Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/_l1K2Ue72hStw9p2EI94_hDlBtE.roa
File: _l1K2Ue72hStw9p2EI94_hDlBtE.roa (raw, json)
Hash identifier: 4SQ1O4d+UCA+VxPIZfymu44Ni5Q2HjMksn3hNTbyeCg=
Subject key identifier: FE:5D:4A:D9:47:BB:DA:14:AD:C3:DA:76:10:8F:78:FE:10:E5:06:D1
Certificate issuer: /CN=52056867e4d2885e99b549ed6fb786330adf8f44
Certificate serial: 01856C65C1C5DC82AEC30B220169F817D69B
Authority key identifier: 52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/_l1K2Ue72hStw9p2EI94_hDlBtE.roa
Signing time: Sun 01 Jan 2023 08:14:45 +0000
ROA not before: Sun 01 Jan 2023 08:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 195.93.178.0/23 maxlen: 24
178.239.128.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:c1:c5:dc:82:ae:c3:0b:22:01:69:f8:17:d6:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52056867e4d2885e99b549ed6fb786330adf8f44
Validity
Not Before: Jan 1 08:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe5d4ad947bbda14adc3da76108f78fe10e506d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0f:9a:ef:b0:77:09:99:9c:b7:7f:54:66:56:
87:56:5c:97:df:14:f5:37:95:0c:91:8f:0f:a6:69:
d6:5e:5e:13:b1:17:6d:37:e7:aa:f1:d4:55:fb:ad:
37:98:95:39:40:4a:aa:7c:0c:e8:0f:9c:2f:7d:22:
d0:fa:ed:e3:a1:52:8c:b8:b9:a6:bd:0b:38:5a:12:
40:80:de:e7:87:5f:06:5c:24:9a:76:2f:e1:3e:3b:
f2:ef:70:2a:e7:ec:e6:08:57:24:84:2e:00:de:ee:
22:7f:14:a3:e5:ff:fd:62:a9:03:b9:d9:b3:b7:14:
86:91:13:55:8c:71:0e:40:f4:87:9e:fa:a2:90:9f:
b0:dd:bf:52:5b:bb:9c:33:3b:40:05:8a:a4:6b:36:
ef:6e:e8:86:0f:0a:51:84:ac:ad:3a:36:9a:bf:85:
c1:b4:fc:06:40:db:c1:ff:73:35:06:d8:06:26:29:
50:33:85:85:f6:87:c9:86:96:99:ee:38:3b:f7:8a:
d0:16:14:de:9e:4e:8d:4a:aa:46:d7:3d:50:64:53:
2a:7e:63:df:74:64:1b:9c:8f:3a:99:ba:78:04:0c:
ec:7b:b9:8f:a8:16:57:cf:ff:8b:ca:cf:d9:df:3f:
0c:63:4b:0d:85:50:67:65:8c:52:ac:66:63:fc:10:
2c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5D:4A:D9:47:BB:DA:14:AD:C3:DA:76:10:8F:78:FE:10:E5:06:D1
X509v3 Authority Key Identifier:
keyid:52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/_l1K2Ue72hStw9p2EI94_hDlBtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.128.0/20
195.93.178.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:45:92:1b:83:7f:7c:23:1d:89:c8:e6:a6:29:b8:b2:3d:71:
09:c5:81:02:ec:cd:8c:b6:e9:66:62:ff:55:3c:98:ed:5e:53:
43:90:60:c9:dd:4d:5e:52:4e:0f:8c:2b:0c:5a:b4:1d:aa:b6:
6e:77:83:f6:34:22:c2:3d:64:60:c2:98:17:f1:8e:7b:51:8b:
9e:50:75:6b:80:f1:b6:66:b7:a0:f1:d6:5a:85:fb:64:00:87:
3a:12:87:49:39:bf:3e:90:48:21:76:5d:05:46:c4:ad:d1:08:
b3:a3:e8:0f:7e:21:67:1f:b3:64:25:07:f3:05:1d:d3:e6:b8:
60:bb:5a:5e:79:98:12:11:f1:ac:d6:23:26:01:a6:a9:39:6b:
5b:5e:ab:47:d5:ef:ad:34:23:27:38:fd:dc:6a:6b:ac:04:49:
fc:2c:2e:d5:bd:d5:3b:c8:98:08:70:36:9f:04:aa:af:54:98:
5c:f3:07:46:79:96:cd:22:e6:1e:1a:7a:0a:27:b1:0d:90:9b:
4c:aa:ae:cf:24:2a:cb:b7:e0:75:02:91:ff:30:07:e4:18:14:
72:1b:4e:92:05:ee:9e:43:db:b3:c4:6f:41:df:73:3b:7f:12:
89:6c:30:85:a2:b7:48:03:28:04:d1:9b:96:d0:51:e3:8f:64:
3f:16:e8:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsZcHF3IKuwwsiAWn4F9abMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDU2ODY3ZTRkMjg4NWU5OWI1NDllZDZmYjc4NjMzMGFk
ZjhmNDQwHhcNMjMwMTAxMDgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTVkNGFkOTQ3YmJkYTE0YWRjM2RhNzYxMDhmNzhmZTEwZTUwNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ+a77B3CZmct39UZlaHVlyX3xT1
N5UMkY8PpmnWXl4TsRdtN+eq8dRV+603mJU5QEqqfAzoD5wvfSLQ+u3joVKMuLmm
vQs4WhJAgN7nh18GXCSadi/hPjvy73Aq5+zmCFckhC4A3u4ifxSj5f/9YqkDudmz
txSGkRNVjHEOQPSHnvqikJ+w3b9SW7ucMztABYqkazbvbuiGDwpRhKytOjaav4XB
tPwGQNvB/3M1BtgGJilQM4WF9ofJhpaZ7jg794rQFhTenk6NSqpG1z1QZFMqfmPf
dGQbnI86mbp4BAzse7mPqBZXz/+Lys/Z3z8MY0sNhVBnZYxSrGZj/BAstQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP5dStlHu9oUrcPadhCPeP4Q5QbRMB8GA1UdIwQY
MBaAFFIFaGfk0ohembVJ7W+3hjMK349EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdWb1otVFNpRjZadFVudGI3ZUdNd3JmajBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iMjdkNDUtMDhjYy00N2ExLWFjNWEt
NWY0ODM2MDgzYTMwLzEvX2wxSzJVZTcyaFN0dzlwMkVJOTRfaERsQnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iMjdkNDUtMDhjYy00N2ExLWFjNWEtNWY0ODM2MDgzYTMw
LzEvVWdWb1otVFNpRjZadFVudGI3ZUdNd3JmajBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsu+AAwQB
w12yMA0GCSqGSIb3DQEBCwUAA4IBAQCuRZIbg398Ix2JyOamKbiyPXEJxYEC7M2M
tulmYv9VPJjtXlNDkGDJ3U1eUk4PjCsMWrQdqrZud4P2NCLCPWRgwpgX8Y57UYue
UHVrgPG2Zreg8dZahftkAIc6EodJOb8+kEghdl0FRsSt0Qizo+gPfiFnH7NkJQfz
BR3T5rhgu1peeZgSEfGs1iMmAaapOWtbXqtH1e+tNCMnOP3camusBEn8LC7VvdU7
yJgIcDafBKqvVJhc8wdGeZbNIuYeGnoKJ7ENkJtMqq7PJCrLt+B1ApH/MAfkGBRy
G06SBe6eQ9uzxG9B33M7fxKJbDCFordIAygE0ZuW0FHjj2Q/Fuhf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:27 2024 by rpki-client on console-fra.rpki-client.org