Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/7AAAJDW6UAv5a6yWmyQJhWo5yKM.roa
File: 7AAAJDW6UAv5a6yWmyQJhWo5yKM.roa (raw, json)
Hash identifier: bfmRry3QHFb1f1aOUbpORrNeYROhK66V8WRLzAONtKg=
Subject key identifier: EC:00:00:24:35:BA:50:0B:F9:6B:AC:96:9B:24:09:85:6A:39:C8:A3
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01884C8CFE0AE8BACF5FC812AD388772DA34
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/7AAAJDW6UAv5a6yWmyQJhWo5yKM.roa
Signing time: Wed 24 May 2023 06:58:08 +0000
ROA not before: Wed 24 May 2023 06:58:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked on Wed 07 Jun 2023 16:40:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4c:8c:fe:0a:e8:ba:cf:5f:c8:12:ad:38:87:72:da:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: May 24 06:58:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec00002435ba500bf96bac969b2409856a39c8a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:83:be:ce:89:70:b5:ab:bf:f7:1d:7e:8e:57:
d4:af:02:7d:ad:42:9a:5f:94:48:1e:1f:2f:08:69:
a0:34:1e:c0:46:82:2b:69:57:04:2d:14:c2:87:98:
5d:08:fd:23:43:af:2e:57:72:24:d7:33:cf:4d:ac:
e3:f5:ba:76:81:6c:6e:28:7f:ad:53:41:6e:a1:cb:
e7:fb:1d:2e:c5:27:75:69:1a:b4:3d:f3:d4:54:6f:
79:22:c1:58:92:b2:41:bf:ed:ac:74:56:81:3a:b4:
ce:9a:17:67:36:81:2c:58:f3:ed:b8:38:e2:6b:ea:
09:a5:e5:70:5f:cb:df:32:6e:f3:26:6d:12:45:f3:
b6:29:88:23:6b:9c:de:3c:5e:b9:f0:4b:67:5b:32:
7b:83:ff:6e:01:b1:1b:23:cd:64:0b:24:14:7c:77:
35:97:1f:c7:61:5e:00:1b:36:78:dc:db:7e:77:86:
1f:6d:7a:ce:d5:ac:88:c0:cd:ee:0e:45:bf:8f:ec:
0e:51:f3:c1:40:4e:41:a3:51:9c:6b:4f:5e:e9:0a:
4d:69:f1:bf:49:fd:ef:40:6e:50:7a:4a:68:74:f0:
4f:1f:9b:3b:f8:e8:57:51:45:8e:7d:19:86:50:76:
68:c1:3e:78:a5:4d:84:7c:be:14:d4:08:b0:4a:75:
11:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:00:00:24:35:BA:50:0B:F9:6B:AC:96:9B:24:09:85:6A:39:C8:A3
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/7AAAJDW6UAv5a6yWmyQJhWo5yKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
ad:61:b9:fa:72:25:f8:e2:cf:66:c1:5d:6e:31:6d:5b:86:ca:
d1:ce:41:27:05:1b:7f:47:08:a6:87:31:00:57:de:ef:26:91:
20:4c:9c:80:c3:91:ee:cc:a9:d5:7b:7d:55:3d:05:38:62:82:
44:f2:d3:05:22:03:45:1a:c2:ac:3d:98:66:ea:6a:50:ea:14:
3c:f3:ed:d6:55:0f:0e:ba:5a:80:44:08:29:ac:9a:6d:d5:49:
a8:36:35:27:61:b3:8b:fc:bc:1d:f9:46:88:4a:2c:5e:ec:0a:
8a:b3:d7:28:16:d7:33:f7:6b:5e:a6:9d:1d:00:fd:85:f2:f0:
43:37:0b:f1:e2:76:c4:eb:bb:c2:f0:e5:25:ba:df:f2:92:86:
f6:28:28:b5:59:fc:77:a3:d5:ba:45:7d:a2:ad:f2:1b:61:d8:
d5:f3:d6:81:17:1c:e6:14:f0:34:ff:88:46:de:73:0f:cb:88:
ba:9f:62:4a:b9:e4:03:78:61:9f:54:06:a5:d0:39:de:32:e3:
bb:df:87:7b:25:ae:94:f7:13:6f:0f:c5:f9:98:28:5f:c1:5f:
dd:75:6d:73:8a:87:c8:82:f9:70:1d:19:ee:c1:c5:7f:76:99:
cb:8d:9c:0e:13:20:b7:7f:ba:a8:82:2a:71:2b:c6:fd:d2:93:
04:54:4f:81
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYhMjP4K6LrPX8gSrTiHcto0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwNTI0MDY1ODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzAwMDAyNDM1YmE1MDBiZjk2YmFjOTY5YjI0MDk4NTZhMzljOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIO+zolwtau/9x1+jlfUrwJ9rUKa
X5RIHh8vCGmgNB7ARoIraVcELRTCh5hdCP0jQ68uV3Ik1zPPTazj9bp2gWxuKH+t
U0Fuocvn+x0uxSd1aRq0PfPUVG95IsFYkrJBv+2sdFaBOrTOmhdnNoEsWPPtuDji
a+oJpeVwX8vfMm7zJm0SRfO2KYgja5zePF658EtnWzJ7g/9uAbEbI81kCyQUfHc1
lx/HYV4AGzZ43Nt+d4YfbXrO1ayIwM3uDkW/j+wOUfPBQE5Bo1Gca09e6QpNafG/
Sf3vQG5QekpodPBPH5s7+OhXUUWOfRmGUHZowT54pU2EfL4U1AiwSnUR/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOwAACQ1ulAL+WuslpskCYVqOcijMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvN0FBQUpEVzZVQXY1YTZ5V215UUpoV281eUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQA
w9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQCtYbn6ciX44s9m
wV1uMW1bhsrRzkEnBRt/RwimhzEAV97vJpEgTJyAw5HuzKnVe31VPQU4YoJE8tMF
IgNFGsKsPZhm6mpQ6hQ88+3WVQ8OulqARAgprJpt1UmoNjUnYbOL/Lwd+UaISixe
7AqKs9coFtcz92tepp0dAP2F8vBDNwvx4nbE67vC8OUlut/ykob2KCi1Wfx3o9W6
RX2irfIbYdjV89aBFxzmFPA0/4hG3nMPy4i6n2JKueQDeGGfVAal0DneMuO734d7
Ja6U9xNvD8X5mChfwV/ddW1ziofIgvlwHRnuwcV/dpnLjZwOEyC3f7qogipxK8b9
0pMEVE+B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org