Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/9Lyo6O2P5bXxK2dOcqPMAuYEM_0.roa
File: 9Lyo6O2P5bXxK2dOcqPMAuYEM_0.roa (raw, json)
Hash identifier: CEMh7he+W7weF3NezsS51uZ3itLUgDoqLbG/uhsyPSA=
Subject key identifier: F4:BC:A8:E8:ED:8F:E5:B5:F1:2B:67:4E:72:A3:CC:02:E6:04:33:FD
Certificate issuer: /CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Certificate serial: 0190496108DB3CD2DC30B2E5793321D4695C
Authority key identifier: DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/9Lyo6O2P5bXxK2dOcqPMAuYEM_0.roa
Signing time: Mon 24 Jun 2024 08:33:34 +0000
ROA not before: Mon 24 Jun 2024 08:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47216
IP address blocks: 193.111.236.0/24 maxlen: 24
194.59.215.0/24 maxlen: 24
2a11:7bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 21 Jul 2024 09:18:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:61:08:db:3c:d2:dc:30:b2:e5:79:33:21:d4:69:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Validity
Not Before: Jun 24 08:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4bca8e8ed8fe5b5f12b674e72a3cc02e60433fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:84:04:ea:9f:c3:f0:82:c6:62:4a:26:15:db:
8a:4c:f0:dd:75:95:10:98:99:6c:fb:26:7c:9c:4c:
ff:5e:26:a1:b2:55:f9:9d:3b:15:ee:6d:c2:5d:70:
9a:a0:f2:99:82:10:5c:8b:62:bf:75:9f:66:9b:15:
d9:02:71:6e:a0:3d:d9:0d:00:62:cf:ab:33:38:1a:
f4:5d:71:12:41:27:98:09:c7:0a:b0:d3:29:8f:4c:
0c:ba:56:0e:7b:b0:dd:dd:4f:7f:86:84:15:f3:e7:
5d:f2:cc:73:92:9d:9a:8a:d6:e0:1b:1a:ce:c1:ff:
cd:18:ff:02:fa:8f:3b:ef:a5:af:0e:6d:92:04:46:
ae:a2:15:4b:38:e1:2f:51:26:43:44:35:bb:3d:36:
5c:02:ad:23:be:e8:c2:5c:80:58:75:12:23:22:f5:
d7:34:90:6b:04:fa:e4:60:97:32:57:d0:21:28:d6:
fb:3e:6a:56:7d:07:f2:e6:3a:33:38:72:fa:19:5c:
39:69:da:a0:34:19:3d:a3:7b:ae:06:c8:d6:39:2b:
39:9e:6f:b1:79:89:cd:ec:fe:07:6a:47:1c:f0:7a:
bf:6a:0b:ae:2b:1a:eb:4a:b9:19:7e:12:b8:7c:c1:
8c:13:2c:32:80:0b:b7:f1:88:65:7c:aa:4a:31:e9:
c3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BC:A8:E8:ED:8F:E5:B5:F1:2B:67:4E:72:A3:CC:02:E6:04:33:FD
X509v3 Authority Key Identifier:
keyid:DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/9Lyo6O2P5bXxK2dOcqPMAuYEM_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.236.0/24
194.59.215.0/24
IPv6:
2a11:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:b9:2e:2d:16:4f:3a:d8:ee:c5:ba:37:95:55:dd:c4:b8:d1:
45:f4:f8:83:fa:24:24:18:26:5c:76:6c:00:74:06:6b:6b:b7:
4f:ff:a5:1f:2d:25:14:17:01:75:e9:b1:09:ac:26:dc:ad:32:
34:4a:c8:a8:fe:c5:1e:bf:a5:3c:8f:cf:cf:bd:66:23:e2:d6:
d3:ea:f2:b4:4a:14:5b:4e:61:42:9d:16:f7:0e:cb:7a:4c:66:
fc:19:a1:89:f3:1b:21:6d:ae:08:33:9b:31:69:fd:c0:b3:48:
e3:f2:5c:30:9a:f1:72:45:94:b0:64:fd:b4:b5:91:76:50:b5:
f7:d7:11:ce:d1:93:65:ab:08:47:09:a8:02:65:29:b1:49:8d:
1e:cf:de:61:d9:32:6a:1c:7b:8c:07:b7:34:4f:4e:e5:5e:b2:
dc:5f:5d:aa:b7:2b:96:db:de:39:44:bf:51:ae:9d:a2:fb:37:
e2:15:80:95:28:4a:57:ce:13:08:74:3a:34:f0:ae:b5:57:70:
d1:c3:b7:3e:4f:11:86:82:a1:85:4c:23:a5:bc:3a:c0:90:3b:
72:d1:20:0d:ec:45:3e:be:04:da:53:86:8e:43:c1:7d:2d:22:
91:b5:e9:c6:d5:48:cb:9f:b5:ed:ae:d0:36:d1:55:29:f2:27:
05:89:32:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZBJYQjbPNLcMLLleTMh1GlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTcyYzhmYWVjYjcwNTJjODQxMjAxYjI1ZjZhMDE4ZTQ3
N2IxYzIwHhcNMjQwNjI0MDgzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGJjYThlOGVkOGZlNWI1ZjEyYjY3NGU3MmEzY2MwMmU2MDQzM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIQE6p/D8ILGYkomFduKTPDddZUQ
mJls+yZ8nEz/XiahslX5nTsV7m3CXXCaoPKZghBci2K/dZ9mmxXZAnFuoD3ZDQBi
z6szOBr0XXESQSeYCccKsNMpj0wMulYOe7Dd3U9/hoQV8+dd8sxzkp2aitbgGxrO
wf/NGP8C+o8776WvDm2SBEauohVLOOEvUSZDRDW7PTZcAq0jvujCXIBYdRIjIvXX
NJBrBPrkYJcyV9AhKNb7PmpWfQfy5jozOHL6GVw5adqgNBk9o3uuBsjWOSs5nm+x
eYnN7P4Hakcc8Hq/aguuKxrrSrkZfhK4fMGMEywygAu38YhlfKpKMenDAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPS8qOjtj+W18StnTnKjzALmBDP9MB8GA1UdIwQY
MBaAFN7nLI+uy3BSyEEgGyX2oBjkd7HCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2Ut
MzgzZmIyYjk1NGQ5LzEvOUx5bzZPMlA1Ylh4SzJkT2NxUE1BdVlFTV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2UtMzgzZmIyYjk1NGQ5
LzEvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwW/sAwQA
wjvXMA0EAgACMAcDBQMqEXvAMA0GCSqGSIb3DQEBCwUAA4IBAQCnuS4tFk862O7F
ujeVVd3EuNFF9PiD+iQkGCZcdmwAdAZra7dP/6UfLSUUFwF16bEJrCbcrTI0Ssio
/sUev6U8j8/PvWYj4tbT6vK0ShRbTmFCnRb3Dst6TGb8GaGJ8xshba4IM5sxaf3A
s0jj8lwwmvFyRZSwZP20tZF2ULX31xHO0ZNlqwhHCagCZSmxSY0ez95h2TJqHHuM
B7c0T07lXrLcX12qtyuW2945RL9Rrp2i+zfiFYCVKEpXzhMIdDo08K61V3DRw7c+
TxGGgqGFTCOlvDrAkDty0SAN7EU+vgTaU4aOQ8F9LSKRtenG1UjLn7XtrtA20VUp
8icFiTIt
-----END CERTIFICATE-----
Generated at Sun Jul 21 10:29:13 2024 by rpki-client on console-fra.rpki-client.org