Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/l4hHXsajKy8VoEe52hf76eOtMPg.roa
File: l4hHXsajKy8VoEe52hf76eOtMPg.roa (raw, json)
Hash identifier: 1LTFSsU+1OeJkA+6wmDO5iPljzRM7SbMv1k2e3Va43o=
Subject key identifier: 97:88:47:5E:C6:A3:2B:2F:15:A0:47:B9:DA:17:FB:E9:E3:AD:30:F8
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 0185EC7D00D9597A62EFFA2EC38F1C1D07E4
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/l4hHXsajKy8VoEe52hf76eOtMPg.roa
Signing time: Thu 26 Jan 2023 05:11:33 +0000
ROA not before: Thu 26 Jan 2023 05:11:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50929
IP address blocks: 178.172.222.0/24 maxlen: 24
178.172.223.0/24 maxlen: 24
93.125.29.0/24 maxlen: 24
178.172.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ec:7d:00:d9:59:7a:62:ef:fa:2e:c3:8f:1c:1d:07:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jan 26 05:11:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9788475ec6a32b2f15a047b9da17fbe9e3ad30f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1c:4e:0c:8b:62:b0:8a:04:fd:7e:45:33:7d:
d0:38:f2:f9:35:de:71:7a:95:93:9d:cf:d6:60:ea:
b3:8d:39:ce:44:1b:1b:e6:a2:88:3e:a8:8d:d3:e6:
7a:cd:74:12:fd:c6:e2:47:59:35:0e:81:4c:98:ca:
27:54:db:fe:33:e6:16:f5:b4:53:34:b2:cc:fd:cb:
c7:d4:58:bc:58:8a:cc:dd:c8:12:1a:e5:00:1c:40:
9e:ba:78:f1:10:be:f8:00:35:1e:a3:13:d3:4b:9e:
c1:13:18:34:6b:03:0a:e8:51:ef:da:20:82:a8:40:
51:46:11:91:fe:50:ba:a3:66:a2:ff:68:60:1f:50:
7d:1f:20:46:fd:c1:19:83:0b:72:7d:49:6c:e4:48:
6d:dd:69:7e:ab:56:4b:01:78:88:27:09:19:e6:03:
06:40:49:92:46:c3:05:b0:34:d2:ee:f2:8b:81:93:
fa:df:a2:7c:57:d2:20:3e:95:9d:7c:8e:d2:25:af:
64:97:51:00:04:5e:c1:3d:14:bf:0e:f5:96:17:81:
76:40:fa:94:e4:21:b0:03:43:ed:b5:a0:50:51:91:
58:ad:42:a1:95:f5:27:09:d3:db:fb:5a:c7:49:e5:
c3:f0:92:f6:6b:0a:13:c5:4f:b9:37:f6:e8:3f:a4:
da:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:88:47:5E:C6:A3:2B:2F:15:A0:47:B9:DA:17:FB:E9:E3:AD:30:F8
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/l4hHXsajKy8VoEe52hf76eOtMPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.125.29.0/24
178.172.191.0/24
178.172.222.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:ec:45:5d:a2:ce:f9:69:c0:b8:7b:5e:b1:50:d1:a5:94:d5:
4b:38:ee:a7:c6:b7:9d:1c:26:8f:93:62:15:c9:14:df:9c:bd:
7b:9a:ea:fe:5d:b1:b8:09:ab:1a:02:18:7d:0d:32:cb:aa:e7:
a7:be:50:c0:e1:cf:8a:f0:de:94:c4:a0:38:f7:d4:30:f3:45:
78:c2:1a:33:3b:aa:b9:77:05:ad:c4:e0:97:f6:5c:b9:cf:39:
56:ef:df:54:c3:2f:09:30:ba:9a:5e:f6:d0:05:87:7b:2f:63:
89:c1:3a:55:28:69:83:42:d0:8e:66:4e:de:07:e6:0d:92:4d:
a8:79:ce:a4:6c:d3:8e:94:42:b4:9b:5b:a2:2e:cb:a6:78:c3:
75:e3:a0:37:95:89:22:a5:c2:28:21:ef:90:f1:f9:a6:95:f5:
88:4b:e8:84:59:7f:46:4d:97:21:3c:8a:f6:22:7c:1d:93:16:
e5:61:d1:e1:0c:4f:f4:69:17:ff:f2:6a:d6:8f:e2:47:2f:4c:
14:14:b4:16:4b:5f:4b:f7:be:f6:21:e4:6c:9f:c9:53:8b:e4:
1c:46:38:c5:cc:80:56:52:0c:61:70:4d:9c:6a:4c:1b:b2:79:
e8:65:8d:f3:4a:9e:8a:5f:e7:d2:c8:4f:5e:66:de:9c:6b:c6:
b0:0d:5f:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXsfQDZWXpi7/ouw48cHQfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjMwMTI2MDUxMTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzg4NDc1ZWM2YTMyYjJmMTVhMDQ3YjlkYTE3ZmJlOWUzYWQzMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBxODItisIoE/X5FM33QOPL5Nd5x
epWTnc/WYOqzjTnORBsb5qKIPqiN0+Z6zXQS/cbiR1k1DoFMmMonVNv+M+YW9bRT
NLLM/cvH1Fi8WIrM3cgSGuUAHECeunjxEL74ADUeoxPTS57BExg0awMK6FHv2iCC
qEBRRhGR/lC6o2ai/2hgH1B9HyBG/cEZgwtyfUls5Eht3Wl+q1ZLAXiIJwkZ5gMG
QEmSRsMFsDTS7vKLgZP636J8V9IgPpWdfI7SJa9kl1EABF7BPRS/DvWWF4F2QPqU
5CGwA0PttaBQUZFYrUKhlfUnCdPb+1rHSeXD8JL2awoTxU+5N/boP6TaUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJeIR17GoysvFaBHudoX++njrTD4MB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvbDRoSFhzYWpLeThWb0VlNTJoZjc2ZU90TVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXX0dAwQA
sqy/AwQBsqzeMA0GCSqGSIb3DQEBCwUAA4IBAQB67EVdos75acC4e16xUNGllNVL
OO6nxredHCaPk2IVyRTfnL17mur+XbG4CasaAhh9DTLLquenvlDA4c+K8N6UxKA4
99Qw80V4whozO6q5dwWtxOCX9ly5zzlW799Uwy8JMLqaXvbQBYd7L2OJwTpVKGmD
QtCOZk7eB+YNkk2oec6kbNOOlEK0m1uiLsumeMN146A3lYkipcIoIe+Q8fmmlfWI
S+iEWX9GTZchPIr2InwdkxblYdHhDE/0aRf/8mrWj+JHL0wUFLQWS19L9772IeRs
n8lTi+QcRjjFzIBWUgxhcE2cakwbsnnoZY3zSp6KX+fSyE9eZt6ca8awDV8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:22 2024 by rpki-client on console-fra.rpki-client.org