Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/h908-Rg3UCZkFCDC3hT_lJ5JB1I.roa
File: h908-Rg3UCZkFCDC3hT_lJ5JB1I.roa (raw, json)
Hash identifier: YnRmj1AYMaZgfEEoTd38rQPZwk7ORO4pyvN7cTcGqlg=
Subject key identifier: 87:DD:3C:F9:18:37:50:26:64:14:20:C2:DE:14:FF:94:9E:49:07:52
Certificate issuer: /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial: 01856DD4033FFCB274C6BA4EFA85C30082BE
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/h908-Rg3UCZkFCDC3hT_lJ5JB1I.roa
Signing time: Sun 01 Jan 2023 14:54:49 +0000
ROA not before: Sun 01 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30782
IP address blocks: 195.234.20.0/23 maxlen: 23
130.255.152.0/21 maxlen: 21
185.91.212.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:03:3f:fc:b2:74:c6:ba:4e:fa:85:c3:00:82:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Validity
Not Before: Jan 1 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87dd3cf918375026641420c2de14ff949e490752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:07:b2:d4:9f:65:95:86:02:d0:4d:d1:ca:3a:
c1:15:90:53:38:b9:f2:a3:97:0c:98:d4:ce:74:b4:
e2:e1:37:f8:f3:cb:a6:3b:39:97:5d:4d:d0:17:8d:
e8:f1:94:61:76:45:10:73:54:dc:68:d7:cd:9e:a8:
12:b6:7d:05:d4:98:83:ac:90:05:2f:d1:1f:11:d2:
d6:55:d8:74:3f:df:2e:05:d0:df:8a:4a:ea:d9:a3:
88:4a:d0:18:af:ba:33:49:95:79:6f:8b:68:0c:07:
c5:6f:50:ba:50:e1:00:26:a9:c5:88:96:b4:13:66:
6b:b6:aa:e4:8e:f5:0c:c5:e6:c2:85:47:8a:2f:31:
7b:41:51:ca:e7:9c:84:fa:b9:89:5e:75:65:c8:73:
94:49:4d:ca:3c:16:c5:58:73:5f:6a:b9:af:0c:75:
5d:9d:89:92:ae:39:b9:67:b2:c0:47:99:59:25:61:
f6:82:05:7b:99:6b:3c:1b:43:ac:da:e6:db:04:fc:
34:3d:f8:8b:72:56:f5:a8:79:1a:34:df:9e:25:7c:
47:1c:4d:f4:c4:09:72:69:8c:d2:ba:96:5d:b2:23:
d9:78:3b:c8:7d:02:26:af:ed:c0:9f:18:b3:68:1f:
99:bc:80:de:d3:a1:08:ef:ba:bf:b8:97:51:fb:8d:
9e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DD:3C:F9:18:37:50:26:64:14:20:C2:DE:14:FF:94:9E:49:07:52
X509v3 Authority Key Identifier:
keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/h908-Rg3UCZkFCDC3hT_lJ5JB1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.152.0/21
185.91.212.0/22
195.234.20.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:20:f3:3c:cf:ab:54:a8:99:5b:b4:3b:20:e6:56:ea:c6:73:
50:7c:ae:7a:8b:ee:fc:21:95:84:4b:8c:80:c0:4b:46:59:b8:
1f:1b:03:33:2a:bd:75:5a:8f:94:04:35:15:8b:f8:31:49:db:
1d:32:9b:6d:dc:ca:fb:b4:75:93:a2:88:b8:08:62:8e:f9:0f:
a7:8d:df:99:8f:45:e8:8b:17:71:a5:49:07:f2:11:47:db:80:
3f:9a:64:33:77:5e:7d:cd:53:8e:16:dd:ec:ad:45:56:42:d6:
b1:59:ef:c4:97:81:2c:68:2d:94:6f:e7:9c:9c:ed:27:8d:ea:
ef:28:cb:28:ed:0c:16:0b:3f:dc:fb:2f:c3:c3:5e:5a:ec:6e:
a6:b0:bb:c6:56:7e:ea:0c:4b:40:91:62:93:ab:0b:e6:93:11:
76:04:ab:07:66:3b:90:a5:4e:83:f1:9e:b6:ee:28:ec:1c:73:
d5:6f:b9:b5:7f:6c:18:ba:98:f8:48:01:bb:d2:1a:94:34:e8:
f1:c4:4a:64:90:d5:25:31:2b:b8:cc:a8:e3:24:81:b8:f1:4e:
28:67:91:0c:97:76:d7:2c:f3:d8:17:97:5f:ba:ac:10:0a:b9:
04:67:2d:5b:04:21:e1:46:f9:2b:37:0f:4c:ad:22:4a:20:8f:
0f:1c:ce:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt1AM//LJ0xrpO+oXDAIK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OTgzYjNhOTc1OGZjYmU3ODczM2Q5MTU1YWVkMjY2Yzg4
MmEyM2MwHhcNMjMwMTAxMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2RkM2NmOTE4Mzc1MDI2NjQxNDIwYzJkZTE0ZmY5NDllNDkwNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAey1J9llYYC0E3RyjrBFZBTOLny
o5cMmNTOdLTi4Tf488umOzmXXU3QF43o8ZRhdkUQc1TcaNfNnqgStn0F1JiDrJAF
L9EfEdLWVdh0P98uBdDfikrq2aOIStAYr7ozSZV5b4toDAfFb1C6UOEAJqnFiJa0
E2ZrtqrkjvUMxebChUeKLzF7QVHK55yE+rmJXnVlyHOUSU3KPBbFWHNfarmvDHVd
nYmSrjm5Z7LAR5lZJWH2ggV7mWs8G0Os2ubbBPw0PfiLclb1qHkaNN+eJXxHHE30
xAlyaYzSupZdsiPZeDvIfQImr+3AnxizaB+ZvIDe06EI77q/uJdR+42eTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIfdPPkYN1AmZBQgwt4U/5SeSQdSMB8GA1UdIwQY
MBaAFMeYOzqXWPy+eHM9kVWu0mbIgqI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEt
MjM4NDA1ZjJjZGU5LzEvaDkwOC1SZzNVQ1prRkNEQzNoVF9sSjVKQjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEtMjM4NDA1ZjJjZGU5
LzEveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDgv+YAwQC
uVvUAwQBw+oUMA0GCSqGSIb3DQEBCwUAA4IBAQCKIPM8z6tUqJlbtDsg5lbqxnNQ
fK56i+78IZWES4yAwEtGWbgfGwMzKr11Wo+UBDUVi/gxSdsdMptt3Mr7tHWTooi4
CGKO+Q+njd+Zj0XoixdxpUkH8hFH24A/mmQzd159zVOOFt3srUVWQtaxWe/El4Es
aC2Ub+ecnO0njervKMso7QwWCz/c+y/Dw15a7G6msLvGVn7qDEtAkWKTqwvmkxF2
BKsHZjuQpU6D8Z627ijsHHPVb7m1f2wYupj4SAG70hqUNOjxxEpkkNUlMSu4zKjj
JIG48U4oZ5EMl3bXLPPYF5dfuqwQCrkEZy1bBCHhRvkrNw9MrSJKII8PHM5U
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:32 2024 by rpki-client on console-fra.rpki-client.org