Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/rYoQdJuzUMGPMXvxjh2LM1UeDcs.roa
File: rYoQdJuzUMGPMXvxjh2LM1UeDcs.roa (raw, json)
Hash identifier: NOSbtZTvGAkCcAtirgNkbno2dac7xLC/xcxg8zmFLzQ=
Subject key identifier: AD:8A:10:74:9B:B3:50:C1:8F:31:7B:F1:8E:1D:8B:33:55:1E:0D:CB
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018572035EC26A1EF2BD296F0DF7E85A9C69
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/rYoQdJuzUMGPMXvxjh2LM1UeDcs.roa
Signing time: Mon 02 Jan 2023 10:25:01 +0000
ROA not before: Mon 02 Jan 2023 10:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 193.57.137.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:5e:c2:6a:1e:f2:bd:29:6f:0d:f7:e8:5a:9c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 2 10:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad8a10749bb350c18f317bf18e1d8b33551e0dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bf:3d:60:44:e5:af:45:db:3f:8d:61:ef:4c:
47:9d:c0:ae:10:3c:6c:56:4d:ae:6c:a1:9f:4b:7e:
18:16:e0:83:10:56:6a:49:e1:1d:22:f0:90:a8:a3:
e2:94:f4:61:c5:e8:d2:73:3d:68:ae:38:4e:43:cd:
65:23:c0:6f:b1:5a:18:cb:48:0b:af:b7:32:74:22:
54:27:a7:92:16:20:39:a4:c8:c4:d3:13:80:96:d0:
2b:7d:e0:a3:6a:7b:07:3b:5d:b2:31:5a:2c:4e:39:
cd:c2:c3:3e:82:69:a0:02:a9:7e:1b:6b:4a:e4:b7:
a7:d6:f4:35:05:18:7c:30:5e:8e:50:13:70:a8:7b:
4a:ba:12:dc:4a:80:ac:92:0d:4d:67:9a:56:9e:07:
fc:cd:bb:43:ee:24:18:d0:cf:98:e7:d7:07:fb:37:
d2:17:e9:34:7b:d9:1b:be:2d:bb:82:19:b2:ab:cf:
be:a6:b2:31:9d:b1:d9:3b:49:88:c5:51:32:2d:fe:
15:21:5f:e3:9a:e6:c6:c2:cd:c1:bd:51:79:96:2a:
c9:a4:1e:c5:6e:7e:7e:38:64:bb:1e:80:87:71:c7:
ae:88:6d:91:c8:5d:c3:dd:79:9d:29:32:0c:36:89:
a0:9b:a1:06:c6:34:84:07:74:5a:87:8e:86:b2:e1:
d5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:8A:10:74:9B:B3:50:C1:8F:31:7B:F1:8E:1D:8B:33:55:1E:0D:CB
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/rYoQdJuzUMGPMXvxjh2LM1UeDcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.166.0/24
193.57.137.0/24
Signature Algorithm: sha256WithRSAEncryption
39:db:49:a6:a5:0c:65:c0:f6:df:dc:7f:6e:86:95:52:a5:34:
88:77:49:68:08:e3:77:12:5e:27:f4:9a:43:04:b3:4d:07:6d:
4c:b9:5e:be:df:0d:66:32:f0:e6:fd:6a:ff:8c:d8:3a:5d:f2:
46:0f:91:e6:00:ea:6e:62:1a:8c:1f:eb:86:5e:48:5e:6c:48:
e4:7a:38:63:87:29:a7:b6:3d:2f:9c:ef:ac:e6:0f:ea:9d:e3:
b2:c0:52:99:b2:fd:09:8a:b3:3d:74:8d:6e:e3:6e:39:4f:77:
5f:80:e7:c1:2c:6b:e3:02:81:8c:87:2a:2b:86:58:a9:7f:b3:
16:2e:d0:39:42:65:01:60:11:65:03:22:1f:8e:81:5b:74:82:
29:ea:a5:8b:87:ec:1c:25:a7:40:94:23:a6:0b:1c:ee:a5:70:
9f:34:04:34:08:3f:13:48:b0:5e:de:02:c9:cf:ad:50:b8:c6:
0d:f5:65:f8:39:af:6e:c1:3f:87:94:88:0f:8a:9b:a1:91:c3:
df:ce:97:52:59:29:d1:bf:38:72:0b:5f:43:d3:c8:eb:83:04:
de:83:2b:7e:b9:78:c3:75:f3:87:65:67:8c:aa:0a:80:f4:43:
5f:8b:b8:16:0a:c4:43:4c:17:c4:c7:00:5e:ea:af:8c:46:b2:
a6:4b:25:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyA17Cah7yvSlvDffoWpxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTAyMTAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDhhMTA3NDliYjM1MGMxOGYzMTdiZjE4ZTFkOGIzMzU1MWUwZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL89YETlr0XbP41h70xHncCuEDxs
Vk2ubKGfS34YFuCDEFZqSeEdIvCQqKPilPRhxejScz1orjhOQ81lI8BvsVoYy0gL
r7cydCJUJ6eSFiA5pMjE0xOAltArfeCjansHO12yMVosTjnNwsM+gmmgAql+G2tK
5Len1vQ1BRh8MF6OUBNwqHtKuhLcSoCskg1NZ5pWngf8zbtD7iQY0M+Y59cH+zfS
F+k0e9kbvi27ghmyq8++prIxnbHZO0mIxVEyLf4VIV/jmubGws3BvVF5lirJpB7F
bn5+OGS7HoCHcceuiG2RyF3D3XmdKTIMNomgm6EGxjSEB3Rah46GsuHV+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK2KEHSbs1DBjzF78Y4dizNVHg3LMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvcllvUWRKdXpVTUdQTVh2eGpoMkxNMVVlRGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXbmmAwQA
wTmJMA0GCSqGSIb3DQEBCwUAA4IBAQA520mmpQxlwPbf3H9uhpVSpTSId0loCON3
El4n9JpDBLNNB21MuV6+3w1mMvDm/Wr/jNg6XfJGD5HmAOpuYhqMH+uGXkhebEjk
ejhjhymntj0vnO+s5g/qneOywFKZsv0JirM9dI1u4245T3dfgOfBLGvjAoGMhyor
hlipf7MWLtA5QmUBYBFlAyIfjoFbdIIp6qWLh+wcJadAlCOmCxzupXCfNAQ0CD8T
SLBe3gLJz61QuMYN9WX4Oa9uwT+HlIgPipuhkcPfzpdSWSnRvzhyC19D08jrgwTe
gyt+uXjDdfOHZWeMqgqA9ENfi7gWCsRDTBfExwBe6q+MRrKmSyUz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:42 2023 by rpki-client on console-fra.rpki-client.org