Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/J-emwXGBwY4kpmfFeDMvALbDzzk.roa
File: J-emwXGBwY4kpmfFeDMvALbDzzk.roa (raw, json)
Hash identifier: 5p0uDx/rqkSYGxn4O4RaNg340IMrVLKo1ux/FeWe8Mo=
Subject key identifier: 27:E7:A6:C1:71:81:C1:8E:24:A6:67:C5:78:33:2F:00:B6:C3:CF:39
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018988591740413C19C65B3B825D52F1A10D
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/J-emwXGBwY4kpmfFeDMvALbDzzk.roa
Signing time: Mon 24 Jul 2023 14:41:27 +0000
ROA not before: Mon 24 Jul 2023 14:41:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 22
188.209.140.0/22 maxlen: 24
45.65.112.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:59:17:40:41:3c:19:c6:5b:3b:82:5d:52:f1:a1:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jul 24 14:41:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27e7a6c17181c18e24a667c578332f00b6c3cf39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:28:d0:c9:1e:90:86:22:06:66:45:f6:4e:58:
fc:45:73:a8:c0:46:a8:bb:c7:ac:fd:4c:61:18:44:
da:2d:69:16:1a:01:b9:8f:5e:35:12:c1:71:12:62:
8b:07:79:f6:ca:b8:7e:3d:2d:af:dd:a4:d2:84:4d:
61:a6:8b:fd:80:58:1d:8f:95:7a:dc:0e:f3:7c:b7:
ff:3c:18:a5:83:a6:ce:8d:55:68:db:99:1f:69:83:
b3:01:29:65:04:4f:7a:a5:8f:16:ba:59:d0:f1:b7:
f6:af:7b:bd:9a:58:19:fa:b9:ec:74:b8:fa:11:cc:
91:45:57:18:d7:2a:0e:b1:38:9e:a1:ae:aa:bd:10:
df:35:41:f0:7b:3e:7e:e4:13:f2:24:41:c7:3f:9d:
c7:4a:b0:64:98:c1:eb:4d:67:64:b2:44:c0:06:aa:
7f:0d:42:99:50:1e:b4:56:1c:f7:0e:65:22:5a:33:
d9:5b:34:69:54:d2:f3:29:89:9b:f2:76:b5:c7:6c:
cb:b8:97:8f:09:67:e9:fd:98:93:dd:08:2d:31:54:
bf:8c:71:ee:9d:5d:1c:27:e2:48:69:37:36:9e:1f:
5c:9f:58:25:4e:b1:05:6b:9c:98:76:5b:07:c2:36:
74:35:af:7c:04:7f:15:61:7b:f4:f3:4e:1e:44:a4:
a1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E7:A6:C1:71:81:C1:8E:24:A6:67:C5:78:33:2F:00:B6:C3:CF:39
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/J-emwXGBwY4kpmfFeDMvALbDzzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.112.0/24
188.209.128.0/22
188.209.140.0/22
Signature Algorithm: sha256WithRSAEncryption
19:85:ca:67:df:7e:dc:f2:2c:0e:6f:bc:8f:cd:5b:d1:d5:e8:
47:6b:55:f7:f3:03:a4:02:8d:17:b7:6f:2d:a1:0f:e3:13:70:
a4:23:05:cd:35:26:ba:8f:8f:8c:df:02:61:47:db:22:60:60:
70:4b:f1:b1:76:4e:15:06:c5:16:50:58:de:e3:7f:04:a3:40:
cb:19:0c:dd:52:99:fc:8d:1e:70:50:3b:29:38:ad:a7:de:e7:
6f:64:59:79:23:7a:41:3c:dd:56:db:55:94:05:f8:f0:4c:fb:
75:cf:fd:d7:3a:aa:c4:5c:37:aa:a4:f6:dc:e0:3f:41:57:e5:
31:b6:6c:ed:ef:20:9c:aa:41:8b:28:9d:6a:44:0f:5a:0b:dd:
c1:f6:6b:0c:82:cc:a8:fb:a8:fb:01:b4:ae:c5:ac:15:f0:cd:
c9:5b:43:4c:04:4f:78:f9:77:b7:d7:c4:44:5f:60:49:59:0c:
f1:c0:9f:08:ce:6a:2f:b6:17:75:e4:04:7d:0e:00:32:d2:1a:
22:c1:03:66:16:c1:24:b9:c2:62:f7:e8:5d:46:b2:31:6f:15:
f2:ca:ca:64:aa:4b:0e:c5:ae:5e:51:3f:a0:19:79:fd:94:b6:
e0:54:e7:7c:c4:da:01:8a:a8:e4:0b:44:73:a6:e1:77:f5:c7:
68:75:f4:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmIWRdAQTwZxls7gl1S8aENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNzI0MTQ0MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2U3YTZjMTcxODFjMThlMjRhNjY3YzU3ODMzMmYwMGI2YzNjZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyjQyR6QhiIGZkX2Tlj8RXOowEao
u8es/UxhGETaLWkWGgG5j141EsFxEmKLB3n2yrh+PS2v3aTShE1hpov9gFgdj5V6
3A7zfLf/PBilg6bOjVVo25kfaYOzASllBE96pY8WulnQ8bf2r3u9mlgZ+rnsdLj6
EcyRRVcY1yoOsTieoa6qvRDfNUHwez5+5BPyJEHHP53HSrBkmMHrTWdkskTABqp/
DUKZUB60Vhz3DmUiWjPZWzRpVNLzKYmb8na1x2zLuJePCWfp/ZiT3QgtMVS/jHHu
nV0cJ+JIaTc2nh9cn1glTrEFa5yYdlsHwjZ0Na98BH8VYXv0804eRKShnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCfnpsFxgcGOJKZnxXgzLwC2w885MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvSi1lbXdYR0J3WTRrcG1mRmVETXZBTGJEenprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUFwAwQC
vNGAAwQCvNGMMA0GCSqGSIb3DQEBCwUAA4IBAQAZhcpn337c8iwOb7yPzVvR1ehH
a1X38wOkAo0Xt28toQ/jE3CkIwXNNSa6j4+M3wJhR9siYGBwS/Gxdk4VBsUWUFje
438Eo0DLGQzdUpn8jR5wUDspOK2n3udvZFl5I3pBPN1W21WUBfjwTPt1z/3XOqrE
XDeqpPbc4D9BV+Uxtmzt7yCcqkGLKJ1qRA9aC93B9msMgsyo+6j7AbSuxawV8M3J
W0NMBE94+Xe318REX2BJWQzxwJ8Izmovthd15AR9DgAy0hoiwQNmFsEkucJi9+hd
RrIxbxXyyspkqksOxa5eUT+gGXn9lLbgVOd8xNoBiqjkC0RzpuF39cdodfR5
-----END CERTIFICATE-----
Generated at Thu Aug 3 12:25:27 2023 by rpki-client on console-fra.rpki-client.org