Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7uPjee6o5ZCM2BVNfJq_JK9cVDQ.roa
File: 7uPjee6o5ZCM2BVNfJq_JK9cVDQ.roa (raw, json)
Hash identifier: Y8oiepTof4yurzM6qBGo9JFdAmkTT+S+1AMRfUL5vy0=
Subject key identifier: EE:E3:E3:79:EE:A8:E5:90:8C:D8:15:4D:7C:9A:BF:24:AF:5C:54:34
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018B95D5C362C58FAB2CE816B72A9E4A76B4
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7uPjee6o5ZCM2BVNfJq_JK9cVDQ.roa
Signing time: Fri 03 Nov 2023 15:38:16 +0000
ROA not before: Fri 03 Nov 2023 15:38:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198636
IP address blocks: 194.50.188.0/23 maxlen: 24
45.150.44.0/22 maxlen: 24
171.22.52.0/22 maxlen: 24
2.57.152.0/22 maxlen: 24
2.59.204.0/22 maxlen: 24
45.88.124.0/22 maxlen: 24
195.216.156.0/22 maxlen: 24
194.50.184.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:d5:c3:62:c5:8f:ab:2c:e8:16:b7:2a:9e:4a:76:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 3 15:38:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eee3e379eea8e5908cd8154d7c9abf24af5c5434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c8:f2:78:e3:a9:2d:a9:f9:d9:80:e5:c5:6b:
2a:13:c7:f4:e8:ca:0b:2f:75:17:d5:0b:5c:50:6d:
9b:3a:07:9d:02:5c:09:52:9f:5c:82:1e:14:9c:69:
b1:96:b7:37:b8:65:ce:e2:21:11:1f:fa:1b:d3:72:
24:f8:d8:c6:9a:f8:ed:14:ee:62:01:9e:9f:9b:c7:
ad:a6:0f:3a:b5:41:0e:bc:b2:3c:da:1d:7b:32:21:
dd:03:67:51:3e:a6:bc:83:bb:bc:51:98:c5:38:82:
b6:5e:16:46:96:fc:b1:58:5e:97:2a:a8:7a:6f:63:
a4:c2:db:52:69:a5:8b:aa:14:a0:f8:c7:df:1a:2c:
f1:b5:ac:16:a4:f3:27:57:5f:2c:e0:f4:fb:4c:65:
b8:89:5c:4e:49:ba:17:9a:da:31:2d:13:f1:c8:0e:
b4:cf:fd:77:20:14:05:b6:2a:4e:70:1d:ae:76:0c:
00:ef:81:ef:8c:58:b3:cf:62:bc:3a:7a:13:ff:11:
f4:a0:ff:0f:22:05:0a:ac:50:e7:b5:6b:39:0f:6b:
59:b0:19:01:b1:a8:03:37:4f:84:21:e4:c7:cf:17:
b2:e8:10:b5:48:f0:cd:6f:ca:6d:9d:25:a7:d2:3c:
05:d3:da:9b:d6:11:23:d5:24:22:d9:15:9d:d3:85:
75:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:E3:E3:79:EE:A8:E5:90:8C:D8:15:4D:7C:9A:BF:24:AF:5C:54:34
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/7uPjee6o5ZCM2BVNfJq_JK9cVDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.152.0/22
2.59.204.0/22
45.88.124.0/22
45.150.44.0/22
171.22.52.0/22
194.50.184.0/23
194.50.188.0/23
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
30:5a:95:6f:93:ec:3e:f9:e8:39:de:f7:1f:5c:0b:23:2e:5d:
47:dc:9d:b9:d8:ce:d7:cd:97:5c:a0:59:3f:de:2b:dc:24:aa:
e1:4f:02:85:be:2d:03:1a:b4:8c:4d:4b:0e:42:b9:8c:2c:67:
e5:db:df:f5:64:2d:8e:cd:5d:7d:cd:d1:6d:39:11:33:99:41:
28:12:07:14:b3:cb:fa:00:c0:6b:9e:c7:04:9c:7d:77:3e:d9:
11:54:69:8d:4f:7b:d8:7d:82:85:c7:00:b1:7c:db:a2:2a:81:
ed:ab:fe:0b:e7:30:ac:28:03:85:37:15:47:5d:cf:62:05:50:
34:ca:7d:0c:53:72:82:34:83:7c:fc:7e:f5:be:85:53:63:ae:
ca:aa:b8:5a:de:a7:08:b6:80:8a:9d:51:88:24:8d:ab:59:da:
e2:cd:b8:ab:39:31:84:b0:dc:b9:e2:28:18:be:fe:13:29:3c:
8c:4d:60:64:2e:ed:49:4f:84:f5:ff:e4:03:ad:c9:f5:9d:97:
33:60:d5:ff:83:fc:a8:0d:4b:c9:51:21:f0:31:8d:48:e2:3f:
9d:e4:d2:7c:52:43:a3:00:2e:99:66:c1:4b:67:91:6d:9b:02:
23:1f:cb:ba:0a:a9:b7:84:2d:3a:0e:5f:38:41:14:39:5c:dd:
92:e6:2f:d7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYuV1cNixY+rLOgWtyqeSna0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTAzMTUzODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWUzZTM3OWVlYThlNTkwOGNkODE1NGQ3YzlhYmYyNGFmNWM1NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsjyeOOpLan52YDlxWsqE8f06MoL
L3UX1QtcUG2bOgedAlwJUp9cgh4UnGmxlrc3uGXO4iERH/ob03Ik+NjGmvjtFO5i
AZ6fm8etpg86tUEOvLI82h17MiHdA2dRPqa8g7u8UZjFOIK2XhZGlvyxWF6XKqh6
b2OkwttSaaWLqhSg+MffGizxtawWpPMnV18s4PT7TGW4iVxOSboXmtoxLRPxyA60
z/13IBQFtipOcB2udgwA74HvjFizz2K8OnoT/xH0oP8PIgUKrFDntWs5D2tZsBkB
sagDN0+EIeTHzxey6BC1SPDNb8ptnSWn0jwF09qb1hEj1SQi2RWd04V1lwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFO7j43nuqOWQjNgVTXyavySvXFQ0MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvN3VQamVlNm81WkNNMkJWTmZKcV9KSzljVkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCAjmYAwQC
AjvMAwQCLVh8AwQCLZYsAwQCqxY0AwQBwjK4AwQBwjK8AwQCw9icMA0GCSqGSIb3
DQEBCwUAA4IBAQAwWpVvk+w++eg53vcfXAsjLl1H3J252M7XzZdcoFk/3ivcJKrh
TwKFvi0DGrSMTUsOQrmMLGfl29/1ZC2OzV19zdFtOREzmUEoEgcUs8v6AMBrnscE
nH13PtkRVGmNT3vYfYKFxwCxfNuiKoHtq/4L5zCsKAOFNxVHXc9iBVA0yn0MU3KC
NIN8/H71voVTY67Kqrha3qcItoCKnVGIJI2rWdrizbirOTGEsNy54igYvv4TKTyM
TWBkLu1JT4T1/+QDrcn1nZczYNX/g/yoDUvJUSHwMY1I4j+d5NJ8UkOjAC6ZZsFL
Z5FtmwIjH8u6Cqm3hC06Dl84QRQ5XN2S5i/X
-----END CERTIFICATE-----
Generated at Wed Nov 8 18:02:35 2023 by rpki-client on console-ams.rpki-client.org