Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/I2atueJ3epPs4Mh0RWSz1e94Zio.roa
File: I2atueJ3epPs4Mh0RWSz1e94Zio.roa (raw, json)
Hash identifier: YMSGRJxlhvIenGAcxC2gMW5maWTpeH8pkg9R0vZGGnw=
Subject key identifier: 23:66:AD:B9:E2:77:7A:93:EC:E0:C8:74:45:64:B3:D5:EF:78:66:2A
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 01856F14CED85FE2F9005285ABCD69FA80F8
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/I2atueJ3epPs4Mh0RWSz1e94Zio.roa
Signing time: Sun 01 Jan 2023 20:45:12 +0000
ROA not before: Sun 01 Jan 2023 20:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9002
IP address blocks: 139.45.192.0/19 maxlen: 19
87.245.208.0/20 maxlen: 20
87.245.208.0/21 maxlen: 21
185.82.8.0/22 maxlen: 22
87.245.224.0/19 maxlen: 19
2a02:2d8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ce:d8:5f:e2:f9:00:52:85:ab:cd:69:fa:80:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Jan 1 20:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2366adb9e2777a93ece0c8744564b3d5ef78662a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b5:1c:43:58:b1:b4:79:39:4b:44:d1:10:68:
54:ad:62:c7:6e:bc:dc:85:58:46:95:e3:73:db:86:
52:8b:90:f5:f1:61:3a:2b:1e:21:48:6f:5e:62:22:
1e:bd:ff:e5:9f:82:6d:0d:a9:be:91:f1:2e:d8:d2:
4a:02:ca:38:6d:c3:7a:bf:07:56:4f:9f:1d:28:a5:
b6:2e:4f:2d:56:05:d8:7a:dd:f5:03:c3:5b:68:4e:
7e:6c:a1:8d:d2:0a:40:86:7d:a5:9f:c3:58:b5:a7:
6b:f0:a6:04:a7:ce:88:8f:2c:94:85:c4:6c:9e:ce:
72:1e:c2:f7:7c:0d:e0:c2:1d:c9:3d:46:bc:80:07:
2a:79:c0:c2:54:51:47:0c:1e:bf:6a:df:42:60:3d:
dd:92:c8:0d:f0:56:3d:3e:c8:a7:98:d6:fc:23:fb:
90:52:c4:83:19:c0:60:14:1a:df:c8:76:c8:3a:56:
9d:e7:dc:c0:44:a5:29:a4:ec:43:3f:e8:70:03:06:
fb:b1:bc:68:25:24:16:ad:02:af:66:85:fb:d5:ba:
6e:7c:f7:c9:21:18:63:c1:32:0c:5d:ac:e2:87:b6:
aa:6c:61:b6:85:26:4c:81:38:55:dd:1c:06:12:a2:
bf:a6:d2:c2:3e:fc:b2:ad:06:f2:65:90:99:6e:6f:
70:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:66:AD:B9:E2:77:7A:93:EC:E0:C8:74:45:64:B3:D5:EF:78:66:2A
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/I2atueJ3epPs4Mh0RWSz1e94Zio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.208.0-87.245.255.255
139.45.192.0/19
185.82.8.0/22
IPv6:
2a02:2d8::/32
Signature Algorithm: sha256WithRSAEncryption
73:76:e9:7b:af:34:b1:46:d3:ce:88:13:a8:7a:e9:88:7f:d5:
e1:5c:22:f0:73:08:2d:53:f3:d4:d1:23:61:ea:6b:3d:6d:dd:
54:73:a4:3e:c9:c4:d5:39:89:c1:04:d1:7f:c6:94:f7:73:13:
ea:59:fc:14:ce:71:60:1b:7d:e9:35:ff:ae:c4:c4:b3:c7:5b:
31:8d:6f:84:c0:be:e0:7b:f4:0f:cb:fb:e9:32:27:08:43:f0:
08:c1:7a:ff:a2:4f:74:5f:e5:ea:b3:c5:f8:e2:c0:43:e2:79:
1b:f1:10:41:19:78:19:2f:43:85:74:c7:5f:2e:16:56:21:43:
23:16:43:3e:64:98:97:b9:ec:15:f7:a5:d8:2e:b6:60:87:dd:
2c:ec:89:d5:13:7e:07:5e:ed:9f:d4:39:c3:26:49:43:07:b7:
b9:3c:00:0c:3d:04:c5:39:c3:ba:6d:e5:34:fa:77:fb:a3:31:
a5:a0:24:26:61:a3:27:3a:21:c7:fc:84:24:16:70:b5:c6:b3:
29:2f:7f:eb:94:77:97:6a:1f:0e:74:87:8e:e0:03:b1:3d:19:
74:5b:d7:a5:7c:9b:4c:40:1c:00:b7:e7:80:db:d1:2c:38:dd:
0c:30:25:80:5c:71:a4:33:26:47:10:a4:a5:d4:5d:b7:2c:9a:
89:a3:99:8c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVvFM7YX+L5AFKFq81p+oD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjMwMTAxMjA0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY2YWRiOWUyNzc3YTkzZWNlMGM4NzQ0NTY0YjNkNWVmNzg2NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8LUcQ1ixtHk5S0TREGhUrWLHbrzc
hVhGleNz24ZSi5D18WE6Kx4hSG9eYiIevf/ln4JtDam+kfEu2NJKAso4bcN6vwdW
T58dKKW2Lk8tVgXYet31A8NbaE5+bKGN0gpAhn2ln8NYtadr8KYEp86IjyyUhcRs
ns5yHsL3fA3gwh3JPUa8gAcqecDCVFFHDB6/at9CYD3dksgN8FY9PsinmNb8I/uQ
UsSDGcBgFBrfyHbIOlad59zARKUppOxDP+hwAwb7sbxoJSQWrQKvZoX71bpufPfJ
IRhjwTIMXazih7aqbGG2hSZMgThV3RwGEqK/ptLCPvyyrQbyZZCZbm9w8wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCNmrbnid3qT7ODIdEVks9XveGYqMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvSTJhdHVlSjNlcFBzNE1oMFJXU3oxZTk0WmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZMAsDBARX9dAD
AwFX9AMEBYstwAMEArlSCDANBAIAAjAHAwUAKgIC2DANBgkqhkiG9w0BAQsFAAOC
AQEAc3bpe680sUbTzogTqHrpiH/V4Vwi8HMILVPz1NEjYeprPW3dVHOkPsnE1TmJ
wQTRf8aU93MT6ln8FM5xYBt96TX/rsTEs8dbMY1vhMC+4Hv0D8v76TInCEPwCMF6
/6JPdF/l6rPF+OLAQ+J5G/EQQRl4GS9DhXTHXy4WViFDIxZDPmSYl7nsFfel2C62
YIfdLOyJ1RN+B17tn9Q5wyZJQwe3uTwADD0ExTnDum3lNPp3+6MxpaAkJmGjJzoh
x/yEJBZwtcazKS9/65R3l2ofDnSHjuADsT0ZdFvXpXybTEAcALfngNvRLDjdDDAl
gFxxpDMmRxCkpdRdtyyaiaOZjA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:31 2024 by rpki-client on console-fra.rpki-client.org