Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/eaH0JSjJDxn5KYQpwnJ45zALCDs.roa
File: eaH0JSjJDxn5KYQpwnJ45zALCDs.roa (raw, json)
Hash identifier: BkAK4I6O2mqsFHF91NYieJonJPxYHP+6RNoDVvKE8m0=
Subject key identifier: 79:A1:F4:25:28:C9:0F:19:F9:29:84:29:C2:72:78:E7:30:0B:08:3B
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018A60B6197F73B4D2D10C7169AA7A06B194
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/eaH0JSjJDxn5KYQpwnJ45zALCDs.roa
Signing time: Mon 04 Sep 2023 15:01:01 +0000
ROA not before: Mon 04 Sep 2023 15:01:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212728
IP address blocks: 85.117.241.0/24 maxlen: 24
194.156.79.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 37
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:b6:19:7f:73:b4:d2:d1:0c:71:69:aa:7a:06:b1:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Sep 4 15:01:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79a1f42528c90f19f9298429c27278e7300b083b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:82:c8:d5:29:18:b4:cb:08:a1:5e:a2:a9:c4:
f1:fe:d9:1b:26:27:ba:73:80:ea:1f:e9:05:22:74:
b2:5d:b0:5b:1e:e5:51:a0:cd:62:e5:f4:22:20:51:
9f:f3:97:95:1a:4e:3b:e7:b3:0e:ae:8c:9c:82:79:
34:32:84:f8:49:82:2c:77:4c:99:46:6a:eb:00:ac:
23:2e:05:7a:5a:fb:88:8b:62:3e:58:5e:54:2e:1c:
54:e2:ad:8a:83:69:d3:a5:b6:58:53:3f:79:14:35:
fe:90:4b:b0:05:c1:10:62:80:c5:38:1e:31:e5:e1:
7f:5a:2c:88:3c:38:a4:60:20:a3:38:12:9e:05:35:
b5:88:0b:12:b5:8e:8f:60:b0:f6:d3:ac:01:0e:25:
85:4e:1e:02:ec:de:51:d3:7f:6e:3c:31:c2:4d:57:
95:98:2e:d3:84:d6:2a:46:fb:dc:f4:d9:1c:82:fa:
dd:84:9e:c2:d6:c1:2c:84:8d:c7:72:5a:55:7c:e6:
2a:92:78:af:4c:e5:a9:de:5a:d6:e9:60:c2:b0:73:
fb:a4:ff:e6:0e:55:6f:ca:fe:75:f7:bb:a2:b0:c4:
a5:83:9b:10:f0:21:01:c8:39:91:ad:52:99:58:e2:
d7:a8:3a:bd:6d:70:da:a5:9e:81:b7:5c:5a:3b:72:
36:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A1:F4:25:28:C9:0F:19:F9:29:84:29:C2:72:78:E7:30:0B:08:3B
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/eaH0JSjJDxn5KYQpwnJ45zALCDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.241.0/24
194.156.79.0/24
IPv6:
2a09:ff00:8000::/37
Signature Algorithm: sha256WithRSAEncryption
04:4c:09:2a:d9:44:02:d8:85:7b:7e:e3:19:a4:11:91:48:67:
33:2e:7c:f2:09:76:54:b9:0e:0b:a3:a5:a6:43:4d:d2:72:a9:
e2:68:d5:5d:e7:24:9a:c9:f3:9d:db:6d:1d:8d:f8:7a:c1:9f:
b7:e5:b2:a1:1a:7a:91:5a:0d:02:ea:30:90:2d:df:2c:aa:37:
fa:88:6c:96:56:81:1c:c0:b4:c2:74:36:80:87:2f:91:ea:6d:
62:20:21:5d:dd:be:23:48:3a:0e:d0:e9:73:66:1c:ac:c3:91:
4d:5c:c7:5f:33:9b:89:3d:d6:19:30:e0:95:cd:d5:a0:33:6b:
40:30:6c:37:71:47:e5:fc:73:87:8d:d4:92:cb:29:eb:64:ca:
84:fc:e4:11:62:af:e2:33:05:92:5f:14:1d:b3:5e:18:c5:d6:
e2:1a:6f:a1:92:24:97:cc:a8:bf:98:9b:2d:55:93:0f:68:89:
0a:68:9f:d0:32:8d:18:1e:0c:c5:01:37:4a:a2:34:68:01:d4:
fc:0e:f4:f0:d0:39:39:08:f4:3f:6b:bf:eb:9e:c1:01:92:18:
1c:0d:39:a0:3e:7a:60:47:c4:31:94:ea:34:63:4d:d2:42:54:
d6:ef:f4:b5:2f:bd:7e:a8:f5:cb:ce:a5:1d:35:8c:32:b9:7b:
8f:64:05:bb
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYpgthl/c7TS0Qxxaap6BrGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwOTA0MTUwMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWExZjQyNTI4YzkwZjE5ZjkyOTg0MjljMjcyNzhlNzMwMGIwODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoLI1SkYtMsIoV6iqcTx/tkbJie6
c4DqH+kFInSyXbBbHuVRoM1i5fQiIFGf85eVGk4757MOroycgnk0MoT4SYIsd0yZ
RmrrAKwjLgV6WvuIi2I+WF5ULhxU4q2Kg2nTpbZYUz95FDX+kEuwBcEQYoDFOB4x
5eF/WiyIPDikYCCjOBKeBTW1iAsStY6PYLD206wBDiWFTh4C7N5R039uPDHCTVeV
mC7ThNYqRvvc9NkcgvrdhJ7C1sEshI3HclpVfOYqknivTOWp3lrW6WDCsHP7pP/m
DlVvyv5197uisMSlg5sQ8CEByDmRrVKZWOLXqDq9bXDapZ6Bt1xaO3I2twIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHmh9CUoyQ8Z+SmEKcJyeOcwCwg7MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvZWFIMEpTakpEeG41S1lRcHduSjQ1ekFMQ0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAVXXxAwQA
wpxPMA4EAgACMAgDBgMqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEABEwJKtlEAtiF
e37jGaQRkUhnMy588gl2VLkOC6OlpkNN0nKp4mjVXeckmsnzndttHY34esGft+Wy
oRp6kVoNAuowkC3fLKo3+ohsllaBHMC0wnQ2gIcvkeptYiAhXd2+I0g6DtDpc2Yc
rMORTVzHXzObiT3WGTDglc3VoDNrQDBsN3FH5fxzh43Ukssp62TKhPzkEWKv4jMF
kl8UHbNeGMXW4hpvoZIkl8yov5ibLVWTD2iJCmif0DKNGB4MxQE3SqI0aAHU/A70
8NA5OQj0P2u/657BAZIYHA05oD56YEfEMZTqNGNN0kJU1u/0tS+9fqj1y86lHTWM
Mrl7j2QFuw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:23 2024 by rpki-client on console-fra.rpki-client.org