Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/7tNduLrVP95XYv-_hB4csOrPm4Q.roa
File: 7tNduLrVP95XYv-_hB4csOrPm4Q.roa (raw, json)
Hash identifier: 6imSZvlHY7ahBoKli066dujHgzRQ0LESTLK/mhoV4lI=
Subject key identifier: EE:D3:5D:B8:BA:D5:3F:DE:57:62:FF:BF:84:1E:1C:B0:EA:CF:9B:84
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 018CABCEAF36C020CE39720F0DF1C035042B
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/7tNduLrVP95XYv-_hB4csOrPm4Q.roa
Signing time: Wed 27 Dec 2023 15:04:58 +0000
ROA not before: Wed 27 Dec 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 146.255.188.0/24 maxlen: 24
2a11:c880::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:ce:af:36:c0:20:ce:39:72:0f:0d:f1:c0:35:04:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Dec 27 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eed35db8bad53fde5762ffbf841e1cb0eacf9b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:87:bc:4c:17:ae:cf:9f:46:47:2d:66:e2:e9:
02:9e:51:b3:d9:8a:b7:d4:49:b5:e3:46:55:ac:ae:
0d:83:23:b9:d5:4c:1c:34:70:ce:36:36:7a:f0:bd:
ba:3b:d4:6f:24:45:ed:8f:7d:ce:85:17:5b:c4:ee:
b6:d1:12:9d:c8:54:fb:3a:e2:63:2c:0d:2f:4d:d3:
1c:b9:a4:b8:38:1d:58:1c:75:85:7d:74:7d:a1:ec:
55:62:c3:c9:f2:0a:e0:ee:af:13:2f:69:c5:8d:17:
d9:d9:ca:77:d9:e2:42:ad:53:34:ff:0a:85:cc:69:
1c:c0:1b:f6:28:7f:46:0c:dc:55:10:16:49:56:30:
0d:a3:38:12:fc:bb:e2:62:f8:73:29:99:9b:64:3e:
ef:94:ba:17:97:59:9a:8b:28:ef:f3:1b:b7:81:d6:
fe:e1:e6:4b:79:12:c6:74:36:88:8f:77:4d:8f:b6:
d9:fd:29:2b:e3:b7:30:9e:51:ee:e9:a2:1b:16:8c:
27:01:9b:00:38:cf:60:9f:df:88:14:60:1d:41:9b:
b9:0b:de:c7:58:0f:33:95:20:91:7c:0b:cd:7e:37:
ff:34:a8:aa:49:14:50:4b:b1:38:14:f9:9e:de:d8:
ce:0c:47:bf:35:43:0d:41:11:73:b3:53:72:9e:66:
8f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D3:5D:B8:BA:D5:3F:DE:57:62:FF:BF:84:1E:1C:B0:EA:CF:9B:84
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/7tNduLrVP95XYv-_hB4csOrPm4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.188.0/24
IPv6:
2a11:c880::/29
Signature Algorithm: sha256WithRSAEncryption
53:fb:22:76:01:b6:16:80:66:08:da:10:9a:ec:8e:ba:65:f7:
83:99:c8:72:89:e6:56:2c:f3:cf:9e:98:a4:8d:a3:c3:ad:cf:
e1:ec:b4:8b:93:f9:ad:8c:df:cb:d3:5c:cd:64:9f:17:e5:94:
3f:17:15:e6:8f:9e:45:e8:bd:dc:e9:23:27:29:65:08:ac:5f:
e6:69:8e:04:21:2d:d4:b1:06:c4:3c:e4:b8:c7:a4:ff:69:20:
b3:63:64:2a:4b:25:aa:54:a7:5d:85:b9:31:a3:32:20:b0:c1:
1f:6d:dd:a1:89:34:d4:26:23:04:05:6a:fa:0c:20:eb:44:30:
a8:6d:19:f5:cf:7d:79:19:28:75:8f:1f:38:91:c3:a9:53:01:
e3:07:15:30:ef:d0:3f:75:86:d1:35:98:99:e6:79:81:46:ab:
1c:2e:0a:36:cb:db:70:f3:ed:d9:e4:f2:c9:89:45:38:6a:8d:
4e:c1:db:c0:17:68:f5:b5:54:94:d5:10:31:27:07:5a:1e:95:
87:7e:dd:34:92:6a:c3:37:c1:9c:ff:ae:c7:ea:c5:7f:bd:d9:
ad:5f:92:6f:e8:cb:ba:a6:7e:e2:71:58:33:9b:5a:ea:b7:56:
a8:fd:38:97:3f:26:0d:3d:42:5b:09:28:b3:35:d1:96:2f:42:
4b:f3:f0:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyrzq82wCDOOXIPDfHANQQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjMxMjI3MTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWQzNWRiOGJhZDUzZmRlNTc2MmZmYmY4NDFlMWNiMGVhY2Y5Yjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYe8TBeuz59GRy1m4ukCnlGz2Yq3
1Em140ZVrK4NgyO51UwcNHDONjZ68L26O9RvJEXtj33OhRdbxO620RKdyFT7OuJj
LA0vTdMcuaS4OB1YHHWFfXR9oexVYsPJ8grg7q8TL2nFjRfZ2cp32eJCrVM0/wqF
zGkcwBv2KH9GDNxVEBZJVjANozgS/LviYvhzKZmbZD7vlLoXl1maiyjv8xu3gdb+
4eZLeRLGdDaIj3dNj7bZ/Skr47cwnlHu6aIbFownAZsAOM9gn9+IFGAdQZu5C97H
WA8zlSCRfAvNfjf/NKiqSRRQS7E4FPme3tjODEe/NUMNQRFzs1NynmaPDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO7TXbi61T/eV2L/v4QeHLDqz5uEMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvN3ROZHVMclZQOTVYWXYtX2hCNGNzT3JQbTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkv+8MA0E
AgACMAcDBQMqEciAMA0GCSqGSIb3DQEBCwUAA4IBAQBT+yJ2AbYWgGYI2hCa7I66
ZfeDmchyieZWLPPPnpikjaPDrc/h7LSLk/mtjN/L01zNZJ8X5ZQ/FxXmj55F6L3c
6SMnKWUIrF/maY4EIS3UsQbEPOS4x6T/aSCzY2QqSyWqVKddhbkxozIgsMEfbd2h
iTTUJiMEBWr6DCDrRDCobRn1z315GSh1jx84kcOpUwHjBxUw79A/dYbRNZiZ5nmB
RqscLgo2y9tw8+3Z5PLJiUU4ao1OwdvAF2j1tVSU1RAxJwdaHpWHft00kmrDN8Gc
/67H6sV/vdmtX5Jv6Mu6pn7icVgzm1rqt1ao/TiXPyYNPUJbCSizNdGWL0JL8/AV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:11 2024 by rpki-client on console-fra.rpki-client.org