Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ydR2euHp8NknjyvwkPdwKRMCekQ.roa
File: ydR2euHp8NknjyvwkPdwKRMCekQ.roa (raw, json)
Hash identifier: 6pmtfYxmNp7Xl5Ido0Tl5pgSrgSk2dTqDh8n1awB4DI=
Subject key identifier: C9:D4:76:7A:E1:E9:F0:D9:27:8F:2B:F0:90:F7:70:29:13:02:7A:44
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01888C382FB4C3EBC63DBD4D1665857D58B2
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ydR2euHp8NknjyvwkPdwKRMCekQ.roa
Signing time: Mon 05 Jun 2023 15:41:12 +0000
ROA not before: Mon 05 Jun 2023 15:41:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213296
IP address blocks: 194.28.158.0/24 maxlen: 24
194.28.156.0/24 maxlen: 24
194.104.4.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:38:2f:b4:c3:eb:c6:3d:bd:4d:16:65:85:7d:58:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jun 5 15:41:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9d4767ae1e9f0d9278f2bf090f7702913027a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7e:80:b5:c2:15:7c:f6:b5:a9:75:90:43:c8:
30:0e:66:77:ec:8c:54:c2:0f:f8:0a:5a:aa:eb:d7:
8f:8c:85:59:62:5d:42:ea:b1:42:b0:21:19:a2:25:
db:b0:1f:32:f0:e7:0a:33:10:96:22:a5:6a:69:4d:
98:e2:f4:80:ec:8f:f3:52:2f:97:9c:98:af:4a:aa:
38:c1:73:65:92:5e:08:62:d9:0e:df:c1:81:6a:ac:
01:44:71:38:9e:38:92:ad:af:f1:6e:1a:b0:53:8a:
0a:8b:e5:13:0d:d6:e5:a7:cf:a2:9e:e1:3f:a0:83:
9a:fd:3d:d2:ac:61:01:61:ec:e2:9f:cc:b6:59:9f:
07:2c:61:09:8c:51:72:70:67:2a:9a:b0:3a:6e:73:
15:46:0d:fc:e0:01:ef:04:bf:1c:9c:de:49:91:f0:
20:11:37:02:8e:68:c1:b2:60:e9:4e:6f:c0:7b:fd:
bb:13:bf:47:54:21:80:e6:39:3d:25:9b:d2:5a:e1:
64:33:e4:11:63:5a:94:97:72:03:95:b8:05:ac:67:
73:a3:38:98:4b:d9:2f:15:ae:94:83:63:63:24:24:
13:ba:66:57:64:36:53:3f:b7:13:54:91:f6:8f:ee:
de:c5:99:6d:eb:1b:0e:a9:d6:76:15:fe:49:8e:63:
0d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D4:76:7A:E1:E9:F0:D9:27:8F:2B:F0:90:F7:70:29:13:02:7A:44
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ydR2euHp8NknjyvwkPdwKRMCekQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
36:90:0a:d4:ae:f5:ed:87:a4:80:e2:8f:32:9f:a4:a0:ed:ba:
79:28:7a:ec:36:d7:a9:70:e1:b4:7e:ee:90:43:bc:36:a0:35:
48:23:d1:38:77:95:5e:d5:96:4d:d0:7b:f0:d4:fe:e6:b9:c6:
5d:d5:c3:65:98:93:e1:9f:6f:ef:fd:b9:18:58:c4:e1:85:3c:
b5:b0:cf:bb:47:db:83:ac:16:25:01:57:31:51:19:8b:2b:90:
10:3c:58:60:13:50:1d:79:10:74:df:35:b8:4e:56:fb:47:eb:
68:b9:5e:77:7f:a6:da:48:87:ea:6b:65:dc:72:4b:60:51:57:
f1:df:c9:c9:ac:46:83:6e:ed:dc:e0:20:5b:9b:a1:2c:9d:9a:
36:55:aa:67:cc:13:5f:33:83:3d:1e:b5:38:1b:ee:20:b6:21:
eb:11:52:b1:5e:c2:78:e5:c2:95:a0:61:31:9c:03:98:59:c1:
15:ac:f7:52:4c:fc:cb:9a:30:f7:f4:2b:e7:67:c9:75:0e:b4:
71:ed:e9:da:b8:7c:63:4d:0b:18:91:2b:43:ba:dd:ae:1c:73:
1c:06:67:0d:ff:83:d9:a4:3e:e3:97:45:bd:b2:70:2c:cd:54:
9b:3e:f0:bf:de:bd:ee:1b:e8:3c:f8:f1:d7:24:c4:6c:f0:55:
b2:7d:9f:62
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYiMOC+0w+vGPb1NFmWFfViyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNjA1MTU0MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQ0NzY3YWUxZTlmMGQ5Mjc4ZjJiZjA5MGY3NzAyOTEzMDI3YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn6AtcIVfPa1qXWQQ8gwDmZ37IxU
wg/4Clqq69ePjIVZYl1C6rFCsCEZoiXbsB8y8OcKMxCWIqVqaU2Y4vSA7I/zUi+X
nJivSqo4wXNlkl4IYtkO38GBaqwBRHE4njiSra/xbhqwU4oKi+UTDdblp8+inuE/
oIOa/T3SrGEBYezin8y2WZ8HLGEJjFFycGcqmrA6bnMVRg384AHvBL8cnN5JkfAg
ETcCjmjBsmDpTm/Ae/27E79HVCGA5jk9JZvSWuFkM+QRY1qUl3IDlbgFrGdzoziY
S9kvFa6Ug2NjJCQTumZXZDZTP7cTVJH2j+7exZlt6xsOqdZ2Ff5JjmMNkwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMnUdnrh6fDZJ48r8JD3cCkTAnpEMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEveWRSMmV1SHA4Tmtuanl2d2tQZHdLUk1DZWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEANpAK1K717YekgOKPMp+koO26eSh67DbXqXDhtH7ukEO8NqA1SCPROHeVXtWW
TdB78NT+5rnGXdXDZZiT4Z9v7/25GFjE4YU8tbDPu0fbg6wWJQFXMVEZiyuQEDxY
YBNQHXkQdN81uE5W+0fraLled3+m2kiH6mtl3HJLYFFX8d/JyaxGg27t3OAgW5uh
LJ2aNlWqZ8wTXzODPR61OBvuILYh6xFSsV7CeOXClaBhMZwDmFnBFaz3Ukz8y5ow
9/Qr52fJdQ60ce3p2rh8Y00LGJErQ7rdrhxzHAZnDf+D2aQ+45dFvbJwLM1Umz7w
v9697hvoPPjx1yTEbPBVsn2fYg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:39 2024 by rpki-client on console-ams.rpki-client.org