Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9963iqdgOkYgLdscLDRvPQQceSQ.roa
File: 9963iqdgOkYgLdscLDRvPQQceSQ.roa (raw, json)
Hash identifier: 7CQH+f+CrxzCSlDnJluSYQa5tUSyKUcMBcBHzNohIKA=
Subject key identifier: F7:DE:B7:8A:A7:60:3A:46:20:2D:DB:1C:2C:34:6F:3D:04:1C:79:24
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0189AE874011CB4334E4AB818B638D59F236
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9963iqdgOkYgLdscLDRvPQQceSQ.roa
Signing time: Tue 01 Aug 2023 00:37:26 +0000
ROA not before: Tue 01 Aug 2023 00:37:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 185.236.11.0/24 maxlen: 24
185.255.112.0/24 maxlen: 24
85.117.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ae:87:40:11:cb:43:34:e4:ab:81:8b:63:8d:59:f2:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Aug 1 00:37:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7deb78aa7603a46202ddb1c2c346f3d041c7924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:59:f7:df:09:2e:f6:28:85:10:2e:41:e2:f0:
04:42:29:2e:c9:3c:bb:c2:67:46:ec:c6:93:63:7b:
fc:5a:5a:98:cb:cc:41:78:88:bf:a7:64:5c:34:62:
53:91:31:77:32:97:a7:67:ca:f1:f7:40:a3:42:06:
83:1b:0c:17:9e:72:04:e7:90:1c:a8:86:dc:37:b6:
71:1c:82:6a:90:74:3e:fd:cc:c1:d1:d4:a8:94:b3:
e3:e1:6b:7a:f9:05:19:85:c8:b5:d9:80:94:d2:9b:
0c:7e:78:b8:ed:bd:09:6e:3a:75:83:da:cc:4c:3e:
e4:0e:16:0c:ed:fd:1b:37:48:09:b7:a5:4d:75:07:
81:d8:63:4c:ee:b8:29:90:b0:c3:cb:a5:e2:aa:a9:
15:ef:ae:df:51:39:fe:58:17:0f:d3:be:ce:d4:96:
09:94:d7:a0:d1:37:fd:1d:1a:df:ec:0b:67:bf:6a:
03:f8:f6:5c:3f:88:9c:e8:0b:48:b2:84:35:3b:cf:
ae:e2:cf:c7:56:f4:2d:9a:92:95:5e:db:ca:cc:06:
9c:bd:a9:d2:9f:47:b6:e7:e9:cd:8b:1d:39:54:75:
76:57:e5:e8:86:0e:b1:58:1a:6b:e4:c1:70:48:48:
de:69:67:cb:4d:82:96:8a:2d:fd:28:58:6c:12:e5:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DE:B7:8A:A7:60:3A:46:20:2D:DB:1C:2C:34:6F:3D:04:1C:79:24
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9963iqdgOkYgLdscLDRvPQQceSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.11.0/24
185.255.112.0/24
Signature Algorithm: sha256WithRSAEncryption
57:dd:50:b8:53:6c:b8:96:c1:35:93:e3:33:84:b2:37:48:4c:
a9:dc:be:8b:b7:6f:55:e5:f4:03:d2:ac:76:d2:6a:a1:cc:ac:
23:51:3c:8f:2f:5e:9c:3f:38:a0:66:9a:3b:63:06:f9:bb:20:
64:0f:4a:1f:3b:25:f5:f6:c2:67:e6:fa:5f:c7:cb:7e:88:cc:
fb:d6:ec:c1:55:2d:0e:35:c9:aa:04:b9:3d:5e:d9:8c:87:0f:
9e:7f:23:ad:52:ed:7d:bf:4b:e7:f6:1e:c4:af:fd:19:d8:b3:
48:26:f2:d0:90:70:fc:80:10:01:cd:84:7d:51:16:e5:fe:00:
ae:80:25:30:60:fe:45:41:47:3a:7f:e3:9b:d7:7c:3d:ff:dd:
30:82:c2:d3:70:fc:75:f2:0a:7b:0c:24:2f:0d:a9:f1:f7:99:
e1:dc:8e:78:fc:47:96:6c:ef:99:30:39:df:e9:69:d0:c7:87:
6e:8c:b8:89:21:2c:4b:30:d9:bd:11:10:86:89:96:75:2c:91:
54:ff:ea:be:84:3e:00:e3:6a:c8:c2:ef:7c:3a:43:76:01:91:
d9:ba:3e:c0:a3:03:92:05:96:ad:88:ba:d2:4e:48:8f:02:fa:
57:2d:4a:45:7f:23:88:e6:a2:0c:40:f5:d4:a4:6d:a3:e4:6c:
fc:aa:40:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmuh0ARy0M05KuBi2ONWfI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwODAxMDAzNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2RlYjc4YWE3NjAzYTQ2MjAyZGRiMWMyYzM0NmYzZDA0MWM3OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVn33wku9iiFEC5B4vAEQikuyTy7
wmdG7MaTY3v8WlqYy8xBeIi/p2RcNGJTkTF3MpenZ8rx90CjQgaDGwwXnnIE55Ac
qIbcN7ZxHIJqkHQ+/czB0dSolLPj4Wt6+QUZhci12YCU0psMfni47b0Jbjp1g9rM
TD7kDhYM7f0bN0gJt6VNdQeB2GNM7rgpkLDDy6XiqqkV767fUTn+WBcP077O1JYJ
lNeg0Tf9HRrf7Atnv2oD+PZcP4ic6AtIsoQ1O8+u4s/HVvQtmpKVXtvKzAacvanS
n0e25+nNix05VHV2V+Xohg6xWBpr5MFwSEjeaWfLTYKWii39KFhsEuWdNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPfet4qnYDpGIC3bHCw0bz0EHHkkMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvOTk2M2lxZGdPa1lnTGRzY0xEUnZQUVFjZVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXXzAwQA
uewLAwQAuf9wMA0GCSqGSIb3DQEBCwUAA4IBAQBX3VC4U2y4lsE1k+MzhLI3SEyp
3L6Lt29V5fQD0qx20mqhzKwjUTyPL16cPzigZpo7Ywb5uyBkD0ofOyX19sJn5vpf
x8t+iMz71uzBVS0ONcmqBLk9XtmMhw+efyOtUu19v0vn9h7Er/0Z2LNIJvLQkHD8
gBABzYR9URbl/gCugCUwYP5FQUc6f+Ob13w9/90wgsLTcPx18gp7DCQvDanx95nh
3I54/EeWbO+ZMDnf6WnQx4dujLiJISxLMNm9ERCGiZZ1LJFU/+q+hD4A42rIwu98
OkN2AZHZuj7AowOSBZatiLrSTkiPAvpXLUpFfyOI5qIMQPXUpG2j5Gz8qkCc
-----END CERTIFICATE-----
Generated at Tue Aug 8 12:00:43 2023 by rpki-client on console-fra.rpki-client.org