Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/1-hqNe_V-gVWWgNe5BgKLXeBRFIE.roa
File: 1-hqNe_V-gVWWgNe5BgKLXeBRFIE.roa (raw, json)
Hash identifier: FiHWtnwu3EJF+4wnv7h+F4l3YXi1q8iHpL2UeyXnacU=
Subject key identifier: FA:1A:8D:7B:F5:7E:81:55:96:80:D7:B9:06:02:8B:5D:E0:51:14:81
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 0185710BF0E7FB5B2AA560531A381BA1A280
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/1-hqNe_V-gVWWgNe5BgKLXeBRFIE.roa
Signing time: Mon 02 Jan 2023 05:54:45 +0000
ROA not before: Mon 02 Jan 2023 05:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49000
IP address blocks: 213.181.77.0/24 maxlen: 24
213.181.72.0/23 maxlen: 23
89.29.190.0/23 maxlen: 23
213.181.89.0/24 maxlen: 24
213.181.90.0/23 maxlen: 23
213.181.92.0/23 maxlen: 23
213.181.94.0/24 maxlen: 24
89.29.206.0/23 maxlen: 23
89.29.225.0/24 maxlen: 24
176.57.96.0/24 maxlen: 24
89.29.253.0/24 maxlen: 24
89.29.247.0/24 maxlen: 24
89.29.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:f0:e7:fb:5b:2a:a5:60:53:1a:38:1b:a1:a2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 2 05:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa1a8d7bf57e81559680d7b906028b5de0511481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9b:6d:5a:8d:f0:26:d3:c6:e1:99:9a:12:bc:
d0:a5:34:a1:bf:46:4f:ab:41:68:aa:23:47:b9:a3:
bc:c6:47:36:ab:00:39:e3:f8:e7:77:c4:af:44:af:
f7:3f:44:d0:e6:91:4d:2a:9c:1c:f8:4b:f0:df:b0:
81:12:f4:05:b2:36:a6:f3:45:12:40:fd:ed:97:ab:
2a:59:a9:f1:9a:d5:92:35:64:d7:b7:2e:ee:36:06:
47:e3:1b:26:2b:08:2d:ae:4d:56:5f:ec:0c:f8:c5:
16:4c:46:99:d9:b5:4d:49:7d:fc:3e:70:ea:5b:16:
06:24:2d:ee:aa:d0:c9:9a:8a:e1:57:2e:85:d3:a4:
79:b6:72:3b:75:da:b0:9d:2e:4a:13:9f:25:a1:f9:
85:76:4c:32:2a:cc:0c:b4:6e:84:a2:e4:a8:d4:e5:
8b:e6:c6:71:5b:af:1e:46:d0:a7:07:b8:6a:87:69:
44:39:7e:02:17:02:90:da:e7:3e:27:49:97:18:e7:
9f:12:a7:7d:d1:20:87:29:2a:0e:9f:74:88:a5:44:
54:c8:01:a1:3f:c4:dd:63:0b:89:88:dc:d8:f8:2f:
31:fc:12:a6:48:72:76:75:93:a3:28:88:af:96:08:
48:6b:43:67:cc:dd:60:3a:01:54:4a:57:33:3a:fa:
d6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1A:8D:7B:F5:7E:81:55:96:80:D7:B9:06:02:8B:5D:E0:51:14:81
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/1-hqNe_V-gVWWgNe5BgKLXeBRFIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.190.0/23
89.29.206.0/23
89.29.225.0/24
89.29.247.0/24
89.29.253.0/24
89.29.255.0/24
176.57.96.0/24
213.181.72.0/23
213.181.77.0/24
213.181.89.0-213.181.94.255
Signature Algorithm: sha256WithRSAEncryption
87:8f:61:56:ba:e8:bc:20:9e:f1:69:1c:54:db:bc:a2:23:ad:
bd:48:d0:b6:49:51:a3:20:32:2a:98:ee:b0:3f:f8:5a:f6:8f:
da:98:2d:2a:77:4b:8d:c1:c3:f0:64:da:cc:00:00:dd:ff:7b:
77:ce:83:e8:78:47:88:3d:77:6e:0e:f4:29:ed:6b:dd:4b:2f:
54:bd:82:e1:8d:7c:7e:dd:aa:8b:b2:12:b7:4a:60:8c:2c:51:
c6:ef:ed:cb:65:80:2d:4a:68:39:a5:01:98:64:6c:53:84:33:
44:29:d4:78:1a:91:dd:b2:12:1d:d7:3f:eb:44:38:f8:b4:1e:
96:d2:f4:c7:bb:9d:f1:29:ea:75:8a:a0:25:c9:3e:44:46:75:
b7:69:0c:e1:c7:9d:a1:3c:4e:ce:35:7f:c0:62:cd:80:82:cd:
8e:31:fe:c4:28:48:1b:ab:13:21:fb:c9:18:06:25:e4:0e:59:
24:77:80:f1:dc:f2:fc:80:c8:d9:78:96:89:4e:bb:44:e6:57:
f4:25:e3:3f:da:2d:3b:a5:e7:bb:82:e0:9f:eb:67:30:f7:02:
8e:1d:a8:75:d5:b3:62:b5:ed:4c:4c:b8:cb:5b:d6:52:08:fb:
ed:54:c8:99:77:0d:5a:74:8c:73:09:ca:27:fe:0f:71:cc:72:
27:23:9b:e0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVxC/Dn+1sqpWBTGjgboaKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjMwMTAyMDU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFhOGQ3YmY1N2U4MTU1OTY4MGQ3YjkwNjAyOGI1ZGUwNTExNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZttWo3wJtPG4ZmaErzQpTShv0ZP
q0FoqiNHuaO8xkc2qwA54/jnd8SvRK/3P0TQ5pFNKpwc+Evw37CBEvQFsjam80US
QP3tl6sqWanxmtWSNWTXty7uNgZH4xsmKwgtrk1WX+wM+MUWTEaZ2bVNSX38PnDq
WxYGJC3uqtDJmorhVy6F06R5tnI7ddqwnS5KE58lofmFdkwyKswMtG6EouSo1OWL
5sZxW68eRtCnB7hqh2lEOX4CFwKQ2uc+J0mXGOefEqd90SCHKSoOn3SIpURUyAGh
P8TdYwuJiNzY+C8x/BKmSHJ2dZOjKIivlghIa0NnzN1gOgFUSlczOvrWDQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFPoajXv1foFVloDXuQYCi13gURSBMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvMS1ocU5lX1YtZ1ZXV2dOZTVCZ0tMWGVCUkZJRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvMDg5OGJlLWIwMzctNDI5Zi1iNTA0LTFkOTM0YTA0ODQ3
NC8xLzZTeEJYUmQxcnBtVDZRQ25VMnRHcXhSS21xSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBdBggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAVkdvgME
AVkdzgMEAFkd4QMEAFkd9wMEAFkd/QMEAFkd/wMEALA5YAMEAdW1SAMEANW1TTAM
AwQA1bVZAwQA1bVeMA0GCSqGSIb3DQEBCwUAA4IBAQCHj2FWuui8IJ7xaRxU27yi
I629SNC2SVGjIDIqmO6wP/ha9o/amC0qd0uNwcPwZNrMAADd/3t3zoPoeEeIPXdu
DvQp7WvdSy9UvYLhjXx+3aqLshK3SmCMLFHG7+3LZYAtSmg5pQGYZGxThDNEKdR4
GpHdshId1z/rRDj4tB6W0vTHu53xKep1iqAlyT5ERnW3aQzhx52hPE7ONX/AYs2A
gs2OMf7EKEgbqxMh+8kYBiXkDlkkd4Dx3PL8gMjZeJaJTrtE5lf0JeM/2i07pee7
guCf62cw9wKOHah11bNite1MTLjLW9ZSCPvtVMiZdw1adIxzCcon/g9xzHInI5vg
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:05 2024 by rpki-client on console-ams.rpki-client.org