Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/4CBLR318XFnVCYi0NnE6OKycOrI.roa
File: 4CBLR318XFnVCYi0NnE6OKycOrI.roa (raw, json)
Hash identifier: 3hkOe+wBupYBOJk+oq15ArvepW23b8jgR/BbOnAnvf0=
Subject key identifier: E0:20:4B:47:7D:7C:5C:59:D5:09:88:B4:36:71:3A:38:AC:9C:3A:B2
Certificate issuer: /CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Certificate serial: 01872CD8F75F798D1CF397C2030141952D4E
Authority key identifier: 70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/4CBLR318XFnVCYi0NnE6OKycOrI.roa
Signing time: Wed 29 Mar 2023 10:10:29 +0000
ROA not before: Wed 29 Mar 2023 10:10:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30768
IP address blocks: 193.19.82.0/23 maxlen: 24
194.165.0.0/24 maxlen: 24
194.165.0.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:d8:f7:5f:79:8d:1c:f3:97:c2:03:01:41:95:2d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Validity
Not Before: Mar 29 10:10:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0204b477d7c5c59d50988b436713a38ac9c3ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f3:64:5f:cc:ef:5f:93:13:3d:fa:65:d2:64:
a7:b0:88:40:41:99:60:dc:22:66:60:a6:5c:aa:75:
bf:7f:5c:a2:12:46:6f:ab:bd:fc:b5:49:e2:b6:fb:
07:95:75:c4:d8:37:80:23:91:86:2d:ae:93:26:74:
d3:dc:f5:5e:17:70:d5:8c:e3:17:08:74:d8:ac:2d:
6d:bd:50:87:a6:58:b2:c8:c7:c4:1c:43:ae:79:29:
54:37:d3:71:19:af:23:1a:2b:a6:8e:15:14:cd:c0:
8c:ba:45:e6:67:5a:92:01:fe:b3:e4:30:4a:d6:89:
e2:35:00:0e:96:85:5d:a3:69:d3:67:e4:86:ec:5d:
53:6d:c9:24:fa:be:1c:8a:1e:a3:f6:6e:05:1d:51:
d1:04:54:70:15:b1:b1:62:5c:47:fe:24:99:20:83:
b0:78:76:4f:5f:93:30:c6:63:e3:a7:35:0f:42:37:
d1:9a:ed:11:12:87:48:32:59:9d:c5:29:f9:f8:68:
d1:14:85:1d:37:88:ab:b0:5e:d6:4d:cb:fb:6f:8d:
8e:13:19:2c:db:87:1b:e9:80:7f:6c:c1:ec:d6:9c:
28:6b:09:f2:61:56:a0:43:04:78:39:3c:98:c4:91:
ca:5b:e5:fd:c6:97:c1:f6:d8:3a:d4:d4:29:33:06:
fa:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:20:4B:47:7D:7C:5C:59:D5:09:88:B4:36:71:3A:38:AC:9C:3A:B2
X509v3 Authority Key Identifier:
keyid:70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/4CBLR318XFnVCYi0NnE6OKycOrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.82.0/23
194.165.0.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:fe:6a:bd:ed:f5:00:7f:51:09:a8:30:c0:32:3b:38:e8:74:
20:b3:f2:b1:35:87:54:45:ea:62:1b:36:9f:19:05:6e:e8:f1:
f2:44:06:ce:9f:33:da:cf:f8:e4:fc:e5:ef:5d:6f:4a:f7:06:
41:78:8e:99:67:1f:2c:89:f8:62:4c:ea:0d:19:d0:72:45:0f:
48:15:27:9b:d8:8c:c3:dd:55:a0:76:5a:dd:df:4a:c3:3c:33:
c6:d9:2f:f2:c1:6f:6e:ca:a0:a9:90:04:bd:fd:e9:83:a6:56:
62:89:01:ae:f0:85:2a:b1:09:f1:9a:29:eb:83:00:68:e5:6e:
19:d7:31:5b:af:9c:a9:98:49:da:12:b8:3d:53:ab:ad:44:bb:
37:8c:74:68:d3:e4:e7:d3:6c:47:14:b3:b4:c7:c5:a3:56:3e:
5e:4e:c5:41:dd:e5:1e:0d:3a:fb:4b:18:61:52:e1:07:da:c3:
41:ae:dd:b2:9d:f6:e3:2b:50:98:5d:eb:34:9f:14:5c:d7:7b:
83:51:d9:9d:64:ca:9c:b7:02:ef:a4:0a:4f:c3:53:84:70:30:
56:26:d9:0a:91:11:92:84:f1:f6:57:ff:94:8e:45:b5:31:90:
7e:fb:66:62:4e:e3:7e:41:49:49:46:0a:53:72:6c:9e:d8:9b:
aa:45:f9:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcs2PdfeY0c85fCAwFBlS1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWViNmVhYWE0OWRkNmI0ODNlMDRiMTQzNGU0ZGFjNzll
ZDlkMzEwHhcNMjMwMzI5MTAxMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDIwNGI0NzdkN2M1YzU5ZDUwOTg4YjQzNjcxM2EzOGFjOWMzYWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPNkX8zvX5MTPfpl0mSnsIhAQZlg
3CJmYKZcqnW/f1yiEkZvq738tUnitvsHlXXE2DeAI5GGLa6TJnTT3PVeF3DVjOMX
CHTYrC1tvVCHpliyyMfEHEOueSlUN9NxGa8jGiumjhUUzcCMukXmZ1qSAf6z5DBK
1oniNQAOloVdo2nTZ+SG7F1Tbckk+r4cih6j9m4FHVHRBFRwFbGxYlxH/iSZIIOw
eHZPX5MwxmPjpzUPQjfRmu0REodIMlmdxSn5+GjRFIUdN4irsF7WTcv7b42OExks
24cb6YB/bMHs1pwoawnyYVagQwR4OTyYxJHKW+X9xpfB9tg61NQpMwb6AwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOAgS0d9fFxZ1QmItDZxOjisnDqyMB8GA1UdIwQY
MBaAFHCetuqqSd1rSD4EsUNOTax57Z0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAt
OWY2ZmEwZTFhNWE1LzEvNENCTFIzMThYRm5WQ1lpME5uRTZPS3ljT3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAtOWY2ZmEwZTFhNWE1
LzEvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwRNSAwQB
wqUAMA0GCSqGSIb3DQEBCwUAA4IBAQDJ/mq97fUAf1EJqDDAMjs46HQgs/KxNYdU
RepiGzafGQVu6PHyRAbOnzPaz/jk/OXvXW9K9wZBeI6ZZx8sifhiTOoNGdByRQ9I
FSeb2IzD3VWgdlrd30rDPDPG2S/ywW9uyqCpkAS9/emDplZiiQGu8IUqsQnxminr
gwBo5W4Z1zFbr5ypmEnaErg9U6utRLs3jHRo0+Tn02xHFLO0x8WjVj5eTsVB3eUe
DTr7SxhhUuEH2sNBrt2ynfbjK1CYXes0nxRc13uDUdmdZMqctwLvpApPw1OEcDBW
JtkKkRGShPH2V/+UjkW1MZB++2ZiTuN+QUlJRgpTcmye2JuqRfke
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org