Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/D4e0XryIoaFPjKJ9IaaT_mECGNQ.roa
File: D4e0XryIoaFPjKJ9IaaT_mECGNQ.roa (raw, json)
Hash identifier: ySKR+F18abTNJK/LMxspyDrgnM3jIY9ppF9JKtwqEVc=
Subject key identifier: 0F:87:B4:5E:BC:88:A1:A1:4F:8C:A2:7D:21:A6:93:FE:61:02:18:D4
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018B802A944D9EC0D761F82BDF14ED40BE73
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/D4e0XryIoaFPjKJ9IaaT_mECGNQ.roa
Signing time: Mon 30 Oct 2023 10:39:15 +0000
ROA not before: Mon 30 Oct 2023 10:39:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 195.242.241.0/24 maxlen: 24
93.114.62.0/24 maxlen: 24
89.46.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:2a:94:4d:9e:c0:d7:61:f8:2b:df:14:ed:40:be:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Oct 30 10:39:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f87b45ebc88a1a14f8ca27d21a693fe610218d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:94:c7:81:a7:06:f1:be:32:30:9e:e4:f2:d5:
d8:fa:b9:8a:78:88:14:52:62:d7:72:74:8d:e0:71:
0e:d2:90:9b:2b:f1:41:33:bb:b9:e8:51:c4:5a:e6:
58:58:b9:53:f4:56:a0:39:80:91:1b:9f:51:32:2e:
a1:d6:04:7a:0b:42:42:5c:9f:f0:88:99:68:17:5d:
27:1a:0e:01:90:7a:31:2f:d4:d6:e6:83:b0:07:99:
55:94:50:9d:93:e7:2d:e3:9c:9e:7c:5c:60:5a:d6:
ce:61:c1:71:6d:4b:a3:88:07:99:df:7f:a7:ca:ec:
c7:1e:77:58:86:f2:33:c5:8a:29:11:fb:a1:9d:0e:
5e:5e:2b:22:ff:6e:59:33:cc:74:e2:e5:92:41:ea:
1a:be:18:1b:b1:c6:25:ab:75:0f:b7:a1:7c:0f:4b:
97:3a:b6:25:84:0c:4b:b9:4c:37:4c:ef:a6:49:c8:
b8:8a:d9:36:f5:38:5a:04:d3:fb:98:80:75:c6:2f:
a6:94:b7:4d:5d:cd:47:3a:e3:9b:c4:0b:d8:4e:9a:
02:c8:3d:66:e0:33:19:a8:23:39:3b:1a:2e:ab:1b:
6a:77:4a:a7:b8:fb:2e:f4:d1:0d:4b:76:04:0c:3a:
56:25:18:a3:ff:52:65:d0:27:30:11:41:8d:b3:5b:
dc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:87:B4:5E:BC:88:A1:A1:4F:8C:A2:7D:21:A6:93:FE:61:02:18:D4
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/D4e0XryIoaFPjKJ9IaaT_mECGNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.10.0/24
93.114.62.0/24
195.242.241.0/24
Signature Algorithm: sha256WithRSAEncryption
57:7e:53:93:24:9a:97:38:7a:70:50:a8:46:e2:5c:e7:5f:e6:
ea:4a:3c:80:99:07:65:7c:57:11:6e:8a:8d:28:c2:c0:44:e1:
8d:76:23:77:bd:39:0c:48:a1:e0:b9:5e:17:4a:30:85:4f:17:
fa:88:29:8c:40:37:ce:0f:67:fd:fb:d7:73:89:eb:60:92:ac:
0a:2f:37:c6:15:13:62:83:50:c2:ef:1d:68:73:7a:9e:a3:13:
44:23:7d:b3:2f:a1:2d:31:e5:0c:93:8f:77:83:62:c3:8a:84:
43:32:9e:2c:b9:78:11:0e:b3:93:b5:70:a5:85:b9:91:ee:e9:
43:ad:a6:31:24:7a:59:46:3f:5b:51:7d:10:66:a8:a4:1e:b3:
04:8b:6d:be:f7:9c:d0:a6:45:b5:5d:0c:fc:28:69:95:66:e1:
89:63:3e:f9:b3:61:95:32:9b:5d:ec:c9:3c:0c:5c:a8:f9:4f:
92:36:17:36:d8:14:2e:2f:ac:d7:a1:9a:ff:af:5b:66:34:51:
29:3c:d3:c4:d8:a5:26:d8:d7:60:a5:34:58:b8:af:0b:11:d5:
dc:0f:18:a9:23:4a:91:e2:bc:5b:e8:e7:4e:d2:46:d4:b7:89:
e4:44:34:44:e1:38:14:1d:34:dd:47:17:6e:44:1e:f1:2e:af:
78:76:77:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuAKpRNnsDXYfgr3xTtQL5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMDMwMTAzOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjg3YjQ1ZWJjODhhMWExNGY4Y2EyN2QyMWE2OTNmZTYxMDIxOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJTHgacG8b4yMJ7k8tXY+rmKeIgU
UmLXcnSN4HEO0pCbK/FBM7u56FHEWuZYWLlT9FagOYCRG59RMi6h1gR6C0JCXJ/w
iJloF10nGg4BkHoxL9TW5oOwB5lVlFCdk+ct45yefFxgWtbOYcFxbUujiAeZ33+n
yuzHHndYhvIzxYopEfuhnQ5eXisi/25ZM8x04uWSQeoavhgbscYlq3UPt6F8D0uX
OrYlhAxLuUw3TO+mSci4itk29ThaBNP7mIB1xi+mlLdNXc1HOuObxAvYTpoCyD1m
4DMZqCM5Oxouqxtqd0qnuPsu9NENS3YEDDpWJRij/1Jl0CcwEUGNs1vc7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA+HtF68iKGhT4yifSGmk/5hAhjUMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvRDRlMFhyeUlvYUZQaktKOUlhYVRfbUVDR05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWS4KAwQA
XXI+AwQAw/LxMA0GCSqGSIb3DQEBCwUAA4IBAQBXflOTJJqXOHpwUKhG4lznX+bq
SjyAmQdlfFcRboqNKMLAROGNdiN3vTkMSKHguV4XSjCFTxf6iCmMQDfOD2f9+9dz
ietgkqwKLzfGFRNig1DC7x1oc3qeoxNEI32zL6EtMeUMk493g2LDioRDMp4suXgR
DrOTtXClhbmR7ulDraYxJHpZRj9bUX0QZqikHrMEi22+95zQpkW1XQz8KGmVZuGJ
Yz75s2GVMptd7Mk8DFyo+U+SNhc22BQuL6zXoZr/r1tmNFEpPNPE2KUm2NdgpTRY
uK8LEdXcDxipI0qR4rxb6OdO0kbUt4nkRDRE4TgUHTTdRxduRB7xLq94dnel
-----END CERTIFICATE-----
Generated at Fri Nov 3 10:34:44 2023 by rpki-client on console-ams.rpki-client.org