Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/voOwoDWAPXFPZM9ePbLltCYrOxM.roa
File: voOwoDWAPXFPZM9ePbLltCYrOxM.roa (raw, json)
Hash identifier: LhWwyUjkFMRMhvc+Efzc1JmtiFe0uGeVYA9kXlgW4UI=
Subject key identifier: BE:83:B0:A0:35:80:3D:71:4F:64:CF:5E:3D:B2:E5:B4:26:2B:3B:13
Certificate issuer: /CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477
Certificate serial: 01856E144B3631A43B3CF5C9F5711042F469
Authority key identifier: 9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/voOwoDWAPXFPZM9ePbLltCYrOxM.roa
Signing time: Sun 01 Jan 2023 16:05:01 +0000
ROA not before: Sun 01 Jan 2023 16:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50467
IP address blocks: 193.106.208.0/23 maxlen: 23
31.134.48.0/20 maxlen: 20
109.95.112.0/21 maxlen: 21
91.221.88.0/23 maxlen: 23
46.151.16.0/21 maxlen: 21
185.235.76.0/24 maxlen: 24
109.95.144.0/21 maxlen: 21
193.200.133.0/24 maxlen: 24
2a0c:db00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:4b:36:31:a4:3b:3c:f5:c9:f5:71:10:42:f4:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477
Validity
Not Before: Jan 1 16:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be83b0a035803d714f64cf5e3db2e5b4262b3b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e2:a4:4a:32:a7:e7:48:18:ed:f1:0f:d2:04:
51:97:55:4a:96:ab:1d:df:13:b9:a5:b7:d6:be:2c:
1c:6a:6a:35:33:c4:41:ef:20:76:41:f3:d1:23:58:
ee:04:a1:a1:0e:83:1e:7d:9e:94:88:78:24:d4:c0:
4a:12:5c:39:6e:78:a0:80:ea:c9:da:ba:74:88:18:
69:0c:0a:fd:64:7e:46:23:fd:61:62:3f:86:12:28:
23:a4:c8:23:6b:73:48:bf:c9:26:8f:07:aa:f2:58:
fe:0c:2d:ab:f1:fb:ed:c1:e3:33:c2:07:de:17:5b:
0c:10:bf:ef:8c:3b:5a:21:28:75:a9:bf:11:a9:8c:
2a:fc:fc:9c:46:4a:cd:0a:0f:1b:3e:85:46:84:b1:
c4:a0:26:34:ae:59:3c:02:9a:96:55:1d:09:3b:6e:
69:e3:91:33:91:14:c9:26:50:17:d4:9e:9b:b0:b9:
e2:96:cb:f1:11:e9:a5:4b:14:1b:2a:fc:f7:ad:51:
6d:8a:39:00:bd:7e:f3:8d:cb:ea:26:43:ad:31:e3:
b0:2e:e8:f6:97:0c:48:fe:2c:fd:17:12:f8:a2:41:
d7:a4:5b:2e:30:3a:c9:bd:10:67:32:29:6a:c7:4e:
11:7a:63:8b:d2:f0:b8:3c:29:fb:11:7d:fe:70:93:
27:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:83:B0:A0:35:80:3D:71:4F:64:CF:5E:3D:B2:E5:B4:26:2B:3B:13
X509v3 Authority Key Identifier:
keyid:9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/voOwoDWAPXFPZM9ePbLltCYrOxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.48.0/20
46.151.16.0/21
91.221.88.0/23
109.95.112.0/21
109.95.144.0/21
185.235.76.0/24
193.106.208.0/23
193.200.133.0/24
IPv6:
2a0c:db00::/29
Signature Algorithm: sha256WithRSAEncryption
93:d8:d2:4f:6b:70:16:a2:bb:9c:01:a9:55:16:22:df:de:47:
cd:4a:73:16:7b:41:9a:ee:e5:b4:0d:ee:64:92:4b:e6:73:23:
62:9c:df:04:fa:f5:09:b9:f0:cf:9c:f2:49:ee:37:13:fe:68:
13:61:e4:0a:0e:01:0e:75:fc:15:82:27:9a:36:95:50:2d:24:
1c:86:ff:d6:db:2a:9a:ce:96:84:04:9e:57:a7:a5:1e:88:e8:
8c:11:a8:3f:69:bb:4a:24:9c:eb:32:58:1c:8a:a9:0b:bc:ff:
bc:85:13:c7:6f:63:95:e3:13:fe:e8:02:e6:df:69:6b:c2:67:
04:3a:66:07:8b:a3:9b:df:16:bf:0b:35:25:9e:7a:9a:a0:26:
46:80:33:61:e1:f9:6d:0c:7f:e9:2d:1b:42:ee:a7:ee:5f:26:
31:26:e5:34:89:6e:42:e8:84:b3:aa:64:8c:a9:91:b0:82:c5:
6f:b0:88:59:94:01:cd:78:15:33:30:d4:9f:38:09:81:a5:28:
a7:81:84:88:33:30:b1:ba:23:8d:29:d3:78:f3:7a:43:aa:bb:
da:f3:e4:28:3b:18:c5:96:fc:7d:23:1d:51:44:fc:bd:d6:6d:
3d:ca:56:02:2a:6d:be:ef:78:38:56:e7:25:39:b5:3e:5a:d6:
79:31:1e:c4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVuFEs2MaQ7PPXJ9XEQQvRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzZkMDhhM2NkOGE0MmY0NmEyYzk2ZGZkNzJlZDhjZWUy
Nzk0NzcwHhcNMjMwMTAxMTYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTgzYjBhMDM1ODAzZDcxNGY2NGNmNWUzZGIyZTViNDI2MmIzYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOKkSjKn50gY7fEP0gRRl1VKlqsd
3xO5pbfWviwcamo1M8RB7yB2QfPRI1juBKGhDoMefZ6UiHgk1MBKElw5bniggOrJ
2rp0iBhpDAr9ZH5GI/1hYj+GEigjpMgja3NIv8kmjweq8lj+DC2r8fvtweMzwgfe
F1sMEL/vjDtaISh1qb8RqYwq/PycRkrNCg8bPoVGhLHEoCY0rlk8ApqWVR0JO25p
45EzkRTJJlAX1J6bsLnilsvxEemlSxQbKvz3rVFtijkAvX7zjcvqJkOtMeOwLuj2
lwxI/iz9FxL4okHXpFsuMDrJvRBnMilqx04RemOL0vC4PCn7EX3+cJMnoQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFL6DsKA1gD1xT2TPXj2y5bQmKzsTMB8GA1UdIwQY
MBaAFJ820Io82KQvRqLJbf1y7YzuJ5R3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3Mjct
YzMzMzcyYzlkNTA3LzEvdm9Pd29EV0FQWEZQWk05ZVBiTGx0Q1lyT3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3MjctYzMzMzcyYzlkNTA3
LzEvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEH4YwAwQD
LpcQAwQBW91YAwQDbV9wAwQDbV+QAwQAuetMAwQBwWrQAwQAwciFMA0EAgACMAcD
BQMqDNsAMA0GCSqGSIb3DQEBCwUAA4IBAQCT2NJPa3AWorucAalVFiLf3kfNSnMW
e0Ga7uW0De5kkkvmcyNinN8E+vUJufDPnPJJ7jcT/mgTYeQKDgEOdfwVgieaNpVQ
LSQchv/W2yqazpaEBJ5Xp6UeiOiMEag/abtKJJzrMlgciqkLvP+8hRPHb2OV4xP+
6ALm32lrwmcEOmYHi6Ob3xa/CzUlnnqaoCZGgDNh4fltDH/pLRtC7qfuXyYxJuU0
iW5C6ISzqmSMqZGwgsVvsIhZlAHNeBUzMNSfOAmBpSingYSIMzCxuiONKdN483pD
qrva8+QoOxjFlvx9Ix1RRPy91m09ylYCKm2+73g4VuclObU+WtZ5MR7E
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:44 2024 by rpki-client on console-fra.rpki-client.org