Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/iaLbOYwvj-ArfzKca7dvxMU_jT4.roa
File: iaLbOYwvj-ArfzKca7dvxMU_jT4.roa (raw, json)
Hash identifier: nzf3FCvB/Vv5SPTxloKzN3ZHRKZJpLJIn1OS64sfn4o=
Subject key identifier: 89:A2:DB:39:8C:2F:8F:E0:2B:7F:32:9C:6B:B7:6F:C4:C5:3F:8D:3E
Certificate issuer: /CN=7139bc5cef3aeadf32613f7d959ec8e40a742918
Certificate serial: 01879F2651F93437705263DE867DBD108260
Authority key identifier: 71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/iaLbOYwvj-ArfzKca7dvxMU_jT4.roa
Signing time: Thu 20 Apr 2023 14:51:41 +0000
ROA not before: Thu 20 Apr 2023 14:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211450
IP address blocks: 193.36.90.0/24 maxlen: 24
2a10:e340::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9f:26:51:f9:34:37:70:52:63:de:86:7d:bd:10:82:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7139bc5cef3aeadf32613f7d959ec8e40a742918
Validity
Not Before: Apr 20 14:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89a2db398c2f8fe02b7f329c6bb76fc4c53f8d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:d5:bc:40:ba:0e:2b:48:48:28:d9:fb:85:
04:50:04:62:1a:42:86:87:cf:f5:18:94:13:b0:20:
41:b8:4a:c3:5c:77:00:9c:8c:50:eb:fe:9e:26:4d:
f7:8b:9b:d1:1a:5f:6c:76:99:d0:2d:45:42:9e:7e:
06:b5:54:fb:8a:ef:30:62:f0:5e:1d:5a:be:64:2e:
2e:ed:70:ce:70:88:73:fe:bc:08:fe:d5:7f:3a:78:
af:f9:6b:60:6a:af:45:51:10:49:d3:92:f5:4b:14:
cc:9d:91:3b:42:0b:0f:1b:ad:25:14:74:46:fc:d6:
26:88:4f:51:7e:0b:0a:28:be:2e:f9:e7:36:93:4d:
81:3d:31:66:56:ea:25:f1:e4:bb:51:fd:ba:96:d7:
9a:8a:ae:8c:90:e1:e7:3c:3e:98:c6:57:d9:21:20:
a8:44:20:47:cf:70:0f:ad:cf:57:10:93:fd:f0:57:
58:ce:ea:a8:41:b0:aa:e7:cb:07:ae:c6:29:8f:4c:
ee:ad:74:94:a7:a2:f0:d7:15:04:d3:41:f9:b2:ef:
e0:67:ab:9b:25:26:a9:ec:f3:5d:97:a3:f9:05:f1:
b6:7a:c7:ef:47:48:8a:d0:a5:8c:ec:28:c3:b9:0d:
b6:3a:a9:ba:f0:6a:25:07:ad:db:c6:90:40:f8:a1:
94:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A2:DB:39:8C:2F:8F:E0:2B:7F:32:9C:6B:B7:6F:C4:C5:3F:8D:3E
X509v3 Authority Key Identifier:
keyid:71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/iaLbOYwvj-ArfzKca7dvxMU_jT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.90.0/24
IPv6:
2a10:e340::/32
Signature Algorithm: sha256WithRSAEncryption
90:ef:55:74:2a:53:e0:84:a4:fa:5f:fd:8d:88:e3:26:68:78:
a1:80:fc:52:8b:37:e6:5a:98:da:d7:59:ff:b0:12:40:c8:2f:
4c:b7:29:c6:6b:dc:fb:84:60:f4:32:f3:12:b2:cd:50:3b:f1:
c4:b0:38:23:41:8b:22:b6:6a:57:73:cb:ab:2a:2c:6c:26:27:
d7:eb:f4:5d:27:7b:47:05:76:bb:3c:fc:b4:25:f6:3a:5b:03:
81:4b:f2:73:42:1f:ad:22:8f:14:16:86:f6:d6:56:79:4c:40:
a3:ec:69:58:6f:49:2d:59:a8:50:46:63:0f:b5:fd:72:b4:40:
fa:a5:a6:a6:d7:9f:46:a7:74:38:5a:39:b0:a8:a0:e0:5d:25:
60:e1:4e:30:a8:26:73:54:a6:fc:8e:50:88:e5:96:4f:75:57:
0f:f8:19:bf:6b:29:b2:71:aa:a8:ac:ad:4b:c0:64:22:81:78:
2e:e0:2e:84:bc:f4:73:60:eb:d4:49:6e:5e:a8:b4:b4:2b:8b:
94:51:ed:50:49:59:d5:e2:34:68:d5:4a:bc:27:54:33:ce:7c:
f2:73:fe:6e:bf:bd:98:d4:71:87:cb:d5:18:a2:33:76:59:27:
f1:15:b1:50:72:ee:97:97:78:1f:c8:55:7b:12:12:91:d7:6d:
e7:5f:19:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYefJlH5NDdwUmPehn29EIJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMzliYzVjZWYzYWVhZGYzMjYxM2Y3ZDk1OWVjOGU0MGE3
NDI5MTgwHhcNMjMwNDIwMTQ1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWEyZGIzOThjMmY4ZmUwMmI3ZjMyOWM2YmI3NmZjNGM1M2Y4ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwvVvEC6DitISCjZ+4UEUARiGkKG
h8/1GJQTsCBBuErDXHcAnIxQ6/6eJk33i5vRGl9sdpnQLUVCnn4GtVT7iu8wYvBe
HVq+ZC4u7XDOcIhz/rwI/tV/Oniv+Wtgaq9FURBJ05L1SxTMnZE7QgsPG60lFHRG
/NYmiE9RfgsKKL4u+ec2k02BPTFmVuol8eS7Uf26lteaiq6MkOHnPD6YxlfZISCo
RCBHz3APrc9XEJP98FdYzuqoQbCq58sHrsYpj0zurXSUp6Lw1xUE00H5su/gZ6ub
JSap7PNdl6P5BfG2esfvR0iK0KWM7CjDuQ22Oqm68GolB63bxpBA+KGUCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFImi2zmML4/gK38ynGu3b8TFP40+MB8GA1UdIwQY
MBaAFHE5vFzvOurfMmE/fZWeyOQKdCkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYt
Nzk0YjI4ZWIxNmM1LzEvaWFMYk9Zd3ZqLUFyZnpLY2E3ZHZ4TVVfalQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYtNzk0YjI4ZWIxNmM1
LzEvY1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSRaMA0E
AgACMAcDBQAqEONAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ71V0KlPghKT6X/2NiOMm
aHihgPxSizfmWpja11n/sBJAyC9MtynGa9z7hGD0MvMSss1QO/HEsDgjQYsitmpX
c8urKixsJifX6/RdJ3tHBXa7PPy0JfY6WwOBS/JzQh+tIo8UFob21lZ5TECj7GlY
b0ktWahQRmMPtf1ytED6paam159Gp3Q4WjmwqKDgXSVg4U4wqCZzVKb8jlCI5ZZP
dVcP+Bm/aymycaqorK1LwGQigXgu4C6EvPRzYOvUSW5eqLS0K4uUUe1QSVnV4jRo
1Uq8J1Qzznzyc/5uv72Y1HGHy9UYojN2WSfxFbFQcu6Xl3gfyFV7EhKR123nXxkc
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:28 2024 by rpki-client on console-fra.rpki-client.org