Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/21kKBQDEj_hvHgW1RgQojPEQ5Zg.roa
File: 21kKBQDEj_hvHgW1RgQojPEQ5Zg.roa (raw, json)
Hash identifier: XgoAQ7OZCWWzNBYpPwyoU6IjZ2U7+eD61OZR9QSLAAs=
Subject key identifier: DB:59:0A:05:00:C4:8F:F8:6F:1E:05:B5:46:04:28:8C:F1:10:E5:98
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0189D4DA86786EF6D632AE94AF08D1BEBB4A
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/21kKBQDEj_hvHgW1RgQojPEQ5Zg.roa
Signing time: Tue 08 Aug 2023 11:13:58 +0000
ROA not before: Tue 08 Aug 2023 11:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 193.38.248.0/24 maxlen: 24
192.144.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:da:86:78:6e:f6:d6:32:ae:94:af:08:d1:be:bb:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Aug 8 11:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db590a0500c48ff86f1e05b54604288cf110e598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:77:8e:3e:52:f2:a1:e2:8b:19:7f:a8:0e:8f:
3d:0a:1e:c0:85:9d:2b:92:f5:3b:71:bf:55:0b:73:
f2:31:6c:c4:9e:57:8b:a5:50:ff:b2:32:b3:e1:75:
b9:84:9b:60:c9:bf:71:f2:4e:b7:67:ce:98:a0:94:
f0:c2:ff:ba:ed:f5:b1:06:69:be:81:be:50:fa:61:
a5:50:bd:66:eb:04:07:8a:c6:3a:ec:39:e8:6b:0f:
95:52:36:f4:c0:68:5b:a9:1b:7f:31:94:c5:51:6c:
91:19:e5:06:09:2b:eb:28:25:0d:c2:1f:3e:d0:4b:
0c:20:b1:27:67:f4:cb:56:c6:14:ed:d3:70:be:e9:
33:77:7d:73:4b:56:ec:d7:c2:d2:5f:de:2a:c1:88:
c0:6e:ee:08:7d:34:74:b0:27:63:0b:51:aa:d0:23:
3b:92:60:ef:43:10:15:b5:59:24:ea:7f:89:93:99:
dc:69:5c:d1:9d:9a:c5:2f:55:94:b6:d8:f9:9d:86:
ed:8e:35:f2:41:4b:cc:47:ef:9e:a1:7c:46:50:48:
05:38:95:09:bb:9c:37:7e:6e:b3:20:74:40:d5:de:
45:33:b6:65:08:99:c5:46:f2:50:94:77:34:16:70:
af:0b:35:c5:fa:cb:5d:3b:d2:f0:ac:9f:71:20:6d:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:59:0A:05:00:C4:8F:F8:6F:1E:05:B5:46:04:28:8C:F1:10:E5:98
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/21kKBQDEj_hvHgW1RgQojPEQ5Zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.34.0/24
193.38.248.0/24
Signature Algorithm: sha256WithRSAEncryption
77:38:9a:32:1c:67:d2:b4:f8:46:30:b3:9a:4e:d8:a4:3e:90:
82:79:b7:b9:56:7a:a8:74:e2:f1:41:74:20:8e:cb:8f:6d:32:
02:e7:fa:8d:82:a8:18:a3:04:95:cb:8f:d6:66:aa:7e:ca:eb:
90:da:bf:8a:a8:60:5d:49:41:f5:08:de:03:ec:2d:e2:fc:ad:
b3:c2:a1:49:80:e0:a9:a0:cf:fc:ce:cf:3a:04:9d:3c:c4:b4:
73:78:76:03:bc:e5:aa:b3:52:dc:a0:ea:01:24:cd:23:11:fd:
22:53:e1:05:f8:91:12:be:0a:66:a5:f3:ef:62:4c:56:98:41:
0e:de:7d:e6:4f:a8:d5:db:f1:b5:44:ee:66:2a:ce:c4:ac:35:
92:47:d7:94:80:f9:c7:30:20:ab:09:47:1c:39:db:99:57:66:
66:a4:5d:26:7b:c5:e3:a4:42:c2:7d:33:f7:d4:c6:b1:23:e1:
02:21:a3:6f:8e:5f:b1:3c:8e:89:2e:95:93:65:dc:3b:a2:d0:
d1:11:fd:61:81:bd:e5:62:98:f4:69:6a:60:32:fa:c7:87:aa:
cc:0c:1f:b7:b5:4d:ff:57:3e:82:59:74:a5:56:c6:25:ac:b7:
9b:e7:7f:7a:06:ea:ff:a9:7a:9e:ee:42:05:b5:89:1e:9f:da:
f1:ad:69:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnU2oZ4bvbWMq6UrwjRvrtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwODA4MTExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjU5MGEwNTAwYzQ4ZmY4NmYxZTA1YjU0NjA0Mjg4Y2YxMTBlNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHeOPlLyoeKLGX+oDo89Ch7AhZ0r
kvU7cb9VC3PyMWzEnleLpVD/sjKz4XW5hJtgyb9x8k63Z86YoJTwwv+67fWxBmm+
gb5Q+mGlUL1m6wQHisY67Dnoaw+VUjb0wGhbqRt/MZTFUWyRGeUGCSvrKCUNwh8+
0EsMILEnZ/TLVsYU7dNwvukzd31zS1bs18LSX94qwYjAbu4IfTR0sCdjC1Gq0CM7
kmDvQxAVtVkk6n+Jk5ncaVzRnZrFL1WUttj5nYbtjjXyQUvMR++eoXxGUEgFOJUJ
u5w3fm6zIHRA1d5FM7ZlCJnFRvJQlHc0FnCvCzXF+stdO9LwrJ9xIG2jEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNtZCgUAxI/4bx4FtUYEKIzxEOWYMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvMjFrS0JRREVqX2h2SGdXMVJnUW9qUEVRNVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwJAiAwQA
wSb4MA0GCSqGSIb3DQEBCwUAA4IBAQB3OJoyHGfStPhGMLOaTtikPpCCebe5Vnqo
dOLxQXQgjsuPbTIC5/qNgqgYowSVy4/WZqp+yuuQ2r+KqGBdSUH1CN4D7C3i/K2z
wqFJgOCpoM/8zs86BJ08xLRzeHYDvOWqs1LcoOoBJM0jEf0iU+EF+JESvgpmpfPv
YkxWmEEO3n3mT6jV2/G1RO5mKs7ErDWSR9eUgPnHMCCrCUccOduZV2ZmpF0me8Xj
pELCfTP31MaxI+ECIaNvjl+xPI6JLpWTZdw7otDREf1hgb3lYpj0aWpgMvrHh6rM
DB+3tU3/Vz6CWXSlVsYlrLeb5396Bur/qXqe7kIFtYken9rxrWlY
-----END CERTIFICATE-----
Generated at Sun Oct 1 11:22:00 2023 by rpki-client on console-fra.rpki-client.org