Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/6d9ab5-d1ae-449d-a7e9-1f5f94ce35ee/1/_adTZIXMrNTByMD8itM5PDRCAPA.roa
File: _adTZIXMrNTByMD8itM5PDRCAPA.roa (raw, json)
Hash identifier: HLlz9TURVKnEXF/uiXgaRdzhrmMl9XbcerZv1jNVMLA=
Subject key identifier: FD:A7:53:64:85:CC:AC:D4:C1:C8:C0:FC:8A:D3:39:3C:34:42:00:F0
Certificate issuer: /CN=e1085b6248bd72076ab421ffa0e3bfef93565e9d
Certificate serial: 0185707965313D6E230CCD6C16F9BC4563EE
Authority key identifier: E1:08:5B:62:48:BD:72:07:6A:B4:21:FF:A0:E3:BF:EF:93:56:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4QhbYki9cgdqtCH_oOO_75NWXp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/6d9ab5-d1ae-449d-a7e9-1f5f94ce35ee/1/_adTZIXMrNTByMD8itM5PDRCAPA.roa
Signing time: Mon 02 Jan 2023 03:14:42 +0000
ROA not before: Mon 02 Jan 2023 03:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60131
IP address blocks: 185.52.176.0/22 maxlen: 22
46.23.80.0/20 maxlen: 20
2a03:6000::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:65:31:3d:6e:23:0c:cd:6c:16:f9:bc:45:63:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1085b6248bd72076ab421ffa0e3bfef93565e9d
Validity
Not Before: Jan 2 03:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fda7536485ccacd4c1c8c0fc8ad3393c344200f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:14:37:e1:68:32:84:32:03:0c:eb:c6:38:6c:
0c:f4:31:fc:b0:01:d6:a9:ba:ca:09:b2:ba:a3:1d:
8b:03:8e:b0:47:c6:18:04:52:75:1a:47:2c:57:e6:
ba:87:e2:f3:1f:32:c2:29:b9:cd:21:d6:48:66:98:
15:00:29:f3:34:7a:a4:f7:49:09:7a:23:d7:e2:08:
e2:a6:d7:97:88:d5:46:99:76:26:e5:8a:37:c0:72:
6f:14:c4:55:65:ef:11:59:67:df:cb:d3:2f:b5:b3:
21:fb:f2:b8:ae:1e:6b:07:22:58:bc:64:6e:13:fa:
59:a2:46:0e:4d:24:c3:12:5e:73:92:6d:e0:13:37:
8f:d5:65:04:7d:bd:43:51:ad:82:0d:d8:fa:0f:be:
c8:c2:ae:fe:12:3d:ef:59:a0:7f:af:48:11:d8:b9:
a1:14:74:a1:5b:76:40:a7:a2:3a:b5:04:f5:4b:d1:
51:29:bd:dc:7c:eb:60:04:b7:52:46:ae:ac:64:2e:
86:ea:d5:c2:9b:11:41:da:36:cf:35:14:2c:05:14:
a3:b9:79:81:67:b6:e4:d3:ac:92:25:a5:d1:ce:d8:
31:a9:2a:72:c0:6f:3f:99:f2:3a:2e:cd:91:2f:46:
5f:a3:51:8a:3a:a4:ca:7b:9f:12:57:09:e6:c2:63:
41:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A7:53:64:85:CC:AC:D4:C1:C8:C0:FC:8A:D3:39:3C:34:42:00:F0
X509v3 Authority Key Identifier:
keyid:E1:08:5B:62:48:BD:72:07:6A:B4:21:FF:A0:E3:BF:EF:93:56:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4QhbYki9cgdqtCH_oOO_75NWXp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6d9ab5-d1ae-449d-a7e9-1f5f94ce35ee/1/_adTZIXMrNTByMD8itM5PDRCAPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6d9ab5-d1ae-449d-a7e9-1f5f94ce35ee/1/4QhbYki9cgdqtCH_oOO_75NWXp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.80.0/20
185.52.176.0/22
IPv6:
2a03:6000::/29
Signature Algorithm: sha256WithRSAEncryption
86:cd:ab:8c:20:f0:8f:5f:d7:44:5d:36:60:3a:aa:e4:a9:9c:
06:fc:39:a1:81:08:79:85:b3:55:8b:85:6f:50:44:15:73:6e:
33:bb:13:61:60:0b:c6:81:e0:1d:ad:c3:a6:1a:8a:91:4c:74:
c3:22:26:2b:a9:74:7c:75:9c:7d:64:5c:56:25:a1:ca:49:ef:
ee:4d:59:95:f9:f9:c5:a4:72:b1:31:b5:28:82:13:38:9f:9f:
2f:09:51:a3:28:9b:95:e9:bf:34:22:c5:ec:f2:02:75:91:3d:
a9:b1:3c:06:d9:b8:ce:01:4c:65:20:67:92:d7:ba:14:c5:ae:
6b:a9:6e:e2:88:65:89:5a:55:6d:e1:75:b3:65:80:e9:56:a3:
ec:e0:c4:43:8c:29:17:c7:39:c6:a7:c3:90:ae:98:dc:a1:47:
7e:85:63:5c:8f:6b:45:e0:b3:74:68:61:7c:ca:cc:86:e1:75:
f8:81:54:53:ee:37:6f:1e:11:aa:e2:77:9d:e8:03:cc:6c:07:
cc:d4:9f:9a:9a:2f:dc:2b:62:d2:0f:4c:1f:84:e8:7e:53:a6:
ea:69:e3:df:56:c7:d5:0e:2e:a0:46:be:7c:80:5c:1b:78:98:
46:0d:0f:4c:94:83:17:33:78:37:8e:72:02:00:93:6c:fb:8d:
a7:86:41:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVweWUxPW4jDM1sFvm8RWPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMDg1YjYyNDhiZDcyMDc2YWI0MjFmZmEwZTNiZmVmOTM1
NjVlOWQwHhcNMjMwMTAyMDMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGE3NTM2NDg1Y2NhY2Q0YzFjOGMwZmM4YWQzMzkzYzM0NDIwMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthQ34WgyhDIDDOvGOGwM9DH8sAHW
qbrKCbK6ox2LA46wR8YYBFJ1GkcsV+a6h+LzHzLCKbnNIdZIZpgVACnzNHqk90kJ
eiPX4gjipteXiNVGmXYm5Yo3wHJvFMRVZe8RWWffy9MvtbMh+/K4rh5rByJYvGRu
E/pZokYOTSTDEl5zkm3gEzeP1WUEfb1DUa2CDdj6D77Iwq7+Ej3vWaB/r0gR2Lmh
FHShW3ZAp6I6tQT1S9FRKb3cfOtgBLdSRq6sZC6G6tXCmxFB2jbPNRQsBRSjuXmB
Z7bk06ySJaXRztgxqSpywG8/mfI6Ls2RL0Zfo1GKOqTKe58SVwnmwmNB7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP2nU2SFzKzUwcjA/IrTOTw0QgDwMB8GA1UdIwQY
MBaAFOEIW2JIvXIHarQh/6Djv++TVl6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFFoYllraTljZ2RxdENIX29PT183NU5XWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy82ZDlhYjUtZDFhZS00NDlkLWE3ZTkt
MWY1Zjk0Y2UzNWVlLzEvX2FkVFpJWE1yTlRCeU1EOGl0TTVQRFJDQVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy82ZDlhYjUtZDFhZS00NDlkLWE3ZTktMWY1Zjk0Y2UzNWVl
LzEvNFFoYllraTljZ2RxdENIX29PT183NU5XWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELhdQAwQC
uTSwMA0EAgACMAcDBQMqA2AAMA0GCSqGSIb3DQEBCwUAA4IBAQCGzauMIPCPX9dE
XTZgOqrkqZwG/DmhgQh5hbNVi4VvUEQVc24zuxNhYAvGgeAdrcOmGoqRTHTDIiYr
qXR8dZx9ZFxWJaHKSe/uTVmV+fnFpHKxMbUoghM4n58vCVGjKJuV6b80IsXs8gJ1
kT2psTwG2bjOAUxlIGeS17oUxa5rqW7iiGWJWlVt4XWzZYDpVqPs4MRDjCkXxznG
p8OQrpjcoUd+hWNcj2tF4LN0aGF8ysyG4XX4gVRT7jdvHhGq4ned6APMbAfM1J+a
mi/cK2LSD0wfhOh+U6bqaePfVsfVDi6gRr58gFwbeJhGDQ9MlIMXM3g3jnICAJNs
+42nhkH6
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:46 2024 by rpki-client on console.sobornost.net