Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/gU_AHby3RU6uZFBGw8HaPV15NZk.roa
File: gU_AHby3RU6uZFBGw8HaPV15NZk.roa (raw, json)
Hash identifier: 5bNImqfvFRLseNfFvG3kVjhNqQGrgx/SCwcymy9NzR8=
Subject key identifier: 81:4F:C0:1D:BC:B7:45:4E:AE:64:50:46:C3:C1:DA:3D:5D:79:35:99
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 0188D364AC8433E2CCA00E74C59FF84DB3AA
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/gU_AHby3RU6uZFBGw8HaPV15NZk.roa
Signing time: Mon 19 Jun 2023 11:22:50 +0000
ROA not before: Mon 19 Jun 2023 11:22:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42585
IP address blocks: 213.249.64.0/21 maxlen: 24
194.213.126.0/23 maxlen: 24
213.249.92.0/22 maxlen: 24
2a01:448::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:64:ac:84:33:e2:cc:a0:0e:74:c5:9f:f8:4d:b3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jun 19 11:22:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=814fc01dbcb7454eae645046c3c1da3d5d793599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c9:aa:dc:48:9b:ea:5a:db:6e:9a:b6:8a:ca:
cc:e7:9b:59:24:53:32:bc:52:4f:74:19:7c:55:a5:
e9:f3:c3:a0:5b:e1:55:a1:70:54:fe:f8:2d:25:99:
cc:0a:1e:75:a2:12:44:c8:84:d6:f2:64:e0:f7:03:
ae:b0:7f:09:ae:71:57:db:f7:8e:da:fd:c0:f6:4a:
df:ff:c9:86:3a:6d:58:29:c3:03:ae:c8:74:4a:e2:
36:1b:99:24:7c:1b:b4:b8:30:1e:18:dc:92:a4:ba:
8d:55:0b:9c:e4:17:a4:0a:37:48:b1:6a:d2:5b:fb:
fa:eb:64:23:8c:5c:a1:76:8c:44:0f:30:c9:fa:9b:
c0:e7:33:9e:30:62:73:a6:c5:4b:c8:db:e7:9a:60:
81:e8:1e:3f:dc:e2:ca:57:da:36:43:f0:7f:82:70:
d9:68:27:79:e0:e1:e2:69:b6:e8:ba:bc:df:d3:e1:
79:4a:a0:8c:3b:73:06:54:11:82:0b:4e:a6:80:e2:
02:97:75:a8:6f:ea:5c:b1:92:72:22:6c:7e:55:b1:
72:aa:0b:a5:7c:97:15:05:b1:46:e9:bb:8b:4c:6c:
3e:ce:64:e3:4b:8d:0b:bd:ab:3e:d0:3f:61:56:f2:
ff:98:7c:2a:51:6d:a3:cc:6e:c2:e8:a0:ee:f3:cb:
d7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4F:C0:1D:BC:B7:45:4E:AE:64:50:46:C3:C1:DA:3D:5D:79:35:99
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/gU_AHby3RU6uZFBGw8HaPV15NZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.213.126.0/23
213.249.64.0/21
213.249.92.0/22
IPv6:
2a01:448::/32
Signature Algorithm: sha256WithRSAEncryption
35:4e:7d:bf:78:58:6e:21:9e:e8:29:72:f6:13:24:5a:6f:7e:
e4:97:82:14:b9:ad:d6:e0:54:a4:ff:27:4e:a0:8d:2f:9b:72:
f9:54:bd:94:3c:a2:82:de:92:f1:0a:75:e4:48:08:81:59:ac:
bf:c6:fd:fd:54:1e:ba:0d:ee:65:98:55:f1:78:68:bc:d6:10:
cd:3e:03:10:97:5a:c6:3e:73:27:13:ed:c2:0c:b4:a0:45:80:
0a:ca:e4:0c:47:21:2f:86:a0:17:5f:82:43:24:8a:8a:5b:97:
0c:d1:55:ed:41:5f:15:39:36:91:f5:3a:af:07:37:29:82:1d:
bc:9e:27:59:54:00:98:99:b2:4e:a3:06:c7:47:8a:2e:ec:cb:
f7:8a:8a:7b:20:0e:0f:2e:71:89:75:cf:4c:79:d3:ff:a0:a3:
9f:e0:2b:87:0e:1e:51:9b:a6:a5:89:4b:e7:d5:50:65:12:d9:
61:6c:32:71:54:05:8f:d8:fb:e9:87:73:72:85:ba:40:27:49:
95:89:c3:54:fc:d5:db:14:9b:83:48:8b:95:67:b4:66:59:2b:
1b:91:02:c2:e3:8c:bf:3b:0a:f7:1e:77:d2:8a:eb:12:59:d3:
c1:41:15:58:c6:ca:ce:ce:16:f0:35:c6:4a:dc:ff:37:bc:0c:
6e:58:15:8f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYjTZKyEM+LMoA50xZ/4TbOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjMwNjE5MTEyMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTRmYzAxZGJjYjc0NTRlYWU2NDUwNDZjM2MxZGEzZDVkNzkzNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsmq3Eib6lrbbpq2isrM55tZJFMy
vFJPdBl8VaXp88OgW+FVoXBU/vgtJZnMCh51ohJEyITW8mTg9wOusH8JrnFX2/eO
2v3A9krf/8mGOm1YKcMDrsh0SuI2G5kkfBu0uDAeGNySpLqNVQuc5BekCjdIsWrS
W/v662QjjFyhdoxEDzDJ+pvA5zOeMGJzpsVLyNvnmmCB6B4/3OLKV9o2Q/B/gnDZ
aCd54OHiabbourzf0+F5SqCMO3MGVBGCC06mgOICl3Wob+pcsZJyImx+VbFyqgul
fJcVBbFG6buLTGw+zmTjS40Lvas+0D9hVvL/mHwqUW2jzG7C6KDu88vXnQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIFPwB28t0VOrmRQRsPB2j1deTWZMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvZ1VfQUhieTNSVTZ1WkZCR3c4SGFQVjE1TlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwtV+AwQD
1flAAwQC1flcMA0EAgACMAcDBQAqAQRIMA0GCSqGSIb3DQEBCwUAA4IBAQA1Tn2/
eFhuIZ7oKXL2EyRab37kl4IUua3W4FSk/ydOoI0vm3L5VL2UPKKC3pLxCnXkSAiB
Way/xv39VB66De5lmFXxeGi81hDNPgMQl1rGPnMnE+3CDLSgRYAKyuQMRyEvhqAX
X4JDJIqKW5cM0VXtQV8VOTaR9TqvBzcpgh28nidZVACYmbJOowbHR4ou7Mv3iop7
IA4PLnGJdc9MedP/oKOf4CuHDh5Rm6aliUvn1VBlEtlhbDJxVAWP2Pvph3NyhbpA
J0mVicNU/NXbFJuDSIuVZ7RmWSsbkQLC44y/Owr3HnfSiusSWdPBQRVYxsrOzhbw
NcZK3P83vAxuWBWP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:56 2024 by rpki-client on console-fra.rpki-client.org