Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/7oiCuTwUKxl8ze3xVoNB4ebgtuo.roa
File: 7oiCuTwUKxl8ze3xVoNB4ebgtuo.roa (raw, json)
Hash identifier: /klsx50w0GtwnrdSfSF1iqIjl3mNWE7IhpIMULuN7Ro=
Subject key identifier: EE:88:82:B9:3C:14:2B:19:7C:CD:ED:F1:56:83:41:E1:E6:E0:B6:EA
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018710864310C8261C53664E0BED701BDAD1
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/7oiCuTwUKxl8ze3xVoNB4ebgtuo.roa
Signing time: Thu 23 Mar 2023 22:10:47 +0000
ROA not before: Thu 23 Mar 2023 22:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 178.20.28.0/22 maxlen: 24
88.218.47.0/24 maxlen: 24
88.218.45.0/24 maxlen: 24
83.97.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Mar 2023 22:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:86:43:10:c8:26:1c:53:66:4e:0b:ed:70:1b:da:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 23 22:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee8882b93c142b197ccdedf1568341e1e6e0b6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f2:bf:45:22:6b:b6:ae:68:8e:d0:8f:3b:2a:
32:cc:7a:a7:26:f1:4e:05:4e:a5:f9:c0:50:aa:e4:
5f:f3:9c:3a:d3:be:29:83:8d:7e:28:09:fb:ec:6f:
c4:d6:3e:60:12:af:5a:17:4f:b9:a0:9d:18:23:c3:
c9:43:c5:f3:92:9e:9e:01:33:f8:f4:a4:91:36:f5:
d0:7d:30:da:a1:5a:df:b7:81:25:5f:0d:85:a3:5e:
39:73:e8:8f:64:9f:76:35:c4:77:64:3c:2a:77:e5:
2d:3c:b4:fc:8a:1b:40:aa:44:9a:ef:39:0c:04:52:
a2:8e:e6:d2:ac:cf:83:98:20:64:f5:91:7c:4c:62:
36:16:97:db:36:6a:93:a1:66:c1:15:84:dc:cb:aa:
26:cc:41:db:c4:4c:3c:3d:20:3a:d9:89:34:5b:c7:
b4:ef:f0:4a:f4:69:57:50:0f:ee:e4:ce:66:85:51:
64:2e:ce:f2:d1:fe:57:3d:9f:4a:0b:fe:e6:13:85:
bd:13:2a:a7:cd:23:b1:48:07:58:ca:af:bb:9f:0d:
72:08:1b:3c:15:96:93:6b:18:31:5b:70:49:2c:77:
3a:b9:e8:dd:cc:52:62:c1:2f:94:82:51:e6:db:05:
56:b9:25:d6:0d:a1:cc:ab:64:47:33:8c:a8:7e:e2:
2c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:88:82:B9:3C:14:2B:19:7C:CD:ED:F1:56:83:41:E1:E6:E0:B6:EA
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/7oiCuTwUKxl8ze3xVoNB4ebgtuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
178.20.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:eb:37:82:53:03:e4:e8:d6:85:bd:c6:32:56:55:f5:dc:ff:
48:a0:2d:de:dd:33:38:54:63:35:37:67:ad:10:0d:cb:f0:23:
a7:69:bf:a6:80:12:69:cf:69:57:51:a6:72:d6:c9:0a:b2:1a:
1e:06:90:db:2c:a0:8f:c7:e8:c7:b0:da:5e:af:a2:49:74:9c:
0a:4b:9b:0b:a4:30:a4:51:13:f1:7a:a0:9a:5d:39:89:31:9c:
a4:36:32:f6:ae:c5:17:9e:fd:65:c6:67:0b:11:5d:e9:ac:44:
81:1a:30:33:f9:97:e0:73:d4:af:58:2d:c2:1f:a5:3f:83:79:
6b:6b:95:b0:44:25:20:67:f3:0f:1f:c4:7a:c6:95:f0:57:9b:
ee:82:b8:e0:f6:08:78:fc:a0:ab:11:44:05:56:b7:4a:9c:c5:
47:bb:17:59:22:31:1c:1c:8b:75:d0:4d:40:8e:34:42:b2:4f:
d0:39:3a:b9:02:14:9c:43:3a:36:26:c1:5e:84:ca:4c:1c:a6:
0b:f3:ae:19:ba:48:8f:00:c1:8d:68:a9:f2:a8:86:c3:57:a2:
2d:cf:5e:a6:f8:11:34:dc:96:75:c9:d4:19:4b:0b:43:01:b4:
cf:9a:fe:65:04:e5:54:a9:20:21:64:00:9d:b5:0c:9e:87:f4:
02:39:8a:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcQhkMQyCYcU2ZOC+1wG9rRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMjIxMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg4ODJiOTNjMTQyYjE5N2NjZGVkZjE1NjgzNDFlMWU2ZTBiNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvK/RSJrtq5ojtCPOyoyzHqnJvFO
BU6l+cBQquRf85w6074pg41+KAn77G/E1j5gEq9aF0+5oJ0YI8PJQ8Xzkp6eATP4
9KSRNvXQfTDaoVrft4ElXw2Fo145c+iPZJ92NcR3ZDwqd+UtPLT8ihtAqkSa7zkM
BFKijubSrM+DmCBk9ZF8TGI2FpfbNmqToWbBFYTcy6omzEHbxEw8PSA62Yk0W8e0
7/BK9GlXUA/u5M5mhVFkLs7y0f5XPZ9KC/7mE4W9EyqnzSOxSAdYyq+7nw1yCBs8
FZaTaxgxW3BJLHc6uejdzFJiwS+UglHm2wVWuSXWDaHMq2RHM4yofuIsSwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO6Igrk8FCsZfM3t8VaDQeHm4LbqMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvN29pQ3VUd1VLeGw4emUzeFZvTkI0ZWJndHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU2F0AwQA
WNotAwQAWNovAwQCshQcMA0GCSqGSIb3DQEBCwUAA4IBAQBb6zeCUwPk6NaFvcYy
VlX13P9IoC3e3TM4VGM1N2etEA3L8COnab+mgBJpz2lXUaZy1skKshoeBpDbLKCP
x+jHsNper6JJdJwKS5sLpDCkURPxeqCaXTmJMZykNjL2rsUXnv1lxmcLEV3prESB
GjAz+Zfgc9SvWC3CH6U/g3lra5WwRCUgZ/MPH8R6xpXwV5vugrjg9gh4/KCrEUQF
VrdKnMVHuxdZIjEcHIt10E1AjjRCsk/QOTq5AhScQzo2JsFehMpMHKYL864ZukiP
AMGNaKnyqIbDV6Itz16m+BE03JZ1ydQZSwtDAbTPmv5lBOVUqSAhZACdtQyeh/QC
OYrF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org