Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/ePxfu_qCbjoR3aZPEy80qp_den4.roa
File: ePxfu_qCbjoR3aZPEy80qp_den4.roa (raw, json)
Hash identifier: XFcExbe/GLNU5NzJXsXNdhfH89QFR0oXbw+k4DIPULo=
Subject key identifier: 78:FC:5F:BB:FA:82:6E:3A:11:DD:A6:4F:13:2F:34:AA:9F:DD:7A:7E
Certificate issuer: /CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Certificate serial: 018CC2DAC33D573C2023FC88F1E2506E6D4F
Authority key identifier: 87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/ePxfu_qCbjoR3aZPEy80qp_den4.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200233
IP address blocks: 193.5.80.0/21 maxlen: 24
147.87.0.0/16 maxlen: 24
2a07:6b40::/29 maxlen: 64
Validation: Failed, certificate revoked on Wed 03 Apr 2024 09:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c3:3d:57:3c:20:23:fc:88:f1:e2:50:6e:6d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78fc5fbbfa826e3a11dda64f132f34aa9fdd7a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7f:f7:d0:06:47:a7:f8:c6:9e:ca:73:cc:0f:
af:9e:68:11:72:e0:13:fa:1f:16:4c:c8:cc:27:e1:
aa:01:e3:23:7e:54:2b:dd:af:3d:50:62:2d:dd:24:
ed:e1:37:1d:63:b9:f3:dc:62:fd:c0:d6:e8:6a:1e:
3e:46:1a:a6:41:c7:c3:d7:a9:ec:1e:3c:f9:c9:77:
87:e1:f0:96:80:14:39:a7:1e:60:b4:1c:bd:e4:7d:
21:ee:fd:60:72:ad:f0:d3:27:29:fd:e3:78:b2:54:
c0:a4:42:1b:c5:69:db:f0:f3:33:a1:f4:34:92:cd:
ab:c4:97:90:2d:0b:52:77:bb:af:d7:c0:90:de:8a:
96:60:67:57:f2:8a:d9:49:83:bc:98:21:14:ef:6e:
85:96:c4:78:59:95:9d:34:c1:70:68:53:b2:19:1b:
60:09:d4:9e:fe:47:69:69:00:f4:7d:0a:18:c5:03:
49:9c:48:6c:6a:90:c4:f3:2b:65:ea:17:45:00:cf:
af:29:0b:fd:6b:d9:c1:81:9a:87:4a:80:38:b9:94:
ec:99:1b:97:1a:78:22:36:8d:fc:0f:06:f4:ac:24:
b3:af:a9:d2:84:1c:97:e6:55:d7:88:74:52:12:fa:
72:09:58:ac:a5:9d:7d:f6:07:ee:e1:a6:25:d5:8e:
34:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FC:5F:BB:FA:82:6E:3A:11:DD:A6:4F:13:2F:34:AA:9F:DD:7A:7E
X509v3 Authority Key Identifier:
keyid:87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/ePxfu_qCbjoR3aZPEy80qp_den4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.87.0.0/16
193.5.80.0/21
IPv6:
2a07:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
43:fe:bb:99:dc:15:08:1d:b0:5e:f9:c8:c4:cf:77:2a:2b:4f:
c2:d6:11:c6:a5:a4:1f:20:6b:d5:c7:57:91:a2:ca:44:dd:9d:
10:05:40:4c:34:90:f6:8f:2d:e3:d9:d4:57:6f:ec:d6:a2:6e:
c1:bb:aa:0d:16:50:74:dd:82:b4:ff:be:cd:b9:7f:bb:59:83:
b1:35:b7:eb:38:f3:f9:d7:07:e6:80:bb:76:75:ee:ed:1a:fc:
1f:f3:3e:73:01:f7:2d:7a:9f:3b:bc:26:cd:8b:52:e8:cc:a7:
59:4a:32:25:17:ca:f8:42:6b:8d:6e:68:3c:97:da:5c:45:1a:
0b:53:38:27:f4:d8:12:cc:2c:70:12:51:e7:ea:41:2d:1a:fa:
dd:09:34:20:af:7f:d6:c4:37:e8:a6:ce:31:9a:2d:b3:0f:04:
2b:a7:c8:88:39:a9:5e:d7:33:09:8c:f8:58:0d:56:4d:19:4f:
94:ed:02:f6:3b:f7:71:c9:e2:6f:5e:34:b6:ad:27:60:44:cd:
d0:19:ac:96:2a:d9:bf:bf:28:7e:de:fb:38:1b:87:ba:72:16:
69:84:6f:40:fa:93:e4:ca:f1:72:71:1c:9d:c8:20:a8:fc:f2:
af:0d:44:e5:69:5f:a2:05:9b:7c:2f:38:15:66:87:9f:e2:79:
60:77:74:80
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzC2sM9VzwgI/yI8eJQbm1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NDFlYzE3ZGMwMzA5YjEzZDg4YTY3ZWEyMmRjYmJiMjZh
NGUzYTEwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGZjNWZiYmZhODI2ZTNhMTFkZGE2NGYxMzJmMzRhYTlmZGQ3YTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn/30AZHp/jGnspzzA+vnmgRcuAT
+h8WTMjMJ+GqAeMjflQr3a89UGIt3STt4TcdY7nz3GL9wNboah4+RhqmQcfD16ns
Hjz5yXeH4fCWgBQ5px5gtBy95H0h7v1gcq3w0ycp/eN4slTApEIbxWnb8PMzofQ0
ks2rxJeQLQtSd7uv18CQ3oqWYGdX8orZSYO8mCEU726FlsR4WZWdNMFwaFOyGRtg
CdSe/kdpaQD0fQoYxQNJnEhsapDE8ytl6hdFAM+vKQv9a9nBgZqHSoA4uZTsmRuX
GngiNo38Dwb0rCSzr6nShByX5lXXiHRSEvpyCVispZ199gfu4aYl1Y40awIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHj8X7v6gm46Ed2mTxMvNKqf3Xp+MB8GA1UdIwQY
MBaAFIdB7BfcAwmxPYimfqIty7smpOOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYt
MWFjNGE0MDA3ZGI0LzEvZVB4ZnVfcUNiam9SM2FaUEV5ODBxcF9kZW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYtMWFjNGE0MDA3ZGI0
LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAk1cDBAPB
BVAwDQQCAAIwBwMFAyoHa0AwDQYJKoZIhvcNAQELBQADggEBAEP+u5ncFQgdsF75
yMTPdyorT8LWEcalpB8ga9XHV5GiykTdnRAFQEw0kPaPLePZ1Fdv7NaibsG7qg0W
UHTdgrT/vs25f7tZg7E1t+s48/nXB+aAu3Z17u0a/B/zPnMB9y16nzu8Js2LUujM
p1lKMiUXyvhCa41uaDyX2lxFGgtTOCf02BLMLHASUefqQS0a+t0JNCCvf9bEN+im
zjGaLbMPBCunyIg5qV7XMwmM+FgNVk0ZT5TtAvY793HJ4m9eNLatJ2BEzdAZrJYq
2b+/KH7e+zgbh7pyFmmEb0D6k+TK8XJxHJ3IIKj88q8NROVpX6IFm3wvOBVmh5/i
eWB3dIA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:00 2024 by rpki-client on console-fra.rpki-client.org