Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/7dHdB0TJraiy8dEZ5U2sA7pipvI.roa
File: 7dHdB0TJraiy8dEZ5U2sA7pipvI.roa (raw, json)
Hash identifier: Z8IXU4kyeO7kUSF65VeDlq9FpQxsx0QcvrQL+Z4RrN8=
Subject key identifier: ED:D1:DD:07:44:C9:AD:A8:B2:F1:D1:19:E5:4D:AC:03:BA:62:A6:F2
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 018570B08584904E90EF613C70DFB11F0003
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/7dHdB0TJraiy8dEZ5U2sA7pipvI.roa
Signing time: Mon 02 Jan 2023 04:14:54 +0000
ROA not before: Mon 02 Jan 2023 04:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5528
IP address blocks: 195.130.205.0/24 maxlen: 24
188.92.23.0/24 maxlen: 32
188.92.22.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:85:84:90:4e:90:ef:61:3c:70:df:b1:1f:00:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Jan 2 04:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edd1dd0744c9ada8b2f1d119e54dac03ba62a6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cf:4d:ea:98:ea:49:45:4c:54:8d:20:01:64:
cd:21:49:5c:a3:84:d3:83:22:55:1e:ad:a4:de:1d:
14:54:9e:07:15:ba:89:f2:4e:5d:de:8a:2c:bc:cc:
04:8f:be:e2:ad:f9:de:8d:1f:26:a5:c1:2d:42:03:
27:95:e6:18:15:68:b7:ca:c1:bb:2d:40:a0:bf:79:
95:2b:bb:01:9b:ba:b9:cb:c6:8b:cb:9e:bf:87:24:
20:5e:9a:b2:11:6a:a0:01:77:e8:db:be:ad:73:71:
6a:1d:e5:83:d1:1d:e1:5b:0f:94:06:c9:78:6a:4b:
84:a3:01:32:c4:3e:e9:51:3a:a5:7d:85:66:2d:f3:
ae:a8:e4:72:b9:0f:5a:19:40:4d:85:93:90:1b:6b:
7e:6c:47:78:ff:76:dc:82:82:3a:a2:7a:79:b0:e5:
ba:73:72:5c:99:85:e2:ea:f0:21:e0:c1:be:84:4e:
1c:bf:84:48:98:ed:b5:86:7f:af:23:a6:17:43:a8:
0a:f9:74:7f:52:ce:7c:83:c6:fe:c5:e6:19:04:22:
d4:de:47:eb:fe:37:a1:d5:57:e8:9f:e6:2d:ed:4c:
07:a0:62:2f:f6:be:85:1d:2b:41:ed:5a:71:ce:13:
b6:a5:c1:6f:2d:95:9f:38:ba:0a:ff:c1:2e:a2:75:
9c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D1:DD:07:44:C9:AD:A8:B2:F1:D1:19:E5:4D:AC:03:BA:62:A6:F2
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/7dHdB0TJraiy8dEZ5U2sA7pipvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.22.0/23
195.130.205.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:ee:d6:0e:0f:76:56:61:79:11:27:05:3e:1f:34:53:62:43:
43:e5:b9:0d:7d:01:ba:6e:7e:b4:4e:d2:3c:60:9b:f4:1f:59:
38:b1:1b:c4:5d:2a:bd:1d:5e:40:bb:3a:5f:7a:33:8f:83:a7:
53:48:25:81:4f:83:c4:2b:66:6a:42:2a:ec:4b:19:2d:d1:54:
6a:78:38:b1:07:72:13:f1:51:ca:cb:07:1e:2f:ea:28:5d:2d:
7e:77:ad:14:35:96:95:c5:12:e5:46:50:0c:81:d8:2e:b1:64:
a6:72:00:f6:2d:38:f6:31:db:08:62:60:fb:21:de:d9:70:fb:
fc:f7:bf:e4:ac:f3:78:dc:1c:ae:9e:8a:e6:5f:90:1d:9c:22:
96:a1:c3:98:f6:a3:cb:e4:1b:4d:9f:1c:2e:54:fd:90:0c:cd:
b5:71:4f:4e:d9:2b:a7:f1:0a:16:21:b5:2f:78:cc:d3:ff:72:
98:1f:5e:be:e1:32:9b:ef:a1:aa:2f:a5:f2:d6:89:ab:d9:6b:
18:aa:73:84:f3:8d:22:24:5e:8d:e5:52:43:97:9f:c5:f4:50:
61:eb:7a:46:c6:3b:ad:62:87:16:63:08:2e:91:d0:2a:ed:ce:
46:1e:e1:2b:ae:98:41:fd:81:01:ff:4e:03:53:9a:5a:2d:19:
d3:e1:cd:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwsIWEkE6Q72E8cN+xHwADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjMwMTAyMDQxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQxZGQwNzQ0YzlhZGE4YjJmMWQxMTllNTRkYWMwM2JhNjJhNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc9N6pjqSUVMVI0gAWTNIUlco4TT
gyJVHq2k3h0UVJ4HFbqJ8k5d3oosvMwEj77irfnejR8mpcEtQgMnleYYFWi3ysG7
LUCgv3mVK7sBm7q5y8aLy56/hyQgXpqyEWqgAXfo276tc3FqHeWD0R3hWw+UBsl4
akuEowEyxD7pUTqlfYVmLfOuqORyuQ9aGUBNhZOQG2t+bEd4/3bcgoI6onp5sOW6
c3JcmYXi6vAh4MG+hE4cv4RImO21hn+vI6YXQ6gK+XR/Us58g8b+xeYZBCLU3kfr
/jeh1Vfon+Yt7UwHoGIv9r6FHStB7VpxzhO2pcFvLZWfOLoK/8EuonWcOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO3R3QdEya2osvHRGeVNrAO6YqbyMB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvN2RIZEIwVEpyYWl5OGRFWjVVMnNBN3BpcHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBvFwWAwQA
w4LNMA0GCSqGSIb3DQEBCwUAA4IBAQCn7tYOD3ZWYXkRJwU+HzRTYkND5bkNfQG6
bn60TtI8YJv0H1k4sRvEXSq9HV5AuzpfejOPg6dTSCWBT4PEK2ZqQirsSxkt0VRq
eDixB3IT8VHKywceL+ooXS1+d60UNZaVxRLlRlAMgdgusWSmcgD2LTj2MdsIYmD7
Id7ZcPv897/krPN43ByunormX5AdnCKWocOY9qPL5BtNnxwuVP2QDM21cU9O2Sun
8QoWIbUveMzT/3KYH16+4TKb76GqL6Xy1omr2WsYqnOE840iJF6N5VJDl5/F9FBh
63pGxjutYocWYwgukdAq7c5GHuErrphB/YEB/04DU5paLRnT4c2F
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:52 2024 by rpki-client on console-fra.rpki-client.org