Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/emKgj66KCjkb22N5H9n64eFZqWE.roa
File: emKgj66KCjkb22N5H9n64eFZqWE.roa (raw, json)
Hash identifier: 9tGbK2vHEx08Nxi2I3ptUKG671ctJDKZjON5tO+QhOQ=
Subject key identifier: 7A:62:A0:8F:AE:8A:0A:39:1B:DB:63:79:1F:D9:FA:E1:E1:59:A9:61
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01888C382E8105129CF6B9AB3F1BD2E35A4D
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/emKgj66KCjkb22N5H9n64eFZqWE.roa
Signing time: Mon 05 Jun 2023 15:41:12 +0000
ROA not before: Mon 05 Jun 2023 15:41:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 194.28.156.0/24 maxlen: 24
194.28.158.0/24 maxlen: 24
194.104.4.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:38:2e:81:05:12:9c:f6:b9:ab:3f:1b:d2:e3:5a:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jun 5 15:41:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a62a08fae8a0a391bdb63791fd9fae1e159a961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7d:2e:8a:22:4c:40:9d:84:95:eb:b8:1f:9a:
09:83:4e:10:c2:20:58:3b:76:91:fa:0a:e2:aa:31:
86:42:97:47:3d:6b:b9:c3:78:4a:2d:64:be:7f:c8:
97:9b:12:ed:80:51:59:f4:0f:6f:54:3d:51:c6:09:
4e:0f:2c:3a:39:ca:b8:57:c0:55:21:e7:07:7e:33:
fa:42:95:68:a3:02:5f:52:3f:3a:0b:39:4b:72:b4:
62:45:ee:f0:0c:fd:7a:a6:e4:72:40:f2:f0:77:e5:
54:1e:34:3d:53:44:6d:bb:e6:39:67:7a:a0:bc:49:
c7:c8:13:81:3c:90:66:f0:e7:b8:73:8f:2e:2f:8f:
b2:15:bb:8a:9a:78:07:8d:a5:3b:8f:de:ee:ae:0c:
fa:26:54:a5:78:a0:21:a8:89:50:37:24:49:c9:88:
56:0f:f9:89:a9:f5:6e:48:5d:65:8f:d4:b0:a8:f9:
9d:3c:fd:31:48:32:f7:31:6a:bf:44:cb:da:57:cb:
39:6b:79:f5:eb:84:3e:35:8d:9e:69:2b:a9:d9:4d:
0e:ae:51:8f:f9:cf:56:40:61:4c:ce:6e:d4:fd:2f:
e5:3d:f6:b3:ba:2b:db:d2:9f:3e:05:75:be:6b:de:
2c:be:64:5a:6b:32:ad:cf:53:57:d0:b0:60:c0:aa:
26:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:62:A0:8F:AE:8A:0A:39:1B:DB:63:79:1F:D9:FA:E1:E1:59:A9:61
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/emKgj66KCjkb22N5H9n64eFZqWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
5c:61:09:dd:ed:ba:60:9d:09:c7:1e:1f:93:f6:46:b7:78:7e:
da:9b:7f:d0:35:4e:57:27:24:5d:1a:3b:3e:8d:34:8a:d8:c8:
08:03:ef:16:6d:c4:2d:ce:a4:e8:42:a9:66:a1:4d:cd:9e:e6:
b1:1b:62:3c:3b:7e:ea:dc:5d:8d:2e:31:4b:91:c9:2d:02:d4:
71:e0:9f:66:0d:f7:56:36:5e:16:dd:49:f9:9f:96:25:2b:b0:
dc:46:4e:f7:6b:e7:8a:43:f7:eb:65:ae:75:cc:8d:1a:51:3b:
8f:32:a3:af:06:ff:d8:b5:91:f0:26:d3:39:4e:f8:f1:99:0f:
8a:ee:a3:6d:93:d7:08:8f:f5:d7:91:43:26:96:49:f5:56:5e:
7e:f7:ca:c8:d5:d0:91:e0:b0:de:1a:77:1b:5f:0b:46:05:39:
c2:5a:b5:c0:69:5e:47:68:5a:07:a2:18:73:12:60:ee:c1:80:
b0:a6:eb:a6:68:66:e5:7f:cf:e0:14:98:8e:a3:a6:c6:6b:28:
02:91:7c:3d:01:9d:13:b8:f6:ba:42:4a:8b:37:75:2f:15:e6:
df:17:af:8f:cc:32:64:41:18:71:95:30:cb:a0:d0:1f:31:c9:
27:72:b7:4e:56:dc:fd:06:43:58:2a:48:89:30:c8:34:bf:ac:
2b:1e:be:87
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYiMOC6BBRKc9rmrPxvS41pNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNjA1MTU0MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTYyYTA4ZmFlOGEwYTM5MWJkYjYzNzkxZmQ5ZmFlMWUxNTlhOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX0uiiJMQJ2Eleu4H5oJg04QwiBY
O3aR+griqjGGQpdHPWu5w3hKLWS+f8iXmxLtgFFZ9A9vVD1RxglODyw6Ocq4V8BV
IecHfjP6QpVoowJfUj86CzlLcrRiRe7wDP16puRyQPLwd+VUHjQ9U0Rtu+Y5Z3qg
vEnHyBOBPJBm8Oe4c48uL4+yFbuKmngHjaU7j97urgz6JlSleKAhqIlQNyRJyYhW
D/mJqfVuSF1lj9SwqPmdPP0xSDL3MWq/RMvaV8s5a3n164Q+NY2eaSup2U0OrlGP
+c9WQGFMzm7U/S/lPfazuivb0p8+BXW+a94svmRaazKtz1NX0LBgwKombQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHpioI+uigo5G9tjeR/Z+uHhWalhMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvZW1LZ2o2NktDamtiMjJONUg5bjY0ZUZacVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEAXGEJ3e26YJ0Jxx4fk/ZGt3h+2pt/0DVOVyckXRo7Po00itjICAPvFm3ELc6k
6EKpZqFNzZ7msRtiPDt+6txdjS4xS5HJLQLUceCfZg33VjZeFt1J+Z+WJSuw3EZO
92vnikP362WudcyNGlE7jzKjrwb/2LWR8CbTOU748ZkPiu6jbZPXCI/115FDJpZJ
9VZefvfKyNXQkeCw3hp3G18LRgU5wlq1wGleR2haB6IYcxJg7sGAsKbrpmhm5X/P
4BSYjqOmxmsoApF8PQGdE7j2ukJKizd1LxXm3xevj8wyZEEYcZUwy6DQHzHJJ3K3
Tlbc/QZDWCpIiTDINL+sKx6+hw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:24 2024 by rpki-client on console-fra.rpki-client.org