Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/I5DUwBk6f67eJe28ShDacBk_xb0.roa
File: I5DUwBk6f67eJe28ShDacBk_xb0.roa (raw, json)
Hash identifier: R9dcnMsdnlqBLExA271OrAbKNvKq9jvUcLsWG9ugph4=
Subject key identifier: 23:90:D4:C0:19:3A:7F:AE:DE:25:ED:BC:4A:10:DA:70:19:3F:C5:BD
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01879D49550970CD515897823679B52E28A8
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/I5DUwBk6f67eJe28ShDacBk_xb0.roa
Signing time: Thu 20 Apr 2023 06:10:41 +0000
ROA not before: Thu 20 Apr 2023 06:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.172.20.0/22 maxlen: 24
185.64.100.0/22 maxlen: 24
91.232.136.0/22 maxlen: 24
188.211.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:49:55:09:70:cd:51:58:97:82:36:79:b5:2e:28:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 20 06:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2390d4c0193a7faede25edbc4a10da70193fc5bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:b0:a7:74:68:36:0e:f8:63:47:b7:f7:e1:2a:
e0:d6:fa:8e:40:7d:10:ce:b0:6b:11:b6:db:1d:0e:
c5:32:e4:e1:0b:b1:a2:9f:8e:52:ad:64:47:c3:26:
e6:9e:20:bb:bc:19:59:01:d6:c3:03:9c:f7:30:2b:
28:ca:0d:d4:82:17:10:38:62:6e:bb:c4:ed:4d:e8:
a3:51:5c:a8:29:82:06:8c:54:4c:57:2c:f9:cf:bd:
be:c9:d3:62:62:90:f4:df:23:01:30:1e:ff:67:bb:
67:f4:b8:e9:88:71:e8:d5:a3:9d:ec:4b:87:b7:18:
c0:45:88:10:cc:94:44:4f:f5:53:96:36:00:30:52:
8b:e1:7d:e1:11:42:85:ca:59:9c:62:d6:65:ea:38:
11:2b:b8:dd:9f:d9:a4:f2:aa:91:66:e1:c2:dd:a2:
67:dc:f2:dd:78:5e:a6:e6:d1:09:65:b5:2c:b8:dd:
58:87:4e:dd:e0:2e:fb:3f:84:aa:90:ee:9d:c2:c7:
4a:8e:50:c3:91:38:e5:18:dd:ef:f8:bf:31:d8:46:
66:ef:03:23:f4:e1:c0:f8:9a:5b:c6:2c:d6:01:6d:
a7:aa:ee:51:95:9c:af:83:d3:bc:72:3d:a1:d9:72:
94:fa:56:5c:4b:3f:4c:72:1d:4a:69:25:8d:47:1d:
32:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:90:D4:C0:19:3A:7F:AE:DE:25:ED:BC:4A:10:DA:70:19:3F:C5:BD
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/I5DUwBk6f67eJe28ShDacBk_xb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.136.0/22
185.64.100.0/22
185.172.20.0/22
188.211.252.0/22
Signature Algorithm: sha256WithRSAEncryption
17:49:a8:58:d8:9a:6c:b3:a9:7f:00:5b:22:52:b5:8d:75:1c:
7d:a8:78:72:10:43:58:a1:11:63:1c:94:c6:a1:86:52:92:44:
a6:a2:76:88:ce:4b:2e:46:6a:cb:9c:40:2f:2b:27:65:5c:4c:
9b:8b:24:06:29:9a:4c:14:35:dc:25:76:8a:a2:74:39:7e:e5:
f5:e6:f5:79:2a:92:d6:ef:5b:76:9a:34:a2:56:da:6f:38:45:
fb:0b:d6:f0:7f:ac:07:95:6b:bf:d5:98:65:4a:9b:b0:cd:52:
71:eb:79:0f:29:95:bf:3f:3f:7a:a5:c8:b6:09:41:fc:87:97:
be:3b:b8:16:e5:24:d6:ea:8c:8c:51:be:15:8c:03:ab:d8:4b:
41:5d:15:c5:1e:31:3f:24:9f:3e:80:eb:f7:c0:9c:f9:6c:25:
f4:b7:54:be:fa:73:3e:b4:19:c5:48:63:c1:6c:91:39:59:69:
5e:dd:da:22:13:6f:13:b5:13:92:07:be:71:6a:92:e4:b5:23:
63:4b:84:9b:e7:29:0a:34:c7:d0:83:0e:11:1e:09:f6:2c:24:
34:6f:e4:2a:a6:5c:80:70:3d:5e:45:de:c9:25:5a:cf:4e:01:
3b:75:1f:f8:56:02:7d:7b:37:c6:f1:52:71:1f:88:a6:dd:44:
9a:26:58:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYedSVUJcM1RWJeCNnm1LiioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNDIwMDYxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzkwZDRjMDE5M2E3ZmFlZGUyNWVkYmM0YTEwZGE3MDE5M2ZjNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rCndGg2DvhjR7f34Srg1vqOQH0Q
zrBrEbbbHQ7FMuThC7Gin45SrWRHwybmniC7vBlZAdbDA5z3MCsoyg3UghcQOGJu
u8TtTeijUVyoKYIGjFRMVyz5z72+ydNiYpD03yMBMB7/Z7tn9LjpiHHo1aOd7EuH
txjARYgQzJRET/VTljYAMFKL4X3hEUKFylmcYtZl6jgRK7jdn9mk8qqRZuHC3aJn
3PLdeF6m5tEJZbUsuN1Yh07d4C77P4SqkO6dwsdKjlDDkTjlGN3v+L8x2EZm7wMj
9OHA+JpbxizWAW2nqu5RlZyvg9O8cj2h2XKU+lZcSz9Mch1KaSWNRx0ybQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCOQ1MAZOn+u3iXtvEoQ2nAZP8W9MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvSTVEVXdCazZmNjdlSmUyOFNoRGFjQmtfeGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW+iIAwQC
uUBkAwQCuawUAwQCvNP8MA0GCSqGSIb3DQEBCwUAA4IBAQAXSahY2Jpss6l/AFsi
UrWNdRx9qHhyEENYoRFjHJTGoYZSkkSmonaIzksuRmrLnEAvKydlXEybiyQGKZpM
FDXcJXaKonQ5fuX15vV5KpLW71t2mjSiVtpvOEX7C9bwf6wHlWu/1ZhlSpuwzVJx
63kPKZW/Pz96pci2CUH8h5e+O7gW5STW6oyMUb4VjAOr2EtBXRXFHjE/JJ8+gOv3
wJz5bCX0t1S++nM+tBnFSGPBbJE5WWle3doiE28TtROSB75xapLktSNjS4Sb5ykK
NMfQgw4RHgn2LCQ0b+QqplyAcD1eRd7JJVrPTgE7dR/4VgJ9ezfG8VJxH4im3USa
Jlhm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org