Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/7OvqtCLTBoDCXyhz2MnhEKtg1cI.roa
File: 7OvqtCLTBoDCXyhz2MnhEKtg1cI.roa (raw, json)
Hash identifier: yF80osMgb4iEdHUm2hHWSF2Au7loq72+UkxFpzpdrRA=
Subject key identifier: EC:EB:EA:B4:22:D3:06:80:C2:5F:28:73:D8:C9:E1:10:AB:60:D5:C2
Certificate issuer: /CN=c0142e5d5cfaa452166bc7b55a65558f524d6751
Certificate serial: 01856EC237F40F2725624DEA8BE6BF233F1D
Authority key identifier: C0:14:2E:5D:5C:FA:A4:52:16:6B:C7:B5:5A:65:55:8F:52:4D:67:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/7OvqtCLTBoDCXyhz2MnhEKtg1cI.roa
Signing time: Sun 01 Jan 2023 19:15:00 +0000
ROA not before: Sun 01 Jan 2023 19:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198454
IP address blocks: 128.0.52.0/24 maxlen: 24
5.154.187.0/24 maxlen: 24
185.33.132.0/22 maxlen: 24
31.211.184.0/21 maxlen: 24
188.208.100.0/24 maxlen: 24
94.24.38.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Mar 2023 12:35:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:37:f4:0f:27:25:62:4d:ea:8b:e6:bf:23:3f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0142e5d5cfaa452166bc7b55a65558f524d6751
Validity
Not Before: Jan 1 19:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecebeab422d30680c25f2873d8c9e110ab60d5c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9d:2f:6b:78:ec:f0:7d:13:64:99:0b:00:26:
d1:8f:09:c7:c6:76:f2:cb:83:41:14:e2:3f:d3:05:
95:bf:e6:1b:3c:a7:9b:07:f0:7d:a7:60:fe:54:00:
92:98:c9:f1:c3:c7:ac:38:60:89:01:bd:6a:a5:03:
32:b8:59:ce:16:5a:31:6d:44:e2:9f:62:eb:91:58:
87:99:0d:e1:04:3a:30:93:a5:5e:36:52:34:2a:e6:
32:20:f6:b5:ed:f2:b0:cd:08:fa:89:df:65:17:fb:
e1:c2:61:5e:92:b1:3f:23:1d:fc:c3:d5:e1:0c:2a:
1e:e7:df:40:08:62:8b:1f:ab:47:27:9f:13:45:8a:
0f:01:15:b7:a3:0d:e9:da:0a:84:94:bd:32:25:ac:
2d:a4:65:bd:83:73:f0:a5:44:61:4c:0c:58:3d:07:
40:3c:df:ae:e0:0e:50:5c:56:91:75:44:c9:90:fd:
2b:1c:fe:e9:97:12:36:7f:c5:e8:0b:14:55:ac:14:
96:2a:ad:33:74:15:91:cf:bb:a6:7e:b9:47:46:71:
8d:c4:32:ba:3f:79:65:40:e5:ab:83:79:06:69:d5:
e1:5b:9d:7e:f1:7a:95:10:09:3e:11:87:24:4d:c1:
a5:5f:a1:bb:eb:81:4e:bf:d5:da:91:97:93:bb:f6:
b8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:EB:EA:B4:22:D3:06:80:C2:5F:28:73:D8:C9:E1:10:AB:60:D5:C2
X509v3 Authority Key Identifier:
keyid:C0:14:2E:5D:5C:FA:A4:52:16:6B:C7:B5:5A:65:55:8F:52:4D:67:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/7OvqtCLTBoDCXyhz2MnhEKtg1cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.187.0/24
31.211.184.0/21
94.24.38.0/23
128.0.52.0/24
185.33.132.0/22
188.208.100.0/24
Signature Algorithm: sha256WithRSAEncryption
28:5e:51:c1:89:be:77:55:3a:60:d3:05:66:15:e2:24:a6:0c:
24:d3:29:c2:3d:c5:ed:8f:36:b2:8b:2a:7c:28:e6:4f:8a:ff:
57:4b:89:38:1d:39:d1:10:96:06:f4:98:c2:53:b6:47:38:8e:
d0:d5:16:6a:82:0d:d1:ba:d6:a1:b0:18:a6:4f:c7:c3:02:4c:
5a:1d:da:46:fa:ac:1c:21:f2:94:7c:a9:00:f9:b6:2f:c4:4b:
ef:43:08:4d:bb:12:af:27:73:eb:93:e5:b3:3f:df:d8:21:f8:
db:08:09:83:26:8d:4d:68:3b:03:21:71:20:a6:55:f9:9a:b4:
f2:a2:00:48:23:7a:89:5b:a7:b1:6e:73:93:c9:87:a4:fc:d2:
72:75:e3:7b:a3:5c:2b:a6:60:5e:c8:21:d5:c7:f0:62:e6:4e:
ae:97:84:90:e4:39:11:d9:2e:29:a0:5f:e4:51:40:ac:9a:4c:
66:0a:3f:d9:ce:70:42:58:b7:9f:e1:ca:0c:8e:69:d1:9e:ed:
0b:6e:25:5c:9b:b7:d2:b7:0b:50:98:42:eb:76:b0:6a:e6:96:
f6:cb:f0:cd:0d:a8:c0:d4:8d:df:c9:a8:f9:50:0a:5d:f9:ea:
8f:9b:3e:fd:b1:cc:f2:fb:29:ea:02:a9:bb:83:d2:7f:23:9c:
89:72:22:11
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVuwjf0DyclYk3qi+a/Iz8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTQyZTVkNWNmYWE0NTIxNjZiYzdiNTVhNjU1NThmNTI0
ZDY3NTEwHhcNMjMwMTAxMTkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2ViZWFiNDIyZDMwNjgwYzI1ZjI4NzNkOGM5ZTExMGFiNjBkNWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh50va3js8H0TZJkLACbRjwnHxnby
y4NBFOI/0wWVv+YbPKebB/B9p2D+VACSmMnxw8esOGCJAb1qpQMyuFnOFloxbUTi
n2LrkViHmQ3hBDowk6VeNlI0KuYyIPa17fKwzQj6id9lF/vhwmFekrE/Ix38w9Xh
DCoe599ACGKLH6tHJ58TRYoPARW3ow3p2gqElL0yJawtpGW9g3PwpURhTAxYPQdA
PN+u4A5QXFaRdUTJkP0rHP7plxI2f8XoCxRVrBSWKq0zdBWRz7umfrlHRnGNxDK6
P3llQOWrg3kGadXhW51+8XqVEAk+EYckTcGlX6G764FOv9XakZeTu/a4/QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOzr6rQi0waAwl8oc9jJ4RCrYNXCMB8GA1UdIwQY
MBaAFMAULl1c+qRSFmvHtVplVY9STWdRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0JRdVhWejZwRklXYThlMVdtVlZqMUpOWjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iN2YxZGEtNDY3YS00MzYyLThiMmUt
MTk3MGRlODRhMWYwLzEvN092cXRDTFRCb0RDWHloejJNbmhFS3RnMWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iN2YxZGEtNDY3YS00MzYyLThiMmUtMTk3MGRlODRhMWYw
LzEvd0JRdVhWejZwRklXYThlMVdtVlZqMUpOWjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABZq7AwQD
H9O4AwQBXhgmAwQAgAA0AwQCuSGEAwQAvNBkMA0GCSqGSIb3DQEBCwUAA4IBAQAo
XlHBib53VTpg0wVmFeIkpgwk0ynCPcXtjzayiyp8KOZPiv9XS4k4HTnREJYG9JjC
U7ZHOI7Q1RZqgg3RutahsBimT8fDAkxaHdpG+qwcIfKUfKkA+bYvxEvvQwhNuxKv
J3Prk+WzP9/YIfjbCAmDJo1NaDsDIXEgplX5mrTyogBII3qJW6exbnOTyYek/NJy
deN7o1wrpmBeyCHVx/Bi5k6ul4SQ5DkR2S4poF/kUUCsmkxmCj/ZznBCWLef4coM
jmnRnu0LbiVcm7fStwtQmELrdrBq5pb2y/DNDajA1I3fyaj5UApd+eqPmz79sczy
+ynqAqm7g9J/I5yJciIR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org