Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/e_aIC6euRgmEup9wWgeH3ATvd1U.roa
File: e_aIC6euRgmEup9wWgeH3ATvd1U.roa (raw, json)
Hash identifier: l2HqtJzgwX3gz1L/MsuanMhm/fJFek1ef4w+DDBSXY0=
Subject key identifier: 7B:F6:88:0B:A7:AE:46:09:84:BA:9F:70:5A:07:87:DC:04:EF:77:55
Certificate issuer: /CN=4e89bb14e809aff3ec96308bd9ae8651a7e7762a
Certificate serial: 01856EB8F24764EA898873326A70BF6294FA
Authority key identifier: 4E:89:BB:14:E8:09:AF:F3:EC:96:30:8B:D9:AE:86:51:A7:E7:76:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/e_aIC6euRgmEup9wWgeH3ATvd1U.roa
Signing time: Sun 01 Jan 2023 19:04:52 +0000
ROA not before: Sun 01 Jan 2023 19:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52144
IP address blocks: 195.20.144.0/24 maxlen: 24
185.247.152.0/22 maxlen: 24
2a03:e100::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:f2:47:64:ea:89:88:73:32:6a:70:bf:62:94:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e89bb14e809aff3ec96308bd9ae8651a7e7762a
Validity
Not Before: Jan 1 19:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bf6880ba7ae460984ba9f705a0787dc04ef7755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2d:59:3a:1e:8d:75:9b:57:53:e1:b7:a5:c0:
fb:c4:24:00:38:89:30:a7:37:97:26:05:21:e5:b3:
68:a2:1b:9d:84:0b:bf:b7:07:54:2f:6a:37:8f:4f:
59:1c:ae:70:03:a2:7d:e5:5c:97:16:f9:5b:e6:95:
6c:82:c4:be:32:74:07:bd:da:47:d0:dd:d0:82:35:
b0:ec:dd:4b:0a:bf:3d:93:b1:38:f0:bf:16:7d:11:
17:ea:53:cb:1d:d2:24:c5:bc:94:14:2e:21:d9:33:
bc:52:f7:50:04:21:d2:f0:d2:d2:9c:ba:d9:b5:77:
54:b8:b7:6f:9b:20:26:f6:1a:29:0b:1e:88:2f:9c:
76:49:49:3c:ea:88:22:29:c6:35:1c:41:7a:34:cc:
13:60:54:2b:88:8f:4c:bb:6c:68:53:71:6c:ab:bb:
5d:0f:d7:f8:93:f5:1f:ec:6d:9a:0e:7d:af:d3:46:
b1:71:e5:9f:c9:c5:c1:30:3e:4e:b5:4c:42:4f:54:
02:f0:d2:5e:18:e6:9d:e0:47:40:6a:22:14:7f:ec:
99:a5:36:3c:68:37:d9:8f:14:33:eb:db:12:f0:8c:
1b:70:b3:cd:98:98:d3:59:be:f3:ac:51:7d:1e:2d:
89:ea:7d:c0:e8:c5:64:0f:eb:90:59:92:b6:d4:43:
a3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F6:88:0B:A7:AE:46:09:84:BA:9F:70:5A:07:87:DC:04:EF:77:55
X509v3 Authority Key Identifier:
keyid:4E:89:BB:14:E8:09:AF:F3:EC:96:30:8B:D9:AE:86:51:A7:E7:76:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/e_aIC6euRgmEup9wWgeH3ATvd1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.152.0/22
195.20.144.0/24
IPv6:
2a03:e100::/29
Signature Algorithm: sha256WithRSAEncryption
5e:57:ba:36:1f:16:ff:4e:52:aa:60:84:ed:1d:d2:48:fc:8d:
68:77:66:5e:b3:70:58:b5:21:74:03:4a:dc:09:e5:04:6c:bb:
f7:3d:60:4e:0d:87:63:f3:a7:c7:da:62:44:4b:16:b2:fa:48:
55:fd:05:1e:7c:a1:f1:d0:d3:5e:f0:70:d7:d5:3f:3f:c8:f7:
16:ea:91:06:7e:05:0b:c2:6d:88:a2:0b:20:00:5a:82:7b:a3:
86:1f:40:bd:18:f2:e0:3d:47:20:c4:da:0e:66:b2:13:b3:74:
10:31:89:2a:8b:6f:b0:fa:85:e1:16:a1:dc:34:a6:b7:38:c8:
70:9d:b8:4f:ab:d3:11:b2:1a:63:19:db:3e:00:ed:81:7f:16:
63:83:4a:a5:73:26:b6:5e:4d:06:86:14:01:20:42:12:25:46:
80:e1:79:ff:ca:2c:93:75:da:17:31:9a:81:f8:6e:c8:79:b1:
c6:8c:31:fc:94:ef:6c:15:77:8d:24:94:31:a6:04:bf:da:a9:
53:43:c4:41:63:20:c8:fb:15:91:1e:7c:a5:2f:a5:54:e8:7b:
35:5b:5d:59:82:28:bd:d2:06:ce:7e:2e:58:6b:c3:ed:02:f2:
02:5f:e9:76:72:74:a6:8f:aa:b6:65:33:52:ff:d1:d9:d8:a4:
a6:ab:6e:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuuPJHZOqJiHMyanC/YpT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlODliYjE0ZTgwOWFmZjNlYzk2MzA4YmQ5YWU4NjUxYTdl
Nzc2MmEwHhcNMjMwMTAxMTkwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmY2ODgwYmE3YWU0NjA5ODRiYTlmNzA1YTA3ODdkYzA0ZWY3NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzy1ZOh6NdZtXU+G3pcD7xCQAOIkw
pzeXJgUh5bNoohudhAu/twdUL2o3j09ZHK5wA6J95VyXFvlb5pVsgsS+MnQHvdpH
0N3QgjWw7N1LCr89k7E48L8WfREX6lPLHdIkxbyUFC4h2TO8UvdQBCHS8NLSnLrZ
tXdUuLdvmyAm9hopCx6IL5x2SUk86ogiKcY1HEF6NMwTYFQriI9Mu2xoU3Fsq7td
D9f4k/Uf7G2aDn2v00axceWfycXBMD5OtUxCT1QC8NJeGOad4EdAaiIUf+yZpTY8
aDfZjxQz69sS8IwbcLPNmJjTWb7zrFF9Hi2J6n3A6MVkD+uQWZK21EOjYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHv2iAunrkYJhLqfcFoHh9wE73dVMB8GA1UdIwQY
MBaAFE6JuxToCa/z7JYwi9muhlGn53YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZTNjYzgtY2U3NC00ZDU3LTgxOWEt
OWZhMDJjYzI0OGU1LzEvZV9hSUM2ZXVSZ21FdXA5d1dnZUgzQVR2ZDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZTNjYzgtY2U3NC00ZDU3LTgxOWEtOWZhMDJjYzI0OGU1
LzEvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufeYAwQA
wxSQMA0EAgACMAcDBQMqA+EAMA0GCSqGSIb3DQEBCwUAA4IBAQBeV7o2Hxb/TlKq
YITtHdJI/I1od2Zes3BYtSF0A0rcCeUEbLv3PWBODYdj86fH2mJESxay+khV/QUe
fKHx0NNe8HDX1T8/yPcW6pEGfgULwm2IogsgAFqCe6OGH0C9GPLgPUcgxNoOZrIT
s3QQMYkqi2+w+oXhFqHcNKa3OMhwnbhPq9MRshpjGds+AO2BfxZjg0qlcya2Xk0G
hhQBIEISJUaA4Xn/yiyTddoXMZqB+G7IebHGjDH8lO9sFXeNJJQxpgS/2qlTQ8RB
YyDI+xWRHnylL6VU6Hs1W11Zgii90gbOfi5Ya8PtAvICX+l2cnSmj6q2ZTNS/9HZ
2KSmq274
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org