Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/_ch-uDlgXQLZe_66S1igjSEFKWU.roa
File: _ch-uDlgXQLZe_66S1igjSEFKWU.roa (raw, json)
Hash identifier: 5DMI6GA+q7vdw6QIj3HWVu0ibStV1igs53oh40JbrPk=
Subject key identifier: FD:C8:7E:B8:39:60:5D:02:D9:7B:FE:BA:4B:58:A0:8D:21:05:29:65
Certificate issuer: /CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Certificate serial: 018570E7581C330C71C83090626EA6CAEBF7
Authority key identifier: 3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/_ch-uDlgXQLZe_66S1igjSEFKWU.roa
Signing time: Mon 02 Jan 2023 05:14:47 +0000
ROA not before: Mon 02 Jan 2023 05:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 185.150.172.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:58:1c:33:0c:71:c8:30:90:62:6e:a6:ca:eb:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Validity
Not Before: Jan 2 05:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdc87eb839605d02d97bfeba4b58a08d21052965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d5:76:0d:56:16:be:ab:83:5e:47:25:29:a4:
4d:d2:86:24:7f:76:b4:01:90:4c:47:ec:60:db:54:
e9:90:73:e5:b6:5d:ef:4c:e5:77:21:f4:a2:5e:d7:
72:2e:8a:57:af:81:f7:a8:2a:86:c8:da:a6:bb:9e:
bc:67:34:e2:a0:18:34:ac:d6:c3:1b:b5:ac:4f:f2:
d5:09:96:71:6b:ab:b4:55:34:c5:69:10:ef:82:9e:
7e:d7:5b:bc:0d:65:77:8e:f2:48:d3:b8:57:25:dc:
4a:a1:a1:df:40:e4:9b:f4:ea:98:ba:3a:b4:75:9a:
b3:fc:d6:93:c8:cb:44:f1:d5:79:62:91:77:92:f1:
66:27:d3:35:d6:fe:50:d7:86:22:66:5f:3c:80:da:
b9:da:cd:c5:e7:9e:f6:ac:ce:63:92:02:08:d1:49:
24:51:3a:2c:7c:9e:fc:de:a0:f6:f2:83:0c:6b:61:
56:f0:86:7c:3c:f2:e2:38:b9:19:b4:df:2d:a2:7f:
10:b6:02:aa:e1:80:bd:49:86:81:32:50:5b:51:19:
c5:df:34:20:7f:4c:97:fa:1e:ba:60:02:a8:24:1b:
05:56:de:ec:32:c9:fb:e9:0c:d0:70:61:c3:d9:c9:
05:59:8e:cc:a8:60:d0:65:c5:fb:1c:f7:12:93:ec:
ad:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C8:7E:B8:39:60:5D:02:D9:7B:FE:BA:4B:58:A0:8D:21:05:29:65
X509v3 Authority Key Identifier:
keyid:3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/_ch-uDlgXQLZe_66S1igjSEFKWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/PFaMWdeoMZnDp56g6DdblG7YhOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.172.0/22
Signature Algorithm: sha256WithRSAEncryption
28:bc:95:7f:f5:7f:b8:43:a8:bb:91:f6:ec:57:a0:3f:22:60:
4f:f6:08:46:2b:e5:80:a0:1e:78:5e:23:91:07:d0:b8:3e:2b:
9f:43:82:5a:74:52:1b:aa:9b:78:69:28:2b:e9:24:5e:46:b6:
03:46:b4:1f:b4:7d:42:b8:1e:11:ad:4c:4f:61:f2:6e:5a:e6:
c4:97:b1:cc:4a:78:bf:b0:e8:51:0a:74:b0:a0:4e:cd:3d:79:
e1:37:b2:45:e2:19:ca:02:fb:7e:ac:71:82:57:07:f0:39:7f:
37:a2:29:b2:0f:62:2e:f7:df:fc:50:5c:4e:81:39:0c:9b:06:
de:2f:14:f7:89:86:18:77:24:dd:21:bb:ec:ff:64:62:b1:11:
da:b8:5b:f4:cf:17:8e:56:91:36:e1:26:7d:a5:07:c2:fc:05:
28:1a:eb:9c:0b:b6:c5:ec:dd:e5:91:46:4c:25:42:22:45:b7:
c9:88:49:a8:36:76:bf:d3:8c:57:fe:15:44:0c:7c:f6:33:cb:
a4:7c:52:3e:eb:09:14:35:44:8f:d1:4b:00:97:d2:d0:d2:29:
d1:45:f6:a5:d1:e1:8d:9e:0b:8c:33:77:3a:04:da:95:00:e5:
03:d4:ab:7a:f4:84:74:9b:0a:1f:96:95:dd:1d:8c:b8:2c:74:
d6:fc:27:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw51gcMwxxyDCQYm6myuv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTY4YzU5ZDdhODMxOTljM2E3OWVhMGU4Mzc1Yjk0NmVk
ODg0ZTIwHhcNMjMwMTAyMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGM4N2ViODM5NjA1ZDAyZDk3YmZlYmE0YjU4YTA4ZDIxMDUyOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39V2DVYWvquDXkclKaRN0oYkf3a0
AZBMR+xg21TpkHPltl3vTOV3IfSiXtdyLopXr4H3qCqGyNqmu568ZzTioBg0rNbD
G7WsT/LVCZZxa6u0VTTFaRDvgp5+11u8DWV3jvJI07hXJdxKoaHfQOSb9OqYujq0
dZqz/NaTyMtE8dV5YpF3kvFmJ9M11v5Q14YiZl88gNq52s3F5572rM5jkgII0Ukk
UTosfJ783qD28oMMa2FW8IZ8PPLiOLkZtN8ton8QtgKq4YC9SYaBMlBbURnF3zQg
f0yX+h66YAKoJBsFVt7sMsn76QzQcGHD2ckFWY7MqGDQZcX7HPcSk+ytEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3Ifrg5YF0C2Xv+uktYoI0hBSllMB8GA1UdIwQY
MBaAFDxWjFnXqDGZw6eeoOg3W5Ru2ITiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQt
NWUzN2U3ZjNmMTVkLzEvX2NoLXVEbGdYUUxaZV82NlMxaWdqU0VGS1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQtNWUzN2U3ZjNmMTVk
LzEvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZasMA0G
CSqGSIb3DQEBCwUAA4IBAQAovJV/9X+4Q6i7kfbsV6A/ImBP9ghGK+WAoB54XiOR
B9C4PiufQ4JadFIbqpt4aSgr6SReRrYDRrQftH1CuB4RrUxPYfJuWubEl7HMSni/
sOhRCnSwoE7NPXnhN7JF4hnKAvt+rHGCVwfwOX83oimyD2Iu99/8UFxOgTkMmwbe
LxT3iYYYdyTdIbvs/2RisRHauFv0zxeOVpE24SZ9pQfC/AUoGuucC7bF7N3lkUZM
JUIiRbfJiEmoNna/04xX/hVEDHz2M8ukfFI+6wkUNUSP0UsAl9LQ0inRRfal0eGN
nguMM3c6BNqVAOUD1Kt69IR0mwoflpXdHYy4LHTW/Ccv
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org