Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/aRcK8H49b3jiz4oIb3YTbzMMmpo.roa
File: aRcK8H49b3jiz4oIb3YTbzMMmpo.roa (raw, json)
Hash identifier: xp6K+RC9THByJso9z1ZTMScmz/qYG6BVqmsS9IlI3SM=
Subject key identifier: 69:17:0A:F0:7E:3D:6F:78:E2:CF:8A:08:6F:76:13:6F:33:0C:9A:9A
Certificate issuer: /CN=8d8740799c91c2630a8092178db824f3a889a75f
Certificate serial: 01856E78E963CBC1AB405E9BBC4081DD7D14
Authority key identifier: 8D:87:40:79:9C:91:C2:63:0A:80:92:17:8D:B8:24:F3:A8:89:A7:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/aRcK8H49b3jiz4oIb3YTbzMMmpo.roa
Signing time: Sun 01 Jan 2023 17:54:55 +0000
ROA not before: Sun 01 Jan 2023 17:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44453
IP address blocks: 144.208.0.0/19 maxlen: 32
144.208.128.0/22 maxlen: 32
144.208.132.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:e9:63:cb:c1:ab:40:5e:9b:bc:40:81:dd:7d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d8740799c91c2630a8092178db824f3a889a75f
Validity
Not Before: Jan 1 17:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69170af07e3d6f78e2cf8a086f76136f330c9a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:85:70:33:bc:1b:08:d9:ac:ab:9c:14:87:c8:
2c:6d:75:37:73:62:fa:0c:24:ae:c4:96:5d:05:e4:
b3:bb:42:a6:1d:03:0b:bc:01:51:69:46:6a:f3:a9:
50:ea:3e:53:65:91:21:64:bb:9b:91:f7:e7:ba:c2:
a0:30:7d:14:2d:ba:d1:83:5a:e5:6a:c7:01:a8:8c:
6d:de:34:92:e9:ae:82:4e:a5:6b:0c:b4:2a:c9:66:
20:25:ac:b9:7b:cc:c5:9a:f4:0f:96:bb:4f:24:44:
a5:63:31:ed:41:c0:a4:05:9a:16:54:97:85:1d:fc:
84:15:d3:1c:91:2b:59:68:f5:c9:4b:a3:71:74:10:
e5:48:97:7e:17:e7:ac:6f:71:f7:4d:75:74:c1:36:
f2:81:6d:a3:b6:21:b4:95:6e:54:46:6f:83:53:c6:
ed:79:e6:4b:d3:b4:c8:a0:fc:e6:ea:e2:10:70:31:
b8:31:05:47:42:e5:5e:52:8b:17:5a:80:38:2e:04:
c5:37:f4:76:d5:df:57:7e:63:ba:95:0f:97:8a:57:
9e:e9:a4:3c:d9:44:f2:bc:67:28:c2:2b:a9:84:a8:
56:1b:d2:7f:69:b5:23:4c:a3:1e:3f:63:a0:cc:33:
38:40:61:b4:9f:32:e2:04:d3:95:fa:f5:8b:29:15:
85:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:17:0A:F0:7E:3D:6F:78:E2:CF:8A:08:6F:76:13:6F:33:0C:9A:9A
X509v3 Authority Key Identifier:
keyid:8D:87:40:79:9C:91:C2:63:0A:80:92:17:8D:B8:24:F3:A8:89:A7:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/aRcK8H49b3jiz4oIb3YTbzMMmpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/jYdAeZyRwmMKgJIXjbgk86iJp18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.0.0/19
144.208.128.0/21
Signature Algorithm: sha256WithRSAEncryption
51:43:97:2f:6f:de:6e:49:cc:32:33:ba:42:06:b8:12:e5:06:
7a:fa:c0:b8:9c:27:17:f2:d2:f0:b9:2d:33:ea:60:10:a4:58:
18:bb:32:39:9d:ff:8b:e9:8b:4e:63:d3:15:6b:b5:8f:0f:14:
17:3a:55:43:c7:27:a2:d0:42:9a:88:d2:e9:17:c8:e9:4e:de:
0a:69:bf:98:eb:35:0e:49:d7:d5:df:b1:0a:e4:d6:28:0d:24:
0a:20:12:88:5d:19:4a:91:e3:f0:f3:06:dd:03:c9:2f:69:2a:
ad:a1:48:96:1b:a8:21:8e:fd:63:e3:53:8a:74:12:de:2c:ee:
4d:b9:54:bf:c7:af:74:7c:2f:e2:0f:9c:7f:1d:cf:66:34:1a:
65:d1:68:11:ca:86:5f:96:c0:3d:30:9e:40:4e:6e:90:c4:c9:
fe:53:ea:70:d4:61:d6:2f:bb:d8:2f:81:1c:36:6c:d6:e5:8a:
93:53:e3:fa:41:1c:6a:ad:9f:d7:95:e5:7c:f7:c5:1d:b0:ae:
da:69:47:cf:f1:a7:ee:88:cb:43:11:bb:05:2a:62:37:54:95:
4a:8a:8e:32:c4:04:eb:57:40:6d:2e:e2:ae:db:1b:93:84:0a:
6b:e3:4d:7c:33:87:c5:32:48:66:e3:63:1b:96:2d:45:7c:1e:
6c:f6:04:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVueOljy8GrQF6bvECB3X0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODc0MDc5OWM5MWMyNjMwYTgwOTIxNzhkYjgyNGYzYTg4
OWE3NWYwHhcNMjMwMTAxMTc1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTE3MGFmMDdlM2Q2Zjc4ZTJjZjhhMDg2Zjc2MTM2ZjMzMGM5YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIVwM7wbCNmsq5wUh8gsbXU3c2L6
DCSuxJZdBeSzu0KmHQMLvAFRaUZq86lQ6j5TZZEhZLubkffnusKgMH0ULbrRg1rl
ascBqIxt3jSS6a6CTqVrDLQqyWYgJay5e8zFmvQPlrtPJESlYzHtQcCkBZoWVJeF
HfyEFdMckStZaPXJS6NxdBDlSJd+F+esb3H3TXV0wTbygW2jtiG0lW5URm+DU8bt
eeZL07TIoPzm6uIQcDG4MQVHQuVeUosXWoA4LgTFN/R21d9XfmO6lQ+Xilee6aQ8
2UTyvGcowiuphKhWG9J/abUjTKMeP2OgzDM4QGG0nzLiBNOV+vWLKRWFbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGkXCvB+PW944s+KCG92E28zDJqaMB8GA1UdIwQY
MBaAFI2HQHmckcJjCoCSF424JPOoiadfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallkQWVaeVJ3bU1LZ0pJWGpiZ2s4NmlKcDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81YjdjOTQtYTYwZC00Mzk5LTk4Mjkt
NTJiODE2NjgyOWQ3LzEvYVJjSzhINDliM2ppejRvSWIzWVRiek1NbXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81YjdjOTQtYTYwZC00Mzk5LTk4MjktNTJiODE2NjgyOWQ3
LzEvallkQWVaeVJ3bU1LZ0pJWGpiZ2s4NmlKcDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFkNAAAwQD
kNCAMA0GCSqGSIb3DQEBCwUAA4IBAQBRQ5cvb95uScwyM7pCBrgS5QZ6+sC4nCcX
8tLwuS0z6mAQpFgYuzI5nf+L6YtOY9MVa7WPDxQXOlVDxyei0EKaiNLpF8jpTt4K
ab+Y6zUOSdfV37EK5NYoDSQKIBKIXRlKkePw8wbdA8kvaSqtoUiWG6ghjv1j41OK
dBLeLO5NuVS/x690fC/iD5x/Hc9mNBpl0WgRyoZflsA9MJ5ATm6QxMn+U+pw1GHW
L7vYL4EcNmzW5YqTU+P6QRxqrZ/XleV898UdsK7aaUfP8afuiMtDEbsFKmI3VJVK
io4yxATrV0BtLuKu2xuThApr4018M4fFMkhm42Mbli1FfB5s9gQG
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:52 2024 by rpki-client on console-ams.rpki-client.org