Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/szEW5np-hqYuYvlTYIcJdjGyvPk.roa
File: szEW5np-hqYuYvlTYIcJdjGyvPk.roa (raw, json)
Hash identifier: y/z1mzy+5uGCPI8/jlJMndPAZlgNxrwTepoq22QbTzQ=
Subject key identifier: B3:31:16:E6:7A:7E:86:A6:2E:62:F9:53:60:87:09:76:31:B2:BC:F9
Certificate issuer: /CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Certificate serial: 01856F79A59A9DAD8C9D73D64707A24AA4F3
Authority key identifier: 23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/szEW5np-hqYuYvlTYIcJdjGyvPk.roa
Signing time: Sun 01 Jan 2023 22:35:21 +0000
ROA not before: Sun 01 Jan 2023 22:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29576
IP address blocks: 194.146.132.0/22 maxlen: 22
194.146.133.0/24 maxlen: 24
194.146.135.0/24 maxlen: 24
93.157.24.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:a5:9a:9d:ad:8c:9d:73:d6:47:07:a2:4a:a4:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Validity
Not Before: Jan 1 22:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b33116e67a7e86a62e62f9536087097631b2bcf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:81:3c:cd:c5:c3:7f:2f:79:93:55:75:4b:84:
10:68:19:49:8c:11:e1:7b:2a:46:15:d1:01:87:1b:
f2:ce:a6:17:95:6d:f3:1f:ed:42:14:c0:a0:59:9c:
ee:be:63:57:7d:48:5d:76:63:ee:4b:37:0d:0c:73:
c2:04:d1:03:ec:5d:88:3f:35:b1:69:9e:fc:77:94:
37:07:2e:3f:af:f5:ce:0d:83:98:fc:75:f4:8e:a8:
a8:97:56:e4:aa:ed:f2:8f:2e:16:f7:74:34:5b:dc:
56:a8:83:ec:99:05:94:f8:b6:7f:56:f2:06:12:07:
8d:cb:7b:b6:21:c7:88:24:f0:33:67:7b:a7:7b:19:
f8:bc:b4:be:1d:b8:01:0d:e5:b0:a8:a5:c0:b9:80:
27:b8:ed:04:a7:d6:47:77:63:f3:1b:79:81:d4:2e:
9e:92:9b:cb:16:3c:2f:b8:52:dd:43:8c:c8:52:14:
e5:28:08:f6:85:3d:fa:51:7f:84:ad:d7:83:6a:a5:
5a:22:28:6c:af:c6:9b:d1:6d:e9:f7:ce:f9:1b:1e:
88:1a:49:31:30:51:79:04:6e:39:32:bf:73:f8:8c:
04:61:9c:0e:86:75:14:f2:ec:ed:eb:c3:79:1a:a4:
9f:ee:18:2c:5f:3b:65:18:63:cf:80:ac:0c:fc:47:
38:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:31:16:E6:7A:7E:86:A6:2E:62:F9:53:60:87:09:76:31:B2:BC:F9
X509v3 Authority Key Identifier:
keyid:23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/szEW5np-hqYuYvlTYIcJdjGyvPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.24.0/21
194.146.132.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:a0:0a:bf:8b:ce:80:ef:6a:9e:be:90:93:16:10:b8:31:23:
1d:58:b7:aa:1f:4a:53:d8:8a:e8:b1:9a:57:2c:67:c5:fd:90:
91:10:b6:53:cd:eb:a4:dd:03:97:01:66:14:6d:07:74:9f:6d:
70:19:1f:f8:af:ef:53:eb:0d:ba:9f:d9:e7:d1:d4:86:81:8e:
b8:09:ce:e4:03:cc:dc:f3:bb:9f:6c:23:36:9e:49:4f:97:7e:
01:2e:01:71:ff:14:26:85:c1:3d:4f:fb:6f:74:da:ba:d1:89:
7a:f9:6d:17:1c:a1:84:1f:13:1d:24:4a:3e:06:46:4a:3b:3f:
d8:14:b9:4e:94:70:79:10:bb:95:a2:45:e8:f3:fa:47:cf:68:
74:b8:7d:69:f5:dc:c0:34:09:fe:8c:ab:13:63:6c:77:a8:49:
cc:db:a2:52:53:bc:06:87:0c:b2:08:a4:9a:9b:5f:cb:67:67:
1d:eb:05:9d:f2:7a:79:ec:07:7b:d7:e8:23:91:ac:de:b4:3b:
0b:a9:7a:13:ef:4e:3b:7c:f4:9b:aa:6f:13:c6:29:2d:cf:ac:
43:7a:df:30:a6:23:27:bc:d5:b9:74:f2:a5:a6:42:e4:38:22:
6b:92:a7:df:d7:70:75:a4:a0:38:28:19:27:e9:35:43:cb:d7:
e2:af:9b:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVveaWana2MnXPWRweiSqTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYmExZWM0ZjAzNWE3MmRmYTM5ZTkzMGFkOGVjNTQzNjhl
YjdhZjQwHhcNMjMwMTAxMjIzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzMxMTZlNjdhN2U4NmE2MmU2MmY5NTM2MDg3MDk3NjMxYjJiY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoE8zcXDfy95k1V1S4QQaBlJjBHh
eypGFdEBhxvyzqYXlW3zH+1CFMCgWZzuvmNXfUhddmPuSzcNDHPCBNED7F2IPzWx
aZ78d5Q3By4/r/XODYOY/HX0jqiol1bkqu3yjy4W93Q0W9xWqIPsmQWU+LZ/VvIG
EgeNy3u2IceIJPAzZ3unexn4vLS+HbgBDeWwqKXAuYAnuO0Ep9ZHd2PzG3mB1C6e
kpvLFjwvuFLdQ4zIUhTlKAj2hT36UX+ErdeDaqVaIihsr8ab0W3p9875Gx6IGkkx
MFF5BG45Mr9z+IwEYZwOhnUU8uzt68N5GqSf7hgsXztlGGPPgKwM/Ec4QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLMxFuZ6foamLmL5U2CHCXYxsrz5MB8GA1UdIwQY
MBaAFCO6HsTwNact+jnpMK2OxUNo63r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDct
YmRlNjQ0OGI3ODZjLzEvc3pFVzVucC1ocVl1WXZsVFlJY0pkakd5dlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDctYmRlNjQ0OGI3ODZj
LzEvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXZ0YAwQC
wpKEMA0GCSqGSIb3DQEBCwUAA4IBAQAeoAq/i86A72qevpCTFhC4MSMdWLeqH0pT
2IrosZpXLGfF/ZCRELZTzeuk3QOXAWYUbQd0n21wGR/4r+9T6w26n9nn0dSGgY64
Cc7kA8zc87ufbCM2nklPl34BLgFx/xQmhcE9T/tvdNq60Yl6+W0XHKGEHxMdJEo+
BkZKOz/YFLlOlHB5ELuVokXo8/pHz2h0uH1p9dzANAn+jKsTY2x3qEnM26JSU7wG
hwyyCKSam1/LZ2cd6wWd8np57Ad71+gjkazetDsLqXoT7047fPSbqm8Txiktz6xD
et8wpiMnvNW5dPKlpkLkOCJrkqff13B1pKA4KBkn6TVDy9fir5tG
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:54 2024 by rpki-client on console-fra.rpki-client.org