Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/erPg96W8DbHar5Hm3pc_y0HKrQU.roa
File: erPg96W8DbHar5Hm3pc_y0HKrQU.roa (raw, json)
Hash identifier: Q6bmPdENJmA4DDm6kHxv6MJkW8x2Hv+mbeyjuzawMro=
Subject key identifier: 7A:B3:E0:F7:A5:BC:0D:B1:DA:AF:91:E6:DE:97:3F:CB:41:CA:AD:05
Certificate issuer: /CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Certificate serial: 018B3DADDD841935D75C59ADD744E0C5C296
Authority key identifier: 6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/erPg96W8DbHar5Hm3pc_y0HKrQU.roa
Signing time: Tue 17 Oct 2023 12:48:06 +0000
ROA not before: Tue 17 Oct 2023 12:48:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196724
IP address blocks: 195.182.36.0/24 maxlen: 24
178.23.176.0/21 maxlen: 21
2a00:1cf0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 04 Nov 2023 16:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:ad:dd:84:19:35:d7:5c:59:ad:d7:44:e0:c5:c2:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Validity
Not Before: Oct 17 12:48:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ab3e0f7a5bc0db1daaf91e6de973fcb41caad05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0f:25:f2:08:5e:44:06:93:53:da:a3:a5:06:
f6:9c:6d:b4:6b:0e:a1:06:14:9a:3b:32:2e:87:97:
5f:86:78:b0:29:86:ac:27:25:a8:65:8b:f2:72:23:
42:c2:b5:d5:94:f5:fe:d1:cc:29:d7:06:d5:4b:b7:
e7:b2:d1:72:98:34:91:09:1f:8e:d5:fd:46:d2:25:
00:19:8f:89:d4:51:f1:8c:54:f1:e0:ca:66:c2:69:
35:55:88:c3:ea:c1:5a:8b:f8:fb:fd:d9:43:c9:d9:
02:ad:5c:04:07:ae:67:d2:a0:b2:f1:9c:af:1d:45:
77:97:b4:c6:db:fc:01:0a:47:72:ae:70:5e:c8:8b:
c0:4a:e7:ee:26:58:1f:08:2b:c8:ba:49:6a:c8:f7:
32:49:d2:00:d4:28:29:b9:47:45:cc:e1:ad:10:21:
e8:64:2c:b1:39:11:26:f8:db:86:3d:dc:67:04:09:
d9:67:65:09:97:1e:c4:7a:e7:6c:ea:f5:a1:43:d6:
0a:4e:7a:4c:b2:76:77:83:02:91:ff:3d:47:d7:fd:
6a:ce:3e:ca:4d:d5:f3:86:52:93:e7:9f:70:a9:89:
b0:4d:6f:c4:6a:52:69:a8:19:f9:57:26:9a:c7:ef:
e7:6b:1d:43:3c:43:8e:b1:6c:c4:34:94:36:a5:2d:
29:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B3:E0:F7:A5:BC:0D:B1:DA:AF:91:E6:DE:97:3F:CB:41:CA:AD:05
X509v3 Authority Key Identifier:
keyid:6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/erPg96W8DbHar5Hm3pc_y0HKrQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.176.0/21
195.182.36.0/24
IPv6:
2a00:1cf0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:9e:3f:a3:62:b9:c1:bc:94:8b:e7:73:ff:13:d5:cc:97:d5:
2b:5f:6d:4e:04:cb:f5:3e:b0:84:e2:f6:2f:9e:25:4b:75:53:
0a:b7:6c:af:02:3f:5c:d8:e1:66:5e:0f:cd:2c:42:4c:0c:43:
55:04:11:0b:7b:fa:0b:36:f7:6e:70:c9:27:d9:dc:cd:87:51:
7e:c5:29:7e:a4:c6:7b:b8:e2:fa:b5:c2:01:d0:79:50:be:7b:
86:80:bb:00:2d:58:7b:ca:4e:49:0d:ea:a2:36:02:41:fa:00:
47:63:37:68:64:ae:1a:16:06:7e:d5:b6:9d:af:e0:f4:f6:38:
22:9a:12:ba:10:48:ea:99:6c:c6:ad:ad:d4:b0:34:cc:10:3a:
09:28:1e:18:ca:36:88:ed:0a:0c:2d:b2:2e:1c:e7:9c:9a:0a:
be:cc:8e:b3:82:97:94:05:25:7c:4c:ef:df:cd:21:ed:ff:fe:
86:4f:7d:35:d9:da:4f:26:d0:b3:4d:94:c6:f0:95:82:09:4c:
79:37:bc:b8:e3:59:68:d2:95:dc:ff:ed:da:88:54:75:96:a1:
03:78:11:0c:e1:58:51:65:36:44:1f:6c:03:f8:7d:9d:0b:c3:
c8:67:5b:60:a8:c2:eb:a1:45:ac:18:56:90:ff:b4:93:24:8a:
d7:fb:4d:c8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYs9rd2EGTXXXFmt10TgxcKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWU0ZWY1NTE2Nzk5ZmZlMGJiMWI4MzkzMTdkYmQzNTVi
YjdhOWIwHhcNMjMxMDE3MTI0ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWIzZTBmN2E1YmMwZGIxZGFhZjkxZTZkZTk3M2ZjYjQxY2FhZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg8l8gheRAaTU9qjpQb2nG20aw6h
BhSaOzIuh5dfhniwKYasJyWoZYvyciNCwrXVlPX+0cwp1wbVS7fnstFymDSRCR+O
1f1G0iUAGY+J1FHxjFTx4Mpmwmk1VYjD6sFai/j7/dlDydkCrVwEB65n0qCy8Zyv
HUV3l7TG2/wBCkdyrnBeyIvASufuJlgfCCvIuklqyPcySdIA1CgpuUdFzOGtECHo
ZCyxOREm+NuGPdxnBAnZZ2UJlx7Eeuds6vWhQ9YKTnpMsnZ3gwKR/z1H1/1qzj7K
TdXzhlKT559wqYmwTW/EalJpqBn5Vyaax+/nax1DPEOOsWzENJQ2pS0puQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHqz4PelvA2x2q+R5t6XP8tByq0FMB8GA1UdIwQY
MBaAFGxeTvVRZ5n/4Lsbg5MX29NVu3qbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUt
MWJlNzUzZmFkMWJmLzEvZXJQZzk2VzhEYkhhcjVIbTNwY195MEhLclFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUtMWJlNzUzZmFkMWJm
LzEvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDshewAwQA
w7YkMA0EAgACMAcDBQAqABzwMA0GCSqGSIb3DQEBCwUAA4IBAQAtnj+jYrnBvJSL
53P/E9XMl9UrX21OBMv1PrCE4vYvniVLdVMKt2yvAj9c2OFmXg/NLEJMDENVBBEL
e/oLNvducMkn2dzNh1F+xSl+pMZ7uOL6tcIB0HlQvnuGgLsALVh7yk5JDeqiNgJB
+gBHYzdoZK4aFgZ+1badr+D09jgimhK6EEjqmWzGra3UsDTMEDoJKB4YyjaI7QoM
LbIuHOecmgq+zI6zgpeUBSV8TO/fzSHt//6GT3012dpPJtCzTZTG8JWCCUx5N7y4
41lo0pXc/+3aiFR1lqEDeBEM4VhRZTZEH2wD+H2dC8PIZ1tgqMLroUWsGFaQ/7ST
JIrX+03I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org