Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/5ErG-7wyuOjVJpAd010owIogy24.roa
File: 5ErG-7wyuOjVJpAd010owIogy24.roa (raw, json)
Hash identifier: bzcLQvtKdSalkM0PAJ+nhorvvca68/TmhWmadpEIkhQ=
Subject key identifier: E4:4A:C6:FB:BC:32:B8:E8:D5:26:90:1D:D3:5D:28:C0:8A:20:CB:6E
Certificate issuer: /CN=ed95533ef47fd94b8c554df3d228eedcd4ca0384
Certificate serial: 018571F117C085C88D5F810EE0587B3F9852
Authority key identifier: ED:95:53:3E:F4:7F:D9:4B:8C:55:4D:F3:D2:28:EE:DC:D4:CA:03:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/5ErG-7wyuOjVJpAd010owIogy24.roa
Signing time: Mon 02 Jan 2023 10:05:03 +0000
ROA not before: Mon 02 Jan 2023 10:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 286
IP address blocks: 193.17.185.0/24 maxlen: 24
193.17.186.0/24 maxlen: 24
195.234.152.0/24 maxlen: 24
2001:67c:1514::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:17:c0:85:c8:8d:5f:81:0e:e0:58:7b:3f:98:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed95533ef47fd94b8c554df3d228eedcd4ca0384
Validity
Not Before: Jan 2 10:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e44ac6fbbc32b8e8d526901dd35d28c08a20cb6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fb:39:45:b1:71:65:47:70:18:bd:92:14:44:
0b:51:49:77:ec:a2:61:17:0f:d5:9c:fe:74:81:8a:
f7:09:96:cc:d7:59:73:cd:b2:6e:b5:fd:e4:bb:50:
d2:25:ee:30:8e:49:96:65:83:8f:9b:bd:dd:e7:96:
a9:f3:53:1e:5c:67:81:74:17:83:90:85:77:82:d1:
69:8a:97:3e:63:c7:10:8e:06:62:a9:f9:f4:d6:51:
6c:0b:b7:96:86:c5:63:25:30:10:61:b0:76:e1:e3:
df:68:b4:ac:8a:cf:bf:fc:65:63:05:07:d8:66:42:
40:91:2b:39:94:3c:f0:84:32:83:4b:4d:fe:07:cc:
4f:f5:df:2c:0c:cf:80:59:97:c7:1f:d4:1b:8b:da:
d1:9a:ff:5b:36:09:ec:3a:f2:91:b1:98:18:59:89:
65:51:45:07:4a:30:d1:92:0a:85:9a:be:6a:51:0f:
b6:be:84:37:4a:10:7d:4e:d3:a1:a4:e2:15:10:bc:
24:04:c2:95:20:a0:ae:65:37:50:58:a8:bf:c4:c6:
07:98:6d:8a:ac:65:f9:e0:ad:7c:28:a1:3a:b7:fc:
2e:a6:fc:b8:56:01:5b:20:1b:f3:33:91:8b:f0:5a:
bb:14:65:a7:21:be:5c:e0:60:fe:89:be:e1:dd:a4:
9b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:4A:C6:FB:BC:32:B8:E8:D5:26:90:1D:D3:5D:28:C0:8A:20:CB:6E
X509v3 Authority Key Identifier:
keyid:ED:95:53:3E:F4:7F:D9:4B:8C:55:4D:F3:D2:28:EE:DC:D4:CA:03:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/5ErG-7wyuOjVJpAd010owIogy24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.185.0-193.17.186.255
195.234.152.0/24
IPv6:
2001:67c:1514::/48
Signature Algorithm: sha256WithRSAEncryption
57:d6:6e:c2:87:24:bf:7e:32:38:5d:38:d4:08:88:6a:f3:ed:
20:8b:d2:8e:95:c7:8d:e0:6c:21:08:9a:ca:cc:1f:6d:76:06:
e8:a8:4e:cd:02:67:65:5c:04:fb:b1:5a:46:1e:a6:c2:67:ad:
82:b1:53:f0:0f:fe:2c:78:46:ea:e1:b9:c3:60:12:b4:85:e7:
7a:b2:30:6f:af:2e:cb:55:96:3e:dc:c6:ec:00:75:19:62:43:
b5:0f:65:ec:0c:0a:0e:97:36:25:98:88:13:5a:28:4c:26:3f:
c9:45:a3:2d:02:67:7f:e4:d1:28:0c:13:e8:57:12:f9:d9:da:
9e:fb:9a:df:4f:26:f8:11:6b:78:16:75:cd:b3:0b:ec:03:db:
4a:ce:2a:87:23:cf:a2:31:e6:ce:f9:1c:a5:70:14:d4:a5:b1:
3e:c4:ef:4e:e5:7b:c2:83:51:c8:92:cc:7c:de:8a:79:1d:99:
a6:fa:27:ec:1f:04:f2:c0:e1:0c:c9:6d:f5:0f:62:6c:62:ba:
a6:3b:cb:f3:a1:40:54:7d:61:dd:23:6d:d5:cf:db:55:ad:e1:
34:73:bb:c6:70:07:fe:91:b6:94:82:16:1a:91:39:36:fb:65:
7a:d9:9c:d6:37:ff:65:d7:81:9d:fa:ef:be:9a:f7:cc:7d:f3:
e7:31:22:d4
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVx8RfAhciNX4EO4Fh7P5hSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkOTU1MzNlZjQ3ZmQ5NGI4YzU1NGRmM2QyMjhlZWRjZDRj
YTAzODQwHhcNMjMwMTAyMTAwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDRhYzZmYmJjMzJiOGU4ZDUyNjkwMWRkMzVkMjhjMDhhMjBjYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfs5RbFxZUdwGL2SFEQLUUl37KJh
Fw/VnP50gYr3CZbM11lzzbJutf3ku1DSJe4wjkmWZYOPm73d55ap81MeXGeBdBeD
kIV3gtFpipc+Y8cQjgZiqfn01lFsC7eWhsVjJTAQYbB24ePfaLSsis+//GVjBQfY
ZkJAkSs5lDzwhDKDS03+B8xP9d8sDM+AWZfHH9Qbi9rRmv9bNgnsOvKRsZgYWYll
UUUHSjDRkgqFmr5qUQ+2voQ3ShB9TtOhpOIVELwkBMKVIKCuZTdQWKi/xMYHmG2K
rGX54K18KKE6t/wupvy4VgFbIBvzM5GL8Fq7FGWnIb5c4GD+ib7h3aSbEQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFORKxvu8Mrjo1SaQHdNdKMCKIMtuMB8GA1UdIwQY
MBaAFO2VUz70f9lLjFVN89Io7tzUygOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1pWVFB2Ul8yVXVNVlUzejBpanUzTlRLQTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83YTA0MjMtOWE5NS00MmMxLTgxZTUt
MTRkYTc5ZDZjM2FhLzEvNUVyRy03d3l1T2pWSnBBZDAxMG93SW9neTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83YTA0MjMtOWE5NS00MmMxLTgxZTUtMTRkYTc5ZDZjM2Fh
LzEvN1pWVFB2Ul8yVXVNVlUzejBpanUzTlRLQTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBADBEbkD
BADBEboDBADD6pgwDwQCAAIwCQMHACABBnwVFDANBgkqhkiG9w0BAQsFAAOCAQEA
V9Zuwockv34yOF041AiIavPtIIvSjpXHjeBsIQiayswfbXYG6KhOzQJnZVwE+7Fa
Rh6mwmetgrFT8A/+LHhG6uG5w2AStIXnerIwb68uy1WWPtzG7AB1GWJDtQ9l7AwK
Dpc2JZiIE1ooTCY/yUWjLQJnf+TRKAwT6FcS+dnanvua308m+BFreBZ1zbML7APb
Ss4qhyPPojHmzvkcpXAU1KWxPsTvTuV7woNRyJLMfN6KeR2Zpvon7B8E8sDhDMlt
9Q9ibGK6pjvL86FAVH1h3SNt1c/bVa3hNHO7xnAH/pG2lIIWGpE5Nvtletmc1jf/
ZdeBnfrvvpr3zH3z5zEi1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:46 2024 by rpki-client on console-fra.rpki-client.org