Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/d5sO5fN2dQPRyCxcMfbvfgZ9aOI.roa
File: d5sO5fN2dQPRyCxcMfbvfgZ9aOI.roa (raw, json)
Hash identifier: hmd+Hn6tu0gfsT+LZ8cjZKDM3EhT74g/6POcGxEi5ms=
Subject key identifier: 77:9B:0E:E5:F3:76:75:03:D1:C8:2C:5C:31:F6:EF:7E:06:7D:68:E2
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018A8493C1C128EEBF5E9EEECA963BE61DE9
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/d5sO5fN2dQPRyCxcMfbvfgZ9aOI.roa
Signing time: Mon 11 Sep 2023 14:09:50 +0000
ROA not before: Mon 11 Sep 2023 14:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208022
IP address blocks: 195.93.226.0/24 maxlen: 24
2a11:3786::/32 maxlen: 48
2a11:3784::/32 maxlen: 48
2a11:3782::/32 maxlen: 48
2a11:3780::/32 maxlen: 48
2a0a:281::/32 maxlen: 48
2a11:3783::/32 maxlen: 48
2a11:3785::/32 maxlen: 48
2a12:ef40::/29 maxlen: 48
2a0a:282::/32 maxlen: 48
2a11:3787::/32 maxlen: 48
2a11:3781::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:93:c1:c1:28:ee:bf:5e:9e:ee:ca:96:3b:e6:1d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Sep 11 14:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=779b0ee5f3767503d1c82c5c31f6ef7e067d68e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f1:ff:bf:fe:a0:50:5a:84:8b:b9:da:ad:c7:
99:79:aa:8f:2e:9e:33:38:f3:96:78:c3:44:ba:f2:
2b:70:0c:b1:2b:33:5b:a5:f2:4f:65:28:1c:fa:2a:
88:97:14:29:d2:a9:4f:0c:5b:d1:be:23:d2:60:09:
04:45:59:e9:0f:03:0a:9a:42:86:aa:31:f4:39:8f:
67:95:3f:3f:13:e6:ce:1e:fe:84:90:53:1a:89:d2:
dc:04:d3:09:73:73:3b:c8:2e:e2:0d:08:ba:13:41:
e2:8f:f9:36:42:d3:ce:77:11:24:61:ba:e9:d1:30:
b3:b7:bd:7c:70:7f:dc:a8:2c:ef:45:c1:48:50:4f:
fc:4e:6c:0b:c5:4d:f0:62:5a:7b:95:b4:21:76:32:
9f:f8:7c:cb:bd:1f:b8:5b:66:42:a1:26:6f:7b:42:
ac:2b:91:92:56:14:33:9c:34:96:96:e3:b1:57:02:
7b:1b:f8:9e:37:e6:3f:41:a4:23:38:40:07:b8:cc:
ba:67:63:8b:d7:0e:11:26:1f:cd:c1:fd:28:ac:2a:
75:56:eb:35:ea:e4:b9:54:b1:3b:c8:ca:fe:d6:2f:
44:fb:0d:1c:fb:5b:38:93:4d:e6:00:8d:f8:c8:87:
dd:c9:7e:2b:dd:88:47:fd:ef:bb:12:4d:ee:73:16:
fb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9B:0E:E5:F3:76:75:03:D1:C8:2C:5C:31:F6:EF:7E:06:7D:68:E2
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/d5sO5fN2dQPRyCxcMfbvfgZ9aOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.226.0/24
IPv6:
2a0a:281::-2a0a:282:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3780::/29
2a12:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
61:f6:8a:ef:60:fc:fe:77:f7:8d:46:1b:80:70:60:5f:5a:f4:
36:ea:ce:cb:78:90:dd:a8:71:36:92:63:d7:84:f1:e8:01:24:
05:c0:e4:26:ec:62:e6:ae:74:69:61:f8:c4:49:38:c0:b0:41:
57:86:d4:f5:cd:d0:ae:b5:37:3c:04:d1:e4:f9:aa:19:dc:5d:
40:8f:dd:e3:82:6c:f5:ca:a2:67:83:01:90:40:3c:50:1b:87:
5a:fa:83:e7:2b:c4:3f:f0:6b:ef:22:1c:fb:66:c0:4a:1e:af:
7e:57:f1:b1:61:a7:b9:c1:81:0b:ba:29:37:73:e8:e6:8d:c3:
03:98:85:1c:d8:e2:3e:76:46:32:f5:64:b1:9b:53:c6:12:01:
e2:f1:6f:e2:10:86:02:05:be:c9:48:0e:0e:1b:07:b0:a7:b2:
ec:6f:79:50:7b:da:ed:38:b1:1b:01:3a:d0:8c:e2:75:3b:c0:
32:8f:59:60:89:ed:ac:05:9e:bb:e7:b0:a0:27:8c:1c:e7:bc:
83:e6:0a:6d:4e:ff:cf:39:3c:9a:f0:82:da:cf:b1:88:70:43:
5b:8e:44:ee:17:f6:93:ad:cb:fa:cd:9a:32:ac:a0:5a:99:a0:
36:83:e5:c3:76:d6:dd:ff:6b:21:25:39:0c:18:eb:ee:7d:df:
87:3b:28:65
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYqEk8HBKO6/Xp7uypY75h3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwOTExMTQwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzliMGVlNWYzNzY3NTAzZDFjODJjNWMzMWY2ZWY3ZTA2N2Q2OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfH/v/6gUFqEi7narceZeaqPLp4z
OPOWeMNEuvIrcAyxKzNbpfJPZSgc+iqIlxQp0qlPDFvRviPSYAkERVnpDwMKmkKG
qjH0OY9nlT8/E+bOHv6EkFMaidLcBNMJc3M7yC7iDQi6E0Hij/k2QtPOdxEkYbrp
0TCzt718cH/cqCzvRcFIUE/8TmwLxU3wYlp7lbQhdjKf+HzLvR+4W2ZCoSZve0Ks
K5GSVhQznDSWluOxVwJ7G/ieN+Y/QaQjOEAHuMy6Z2OL1w4RJh/Nwf0orCp1Vus1
6uS5VLE7yMr+1i9E+w0c+1s4k03mAI34yIfdyX4r3YhH/e+7Ek3ucxb7bQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHebDuXzdnUD0cgsXDH2734GfWjiMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvZDVzTzVmTjJkUVBSeUN4Y01mYnZmZ1o5YU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAMBAIAATAGAwQAw13iMCQE
AgACMB4wDgMFACoKAoEDBQAqCgKCAwUDKhE3gAMFAyoS70AwDQYJKoZIhvcNAQEL
BQADggEBAGH2iu9g/P53941GG4BwYF9a9Dbqzst4kN2ocTaSY9eE8egBJAXA5Cbs
YuaudGlh+MRJOMCwQVeG1PXN0K61NzwE0eT5qhncXUCP3eOCbPXKomeDAZBAPFAb
h1r6g+crxD/wa+8iHPtmwEoer35X8bFhp7nBgQu6KTdz6OaNwwOYhRzY4j52RjL1
ZLGbU8YSAeLxb+IQhgIFvslIDg4bB7CnsuxveVB72u04sRsBOtCM4nU7wDKPWWCJ
7awFnrvnsKAnjBznvIPmCm1O/885PJrwgtrPsYhwQ1uORO4X9pOty/rNmjKsoFqZ
oDaD5cN21t3/ayElOQwY6+5934c7KGU=
-----END CERTIFICATE-----
Generated at Wed Dec 6 08:18:15 2023 by rpki-client on console-ams.rpki-client.org