Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/PwRy37tRv6SKqNFiJ-TUhU6sUnY.roa
File: PwRy37tRv6SKqNFiJ-TUhU6sUnY.roa (raw, json)
Hash identifier: KF8H5aXsCHY8tDwDV+bMA9SlVBbru6VYuya0tmOlD3U=
Subject key identifier: 3F:04:72:DF:BB:51:BF:A4:8A:A8:D1:62:27:E4:D4:85:4E:AC:52:76
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 018629B677CC6C0A8FE80720D575CDBDA05D
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/PwRy37tRv6SKqNFiJ-TUhU6sUnY.roa
Signing time: Tue 07 Feb 2023 02:31:09 +0000
ROA not before: Tue 07 Feb 2023 02:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201307
IP address blocks: 155.133.120.0/24 maxlen: 24
2a06:1e00:70::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:29:b6:77:cc:6c:0a:8f:e8:07:20:d5:75:cd:bd:a0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Feb 7 02:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f0472dfbb51bfa48aa8d16227e4d4854eac5276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ed:27:48:c7:64:99:80:05:a0:e9:a6:eb:8c:
20:b5:ff:16:71:54:3b:cb:3f:44:25:ab:c4:77:c8:
c2:33:f4:59:62:22:c9:a1:55:91:71:65:98:87:8d:
e9:dc:38:e7:5c:83:b7:51:62:d6:43:01:70:39:3d:
0a:14:87:69:de:7a:05:ac:43:61:b5:ab:b8:31:48:
c5:ff:a2:4e:b3:2f:51:b7:57:db:47:ff:2d:2f:88:
61:0c:e4:9c:f8:dd:a1:9f:a5:2b:a7:1d:a0:10:68:
ab:0e:08:5d:82:d8:b3:a5:27:a5:17:80:65:d5:38:
c7:c5:13:5b:b0:d3:41:c8:7b:95:a9:80:8b:6d:44:
5e:f2:fa:5f:62:e3:60:f2:4a:6a:4d:9a:ee:64:63:
bf:2d:a2:f9:82:c6:bf:57:2f:03:df:3e:9a:98:5a:
7c:40:82:3d:97:59:41:3e:a9:86:67:78:3a:98:ac:
15:d7:75:78:3a:54:22:25:a6:44:5b:c3:33:27:e3:
ea:1a:76:23:14:91:ca:3f:b3:c0:4d:01:ee:2c:34:
13:47:20:0e:48:23:b3:9f:85:30:99:d2:32:60:d1:
e5:86:51:83:49:3f:35:35:43:26:93:9e:5d:24:5d:
24:d4:dc:84:23:47:c0:55:b0:54:28:16:a1:15:d1:
af:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:04:72:DF:BB:51:BF:A4:8A:A8:D1:62:27:E4:D4:85:4E:AC:52:76
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/PwRy37tRv6SKqNFiJ-TUhU6sUnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.120.0/24
IPv6:
2a06:1e00:70::/48
Signature Algorithm: sha256WithRSAEncryption
62:d4:50:58:eb:f8:01:e5:32:bd:2a:70:cc:50:ae:38:90:bb:
42:29:6a:db:bf:b4:c6:7a:4e:db:51:c8:de:14:c8:cd:8f:d8:
5b:ff:86:29:fd:31:54:98:93:49:b1:32:a3:bf:81:cd:37:d6:
56:9e:3d:51:e6:f0:e7:ba:bb:9a:9e:d8:31:fd:cd:38:e0:bd:
8b:50:67:5d:da:c3:34:8d:8d:68:76:bf:45:f2:52:83:41:10:
92:6d:ce:4f:d2:25:ea:23:a0:82:ce:af:9e:a9:0e:43:f9:4b:
fc:66:e7:e2:8e:24:25:9b:fd:a1:5a:8e:8c:c9:ff:8b:85:81:
21:9f:d5:a0:a2:8a:ec:ea:fc:0d:a9:4b:07:49:8a:80:7f:41:
2e:57:a4:ab:78:59:19:9b:97:ec:a5:42:35:b6:ad:bf:e3:35:
65:35:84:47:35:7c:2a:ca:db:cb:41:bb:c3:44:19:03:1b:0c:
84:72:c7:f4:eb:2d:34:43:8c:c5:4c:78:c8:bb:e5:76:1d:32:
d9:57:e0:a2:bf:2f:62:df:a1:b9:61:f8:15:27:08:7c:1b:dd:
5a:fc:d5:4b:7b:e4:ae:86:8e:5e:28:e7:a8:ef:ba:97:10:37:
74:bf:de:d7:73:7e:ab:88:83:60:a3:b0:f1:a4:88:57:fb:28:
9b:b6:09:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYptnfMbAqP6Acg1XXNvaBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjMwMjA3MDIzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjA0NzJkZmJiNTFiZmE0OGFhOGQxNjIyN2U0ZDQ4NTRlYWM1Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+0nSMdkmYAFoOmm64wgtf8WcVQ7
yz9EJavEd8jCM/RZYiLJoVWRcWWYh43p3DjnXIO3UWLWQwFwOT0KFIdp3noFrENh
tau4MUjF/6JOsy9Rt1fbR/8tL4hhDOSc+N2hn6Urpx2gEGirDghdgtizpSelF4Bl
1TjHxRNbsNNByHuVqYCLbURe8vpfYuNg8kpqTZruZGO/LaL5gsa/Vy8D3z6amFp8
QII9l1lBPqmGZ3g6mKwV13V4OlQiJaZEW8MzJ+PqGnYjFJHKP7PATQHuLDQTRyAO
SCOzn4UwmdIyYNHlhlGDST81NUMmk55dJF0k1NyEI0fAVbBUKBahFdGvGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD8Ect+7Ub+kiqjRYifk1IVOrFJ2MB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvUHdSeTM3dFJ2NlNLcU5GaUotVFVoVTZzVW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAm4V4MA8E
AgACMAkDBwAqBh4AAHAwDQYJKoZIhvcNAQELBQADggEBAGLUUFjr+AHlMr0qcMxQ
rjiQu0Ipatu/tMZ6TttRyN4UyM2P2Fv/hin9MVSYk0mxMqO/gc031laePVHm8Oe6
u5qe2DH9zTjgvYtQZ13awzSNjWh2v0XyUoNBEJJtzk/SJeojoILOr56pDkP5S/xm
5+KOJCWb/aFajozJ/4uFgSGf1aCiiuzq/A2pSwdJioB/QS5XpKt4WRmbl+ylQjW2
rb/jNWU1hEc1fCrK28tBu8NEGQMbDIRyx/TrLTRDjMVMeMi75XYdMtlX4KK/L2Lf
oblh+BUnCHwb3Vr81Ut75K6Gjl4o56jvupcQN3S/3tdzfquIg2CjsPGkiFf7KJu2
CcQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:36:10 2024 by rpki-client on console-ams.rpki-client.org