Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8Ee1mUMcygjBMzcEsbOPtS_om28.roa
File: 8Ee1mUMcygjBMzcEsbOPtS_om28.roa (raw, json)
Hash identifier: 9SaUTp3lW8u9aK+pB96CDrRpAc/U/Zo5BBgAuV+ofq8=
Subject key identifier: F0:47:B5:99:43:1C:CA:08:C1:33:37:04:B1:B3:8F:B5:2F:E8:9B:6F
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018843131795921A27456498DDE96B574137
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8Ee1mUMcygjBMzcEsbOPtS_om28.roa
Signing time: Mon 22 May 2023 10:48:24 +0000
ROA not before: Mon 22 May 2023 10:48:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43350
IP address blocks: 151.236.14.0/24 maxlen: 24
151.236.28.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
2a03:f87:abce::/48 maxlen: 48
2a03:f87:abcd::/48 maxlen: 48
2a03:f87:fcba::/48 maxlen: 48
2a03:f87:dcba::/48 maxlen: 48
2a03:f87:ecba::/48 maxlen: 48
2a03:f87:abcf::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:13:17:95:92:1a:27:45:64:98:dd:e9:6b:57:41:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: May 22 10:48:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f047b599431cca08c1333704b1b38fb52fe89b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:34:00:9d:46:cd:ba:08:b4:79:be:ee:67:56:
1f:97:8d:73:54:09:4f:22:93:80:2f:7b:36:9e:1c:
c1:73:5e:4d:86:34:62:bb:9b:70:a4:8c:64:b1:18:
c2:57:7e:65:44:3c:c8:5e:fe:a1:2c:2e:d3:2c:11:
4d:93:5b:86:a3:b1:27:09:e9:9e:ed:77:87:13:e6:
8d:8f:7b:63:b2:06:a2:bd:9b:33:51:a5:62:87:d1:
e5:1b:67:e1:cf:f1:ef:41:67:96:91:72:5b:ab:8a:
38:d7:ec:a3:0c:e9:ea:9e:ba:c0:ec:a0:56:6c:2f:
c4:7b:41:9a:a4:78:46:43:4b:2f:ea:fa:5a:e9:86:
9d:ee:89:cc:e6:25:19:18:3b:27:12:8e:06:ef:c4:
81:d1:f7:1d:16:b6:c0:c9:13:5c:7e:71:ff:22:6d:
df:d1:e4:85:9d:b8:d7:4b:8f:59:06:dd:18:cb:d2:
15:ea:c9:d2:9e:b4:df:ac:6e:d4:1c:a7:9e:ef:be:
ea:b7:17:fd:ef:4b:05:a5:87:3f:68:ed:01:6e:b9:
7f:f3:89:80:da:10:7b:64:ed:d2:7b:91:7a:0a:bb:
70:74:fd:c7:a5:0e:81:ae:0a:3b:4a:58:60:bf:fa:
f3:30:c4:c1:8d:3e:40:ed:8b:74:ba:e7:6c:90:11:
96:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:47:B5:99:43:1C:CA:08:C1:33:37:04:B1:B3:8F:B5:2F:E8:9B:6F
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8Ee1mUMcygjBMzcEsbOPtS_om28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.236.14.0/24
151.236.28.0/24
185.26.238.0/24
IPv6:
2a03:f87:abcd::-2a03:f87:abcf:ffff:ffff:ffff:ffff:ffff
2a03:f87:dcba::/48
2a03:f87:ecba::/48
2a03:f87:fcba::/48
Signature Algorithm: sha256WithRSAEncryption
78:0a:a1:7b:c4:58:b8:d7:65:12:b2:95:86:0e:9b:c5:66:be:
22:d8:04:7a:54:f0:b7:5b:63:ba:0c:dd:41:6d:06:38:f2:bb:
8f:39:47:0a:15:a8:76:e0:46:06:7b:d2:fc:d5:1d:24:dc:99:
ce:0b:ea:53:f5:ed:4c:cc:7a:49:62:85:b9:d7:cf:92:f6:90:
39:06:97:1f:95:87:e9:59:2e:85:d8:41:00:1e:3e:ae:94:4b:
f0:85:5f:1f:e4:59:ba:53:f8:11:30:29:84:bb:60:bb:bc:3e:
cc:50:09:bd:ff:2d:fc:62:5c:99:ec:4f:e9:2c:12:04:c7:68:
28:24:8e:c4:9a:6c:40:51:a2:d9:02:e6:e3:cf:9c:b8:da:be:
f8:14:4d:c1:fa:2a:0c:9c:63:56:30:69:06:23:ac:c5:bf:b6:
3b:d8:7f:7c:c0:52:6c:a0:d6:e9:f8:35:67:ed:62:f3:ac:e7:
a3:f9:36:70:fa:87:e3:cd:d1:b5:9b:a5:84:0a:0a:cc:76:f2:
7d:2a:b0:8e:c1:5a:5e:ac:67:b4:b9:27:34:4e:8b:84:db:19:
79:e5:0d:64:74:6a:3e:68:27:00:97:e4:34:52:8b:c0:1a:c6:
9c:a4:38:7e:80:ec:aa:36:f0:9e:95:92:f6:bc:d2:be:f2:d5:
24:87:4a:9e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYhDExeVkhonRWSY3elrV0E3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwNTIyMTA0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ3YjU5OTQzMWNjYTA4YzEzMzM3MDRiMWIzOGZiNTJmZTg5YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzQAnUbNugi0eb7uZ1Yfl41zVAlP
IpOAL3s2nhzBc15NhjRiu5twpIxksRjCV35lRDzIXv6hLC7TLBFNk1uGo7EnCeme
7XeHE+aNj3tjsgaivZszUaVih9HlG2fhz/HvQWeWkXJbq4o41+yjDOnqnrrA7KBW
bC/Ee0GapHhGQ0sv6vpa6Yad7onM5iUZGDsnEo4G78SB0fcdFrbAyRNcfnH/Im3f
0eSFnbjXS49ZBt0Yy9IV6snSnrTfrG7UHKee777qtxf970sFpYc/aO0Bbrl/84mA
2hB7ZO3Se5F6CrtwdP3HpQ6Brgo7Slhgv/rzMMTBjT5A7Yt0uudskBGWtwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPBHtZlDHMoIwTM3BLGzj7Uv6JtvMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvOEVlMW1VTWN5Z2pCTXpjRXNiT1B0U19vbTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAYBAIAATASAwQAl+wOAwQA
l+wcAwQAuRruMDUEAgACMC8wEgMHACoDD4erzQMHBCoDD4erwAMHACoDD4fcugMH
ACoDD4fsugMHACoDD4f8ujANBgkqhkiG9w0BAQsFAAOCAQEAeAqhe8RYuNdlErKV
hg6bxWa+ItgEelTwt1tjugzdQW0GOPK7jzlHChWoduBGBnvS/NUdJNyZzgvqU/Xt
TMx6SWKFudfPkvaQOQaXH5WH6VkuhdhBAB4+rpRL8IVfH+RZulP4ETAphLtgu7w+
zFAJvf8t/GJcmexP6SwSBMdoKCSOxJpsQFGi2QLm48+cuNq++BRNwfoqDJxjVjBp
BiOsxb+2O9h/fMBSbKDW6fg1Z+1i86zno/k2cPqH483RtZulhAoKzHbyfSqwjsFa
XqxntLknNE6LhNsZeeUNZHRqPmgnAJfkNFKLwBrGnKQ4foDsqjbwnpWS9rzSvvLV
JIdKng==
-----END CERTIFICATE-----
Generated at Wed Dec 27 10:26:01 2023 by rpki-client on console-ams.rpki-client.org