Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/aE4jyjSCHcHtQlvESJLgvps8HWY.roa
File: aE4jyjSCHcHtQlvESJLgvps8HWY.roa (raw, json)
Hash identifier: 2rWetdwVWv+rSQC5s/Mpdnf2QeRW371pyQyl7J3Yiv4=
Subject key identifier: 68:4E:23:CA:34:82:1D:C1:ED:42:5B:C4:48:92:E0:BE:9B:3C:1D:66
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F0F84FD8AE1C648C49318DD55EC907
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/aE4jyjSCHcHtQlvESJLgvps8HWY.roa
Signing time: Mon 02 Jan 2023 10:04:55 +0000
ROA not before: Mon 02 Jan 2023 10:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50564
IP address blocks: 176.227.156.0/24 maxlen: 24
178.156.77.0/24 maxlen: 24
86.104.25.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:f8:4f:d8:ae:1c:64:8c:49:31:8d:d5:5e:c9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=684e23ca34821dc1ed425bc44892e0be9b3c1d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fa:f3:ad:65:ef:6d:b0:e1:b9:b1:bb:cb:c9:
2d:50:e8:81:5e:28:d8:b2:ca:05:c4:d1:0e:c3:4c:
da:93:69:ff:e0:52:f5:96:61:ec:ab:42:5f:e0:b7:
d1:2e:0b:44:af:41:6d:01:7a:2c:df:b9:6b:cf:9a:
98:cf:8b:81:85:a2:c2:d6:ca:24:a2:f0:6c:db:b8:
89:0e:1f:1d:ce:38:8d:bc:72:57:9b:a5:2d:d4:cd:
cd:01:54:1c:70:e9:25:48:ae:53:04:ac:9d:82:9b:
9a:a2:fe:14:7d:11:38:da:b7:bc:32:bd:83:84:d7:
4e:b1:1e:21:27:07:5f:56:a5:91:e1:04:5e:5d:2e:
f4:64:43:43:64:7a:d0:5f:4f:95:c5:06:b7:45:b1:
a4:61:04:b1:df:80:19:86:7f:cc:04:d7:56:4c:a3:
db:4f:cf:e9:e8:a3:6f:48:19:3c:f4:70:5b:83:58:
fd:74:08:6b:b5:37:c5:11:81:9a:47:5c:f0:77:52:
ad:d9:b4:ca:9e:58:ac:82:00:ef:e7:ed:4e:a0:1c:
52:56:0e:95:0c:52:96:94:ed:6c:cd:d3:54:13:14:
46:eb:5e:e1:88:24:c8:ec:5e:c7:0f:d3:e4:b5:ba:
d4:f9:f5:28:ac:8e:7d:51:24:18:38:54:95:35:74:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4E:23:CA:34:82:1D:C1:ED:42:5B:C4:48:92:E0:BE:9B:3C:1D:66
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/aE4jyjSCHcHtQlvESJLgvps8HWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.25.0/24
176.227.156.0/24
178.156.77.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:4f:75:3c:b4:b1:24:e6:59:62:67:17:fc:ac:b6:63:20:2a:
d3:a8:87:27:af:6c:4d:ca:4c:c3:38:45:62:8d:aa:8b:26:48:
57:06:97:ae:95:95:4c:ac:d8:8e:8d:73:c1:16:22:f3:bd:23:
fc:43:0f:90:16:d2:32:4c:d4:5e:4e:10:7e:43:1a:7a:da:fe:
0f:0f:f0:cf:2e:8d:1e:08:42:9a:4a:df:21:81:56:7a:09:03:
b6:86:3e:a2:59:ac:97:fb:f9:11:28:0d:20:1b:6d:25:51:e3:
84:cc:59:d0:8e:4d:48:79:ab:fe:f9:3c:fb:5f:cf:38:d2:b6:
fc:ca:ce:09:ef:11:70:e6:a3:c7:e8:99:0c:38:10:2c:75:02:
e9:a9:60:2c:c8:33:aa:02:35:2b:14:8c:2d:d8:f0:50:e0:1b:
20:16:65:c2:1a:45:7c:01:0f:46:f5:d1:68:5a:58:f9:47:f8:
fd:21:92:f8:bc:34:37:e9:75:a1:f0:ae:64:dd:cf:3c:80:79:
c9:04:bb:e6:22:46:27:b9:50:1f:e1:ec:85:c8:d0:6f:b4:07:
0d:6e:61:0c:95:50:c6:5e:cf:8c:cb:f4:cb:f7:3d:83:4a:f8:
73:1e:2c:dc:3c:13:d0:92:58:e8:d8:85:d1:0a:f5:42:b5:5f:
b0:37:25:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx8PhP2K4cZIxJMY3VXskHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODRlMjNjYTM0ODIxZGMxZWQ0MjViYzQ0ODkyZTBiZTliM2MxZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/rzrWXvbbDhubG7y8ktUOiBXijY
ssoFxNEOw0zak2n/4FL1lmHsq0Jf4LfRLgtEr0FtAXos37lrz5qYz4uBhaLC1sok
ovBs27iJDh8dzjiNvHJXm6Ut1M3NAVQccOklSK5TBKydgpuaov4UfRE42re8Mr2D
hNdOsR4hJwdfVqWR4QReXS70ZENDZHrQX0+VxQa3RbGkYQSx34AZhn/MBNdWTKPb
T8/p6KNvSBk89HBbg1j9dAhrtTfFEYGaR1zwd1Kt2bTKnlisggDv5+1OoBxSVg6V
DFKWlO1szdNUExRG617hiCTI7F7HD9PktbrU+fUorI59USQYOFSVNXThGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGhOI8o0gh3B7UJbxEiS4L6bPB1mMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvYUU0anlqU0NIY0h0UWx2RVNKTGd2cHM4SFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVmgZAwQA
sOOcAwQAspxNMA0GCSqGSIb3DQEBCwUAA4IBAQB+T3U8tLEk5lliZxf8rLZjICrT
qIcnr2xNykzDOEVijaqLJkhXBpeulZVMrNiOjXPBFiLzvSP8Qw+QFtIyTNReThB+
Qxp62v4PD/DPLo0eCEKaSt8hgVZ6CQO2hj6iWayX+/kRKA0gG20lUeOEzFnQjk1I
eav++Tz7X8840rb8ys4J7xFw5qPH6JkMOBAsdQLpqWAsyDOqAjUrFIwt2PBQ4Bsg
FmXCGkV8AQ9G9dFoWlj5R/j9IZL4vDQ36XWh8K5k3c88gHnJBLvmIkYnuVAf4eyF
yNBvtAcNbmEMlVDGXs+My/TL9z2DSvhzHizcPBPQkljo2IXRCvVCtV+wNyUq
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:36 2024 by rpki-client on console-fra.rpki-client.org