2:e0:6d:52:b3:fa:28:82:72:9b:29:
c6:47:01:01
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYpGSVEeC+4xFwR9+c/DbqoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4
ZTI0YTYwHhcNMjMwODMwMTE1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGQ4ODQ5N2MxZWNlYjMxNTg1NDZmZmVkYmZlZDMzNzVhMzRkZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXs3MkhvmKuLKXSHbC0sVB+vOJFz
W71DYJHgrGOiRrKH1SW56nCtFBY7w9kdEuUSjxLRj0WZ49RyWuuZ6J5xo2JiZRa7
gkqKYnw6rvYclqhAhxbZ5K1CDXBesKsr4RchRCSrupofwK638G7tryFFarJ8Ku2C
XOGdFpU+D0QJRIUSz2PfoFzj8l2aN2AitnfThgx0QB1nwVeJqvkJ7GM4jr5AGo3x
RLqsuEsR1plZPSAe9YXMZ+eIvQD7QW22KGZhxIOOExPPMCZL4RyjyhnDeIxahuZb
aRUIZrZvqevG2KO08ZAOwrvJb3TmrTQvi5/ZlVfDrxgO4pE5XQRmmQwLLQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPjYhJfB7OsxWFRv/tv+0zdaNN8aMB8GA1UdIwQY
MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt
N2EwYjE0NWNmNjJiLzEvMS1OaUVsOEhzNnpGWVZHXy0yXzdUTjFvMDN4by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWMvZGNkM2I3LTdjYzAtNGM0OS1iYWIzLTdhMGIxNDVjZjYy
Yi8xL2lCdlJRQ2trN0Nwa1RvOVU1cGxNdEt5T0pLWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAY/EADAM
AwQEj8QQAwQAj8QSAwQBj8QUAwQCj8R8AwQAj8SCMAwDBACPxI8DBACPxJAwDAME
AY/EngMEA4/EoAMEAI/E+gMEAY/E/DANBgkqhkiG9w0BAQsFAAOCAQEANXybuPxF
wJtljUyXdsKpndUTOn3dC7zOSHQWGUr69Ni+45Pn65NZTEQO5HWZeqRn3RZVZsTX
pq0Gq9AXX/t5gd4mza+pULmajcW4I5SZCJFahUDU6dgPXdoYCPS5jRuNuRkMXh4e
ioIl4MaDpx4yZtHSMQEbmRTYDBJ+kn53EX8Va3AAWnlabSqIAGHOulDVCvegEYzS
t7qSUtkYYKfrPcoybhbUeACj5EzbakOlWXptoc34Be73HlUMTjva/XGtistj9yNk
OziV1/s/GL/bs9HD1czmYx4cMefXYixFvOQUeK+57lXz2YNIhhibSpxjfvLgbVKz
+iiCcpspxkcBAQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:36 2024 by rpki-client on console-fra.rpki-client.org