Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/eJtZ8VfEmVypTtM9Dz5ECsnrCuU.roa
File: eJtZ8VfEmVypTtM9Dz5ECsnrCuU.roa (raw, json)
Hash identifier: JKr+NSXPb9J6GsJPUQTBBbwYWK1xQEfKodLkRFU0MB0=
Subject key identifier: 78:9B:59:F1:57:C4:99:5C:A9:4E:D3:3D:0F:3E:44:0A:C9:EB:0A:E5
Certificate issuer: /CN=bbbb2a4302094f4c3f5bada547ef4f7ede18e903
Certificate serial: 01857227CB6D12D805DC3E8F856E39C75D70
Authority key identifier: BB:BB:2A:43:02:09:4F:4C:3F:5B:AD:A5:47:EF:4F:7E:DE:18:E9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/eJtZ8VfEmVypTtM9Dz5ECsnrCuU.roa
Signing time: Mon 02 Jan 2023 11:04:48 +0000
ROA not before: Mon 02 Jan 2023 11:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201749
IP address blocks: 194.31.93.0/24 maxlen: 24
194.31.220.0/24 maxlen: 24
194.31.199.0/24 maxlen: 24
194.31.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:cb:6d:12:d8:05:dc:3e:8f:85:6e:39:c7:5d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbbb2a4302094f4c3f5bada547ef4f7ede18e903
Validity
Not Before: Jan 2 11:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=789b59f157c4995ca94ed33d0f3e440ac9eb0ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c1:36:04:94:f7:c1:b1:27:99:9a:9b:9a:12:
b4:e6:d5:e9:2d:56:49:49:65:4d:42:dc:40:35:8b:
a4:54:af:00:80:b4:a3:26:30:07:9e:ba:d5:ee:c2:
e2:7d:84:48:ad:65:14:d0:38:c0:fd:bb:aa:74:fd:
dd:c4:61:f7:ef:46:d5:0c:4e:f5:bf:68:1e:24:bc:
f1:9f:d7:14:e3:33:74:cc:b7:e8:6b:e4:9d:c6:f8:
5e:b8:a1:b6:5d:84:d2:82:e0:fd:8d:6c:7f:33:ed:
9e:7b:22:d5:fe:07:0e:98:1c:8a:98:b6:86:57:a4:
7c:e5:20:bc:00:00:25:3d:73:38:49:de:0d:95:2b:
f1:ce:9d:a4:9f:9b:79:08:31:81:3d:4a:4c:93:6b:
8b:07:29:b0:06:b6:13:9c:17:e5:34:4d:6f:ad:83:
43:a9:69:0c:cc:6f:f2:26:18:0d:32:3d:d1:03:c3:
70:db:8a:ab:c0:46:70:09:1e:a2:21:68:37:1f:95:
63:ae:04:f6:26:05:c6:78:b6:c3:a6:70:44:23:06:
57:85:12:a8:98:83:6a:3e:61:93:53:70:e7:b5:fc:
e3:b9:3d:b3:f5:76:ee:3d:46:4a:34:89:8a:16:b3:
22:67:6c:3d:49:ac:af:dc:d1:e7:01:69:7a:04:7c:
fa:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:9B:59:F1:57:C4:99:5C:A9:4E:D3:3D:0F:3E:44:0A:C9:EB:0A:E5
X509v3 Authority Key Identifier:
keyid:BB:BB:2A:43:02:09:4F:4C:3F:5B:AD:A5:47:EF:4F:7E:DE:18:E9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/eJtZ8VfEmVypTtM9Dz5ECsnrCuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/u7sqQwIJT0w_W62lR-9Pft4Y6QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.93.0/24
194.31.193.0/24
194.31.199.0/24
194.31.220.0/24
Signature Algorithm: sha256WithRSAEncryption
80:23:63:09:d3:c6:da:f5:56:cc:20:29:03:d8:2f:6f:fd:a9:
03:00:3c:3e:a1:63:60:16:de:10:87:7d:ff:5e:8e:31:6a:e3:
66:02:54:ed:fd:d9:50:15:d3:b9:19:9d:ff:6d:c3:5d:6c:cf:
73:14:f7:66:74:50:36:ea:2a:87:40:79:9c:49:3c:dd:48:93:
ec:47:c3:08:0c:fc:d9:5b:32:c8:29:e7:d8:6e:b5:0e:d1:c4:
73:ce:3a:f1:cb:07:11:99:5f:64:c0:00:9d:32:65:a9:be:66:
44:f2:45:39:c5:c0:0b:44:7c:53:45:79:69:3a:09:fc:ab:1a:
11:99:ef:84:bd:2a:1c:14:12:70:89:b9:3a:34:97:58:bb:b7:
dd:f4:d0:01:39:d0:a1:08:b0:a3:d5:4a:67:a9:e2:17:83:05:
d0:6a:89:84:97:dd:5a:c1:7d:58:3e:f4:67:4d:83:ea:f7:c6:
f7:50:26:67:7b:8d:95:00:f2:63:2b:af:21:e1:9b:60:3d:11:
52:5e:06:aa:9d:d5:f4:cd:92:e0:68:a7:d2:fc:48:d3:c1:58:
b8:61:39:5a:63:c1:6c:11:5b:57:92:f6:df:82:92:7a:d5:fa:
9d:52:9e:14:3d:7c:09:c2:8b:91:d8:2f:88:3c:e2:43:ba:27:
2a:aa:85:36
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyJ8ttEtgF3D6PhW45x11wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYmIyYTQzMDIwOTRmNGMzZjViYWRhNTQ3ZWY0ZjdlZGUx
OGU5MDMwHhcNMjMwMTAyMTEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODliNTlmMTU3YzQ5OTVjYTk0ZWQzM2QwZjNlNDQwYWM5ZWIwYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncE2BJT3wbEnmZqbmhK05tXpLVZJ
SWVNQtxANYukVK8AgLSjJjAHnrrV7sLifYRIrWUU0DjA/buqdP3dxGH370bVDE71
v2geJLzxn9cU4zN0zLfoa+SdxvheuKG2XYTSguD9jWx/M+2eeyLV/gcOmByKmLaG
V6R85SC8AAAlPXM4Sd4NlSvxzp2kn5t5CDGBPUpMk2uLBymwBrYTnBflNE1vrYND
qWkMzG/yJhgNMj3RA8Nw24qrwEZwCR6iIWg3H5VjrgT2JgXGeLbDpnBEIwZXhRKo
mINqPmGTU3DntfzjuT2z9XbuPUZKNImKFrMiZ2w9Sayv3NHnAWl6BHz6HQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHibWfFXxJlcqU7TPQ8+RArJ6wrlMB8GA1UdIwQY
MBaAFLu7KkMCCU9MP1utpUfvT37eGOkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdzcVF3SUpUMHdfVzYybFItOVBmdDRZNlFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMzk5YTQtNTNiNi00MjcxLTliOTAt
MzJiZjE2NDFmYjNiLzEvZUp0WjhWZkVtVnlwVHRNOUR6NUVDc25yQ3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMzk5YTQtNTNiNi00MjcxLTliOTAtMzJiZjE2NDFmYjNi
LzEvdTdzcVF3SUpUMHdfVzYybFItOVBmdDRZNlFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwh9dAwQA
wh/BAwQAwh/HAwQAwh/cMA0GCSqGSIb3DQEBCwUAA4IBAQCAI2MJ08ba9VbMICkD
2C9v/akDADw+oWNgFt4Qh33/Xo4xauNmAlTt/dlQFdO5GZ3/bcNdbM9zFPdmdFA2
6iqHQHmcSTzdSJPsR8MIDPzZWzLIKefYbrUO0cRzzjrxywcRmV9kwACdMmWpvmZE
8kU5xcALRHxTRXlpOgn8qxoRme+EvSocFBJwibk6NJdYu7fd9NABOdChCLCj1Upn
qeIXgwXQaomEl91awX1YPvRnTYPq98b3UCZne42VAPJjK68h4ZtgPRFSXgaqndX0
zZLgaKfS/EjTwVi4YTlaY8FsEVtXkvbfgpJ61fqdUp4UPXwJwouR2C+IPOJDuicq
qoU2
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:23 2024 by rpki-client on console-fra.rpki-client.org