Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/4jEnf6A0Tt8Sw4Zz86f-7huImgM.roa
File: 4jEnf6A0Tt8Sw4Zz86f-7huImgM.roa (raw, json)
Hash identifier: RcihhGgTXqDuibhOAPrVhWBsdKRdkbxjUh5/StvMIf4=
Subject key identifier: E2:31:27:7F:A0:34:4E:DF:12:C3:86:73:F3:A7:FE:EE:1B:88:9A:03
Certificate issuer: /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial: 01856DD3ECA75DAB27664BF474696AE4A271
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/4jEnf6A0Tt8Sw4Zz86f-7huImgM.roa
Signing time: Sun 01 Jan 2023 14:54:43 +0000
ROA not before: Sun 01 Jan 2023 14:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8916
IP address blocks: 213.5.88.0/21 maxlen: 21
188.246.192.0/19 maxlen: 19
185.87.56.0/22 maxlen: 22
193.108.199.0/24 maxlen: 24
2a03:9800::/29 maxlen: 29
2001:67c:1b8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:ec:a7:5d:ab:27:66:4b:f4:74:69:6a:e4:a2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Validity
Not Before: Jan 1 14:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e231277fa0344edf12c38673f3a7feee1b889a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7f:53:14:46:40:2a:fa:a8:2e:c2:20:d5:02:
48:ef:7a:6b:16:35:38:54:9c:71:81:d3:5f:8d:58:
cd:50:d7:28:e3:e6:c7:16:2e:58:4f:0d:73:1d:2f:
f4:4d:f2:f4:7f:78:74:d8:bf:c2:e2:a2:ec:56:1b:
61:85:3c:9d:30:83:a0:6f:4a:82:d5:d5:eb:c3:e9:
66:c3:ef:c6:8f:14:a1:28:5a:bd:12:c0:90:b6:bc:
8f:a1:a8:d7:3d:a4:25:a4:fd:4b:9e:18:86:49:54:
10:ad:ae:8c:c1:0e:64:7c:f0:75:be:3a:6b:dd:ce:
fa:96:87:6f:87:aa:e3:5c:6e:36:b0:1a:ea:dd:fc:
b1:1c:16:da:63:f9:33:75:ec:e5:0b:5f:b8:e1:02:
eb:78:39:75:95:ef:42:1d:ea:c5:6d:75:a4:6b:e8:
a4:3b:c2:09:fb:fa:fd:b0:71:1a:de:59:63:57:f4:
ab:ba:69:6c:e3:06:24:f8:a3:d0:d1:88:4b:b0:cd:
14:6a:ce:9d:70:d1:06:d8:be:6a:f0:0f:06:c0:2a:
af:89:91:47:55:3a:59:ff:60:c2:93:b4:79:59:4e:
d1:4f:e2:4f:ef:73:ef:32:f0:8b:fc:c1:8e:dc:80:
e9:dc:27:f6:86:7e:b0:1d:a6:ae:da:ee:63:f8:f6:
ee:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:31:27:7F:A0:34:4E:DF:12:C3:86:73:F3:A7:FE:EE:1B:88:9A:03
X509v3 Authority Key Identifier:
keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/4jEnf6A0Tt8Sw4Zz86f-7huImgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.56.0/22
188.246.192.0/19
193.108.199.0/24
213.5.88.0/21
IPv6:
2001:67c:1b8::/48
2a03:9800::/29
Signature Algorithm: sha256WithRSAEncryption
92:b3:aa:99:b9:c9:c8:89:00:c7:26:c8:1e:76:1a:6f:fa:0a:
64:81:1e:9b:82:c7:cf:a3:55:88:a4:5a:54:fc:41:42:5f:47:
4c:ec:a3:05:4d:11:fe:d6:71:cc:e5:0c:88:ae:9e:ed:ae:80:
e7:df:2e:f0:32:40:b3:32:42:d7:3b:1c:a1:db:43:72:e8:fe:
11:52:8a:75:c4:7b:a4:71:2e:c5:cd:aa:59:dd:13:85:70:a6:
06:36:ea:94:70:51:cf:d7:8b:d7:3f:89:c3:b1:48:0b:7e:8a:
61:f0:67:b9:69:c6:fc:02:f5:c6:e3:8d:02:03:3c:00:2b:3a:
b0:79:54:ae:22:f4:e1:72:c8:06:ef:db:b8:f5:53:f0:c9:5f:
0a:86:a3:c2:8a:71:df:29:e6:b6:fa:58:d6:e2:6f:21:07:16:
02:fd:9d:b5:22:db:39:71:90:2c:12:11:8f:af:83:2c:9c:0d:
9e:d6:b3:da:d9:56:b8:d8:a4:48:df:15:f9:00:67:f9:18:10:
81:1d:9e:4c:39:d1:c6:5d:9e:91:57:bb:a2:9d:b7:11:29:30:
e0:8b:f3:c7:68:7f:35:ff:8b:82:cd:3f:53:da:2f:8b:65:0c:
28:ef:01:52:84:5b:3e:ab:cc:4d:1f:af:25:ce:f1:9a:bc:a6:
ab:12:48:cc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVt0+ynXasnZkv0dGlq5KJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjdhNjMxYmI2NzM4ZWI2OGJiNmVhNmM0MjRlZjRhN2Qx
NGMzY2IwHhcNMjMwMTAxMTQ1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjMxMjc3ZmEwMzQ0ZWRmMTJjMzg2NzNmM2E3ZmVlZTFiODg5YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq39TFEZAKvqoLsIg1QJI73prFjU4
VJxxgdNfjVjNUNco4+bHFi5YTw1zHS/0TfL0f3h02L/C4qLsVhthhTydMIOgb0qC
1dXrw+lmw+/GjxShKFq9EsCQtryPoajXPaQlpP1LnhiGSVQQra6MwQ5kfPB1vjpr
3c76lodvh6rjXG42sBrq3fyxHBbaY/kzdezlC1+44QLreDl1le9CHerFbXWka+ik
O8IJ+/r9sHEa3lljV/Srumls4wYk+KPQ0YhLsM0Uas6dcNEG2L5q8A8GwCqviZFH
VTpZ/2DCk7R5WU7RT+JP73PvMvCL/MGO3IDp3Cf2hn6wHaau2u5j+Pbu0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOIxJ3+gNE7fEsOGc/On/u4biJoDMB8GA1UdIwQY
MBaAFDAnpjG7ZzjraLtupsQk70p9FMPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYt
MWRkNmQyODFjODhhLzEvNGpFbmY2QTBUdDhTdzRaejg2Zi03aHVJbWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYtMWRkNmQyODFjODhh
LzEvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCuVc4AwQF
vPbAAwQAwWzHAwQD1QVYMBYEAgACMBADBwAgAQZ8AbgDBQMqA5gAMA0GCSqGSIb3
DQEBCwUAA4IBAQCSs6qZucnIiQDHJsgedhpv+gpkgR6bgsfPo1WIpFpU/EFCX0dM
7KMFTRH+1nHM5QyIrp7troDn3y7wMkCzMkLXOxyh20Ny6P4RUop1xHukcS7FzapZ
3ROFcKYGNuqUcFHP14vXP4nDsUgLfoph8Ge5acb8AvXG440CAzwAKzqweVSuIvTh
csgG79u49VPwyV8KhqPCinHfKea2+ljW4m8hBxYC/Z21Its5cZAsEhGPr4MsnA2e
1rPa2Va42KRI3xX5AGf5GBCBHZ5MOdHGXZ6RV7uinbcRKTDgi/PHaH81/4uCzT9T
2i+LZQwo7wFShFs+q8xNH68lzvGavKarEkjM
-----END CERTIFICATE-----
Generated at Mon Dec 18 23:35:20 2023 by rpki-client on console-fra.rpki-client.org