Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/623ec5rQtuWblQT03TLzsHmIQw0.roa
File: 623ec5rQtuWblQT03TLzsHmIQw0.roa (raw, json)
Hash identifier: EqM2Fq0f4kTQV428+34zn2iyBBZg7roB2xyWuBJDc4A=
Subject key identifier: EB:6D:DE:73:9A:D0:B6:E5:9B:95:04:F4:DD:32:F3:B0:79:88:43:0D
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53D26A0681CF88FE8F34E7F3B17A43
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/623ec5rQtuWblQT03TLzsHmIQw0.roa
Signing time: Sun 01 Jan 2023 07:55:10 +0000
ROA not before: Sun 01 Jan 2023 07:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209604
IP address blocks: 193.35.154.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 07:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d2:6a:06:81:cf:88:fe:8f:34:e7:f3:b1:7a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb6dde739ad0b6e59b9504f4dd32f3b07988430d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3d:62:c3:ec:17:0e:65:46:d4:f8:a6:ea:9c:
1d:c3:13:aa:33:41:19:6b:c4:fa:83:09:8b:e7:de:
62:58:60:d2:c8:d3:25:b8:1b:81:35:78:a5:72:8c:
31:eb:c6:4d:a2:fc:4a:90:e8:40:28:38:2d:1b:6c:
25:7c:bd:de:39:94:83:5f:6d:53:7e:a6:3a:66:0e:
c6:cd:7c:33:70:dc:f4:70:23:77:f6:6e:b6:28:fa:
c9:32:46:08:2e:f2:5c:87:e5:fa:fd:40:c0:2e:a3:
91:62:0d:10:f6:42:ce:b0:a9:ab:63:36:1b:6c:6d:
bd:5b:76:8f:d9:8c:0e:d3:48:be:d6:89:35:bd:e2:
89:02:7e:4d:4f:8a:6c:b1:ee:a7:b2:33:df:69:55:
7f:32:83:d1:bb:b5:f5:fd:5c:08:de:70:82:3e:d7:
3b:ce:dc:ff:a8:2b:5b:31:23:05:6a:1b:a1:6e:a9:
d0:01:a8:a2:64:e8:21:73:3f:35:30:e9:4d:9f:d0:
f5:0b:36:b2:a2:37:d1:dd:41:9b:52:9d:c5:aa:c8:
94:88:ee:3c:07:f4:47:57:02:e9:cc:3b:3c:ff:3b:
b8:f7:9b:f5:d8:16:38:ce:ba:3d:f9:0e:c9:e4:67:
36:cf:68:55:ad:7d:37:16:59:05:d5:b9:bc:16:bd:
46:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6D:DE:73:9A:D0:B6:E5:9B:95:04:F4:DD:32:F3:B0:79:88:43:0D
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/623ec5rQtuWblQT03TLzsHmIQw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.174.0/24
193.35.154.0/24
193.223.107.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f9:1d:e2:13:7d:21:58:eb:c4:a9:b0:c7:35:31:ef:9f:77:
c0:2d:7c:ab:2c:aa:5c:4d:35:7d:ba:ba:f5:f7:71:15:5b:49:
3c:91:f5:92:77:b4:33:4e:9b:bd:c6:7d:c5:31:8c:1a:d7:a9:
d1:fe:c9:ef:5a:d5:61:64:ed:12:6d:c4:78:e1:9b:41:01:c1:
ce:b4:0d:cb:43:2c:4f:04:71:3b:2f:4e:c0:e7:c1:d4:eb:1a:
7a:1e:45:25:6b:55:b9:31:68:e6:94:b2:21:7e:56:93:b5:e5:
30:a3:87:d5:f9:54:e5:a0:36:a3:7c:10:d3:48:ae:df:dd:f9:
2c:39:60:c5:1f:04:fe:fd:a5:d1:3a:7a:d4:39:2b:f0:b7:7e:
e2:d4:e2:e5:cd:73:df:74:39:1f:1c:ff:fb:06:d3:89:bc:81:
43:f9:0b:a8:6c:00:81:7d:71:01:bf:f2:e3:2a:78:84:01:65:
96:6b:43:64:b1:f0:09:89:f5:31:31:7a:9a:4b:37:59:04:6d:
22:ba:33:fa:95:91:ee:60:d2:d2:7d:83:21:1b:69:70:b4:66:
c1:69:cf:01:68:8d:51:9e:46:2f:59:bb:5b:68:06:cc:19:4b:
09:7b:20:24:78:d0:cc:1b:2c:08:5c:04:8f:59:07:64:5f:ec:
25:34:de:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsU9JqBoHPiP6PNOfzsXpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZkZGU3MzlhZDBiNmU1OWI5NTA0ZjRkZDMyZjNiMDc5ODg0MzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj1iw+wXDmVG1Pim6pwdwxOqM0EZ
a8T6gwmL595iWGDSyNMluBuBNXilcowx68ZNovxKkOhAKDgtG2wlfL3eOZSDX21T
fqY6Zg7GzXwzcNz0cCN39m62KPrJMkYILvJch+X6/UDALqORYg0Q9kLOsKmrYzYb
bG29W3aP2YwO00i+1ok1veKJAn5NT4psse6nsjPfaVV/MoPRu7X1/VwI3nCCPtc7
ztz/qCtbMSMFahuhbqnQAaiiZOghcz81MOlNn9D1CzayojfR3UGbUp3FqsiUiO48
B/RHVwLpzDs8/zu495v12BY4zro9+Q7J5Gc2z2hVrX03FlkF1bm8Fr1GewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOtt3nOa0Lblm5UE9N0y87B5iEMNMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvNjIzZWM1clF0dVdibFFUMDNUTHpzSG1JUXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuViuAwQA
wSOaAwQAwd9rMA0GCSqGSIb3DQEBCwUAA4IBAQBs+R3iE30hWOvEqbDHNTHvn3fA
LXyrLKpcTTV9urr193EVW0k8kfWSd7QzTpu9xn3FMYwa16nR/snvWtVhZO0SbcR4
4ZtBAcHOtA3LQyxPBHE7L07A58HU6xp6HkUla1W5MWjmlLIhflaTteUwo4fV+VTl
oDajfBDTSK7f3fksOWDFHwT+/aXROnrUOSvwt37i1OLlzXPfdDkfHP/7BtOJvIFD
+QuobACBfXEBv/LjKniEAWWWa0NksfAJifUxMXqaSzdZBG0iujP6lZHuYNLSfYMh
G2lwtGbBac8BaI1RnkYvWbtbaAbMGUsJeyAkeNDMGywIXASPWQdkX+wlNN5d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org