Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/p25tubxSNCxP49MEW6aXtRPrOoI.roa
File: p25tubxSNCxP49MEW6aXtRPrOoI.roa (raw, json)
Hash identifier: eWt85V3FYZ8YIQmJkUHkqObhqHO3E7k2dl9GyWx6Psc=
Subject key identifier: A7:6E:6D:B9:BC:52:34:2C:4F:E3:D3:04:5B:A6:97:B5:13:EB:3A:82
Certificate issuer: /CN=51afbc1462455e9869d48b257b18e23be77aa6c3
Certificate serial: 01889ECC588A2A917659F054BF22A61AA1A9
Authority key identifier: 51:AF:BC:14:62:45:5E:98:69:D4:8B:25:7B:18:E2:3B:E7:7A:A6:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ua-8FGJFXphp1IslexjiO-d6psM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/p25tubxSNCxP49MEW6aXtRPrOoI.roa
Signing time: Fri 09 Jun 2023 06:16:11 +0000
ROA not before: Fri 09 Jun 2023 06:16:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213241
IP address blocks: 185.185.230.0/24 maxlen: 24
185.39.9.0/24 maxlen: 24
87.238.226.0/24 maxlen: 24
94.139.34.0/23 maxlen: 24
94.139.38.0/24 maxlen: 24
2a13:1fc0::/48 maxlen: 48
2a13:1fc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9e:cc:58:8a:2a:91:76:59:f0:54:bf:22:a6:1a:a1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51afbc1462455e9869d48b257b18e23be77aa6c3
Validity
Not Before: Jun 9 06:16:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a76e6db9bc52342c4fe3d3045ba697b513eb3a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:40:42:d4:36:7b:07:59:56:19:e2:e4:ef:7e:
17:4f:cf:d3:98:1f:c2:5a:48:75:43:cd:e4:fa:ba:
44:3c:ae:f0:01:0f:26:97:32:86:ec:9f:57:9c:55:
0f:60:92:c0:26:c5:d3:a1:3b:c5:cd:13:5e:28:0e:
2f:2b:60:a7:e6:c3:69:46:4a:a0:4f:a7:29:79:41:
31:d6:ab:3c:18:a4:be:23:a1:5c:c5:be:79:e0:2d:
61:a7:a0:c6:a2:d4:82:a2:1b:78:d2:7e:67:8f:63:
02:c0:38:f5:07:e5:12:6c:d6:54:30:ad:b3:b4:f7:
e8:cf:ad:3d:8c:9f:2f:1f:ce:63:87:9a:a7:52:3b:
87:b4:83:9f:3a:48:9a:e5:d8:8b:a4:db:a6:7c:f5:
01:b5:51:09:62:1d:0b:c0:ea:75:b0:cb:f7:1c:c9:
dc:b1:47:69:a5:45:b0:54:e8:c9:d5:21:f1:22:64:
e2:c4:5a:f3:31:f5:17:a5:97:ac:03:a6:33:db:b0:
bc:96:d1:be:d0:0f:29:ba:52:78:8e:3a:62:ac:1c:
45:ab:db:04:0c:82:30:f6:db:ed:da:3e:30:a4:b7:
4c:90:a5:e1:77:7f:eb:c5:fe:04:18:91:0e:9c:4d:
60:ff:af:f3:4f:75:d5:a4:96:b3:bc:ad:15:51:86:
bf:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6E:6D:B9:BC:52:34:2C:4F:E3:D3:04:5B:A6:97:B5:13:EB:3A:82
X509v3 Authority Key Identifier:
keyid:51:AF:BC:14:62:45:5E:98:69:D4:8B:25:7B:18:E2:3B:E7:7A:A6:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ua-8FGJFXphp1IslexjiO-d6psM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/p25tubxSNCxP49MEW6aXtRPrOoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/Ua-8FGJFXphp1IslexjiO-d6psM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.226.0/24
94.139.34.0/23
94.139.38.0/24
185.39.9.0/24
185.185.230.0/24
IPv6:
2a13:1fc0::/47
Signature Algorithm: sha256WithRSAEncryption
70:90:81:70:5f:22:67:84:be:c2:f8:40:13:d2:2e:73:ba:ef:
1e:64:52:7e:2a:e7:45:aa:c1:1f:01:27:77:df:38:a4:d1:da:
5c:6f:81:e1:66:13:25:c1:60:27:ab:4c:04:1c:04:d9:c6:42:
ab:15:64:36:9d:0c:99:02:54:c2:95:d1:02:7d:52:ec:5b:ca:
d6:9b:32:7a:4f:0c:e7:8e:83:60:0b:3a:67:9d:ff:6a:5d:20:
23:cb:11:9e:12:a0:75:43:35:4b:d0:de:52:d2:3f:23:18:f0:
7f:ef:d2:fc:3e:d6:da:a8:87:05:45:3b:ea:be:d9:0d:5f:c8:
b2:08:1d:0d:dc:4d:46:e3:9e:b9:84:27:4d:43:48:37:06:1d:
a7:d9:44:0c:5d:bb:d6:66:22:7b:5c:4f:80:57:5f:0c:77:b0:
4f:81:2f:89:2b:6c:1e:8b:77:30:b6:58:6d:f5:8e:a2:76:13:
4e:79:5d:d6:80:e9:22:aa:7a:c2:3a:c6:2d:5e:b0:8d:73:0e:
05:a9:28:42:9f:69:56:36:68:e1:8e:c0:99:da:24:70:51:9f:
0b:e5:4a:a7:0b:d5:a1:22:ef:7e:25:d7:a1:3e:83:c2:83:52:
9a:16:49:16:b0:02:b3:4d:86:04:55:bb:f5:c6:b0:f3:36:62:
98:79:8e:a8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYiezFiKKpF2WfBUvyKmGqGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYWZiYzE0NjI0NTVlOTg2OWQ0OGIyNTdiMThlMjNiZTc3
YWE2YzMwHhcNMjMwNjA5MDYxNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzZlNmRiOWJjNTIzNDJjNGZlM2QzMDQ1YmE2OTdiNTEzZWIzYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUBC1DZ7B1lWGeLk734XT8/TmB/C
Wkh1Q83k+rpEPK7wAQ8mlzKG7J9XnFUPYJLAJsXToTvFzRNeKA4vK2Cn5sNpRkqg
T6cpeUEx1qs8GKS+I6Fcxb554C1hp6DGotSCoht40n5nj2MCwDj1B+USbNZUMK2z
tPfoz609jJ8vH85jh5qnUjuHtIOfOkia5diLpNumfPUBtVEJYh0LwOp1sMv3HMnc
sUdppUWwVOjJ1SHxImTixFrzMfUXpZesA6Yz27C8ltG+0A8pulJ4jjpirBxFq9sE
DIIw9tvt2j4wpLdMkKXhd3/rxf4EGJEOnE1g/6/zT3XVpJazvK0VUYa/kQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFKdubbm8UjQsT+PTBFuml7UT6zqCMB8GA1UdIwQY
MBaAFFGvvBRiRV6YadSLJXsY4jvneqbDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWEtOEZHSkZYcGhwMUlzbGV4amlPLWQ2cHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83MDU5OWQtYzQ3NC00MTIzLWE3NDMt
YTIwMWRmYWJkYWIxLzEvcDI1dHVieFNOQ3hQNDlNRVc2YVh0UlByT29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83MDU5OWQtYzQ3NC00MTIzLWE3NDMtYTIwMWRmYWJkYWIx
LzEvVWEtOEZHSkZYcGhwMUlzbGV4amlPLWQ2cHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAV+7iAwQB
XosiAwQAXosmAwQAuScJAwQAubnmMA8EAgACMAkDBwEqEx/AAAAwDQYJKoZIhvcN
AQELBQADggEBAHCQgXBfImeEvsL4QBPSLnO67x5kUn4q50WqwR8BJ3ffOKTR2lxv
geFmEyXBYCerTAQcBNnGQqsVZDadDJkCVMKV0QJ9UuxbytabMnpPDOeOg2ALOmed
/2pdICPLEZ4SoHVDNUvQ3lLSPyMY8H/v0vw+1tqohwVFO+q+2Q1fyLIIHQ3cTUbj
nrmEJ01DSDcGHafZRAxdu9ZmIntcT4BXXwx3sE+BL4krbB6LdzC2WG31jqJ2E055
XdaA6SKqesI6xi1esI1zDgWpKEKfaVY2aOGOwJnaJHBRnwvlSqcL1aEi734l16E+
g8KDUpoWSRawArNNhgRVu/XGsPM2Yph5jqg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:39 2024 by rpki-client on console-ams.rpki-client.org