Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/e1613vF5IbNL6LSQcpYVDP8SVfs.roa
File: e1613vF5IbNL6LSQcpYVDP8SVfs.roa (raw, json)
Hash identifier: ky5aNlwSN1xz16uS3RgH4IPpQjGwTcEV/2OWof0Xr20=
Subject key identifier: 7B:5E:B5:DE:F1:79:21:B3:4B:E8:B4:90:72:96:15:0C:FF:12:55:FB
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01870E1ABA077E9F141DA261422F7DB81CDD
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/e1613vF5IbNL6LSQcpYVDP8SVfs.roa
Signing time: Thu 23 Mar 2023 10:54:05 +0000
ROA not before: Thu 23 Mar 2023 10:54:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 188.119.121.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:1a:ba:07:7e:9f:14:1d:a2:61:42:2f:7d:b8:1c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Mar 23 10:54:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b5eb5def17921b34be8b4907296150cff1255fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e6:4b:3e:e6:79:65:5f:82:c2:16:4a:92:61:
cf:43:96:0a:e2:9a:0d:83:ad:25:8e:9c:89:bd:3b:
e4:97:10:fa:3c:6e:a8:86:f2:85:7d:f5:39:d2:35:
0b:e9:ea:ed:87:36:27:d5:69:ee:53:e8:9f:db:ce:
dc:35:0f:24:47:68:3e:5e:a3:7d:4b:de:58:ac:5b:
67:87:0f:7c:22:d3:87:c1:46:2d:d0:5e:01:9c:d5:
65:6d:2a:29:5f:01:09:a8:ff:8b:2a:9e:01:b7:8c:
ee:c7:33:d9:9a:42:a6:ae:b8:78:4f:05:46:4b:a5:
3c:2e:49:6f:df:6c:7b:06:9b:a8:d7:f2:7e:39:8d:
96:a6:b6:0d:01:c1:26:10:2a:6f:53:e0:1f:b7:aa:
e0:f3:c6:2e:b3:20:d3:77:28:30:bb:ab:26:3a:fe:
da:5b:e5:75:05:9c:44:8c:28:60:56:01:58:86:e9:
ad:a3:dd:f0:cf:93:21:80:2c:9e:fe:37:5b:ab:08:
0f:60:c8:06:fb:75:35:9d:d0:1e:85:e7:cd:3d:21:
97:5b:dc:42:bb:40:8e:76:5d:85:de:36:5e:8e:56:
3a:e6:2b:27:10:26:ec:88:fc:2a:8e:46:63:4b:c8:
94:15:87:06:02:ab:11:59:b2:53:f7:88:bc:c5:2d:
f6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5E:B5:DE:F1:79:21:B3:4B:E8:B4:90:72:96:15:0C:FF:12:55:FB
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/e1613vF5IbNL6LSQcpYVDP8SVfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.146.0/24
45.87.152.0/24
141.98.168.0/24
141.98.170.0/24
188.119.121.0/24
194.116.173.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:b9:f7:01:38:43:ad:e1:a4:69:9a:4b:65:d0:47:cb:c1:90:
c7:60:63:d8:84:87:46:45:21:96:74:5b:4f:d6:95:27:e4:43:
46:fa:6e:19:ab:36:60:5a:1d:c0:5d:e4:49:19:66:db:58:74:
07:2a:c8:4b:b4:ec:2c:24:7e:b9:79:7f:66:9d:89:92:27:fa:
1b:47:cc:6c:8a:df:20:72:dc:bc:1e:b2:81:0d:34:98:6e:47:
10:c2:41:0a:c1:e7:0d:b4:d6:37:24:bb:ea:83:10:b4:bc:77:
a5:fb:da:d5:95:74:8e:cb:85:8f:6a:33:65:b3:e2:f7:1a:0e:
8b:5c:7b:fb:87:22:8c:4d:4c:a3:fb:6e:cd:df:19:0d:61:42:
c6:d5:66:b3:ff:24:91:4c:39:01:f4:57:2a:74:9e:33:32:b7:
8b:06:f0:9e:03:23:90:b4:70:47:31:08:46:b7:c2:ed:44:64:
c2:65:2a:79:e9:de:9f:bd:c0:75:42:71:63:bc:a9:d8:95:6d:
dc:77:8d:3f:5b:79:79:5c:1b:1d:18:c0:34:48:2d:33:b5:53:
48:07:ca:67:ff:d4:06:26:8f:91:c3:ac:19:ea:df:ff:b4:77:
73:a1:68:8d:a9:32:68:7d:f1:6c:88:1b:aa:ba:18:d9:ae:d9:
4f:6f:9b:00
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcOGroHfp8UHaJhQi99uBzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMzIzMTA1NDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjVlYjVkZWYxNzkyMWIzNGJlOGI0OTA3Mjk2MTUwY2ZmMTI1NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreZLPuZ5ZV+CwhZKkmHPQ5YK4poN
g60ljpyJvTvklxD6PG6ohvKFffU50jUL6erthzYn1WnuU+if287cNQ8kR2g+XqN9
S95YrFtnhw98ItOHwUYt0F4BnNVlbSopXwEJqP+LKp4Bt4zuxzPZmkKmrrh4TwVG
S6U8Lklv32x7Bpuo1/J+OY2WprYNAcEmECpvU+Aft6rg88YusyDTdygwu6smOv7a
W+V1BZxEjChgVgFYhumto93wz5MhgCye/jdbqwgPYMgG+3U1ndAehefNPSGXW9xC
u0COdl2F3jZejlY65isnECbsiPwqjkZjS8iUFYcGAqsRWbJT94i8xS320QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHtetd7xeSGzS+i0kHKWFQz/ElX7MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvZTE2MTN2RjVJYk5MNkxTUWNwWVZEUDhTVmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQiSAwQA
LVeYAwQAjWKoAwQAjWKqAwQAvHd5AwQAwnStMA0GCSqGSIb3DQEBCwUAA4IBAQDO
ufcBOEOt4aRpmktl0EfLwZDHYGPYhIdGRSGWdFtP1pUn5ENG+m4ZqzZgWh3AXeRJ
GWbbWHQHKshLtOwsJH65eX9mnYmSJ/obR8xsit8gcty8HrKBDTSYbkcQwkEKwecN
tNY3JLvqgxC0vHel+9rVlXSOy4WPajNls+L3Gg6LXHv7hyKMTUyj+27N3xkNYULG
1Waz/ySRTDkB9FcqdJ4zMreLBvCeAyOQtHBHMQhGt8LtRGTCZSp56d6fvcB1QnFj
vKnYlW3cd40/W3l5XBsdGMA0SC0ztVNIB8pn/9QGJo+Rw6wZ6t//tHdzoWiNqTJo
ffFsiBuquhjZrtlPb5sA
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:38 2024 by rpki-client on console-fra.rpki-client.org