Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/vOdf2id8bBX02KzGdc8dImXrTQA.roa
File: vOdf2id8bBX02KzGdc8dImXrTQA.roa (raw, json)
Hash identifier: av/U7laJMHuFfRv/fKMugsVXwlEKoMMAPcYH6vDNZPg=
Subject key identifier: BC:E7:5F:DA:27:7C:6C:15:F4:D8:AC:C6:75:CF:1D:22:65:EB:4D:00
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0185734CAD82DB6B724E0E12DA3EB6F089E7
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/vOdf2id8bBX02KzGdc8dImXrTQA.roa
Signing time: Mon 02 Jan 2023 16:24:43 +0000
ROA not before: Mon 02 Jan 2023 16:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12761
IP address blocks: 193.118.162.0/24 maxlen: 24
193.118.164.0/24 maxlen: 24
217.111.164.0/24 maxlen: 24
217.111.166.0/24 maxlen: 24
217.111.165.0/24 maxlen: 24
217.111.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:ad:82:db:6b:72:4e:0e:12:da:3e:b6:f0:89:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 16:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bce75fda277c6c15f4d8acc675cf1d2265eb4d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:56:c7:af:0b:8e:30:8a:f5:74:19:23:22:43:
17:1c:30:54:21:47:d7:ff:6d:bc:ae:02:7d:a4:e2:
d8:19:d6:55:c5:b7:d5:fa:5d:73:69:70:33:7f:d7:
a1:39:b3:96:a3:27:c0:93:83:b6:06:a8:21:9f:03:
44:f6:5b:fc:76:87:27:ce:e8:99:4c:2c:94:a2:29:
bb:2d:f4:69:a4:8a:96:72:80:82:12:38:47:0e:4c:
47:e3:c5:72:0c:fe:6b:49:5a:8d:c5:10:a3:8e:1b:
00:b4:e1:5f:95:8c:f0:b1:06:0f:52:29:db:8b:fc:
bc:d7:e9:52:ba:26:a3:03:36:03:7b:6b:a4:6a:69:
41:ec:39:8c:23:4f:fa:a6:cf:9b:81:ea:49:64:04:
6f:f5:8b:e0:4c:84:12:d5:c1:98:bb:5f:94:f4:e9:
f4:c3:ff:1f:29:93:04:7b:ad:07:2d:5f:5f:69:71:
ab:f1:6c:e5:c1:94:b7:cd:0d:cf:51:57:7d:06:b8:
f1:45:ae:33:4b:db:af:65:ea:dd:dd:48:3b:36:2e:
83:c6:d3:2e:6c:1c:fd:36:71:42:89:11:3c:7f:5f:
3c:ab:dc:8a:29:ac:aa:31:d7:05:89:f2:9d:9e:65:
12:29:9b:85:d2:3d:b0:1a:a0:2e:18:50:b1:fd:42:
e9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E7:5F:DA:27:7C:6C:15:F4:D8:AC:C6:75:CF:1D:22:65:EB:4D:00
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/vOdf2id8bBX02KzGdc8dImXrTQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.118.162.0/24
193.118.164.0/24
217.111.164.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:0b:59:93:3e:a0:5f:0e:9c:18:5a:b9:16:09:60:91:0f:ca:
d8:a0:86:72:19:90:99:f8:7f:0f:31:e9:5e:31:8c:4d:18:26:
2f:88:58:18:f2:82:ae:58:0e:57:66:70:bf:b4:58:f7:59:88:
20:b8:00:ce:0a:fd:2e:6c:14:ca:8a:e7:ee:00:3e:3e:72:88:
51:ce:05:02:62:61:83:28:93:03:2d:d6:96:14:7b:3a:c1:1a:
c9:80:b7:c1:20:f4:9b:75:3e:72:84:49:ea:ea:74:2a:3a:05:
df:93:41:5a:37:a3:71:6d:7f:f4:94:40:38:e6:89:56:93:d4:
02:b0:e2:67:c3:52:8d:e9:ca:1b:f4:17:12:a1:ea:d0:7e:0a:
eb:37:42:71:81:9a:67:c1:9e:2f:1f:da:26:cf:2e:8c:b8:9c:
8f:35:dc:84:29:18:9d:06:24:4c:9f:82:b9:3b:32:30:c9:f3:
9a:9f:db:8b:a9:d6:e7:98:76:f5:45:8a:64:57:3b:b1:fa:4c:
7f:82:04:32:a2:b0:28:7c:28:58:aa:b5:73:18:18:6b:94:36:
70:2d:c9:2a:ae:d4:d8:bd:fa:d9:b9:ca:18:31:86:19:85:4f:
72:fa:a6:8d:c1:3f:f5:2a:4b:da:87:d0:bb:d6:d3:db:7d:aa:
05:8e:52:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzTK2C22tyTg4S2j628InnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U3NWZkYTI3N2M2YzE1ZjRkOGFjYzY3NWNmMWQyMjY1ZWI0ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VbHrwuOMIr1dBkjIkMXHDBUIUfX
/228rgJ9pOLYGdZVxbfV+l1zaXAzf9ehObOWoyfAk4O2BqghnwNE9lv8docnzuiZ
TCyUoim7LfRppIqWcoCCEjhHDkxH48VyDP5rSVqNxRCjjhsAtOFflYzwsQYPUinb
i/y81+lSuiajAzYDe2ukamlB7DmMI0/6ps+bgepJZARv9YvgTIQS1cGYu1+U9On0
w/8fKZMEe60HLV9faXGr8WzlwZS3zQ3PUVd9BrjxRa4zS9uvZerd3Ug7Ni6DxtMu
bBz9NnFCiRE8f188q9yKKayqMdcFifKdnmUSKZuF0j2wGqAuGFCx/ULpBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLznX9onfGwV9NisxnXPHSJl600AMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvdk9kZjJpZDhiQlgwMkt6R2RjOGRJbVhyVFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXaiAwQA
wXakAwQC2W+kMA0GCSqGSIb3DQEBCwUAA4IBAQC1C1mTPqBfDpwYWrkWCWCRD8rY
oIZyGZCZ+H8PMeleMYxNGCYviFgY8oKuWA5XZnC/tFj3WYgguADOCv0ubBTKiufu
AD4+cohRzgUCYmGDKJMDLdaWFHs6wRrJgLfBIPSbdT5yhEnq6nQqOgXfk0FaN6Nx
bX/0lEA45olWk9QCsOJnw1KN6cob9BcSoerQfgrrN0JxgZpnwZ4vH9omzy6MuJyP
NdyEKRidBiRMn4K5OzIwyfOan9uLqdbnmHb1RYpkVzux+kx/ggQyorAofChYqrVz
GBhrlDZwLckqrtTYvfrZucoYMYYZhU9y+qaNwT/1Kkvah9C71tPbfaoFjlIA
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:30 2024 by rpki-client on console-fra.rpki-client.org