Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/S7bJ5vozNa0OT8Mgnh4fp0BaCZQ.roa
File: S7bJ5vozNa0OT8Mgnh4fp0BaCZQ.roa (raw, json)
Hash identifier: L8OOzmDE8lcAtxDDOz5ZT2KvlV5z73ATLKfWEDRHQQo=
Subject key identifier: 4B:B6:C9:E6:FA:33:35:AD:0E:4F:C3:20:9E:1E:1F:A7:40:5A:09:94
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018AD728109A2BCA28756668C9211EFE8BAF
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/S7bJ5vozNa0OT8Mgnh4fp0BaCZQ.roa
Signing time: Wed 27 Sep 2023 15:00:41 +0000
ROA not before: Wed 27 Sep 2023 15:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:28:10:9a:2b:ca:28:75:66:68:c9:21:1e:fe:8b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Sep 27 15:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bb6c9e6fa3335ad0e4fc3209e1e1fa7405a0994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4f:52:83:1c:d7:99:96:28:dc:b5:24:c0:49:
40:1d:1e:84:7f:9e:8e:9f:c0:fa:8e:f7:6e:8e:08:
48:8d:e6:a2:95:51:e1:48:bd:af:a1:28:7e:6f:d8:
b4:59:31:6e:a3:c4:96:51:02:94:93:3e:ca:62:9a:
4a:95:38:fb:8e:11:c8:27:86:c1:11:f4:11:60:65:
77:a8:6b:9a:7c:b3:9f:36:96:b8:48:85:df:86:ca:
3d:de:01:7e:4d:9e:1b:44:8b:c5:77:a9:ca:a0:73:
f6:cf:82:1c:66:42:16:01:2c:f5:42:eb:5e:72:cc:
e7:f2:e5:40:8e:fe:13:3e:47:eb:70:e9:d7:ae:61:
b2:bb:f9:3a:69:b2:ea:93:99:8c:58:13:9b:34:4d:
8e:b8:cd:b2:c4:dd:c0:ad:e3:11:de:e7:29:21:6e:
85:2d:49:5a:e0:5c:85:41:48:92:6a:7f:94:90:33:
61:02:d8:2a:1a:26:02:d0:39:ef:7a:99:2f:60:09:
81:ee:4f:23:63:1a:c6:bf:dc:7b:cf:7e:e7:ce:14:
d4:13:44:0e:8f:c3:f8:e3:b4:da:43:8c:c3:30:53:
4a:9b:db:18:4a:c0:4d:7f:ec:1e:7c:10:ba:2b:85:
46:97:16:2a:37:27:b8:56:8e:42:38:99:9c:8b:24:
d0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B6:C9:E6:FA:33:35:AD:0E:4F:C3:20:9E:1E:1F:A7:40:5A:09:94
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/S7bJ5vozNa0OT8Mgnh4fp0BaCZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
5c:88:cf:0a:9d:fd:94:f8:5b:ca:6a:3c:74:5f:a1:6c:a5:eb:
4a:59:1e:91:84:cc:56:e7:0b:73:6f:59:bf:5a:d9:ed:ca:59:
b5:a2:b8:2b:d2:00:2b:f7:43:ec:32:47:e1:eb:6a:29:6f:9b:
11:a1:d1:01:b9:58:f1:a1:3a:01:34:19:50:a3:c4:e8:2a:ea:
13:70:52:91:45:83:09:4d:aa:21:fe:29:52:ce:ac:98:e2:59:
78:59:bd:e3:09:58:1b:ab:23:11:e7:76:e3:f5:f1:86:33:07:
e2:6e:41:f6:e4:99:f5:1c:40:3e:5d:50:5a:cd:51:7e:5b:7c:
aa:a2:53:70:7c:b5:5d:e1:8f:52:d2:18:1f:80:1b:ea:af:5f:
85:ca:b0:27:29:6c:3d:74:4d:01:30:22:13:d7:d0:16:93:70:
8f:d7:96:46:90:a4:fa:96:e4:2f:95:57:fd:4d:38:87:0a:52:
ff:8b:66:a2:06:85:6a:31:c6:92:60:69:5b:22:cc:56:98:a2:
dc:0b:1d:cd:6e:9d:2a:e1:14:de:39:b0:12:1d:ee:5f:7a:5d:
76:40:3c:cd:e5:22:08:c6:a7:4d:2a:1c:fa:c8:76:10:58:97:
6b:8b:79:43:91:42:cd:2e:3f:de:86:b9:0b:12:7c:06:87:dc:
59:5c:72:89
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYrXKBCaK8oodWZoySEe/ouvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwOTI3MTUwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmI2YzllNmZhMzMzNWFkMGU0ZmMzMjA5ZTFlMWZhNzQwNWEwOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE9SgxzXmZYo3LUkwElAHR6Ef56O
n8D6jvdujghIjeailVHhSL2voSh+b9i0WTFuo8SWUQKUkz7KYppKlTj7jhHIJ4bB
EfQRYGV3qGuafLOfNpa4SIXfhso93gF+TZ4bRIvFd6nKoHP2z4IcZkIWASz1Qute
cszn8uVAjv4TPkfrcOnXrmGyu/k6abLqk5mMWBObNE2OuM2yxN3AreMR3ucpIW6F
LUla4FyFQUiSan+UkDNhAtgqGiYC0DnvepkvYAmB7k8jYxrGv9x7z37nzhTUE0QO
j8P447TaQ4zDMFNKm9sYSsBNf+wefBC6K4VGlxYqNye4Vo5COJmciyTQsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEu2yeb6MzWtDk/DIJ4eH6dAWgmUMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvUzdiSjV2b3pOYTBPVDhNZ25oNGZwMEJhQ1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQA
w9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQBciM8Knf2U+FvK
ajx0X6FspetKWR6RhMxW5wtzb1m/Wtntylm1orgr0gAr90PsMkfh62opb5sRodEB
uVjxoToBNBlQo8ToKuoTcFKRRYMJTaoh/ilSzqyY4ll4Wb3jCVgbqyMR53bj9fGG
MwfibkH25Jn1HEA+XVBazVF+W3yqolNwfLVd4Y9S0hgfgBvqr1+FyrAnKWw9dE0B
MCIT19AWk3CP15ZGkKT6luQvlVf9TTiHClL/i2aiBoVqMcaSYGlbIsxWmKLcCx3N
bp0q4RTeObASHe5fel12QDzN5SIIxqdNKhz6yHYQWJdri3lDkULNLj/ehrkLEnwG
h9xZXHKJ
Generated at Fri Nov 17 03:13:21 2023 by rpki-client on console-fra.rpki-client.org