Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/1p5yELyRYCKCma03MK6b9cS-Dck.roa
File: 1p5yELyRYCKCma03MK6b9cS-Dck.roa (raw, json)
Hash identifier: Y4M4+FGFsLsbgfz3USl3rvwRu/Ldu+kL81jLRjvyU5I=
Subject key identifier: D6:9E:72:10:BC:91:60:22:82:99:AD:37:30:AE:9B:F5:C4:BE:0D:C9
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018CC07C4338D23344C7552B08A16245D6DD
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/1p5yELyRYCKCma03MK6b9cS-Dck.roa
Signing time: Sun 31 Dec 2023 15:26:58 +0000
ROA not before: Sun 31 Dec 2023 15:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56884
IP address blocks: 194.26.223.0/24 maxlen: 24
84.246.111.0/24 maxlen: 24
91.247.178.0/24 maxlen: 24
213.232.252.0/24 maxlen: 24
178.23.188.0/24 maxlen: 24
2a13:e400::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c0:7c:43:38:d2:33:44:c7:55:2b:08:a1:62:45:d6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Dec 31 15:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d69e7210bc9160228299ad3730ae9bf5c4be0dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d7:23:db:d6:eb:1d:78:88:d4:31:b5:57:12:
70:83:d1:f1:0a:c5:a3:2e:aa:ff:00:2c:e1:16:29:
73:99:8d:c4:d0:11:d1:b4:7a:98:eb:95:2a:a5:76:
dd:82:a4:c5:27:a5:83:f7:eb:95:7d:43:a2:a5:6e:
78:ab:d9:ae:70:b1:1f:cb:c8:55:62:70:3f:5f:65:
30:d5:d4:b3:e1:98:89:3b:56:00:8c:ba:a5:c2:fd:
cc:8e:c9:db:54:77:32:fd:07:0e:eb:7b:21:54:96:
b5:95:b7:91:6a:72:cf:5e:e2:be:a3:81:ed:a9:6b:
2f:b2:35:2d:82:bb:f5:0c:16:9d:8e:c6:49:87:32:
58:2e:9e:21:07:af:a6:64:e6:00:e3:46:7e:c0:21:
10:be:f1:d0:a7:64:65:2e:4f:9d:72:1b:fb:a9:f5:
55:a0:d5:ab:3b:4e:91:31:db:88:00:7b:be:41:b3:
2b:88:ff:48:c4:43:74:a4:74:af:7f:a8:2d:69:56:
8d:32:5e:ee:d0:1c:1f:22:c0:f1:67:23:27:1b:67:
76:1e:32:21:d4:ab:5c:e7:af:d8:83:49:a5:ee:08:
e5:0f:0a:f7:8b:eb:a1:17:fd:dd:e3:19:26:87:65:
bf:9b:f5:8f:9f:04:15:73:73:84:f3:da:f0:50:b7:
04:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9E:72:10:BC:91:60:22:82:99:AD:37:30:AE:9B:F5:C4:BE:0D:C9
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/1p5yELyRYCKCma03MK6b9cS-Dck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.111.0/24
91.247.178.0/24
178.23.188.0/24
194.26.223.0/24
213.232.252.0/24
IPv6:
2a13:e400::/29
Signature Algorithm: sha256WithRSAEncryption
6c:72:a9:3a:6d:14:75:95:e5:e9:db:09:fa:4d:bc:ab:1d:f2:
56:20:34:22:44:22:0a:73:df:c3:1c:d6:c1:17:7d:ae:b2:f8:
20:79:76:32:46:95:77:b4:f8:f4:80:d9:c2:a5:24:61:c8:72:
c8:83:08:3a:ab:bc:c1:33:9f:e2:55:a2:1c:32:4d:43:79:aa:
81:ba:92:89:71:2d:27:87:a3:4f:69:8c:c5:2f:26:1c:32:a1:
21:8f:d0:ac:51:3a:fb:04:04:1e:ed:6a:d0:87:88:be:df:24:
60:af:07:f8:a5:3d:22:e5:68:d7:8e:f9:c3:4d:44:07:82:84:
e6:89:6c:38:15:12:8c:eb:27:d9:55:cd:a4:dd:90:02:23:97:
7e:18:c7:ac:77:8c:f4:66:e3:a1:24:87:32:e2:3a:20:48:bf:
e3:f7:cb:b2:d3:42:dd:ae:ca:6a:e4:8e:a1:d3:67:33:5a:25:
72:e8:1c:7e:a4:1f:12:bf:ea:7d:ee:56:b1:3f:a7:ef:0f:69:
0e:b6:b9:36:5d:67:b9:6c:e7:b9:fb:3c:af:7e:f3:bb:39:d8:
0b:36:41:79:dc:25:d8:50:60:0b:4f:4e:4e:f8:a3:fa:b8:81:
ce:4c:40:78:99:37:d8:f3:a7:cb:90:28:a4:3d:5f:99:99:7d:
8a:b9:29:ec
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzAfEM40jNEx1UrCKFiRdbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMxMjMxMTUyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjllNzIxMGJjOTE2MDIyODI5OWFkMzczMGFlOWJmNWM0YmUwZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ncj29brHXiI1DG1VxJwg9HxCsWj
Lqr/ACzhFilzmY3E0BHRtHqY65UqpXbdgqTFJ6WD9+uVfUOipW54q9mucLEfy8hV
YnA/X2Uw1dSz4ZiJO1YAjLqlwv3MjsnbVHcy/QcO63shVJa1lbeRanLPXuK+o4Ht
qWsvsjUtgrv1DBadjsZJhzJYLp4hB6+mZOYA40Z+wCEQvvHQp2RlLk+dchv7qfVV
oNWrO06RMduIAHu+QbMriP9IxEN0pHSvf6gtaVaNMl7u0BwfIsDxZyMnG2d2HjIh
1Ktc56/Yg0ml7gjlDwr3i+uhF/3d4xkmh2W/m/WPnwQVc3OE89rwULcEeQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNaechC8kWAigpmtNzCum/XEvg3JMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvMXA1eUVMeVJZQ0tDbWEwM01LNmI5Y1MtRGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAVPZvAwQA
W/eyAwQAshe8AwQAwhrfAwQA1ej8MA0EAgACMAcDBQMqE+QAMA0GCSqGSIb3DQEB
CwUAA4IBAQBscqk6bRR1leXp2wn6TbyrHfJWIDQiRCIKc9/DHNbBF32usvggeXYy
RpV3tPj0gNnCpSRhyHLIgwg6q7zBM5/iVaIcMk1DeaqBupKJcS0nh6NPaYzFLyYc
MqEhj9CsUTr7BAQe7WrQh4i+3yRgrwf4pT0i5WjXjvnDTUQHgoTmiWw4FRKM6yfZ
Vc2k3ZACI5d+GMesd4z0ZuOhJIcy4jogSL/j98uy00Ldrspq5I6h02czWiVy6Bx+
pB8Sv+p97laxP6fvD2kOtrk2XWe5bOe5+zyvfvO7OdgLNkF53CXYUGALT05O+KP6
uIHOTEB4mTfY86fLkCikPV+ZmX2KuSns
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org