Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sC5iT6cbJn7BbAIe1vVq5Y8iLCA.roa
File: sC5iT6cbJn7BbAIe1vVq5Y8iLCA.roa (raw, json)
Hash identifier: 1UUyqgmyqh1/HX4mZQhlNbKQA1R2UPC4//Ro7YZ+OD8=
Subject key identifier: B0:2E:62:4F:A7:1B:26:7E:C1:6C:02:1E:D6:F5:6A:E5:8F:22:2C:20
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A197A1445629F68A053C50D224F5AC6EA
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sC5iT6cbJn7BbAIe1vVq5Y8iLCA.roa
Signing time: Mon 21 Aug 2023 19:02:25 +0000
ROA not before: Mon 21 Aug 2023 19:02:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206654
IP address blocks: 194.213.10.0/24 maxlen: 24
45.88.124.0/22 maxlen: 22
2a0f:fa00::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:19:7a:14:45:62:9f:68:a0:53:c5:0d:22:4f:5a:c6:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 21 19:02:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b02e624fa71b267ec16c021ed6f56ae58f222c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3d:38:ab:cd:0a:15:be:16:50:22:f4:87:6e:
a5:25:e9:49:00:c8:4c:60:6f:25:29:e5:8a:78:a0:
a3:14:9f:74:a1:1e:74:0f:94:18:c2:2d:a6:72:7a:
56:14:28:6b:bf:88:2e:af:d7:d2:0c:95:6d:3f:a7:
a9:15:9a:71:6e:b6:9d:eb:d2:6e:95:43:25:b3:60:
86:6a:28:46:52:b9:0c:ad:cb:e7:46:0a:cb:07:46:
f0:92:cc:dc:f9:fe:8d:51:70:ec:fd:2d:bf:94:bc:
85:ce:a0:88:84:0c:11:8b:fb:3a:a1:dd:71:11:ba:
bc:10:f9:53:dc:02:c7:7d:86:27:b7:f9:9f:80:e4:
6a:0f:29:f6:19:cc:1d:2a:39:d6:2e:a3:ac:42:c8:
09:23:f7:ab:4f:e8:e4:d6:77:4d:d1:09:6c:09:7f:
48:91:7d:e3:58:ba:50:0e:68:ef:41:5f:10:2a:e0:
fa:9a:e2:08:2a:3b:70:1a:78:12:9f:19:f9:72:17:
2b:1f:79:fa:71:e4:d0:3d:a1:e1:3f:60:30:6d:ef:
f4:98:8b:89:af:71:84:36:6a:cc:79:2a:62:0c:f0:
6c:6a:3d:56:5a:35:f5:37:b4:c1:db:47:d7:0a:99:
5f:44:a8:62:ff:c8:57:76:e8:f8:95:3f:db:08:50:
8f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:2E:62:4F:A7:1B:26:7E:C1:6C:02:1E:D6:F5:6A:E5:8F:22:2C:20
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sC5iT6cbJn7BbAIe1vVq5Y8iLCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.124.0/22
194.213.10.0/24
IPv6:
2a0f:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
21:2b:19:10:26:e4:75:07:84:21:10:44:e8:89:46:a3:3a:fe:
c7:ef:71:90:71:fe:aa:81:2e:8a:30:bf:5a:42:7f:c2:53:f7:
da:b0:75:0a:09:6e:c8:6b:d1:10:d8:f2:0d:db:dd:20:31:35:
72:d4:47:1b:4b:6a:2c:d2:70:7f:89:80:72:87:58:ed:64:d5:
10:b3:43:2e:b7:94:95:d8:dd:65:66:ac:36:d8:b1:d7:67:c1:
1f:66:04:05:15:8a:96:2f:7b:27:bf:8f:32:88:1f:8c:09:ed:
88:c5:12:a0:a3:4a:1b:0d:ed:a9:6d:b4:5c:17:26:87:2d:c6:
f5:78:49:09:1f:2a:5d:a7:65:b8:ca:67:d0:4d:83:ce:1c:b8:
fa:de:f0:f8:87:83:eb:52:52:95:2c:53:2e:70:51:14:8b:9f:
5e:6f:f7:f9:00:a3:6f:f0:63:b4:2f:06:f4:39:21:bc:04:a4:
2d:ce:47:61:4d:c5:b9:eb:93:c4:27:1e:99:89:51:ef:de:8c:
33:bc:7e:42:03:25:e5:d5:6a:e9:59:fa:5d:d4:cd:9b:4c:8d:
f3:67:a3:48:65:fb:94:ba:1c:32:f1:2a:38:71:3e:9b:7a:e4:
83:5c:85:49:12:07:2f:11:61:2e:1e:31:e9:fa:06:cd:de:af:
35:cb:33:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYoZehRFYp9ooFPFDSJPWsbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODIxMTkwMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDJlNjI0ZmE3MWIyNjdlYzE2YzAyMWVkNmY1NmFlNThmMjIyYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD04q80KFb4WUCL0h26lJelJAMhM
YG8lKeWKeKCjFJ90oR50D5QYwi2mcnpWFChrv4gur9fSDJVtP6epFZpxbrad69Ju
lUMls2CGaihGUrkMrcvnRgrLB0bwkszc+f6NUXDs/S2/lLyFzqCIhAwRi/s6od1x
Ebq8EPlT3ALHfYYnt/mfgORqDyn2GcwdKjnWLqOsQsgJI/erT+jk1ndN0QlsCX9I
kX3jWLpQDmjvQV8QKuD6muIIKjtwGngSnxn5chcrH3n6ceTQPaHhP2Awbe/0mIuJ
r3GENmrMeSpiDPBsaj1WWjX1N7TB20fXCplfRKhi/8hXduj4lT/bCFCPbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLAuYk+nGyZ+wWwCHtb1auWPIiwgMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvc0M1aVQ2Y2JKbjdCYkFJZTF2VnE1WThpTENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVh8AwQA
wtUKMA0EAgACMAcDBQMqD/oAMA0GCSqGSIb3DQEBCwUAA4IBAQAhKxkQJuR1B4Qh
EEToiUajOv7H73GQcf6qgS6KML9aQn/CU/fasHUKCW7Ia9EQ2PIN290gMTVy1Ecb
S2os0nB/iYByh1jtZNUQs0Mut5SV2N1lZqw22LHXZ8EfZgQFFYqWL3snv48yiB+M
Ce2IxRKgo0obDe2pbbRcFyaHLcb1eEkJHypdp2W4ymfQTYPOHLj63vD4h4PrUlKV
LFMucFEUi59eb/f5AKNv8GO0Lwb0OSG8BKQtzkdhTcW565PEJx6ZiVHv3owzvH5C
AyXl1WrpWfpd1M2bTI3zZ6NIZfuUuhwy8So4cT6beuSDXIVJEgcvEWEuHjHp+gbN
3q81yzPp
-----END CERTIFICATE-----
Generated at Wed Dec 27 21:03:44 2023 by rpki-client on console-ams.rpki-client.org