Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/CJkd26T7hnYvoTbKrI3LfebikDQ.roa
File: CJkd26T7hnYvoTbKrI3LfebikDQ.roa (raw, json)
Hash identifier: T/XNJ2EZPC/GHilXHkzDA0AxUUvkd5P+2dwbUz71d14=
Subject key identifier: 08:99:1D:DB:A4:FB:86:76:2F:A1:36:CA:AC:8D:CB:7D:E6:E2:90:34
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018570E7563F8056E04555A1303446064AF6
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/CJkd26T7hnYvoTbKrI3LfebikDQ.roa
Signing time: Mon 02 Jan 2023 05:14:47 +0000
ROA not before: Mon 02 Jan 2023 05:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198651
IP address blocks: 195.12.189.0/24 maxlen: 24
195.12.190.0/24 maxlen: 24
195.12.188.0/24 maxlen: 24
195.12.191.0/24 maxlen: 24
88.119.176.0/24 maxlen: 24
88.119.179.0/24 maxlen: 24
88.119.177.0/24 maxlen: 24
88.119.178.0/24 maxlen: 24
2a00:1eb8:c000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:56:3f:80:56:e0:45:55:a1:30:34:46:06:4a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 05:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08991ddba4fb86762fa136caac8dcb7de6e29034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:88:34:02:94:a6:f6:a0:cf:4a:d5:e3:f2:eb:
8f:49:c0:d9:00:05:a9:5d:20:d1:4c:e8:04:b2:70:
f6:b4:fe:ff:c7:de:ba:c1:d9:b4:6e:23:88:ae:f6:
bb:92:d4:0e:ef:c9:e9:f3:bc:e9:90:d0:4c:81:ba:
b4:22:31:85:0d:9a:db:81:d6:22:5e:89:b3:e3:b0:
cd:bc:45:14:6c:20:05:73:97:5c:3b:19:e1:c3:99:
ab:42:7b:1c:bd:58:38:9e:06:cc:ef:ca:c9:79:85:
22:cd:f8:25:af:f2:45:05:0a:21:7d:35:81:36:aa:
e6:a4:6e:de:3d:65:71:ae:e7:1a:56:64:2c:35:54:
2b:23:d6:c2:a6:a4:8b:a1:f3:cb:58:32:53:21:2d:
72:dd:e6:03:41:81:ab:3f:1d:2c:81:4a:b7:0b:62:
4d:7e:2a:92:b5:7f:37:75:67:b3:a7:5e:d4:5a:26:
68:02:d7:0b:fa:21:42:30:8d:b6:36:ed:d6:ed:5f:
d4:6c:8b:72:65:08:05:40:a4:4f:05:65:55:de:d7:
4f:4a:71:70:ba:ba:de:fa:92:ac:1b:12:a1:80:95:
ea:5a:4e:5d:05:2c:0c:a1:09:de:23:7a:fc:06:92:
b4:59:6e:2e:03:5c:a8:15:59:38:86:5a:3e:46:22:
40:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:99:1D:DB:A4:FB:86:76:2F:A1:36:CA:AC:8D:CB:7D:E6:E2:90:34
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/CJkd26T7hnYvoTbKrI3LfebikDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.119.176.0/22
195.12.188.0/22
IPv6:
2a00:1eb8:c000::/48
Signature Algorithm: sha256WithRSAEncryption
89:78:f3:fa:bd:c6:00:50:a9:73:16:33:ed:ab:e5:64:37:ee:
2c:b5:c8:36:ef:7e:86:56:d0:1c:cf:e6:b9:03:e9:12:fb:1f:
00:83:7c:22:06:13:b2:bc:a7:3b:e9:c6:7b:60:0f:06:61:5e:
c7:fd:a0:45:47:b6:81:e8:16:ef:d7:a6:ab:9f:3b:f1:12:45:
90:ec:58:07:0c:7d:1c:da:92:23:91:b8:5c:a6:19:66:4a:83:
38:e6:ec:be:75:55:a8:06:ab:23:db:64:64:2c:06:8c:cb:6f:
bd:b5:9e:8b:e4:9c:46:cd:e2:0e:e0:cc:41:bc:ec:6a:eb:53:
89:6a:02:c0:ab:86:08:31:92:eb:f2:7a:bc:88:8c:10:bc:ac:
96:8b:72:46:98:6b:b2:92:ea:6f:73:d1:b3:a1:0d:66:44:26:
02:4c:56:6e:5e:a4:d7:ef:5a:64:9c:6e:0e:bc:48:2c:a5:9b:
3a:40:dc:86:89:cd:c3:d9:85:bf:72:19:0a:b6:29:de:e3:ae:
9e:36:09:f8:09:0f:9b:d7:7a:6e:64:a7:f6:ed:d4:ab:18:06:
02:9c:2a:a7:e9:3f:0e:cf:75:07:09:f0:4a:bf:67:37:77:87:
4e:fc:a7:6b:74:be:e5:77:f0:6b:c1:67:69:c2:63:09:b8:7c:
53:3f:00:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVw51Y/gFbgRVWhMDRGBkr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjMwMTAyMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODk5MWRkYmE0ZmI4Njc2MmZhMTM2Y2FhYzhkY2I3ZGU2ZTI5MDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4g0ApSm9qDPStXj8uuPScDZAAWp
XSDRTOgEsnD2tP7/x966wdm0biOIrva7ktQO78np87zpkNBMgbq0IjGFDZrbgdYi
Xomz47DNvEUUbCAFc5dcOxnhw5mrQnscvVg4ngbM78rJeYUizfglr/JFBQohfTWB
NqrmpG7ePWVxrucaVmQsNVQrI9bCpqSLofPLWDJTIS1y3eYDQYGrPx0sgUq3C2JN
fiqStX83dWezp17UWiZoAtcL+iFCMI22Nu3W7V/UbItyZQgFQKRPBWVV3tdPSnFw
urre+pKsGxKhgJXqWk5dBSwMoQneI3r8BpK0WW4uA1yoFVk4hlo+RiJA2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAiZHduk+4Z2L6E2yqyNy33m4pA0MB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL0NKa2QyNlQ3aG5Zdm9UYktySTNMZmViaWtEUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAJYd7AD
BALDDLwwDwQCAAIwCQMHACoAHrjAADANBgkqhkiG9w0BAQsFAAOCAQEAiXjz+r3G
AFCpcxYz7avlZDfuLLXINu9+hlbQHM/muQPpEvsfAIN8IgYTsrynO+nGe2APBmFe
x/2gRUe2gegW79emq5878RJFkOxYBwx9HNqSI5G4XKYZZkqDOObsvnVVqAarI9tk
ZCwGjMtvvbWei+ScRs3iDuDMQbzsautTiWoCwKuGCDGS6/J6vIiMELyslotyRphr
spLqb3PRs6ENZkQmAkxWbl6k1+9aZJxuDrxILKWbOkDchonNw9mFv3IZCrYp3uOu
njYJ+AkPm9d6bmSn9u3UqxgGApwqp+k/Ds91BwnwSr9nN3eHTvyna3S+5Xfwa8Fn
acJjCbh8Uz8Adw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:14 2023 by rpki-client on console-fra.rpki-client.org