Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/axsvkHgCxa1cIX5LaBjWOLMUH6k.roa
File: axsvkHgCxa1cIX5LaBjWOLMUH6k.roa (raw, json)
Hash identifier: iI/EKiCGETnTDcG29yO5hmjjxmiOp1o/7QTfnde/sWY=
Subject key identifier: 6B:1B:2F:90:78:02:C5:AD:5C:21:7E:4B:68:18:D6:38:B3:14:1F:A9
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018A1D2E52034B7DF07584EABCAC195B905F
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/axsvkHgCxa1cIX5LaBjWOLMUH6k.roa
Signing time: Tue 22 Aug 2023 12:18:09 +0000
ROA not before: Tue 22 Aug 2023 12:18:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.66.24.0/24 maxlen: 24
193.108.56.0/24 maxlen: 24
188.66.25.0/24 maxlen: 24
188.66.27.0/24 maxlen: 24
193.108.104.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:2e:52:03:4b:7d:f0:75:84:ea:bc:ac:19:5b:90:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Aug 22 12:18:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b1b2f907802c5ad5c217e4b6818d638b3141fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:25:6a:a7:7c:f7:e0:0d:02:d0:08:b0:86:e6:
7d:53:b7:73:f8:3e:0b:61:aa:ee:47:98:87:4e:95:
96:d7:33:ff:52:9b:8a:8e:6a:31:f0:37:64:1c:6f:
e2:b1:97:81:88:82:12:6a:fc:fc:01:3d:75:b9:8f:
fd:b5:8c:0d:56:a5:77:19:ce:9e:66:1d:6d:d5:6b:
0c:6a:43:07:69:f2:f0:e8:d9:c0:bd:9b:f7:64:2c:
17:33:93:36:db:b9:47:32:6b:f5:36:6c:e5:0f:6e:
21:42:c9:b0:9b:64:18:ec:be:4f:e7:91:06:c4:67:
82:58:3c:42:d8:ae:cd:cf:67:55:78:76:dd:9b:df:
86:fd:ea:cf:6c:af:05:25:00:2a:8d:7c:72:6f:66:
b3:ad:f2:9a:df:ed:95:00:ff:f2:56:92:1a:1a:34:
23:3a:d0:be:ea:bc:91:f2:ae:c2:eb:10:04:44:f8:
5e:7e:a3:96:7b:fb:df:72:94:51:61:a1:98:39:a4:
64:7a:14:d8:b6:9c:9b:b3:8f:38:73:c3:67:e5:7a:
66:e7:1c:94:07:f2:44:d7:40:78:02:5e:3e:97:0c:
1b:d2:a1:c5:d6:f9:3a:a8:3a:49:44:f1:ad:77:0f:
48:25:76:88:a7:82:30:57:99:c6:6c:2c:3b:b9:ec:
6a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1B:2F:90:78:02:C5:AD:5C:21:7E:4B:68:18:D6:38:B3:14:1F:A9
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/axsvkHgCxa1cIX5LaBjWOLMUH6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.24.0/23
188.66.27.0/24
193.108.56.0/24
193.108.104.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:97:fc:d5:8e:e2:d2:f0:f5:87:d9:c8:d4:37:8b:40:2d:6b:
39:6c:eb:ca:96:30:23:b5:43:38:15:f0:ab:8d:35:1c:88:17:
5f:fc:0d:05:0b:f6:cc:54:76:b2:ff:be:b2:d6:a6:fa:11:af:
44:58:1c:90:20:f2:33:06:74:0c:c6:07:41:76:b7:7d:97:35:
25:2f:19:d4:76:f9:0b:7a:ac:a3:31:79:3c:85:db:33:6a:91:
e2:6e:4c:72:88:36:dd:65:ff:34:3c:cc:66:cf:42:af:7c:c2:
10:c5:cc:d8:77:07:c6:7f:76:d0:d8:93:84:74:b5:5e:db:09:
2a:38:29:ac:92:51:a7:ff:3a:60:09:f1:45:b9:5b:da:f4:0e:
e9:3b:18:fb:25:3c:8a:d0:c8:f1:fc:84:35:9d:31:1f:41:14:
f3:35:db:75:9c:ed:e7:83:0a:0c:7b:fc:d3:d2:4f:c1:4f:2e:
93:59:8c:00:cf:aa:95:e3:bb:98:7c:e2:3e:48:c5:aa:ca:b6:
30:81:2e:90:90:de:d0:e2:a3:d6:fd:55:f8:7d:3b:8a:7d:f5:
57:e8:3d:d5:f0:ae:49:0a:d5:fa:3a:83:cc:5a:6a:39:93:69:
9e:47:22:96:3c:17:f8:6f:dc:3e:29:3e:3c:20:4b:bb:61:11:
af:b3:0f:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYodLlIDS33wdYTqvKwZW5BfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMwODIyMTIxODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjFiMmY5MDc4MDJjNWFkNWMyMTdlNGI2ODE4ZDYzOGIzMTQxZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniVqp3z34A0C0AiwhuZ9U7dz+D4L
YaruR5iHTpWW1zP/UpuKjmox8DdkHG/isZeBiIISavz8AT11uY/9tYwNVqV3Gc6e
Zh1t1WsMakMHafLw6NnAvZv3ZCwXM5M227lHMmv1NmzlD24hQsmwm2QY7L5P55EG
xGeCWDxC2K7Nz2dVeHbdm9+G/erPbK8FJQAqjXxyb2azrfKa3+2VAP/yVpIaGjQj
OtC+6ryR8q7C6xAERPhefqOWe/vfcpRRYaGYOaRkehTYtpybs484c8Nn5Xpm5xyU
B/JE10B4Al4+lwwb0qHF1vk6qDpJRPGtdw9IJXaIp4IwV5nGbCw7uexqUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGsbL5B4AsWtXCF+S2gY1jizFB+pMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvYXhzdmtIZ0N4YTFjSVg1TGFCaldPTE1VSDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBvEIYAwQA
vEIbAwQAwWw4AwQAwWxoMA0GCSqGSIb3DQEBCwUAA4IBAQCul/zVjuLS8PWH2cjU
N4tALWs5bOvKljAjtUM4FfCrjTUciBdf/A0FC/bMVHay/76y1qb6Ea9EWByQIPIz
BnQMxgdBdrd9lzUlLxnUdvkLeqyjMXk8hdszapHibkxyiDbdZf80PMxmz0KvfMIQ
xczYdwfGf3bQ2JOEdLVe2wkqOCmsklGn/zpgCfFFuVva9A7pOxj7JTyK0Mjx/IQ1
nTEfQRTzNdt1nO3ngwoMe/zT0k/BTy6TWYwAz6qV47uYfOI+SMWqyrYwgS6QkN7Q
4qPW/VX4fTuKffVX6D3V8K5JCtX6OoPMWmo5k2meRyKWPBf4b9w+KT48IEu7YRGv
sw/G
-----END CERTIFICATE-----
Generated at Thu Aug 24 04:47:53 2023 by rpki-client on console-fra.rpki-client.org