Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/478aeb-d97f-47b7-81b0-a17dab701c41/1/m-peOANdprJkqvocqvOQJqH4EDQ.roa
File: m-peOANdprJkqvocqvOQJqH4EDQ.roa (raw, json)
Hash identifier: IsZ3YAfVXqXIActGtYanUMp0lG1R+sQn3KVhvZT8ohw=
Subject key identifier: 9B:EA:5E:38:03:5D:A6:B2:64:AA:FA:1C:AA:F3:90:26:A1:F8:10:34
Certificate issuer: /CN=e7ae03329e3c0f73ea83fb637ca20aece16a8eb4
Certificate serial: 0189FE97468F65D1D8F396419615CB4E779C
Authority key identifier: E7:AE:03:32:9E:3C:0F:73:EA:83:FB:63:7C:A2:0A:EC:E1:6A:8E:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/564DMp48D3Pqg_tjfKIK7OFqjrQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/478aeb-d97f-47b7-81b0-a17dab701c41/1/m-peOANdprJkqvocqvOQJqH4EDQ.roa
Signing time: Wed 16 Aug 2023 13:44:34 +0000
ROA not before: Wed 16 Aug 2023 13:44:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204558
IP address blocks: 188.95.200.0/21 maxlen: 21
85.118.168.0/21 maxlen: 21
185.29.0.0/22 maxlen: 22
79.170.72.0/21 maxlen: 21
2a00:91c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:97:46:8f:65:d1:d8:f3:96:41:96:15:cb:4e:77:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7ae03329e3c0f73ea83fb637ca20aece16a8eb4
Validity
Not Before: Aug 16 13:44:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bea5e38035da6b264aafa1caaf39026a1f81034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:75:ee:28:ee:15:12:7a:c7:eb:bc:96:66:fc:
dc:e6:4f:3b:b0:1a:ac:bd:68:a8:7c:09:9b:d0:ad:
1b:0c:06:90:07:0f:cd:7b:67:46:b2:57:ae:48:74:
85:3e:8f:3f:ee:e3:64:ac:70:d8:b4:ae:48:31:88:
24:56:a9:c2:90:bd:d3:82:ae:84:97:7f:66:38:3b:
ea:8a:06:8c:1d:2e:0b:b8:b7:45:1f:10:aa:18:24:
43:1f:18:34:23:ea:99:70:ae:7f:85:9b:45:fa:c5:
e2:ce:1d:b4:c6:61:08:cd:f3:41:4f:b4:74:32:86:
80:89:09:43:2b:ae:f0:fd:5d:33:f4:83:4f:0f:3a:
f9:9b:c9:96:37:de:08:30:48:0f:89:13:0f:90:5e:
21:65:da:2c:73:c7:f7:bb:05:6a:b4:2d:60:73:1e:
3c:66:3f:11:ed:9a:15:e2:ff:88:86:33:27:07:51:
08:d0:40:93:cd:5d:e4:1c:a5:7a:9a:c4:90:3a:dc:
87:36:bf:e4:40:88:42:06:8d:76:98:4f:a9:93:ab:
0f:2e:ff:9f:07:dc:ef:87:08:a5:3e:c8:e8:d2:db:
29:98:37:c2:bb:6b:47:07:a4:f0:13:5f:87:c1:f8:
6e:b3:d8:1a:5e:1e:8a:5c:dd:1d:93:3e:b2:56:1f:
5f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:EA:5E:38:03:5D:A6:B2:64:AA:FA:1C:AA:F3:90:26:A1:F8:10:34
X509v3 Authority Key Identifier:
keyid:E7:AE:03:32:9E:3C:0F:73:EA:83:FB:63:7C:A2:0A:EC:E1:6A:8E:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/564DMp48D3Pqg_tjfKIK7OFqjrQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/478aeb-d97f-47b7-81b0-a17dab701c41/1/m-peOANdprJkqvocqvOQJqH4EDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/478aeb-d97f-47b7-81b0-a17dab701c41/1/564DMp48D3Pqg_tjfKIK7OFqjrQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.72.0/21
85.118.168.0/21
185.29.0.0/22
188.95.200.0/21
IPv6:
2a00:91c0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:bc:86:9e:ac:b0:6a:73:55:44:f3:68:4a:8f:fa:3c:37:7a:
5b:c1:73:8c:97:14:d3:c0:78:93:5c:7f:6f:b7:96:3d:4a:79:
8a:b7:14:a3:7f:eb:fc:e7:94:51:98:13:c3:88:51:5f:76:1a:
c4:c4:ad:4a:99:d6:9c:f0:1b:27:a8:2d:20:50:7d:50:01:44:
f7:7e:d9:00:ec:c2:eb:b6:63:3c:33:2d:f4:b3:2a:bc:22:8e:
3f:7c:34:0b:2b:d3:5f:c0:c0:a0:37:cc:82:fc:c7:97:bf:7e:
11:16:c4:81:67:e0:56:d4:19:4d:41:69:e4:89:10:a1:11:eb:
fa:34:9b:7b:d4:98:02:59:d8:8c:06:e2:fa:08:40:f5:a3:68:
70:ee:7e:ae:2e:96:56:5f:e4:6c:73:98:3e:10:69:f2:b7:e3:
10:4e:1b:77:c3:35:3a:0a:e1:2e:4c:1c:f9:c8:ff:56:f1:45:
f7:86:a2:09:19:35:89:74:c8:b6:aa:66:ca:58:76:5d:e7:83:
04:03:36:99:09:ac:22:ad:e9:08:7e:3f:58:c8:ec:e7:da:d0:
a2:9a:53:be:0e:cc:13:3e:a4:a8:1c:f3:9d:42:2a:42:21:cd:
a6:b2:0f:1e:e5:f1:cc:d4:67:31:3f:cb:ba:82:d0:e1:5e:17:
93:e4:98:ff
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYn+l0aPZdHY85ZBlhXLTnecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YWUwMzMyOWUzYzBmNzNlYTgzZmI2MzdjYTIwYWVjZTE2
YThlYjQwHhcNMjMwODE2MTM0NDM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmVhNWUzODAzNWRhNmIyNjRhYWZhMWNhYWYzOTAyNmExZjgxMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3XuKO4VEnrH67yWZvzc5k87sBqs
vWiofAmb0K0bDAaQBw/Ne2dGsleuSHSFPo8/7uNkrHDYtK5IMYgkVqnCkL3Tgq6E
l39mODvqigaMHS4LuLdFHxCqGCRDHxg0I+qZcK5/hZtF+sXizh20xmEIzfNBT7R0
MoaAiQlDK67w/V0z9INPDzr5m8mWN94IMEgPiRMPkF4hZdosc8f3uwVqtC1gcx48
Zj8R7ZoV4v+IhjMnB1EI0ECTzV3kHKV6msSQOtyHNr/kQIhCBo12mE+pk6sPLv+f
B9zvhwilPsjo0tspmDfCu2tHB6TwE1+Hwfhus9gaXh6KXN0dkz6yVh9fNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJvqXjgDXaayZKr6HKrzkCah+BA0MB8GA1UdIwQY
MBaAFOeuAzKePA9z6oP7Y3yiCuzhao60MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTY0RE1wNDhEM1BxZ190amZLSUs3T0ZxanJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NzhhZWItZDk3Zi00N2I3LTgxYjAt
YTE3ZGFiNzAxYzQxLzEvbS1wZU9BTmRwckprcXZvY3F2T1FKcUg0RURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NzhhZWItZDk3Zi00N2I3LTgxYjAtYTE3ZGFiNzAxYzQx
LzEvNTY0RE1wNDhEM1BxZ190amZLSUs3T0ZxanJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDT6pIAwQD
VXaoAwQCuR0AAwQDvF/IMA0EAgACMAcDBQAqAJHAMA0GCSqGSIb3DQEBCwUAA4IB
AQCovIaerLBqc1VE82hKj/o8N3pbwXOMlxTTwHiTXH9vt5Y9SnmKtxSjf+v855RR
mBPDiFFfdhrExK1Kmdac8BsnqC0gUH1QAUT3ftkA7MLrtmM8My30syq8Io4/fDQL
K9NfwMCgN8yC/MeXv34RFsSBZ+BW1BlNQWnkiRChEev6NJt71JgCWdiMBuL6CED1
o2hw7n6uLpZWX+Rsc5g+EGnyt+MQTht3wzU6CuEuTBz5yP9W8UX3hqIJGTWJdMi2
qmbKWHZd54MEAzaZCawirekIfj9YyOzn2tCimlO+DswTPqSoHPOdQipCIc2msg8e
5fHM1GcxP8u6gtDhXheT5Jj/
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:17 2024 by rpki-client on console-ams.rpki-client.org