Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/U1D7u2odX330D9SO4_MkebSsrGo.roa
File: U1D7u2odX330D9SO4_MkebSsrGo.roa (raw, json)
Hash identifier: P3f6HwZXONkL+9W5LC++Gx9s9OHFXQ9zJE73ZBfe9O4=
Subject key identifier: 53:50:FB:BB:6A:1D:5F:7D:F4:0F:D4:8E:E3:F3:24:79:B4:AC:AC:6A
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 018963F7CED7B7DC206BE53B4474A00060B3
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/U1D7u2odX330D9SO4_MkebSsrGo.roa
Signing time: Mon 17 Jul 2023 13:08:51 +0000
ROA not before: Mon 17 Jul 2023 13:08:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 90.156.230.0/24 maxlen: 24
188.225.31.0/24 maxlen: 24
217.151.230.0/24 maxlen: 24
185.247.17.0/24 maxlen: 24
2a03:6f06::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:f7:ce:d7:b7:dc:20:6b:e5:3b:44:74:a0:00:60:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jul 17 13:08:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5350fbbb6a1d5f7df40fd48ee3f32479b4acac6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:63:ca:54:62:7f:12:c4:c1:39:4d:65:4a:89:
70:1f:8e:9c:61:32:0e:94:59:d3:84:ea:c2:81:e6:
50:73:74:ab:6d:2d:29:1e:27:f9:21:5b:4f:f6:f6:
05:52:2b:b4:95:d9:88:9c:4c:58:bb:a3:51:5f:88:
9c:41:81:cb:e0:4b:f5:52:8d:62:45:51:d4:4d:7c:
46:69:ce:7d:b7:dd:57:77:56:ff:cc:0d:a9:fa:a5:
f5:74:0c:75:e3:fd:b9:3f:fc:51:fe:5c:ba:f3:39:
a1:a8:84:e6:d5:ad:a6:a6:73:9f:d7:b7:46:03:ef:
ae:70:c0:eb:ed:5b:8d:00:ae:1d:32:65:58:5b:5b:
81:e9:ca:47:4f:41:27:0d:8e:5a:da:69:16:ab:ee:
b3:14:bf:97:54:bd:b7:b0:23:b7:ba:8a:3d:b1:2a:
39:96:a0:5a:f8:ba:b5:e2:0f:ad:0a:ea:ff:8b:96:
99:98:e7:d8:9b:2b:33:f6:5d:ec:94:50:70:44:65:
56:3f:9c:0d:d8:0b:7f:bb:3c:df:76:a7:21:c1:3a:
6a:0b:24:15:4e:d4:71:75:99:1b:c3:c0:b9:ad:6a:
72:f4:7d:3c:0d:39:98:06:1c:cd:40:d4:9d:0d:03:
ba:de:4f:da:5e:80:0e:95:42:fe:c3:4e:cc:f4:bb:
ca:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:50:FB:BB:6A:1D:5F:7D:F4:0F:D4:8E:E3:F3:24:79:B4:AC:AC:6A
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/U1D7u2odX330D9SO4_MkebSsrGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.156.230.0/24
185.247.17.0/24
188.225.31.0/24
217.151.230.0/24
IPv6:
2a03:6f06::/32
Signature Algorithm: sha256WithRSAEncryption
95:27:ba:bc:09:b7:d7:cc:e7:75:88:6b:ce:b5:81:c5:36:49:
d4:9a:17:53:98:56:9d:a1:cd:86:e0:c1:96:22:2a:57:25:97:
dd:01:ad:f3:65:ea:f1:25:c3:bd:92:7f:db:d3:bd:11:28:23:
33:65:6e:f9:33:28:6b:26:a2:a4:6d:7d:d6:5f:3e:10:10:58:
4f:2c:4d:69:2b:9c:14:9f:79:32:fc:b6:38:5e:e5:be:fc:54:
43:3a:38:f5:07:00:5e:b7:21:b5:d8:d1:d0:dc:44:0d:4d:f9:
46:49:44:5c:19:a5:92:cf:5d:df:d7:88:fb:29:d7:dd:35:e0:
1d:af:c3:18:ae:a1:dc:73:f0:8c:66:52:6a:16:7d:37:36:91:
98:d5:ad:65:c6:b7:cf:cf:4c:bc:b8:03:03:db:0b:49:8c:a6:
0b:57:78:d8:ae:a9:a0:85:9c:61:af:1a:5a:48:d1:1b:89:51:
23:e2:b6:2b:0a:65:0d:c3:c4:34:f7:5b:5c:5a:c5:77:1b:4a:
fb:91:59:80:4b:da:d0:5a:a9:0f:fd:ad:7b:66:e0:e7:49:5a:
39:62:11:ba:5f:a9:ca:3a:55:b5:98:f6:7b:1f:d4:24:66:b3:
e9:1d:43:24:a2:33:ea:bf:7d:ff:8d:6e:89:d0:f8:fe:14:b2:
ba:ab:b9:50
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYlj987Xt9wga+U7RHSgAGCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwNzE3MTMwODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUwZmJiYjZhMWQ1ZjdkZjQwZmQ0OGVlM2YzMjQ3OWI0YWNhYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWPKVGJ/EsTBOU1lSolwH46cYTIO
lFnThOrCgeZQc3SrbS0pHif5IVtP9vYFUiu0ldmInExYu6NRX4icQYHL4Ev1Uo1i
RVHUTXxGac59t91Xd1b/zA2p+qX1dAx14/25P/xR/ly68zmhqITm1a2mpnOf17dG
A++ucMDr7VuNAK4dMmVYW1uB6cpHT0EnDY5a2mkWq+6zFL+XVL23sCO3uoo9sSo5
lqBa+Lq14g+tCur/i5aZmOfYmysz9l3slFBwRGVWP5wN2At/uzzfdqchwTpqCyQV
TtRxdZkbw8C5rWpy9H08DTmYBhzNQNSdDQO63k/aXoAOlUL+w07M9LvK8QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFNQ+7tqHV999A/UjuPzJHm0rKxqMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvVTFEN3Uyb2RYMzMwRDlTTzRfTWtlYlNzckdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAWpzmAwQA
ufcRAwQAvOEfAwQA2ZfmMA0EAgACMAcDBQAqA28GMA0GCSqGSIb3DQEBCwUAA4IB
AQCVJ7q8CbfXzOd1iGvOtYHFNknUmhdTmFadoc2G4MGWIipXJZfdAa3zZerxJcO9
kn/b070RKCMzZW75MyhrJqKkbX3WXz4QEFhPLE1pK5wUn3ky/LY4XuW+/FRDOjj1
BwBetyG12NHQ3EQNTflGSURcGaWSz13f14j7KdfdNeAdr8MYrqHcc/CMZlJqFn03
NpGY1a1lxrfPz0y8uAMD2wtJjKYLV3jYrqmghZxhrxpaSNEbiVEj4rYrCmUNw8Q0
91tcWsV3G0r7kVmAS9rQWqkP/a17ZuDnSVo5YhG6X6nKOlW1mPZ7H9QkZrPpHUMk
ojPqv33/jW6J0Pj+FLK6q7lQ
Generated at Tue Oct 10 09:48:04 2023 by rpki-client on console-ams.rpki-client.org