Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/pbQXuWsrKsz8JhtSVCmPVjb9eUU.roa
File: pbQXuWsrKsz8JhtSVCmPVjb9eUU.roa (raw, json)
Hash identifier: vnhlYmGbscBhIG3sIrunJSQkhhuJV78qNINr0yE9aE0=
Subject key identifier: A5:B4:17:B9:6B:2B:2A:CC:FC:26:1B:52:54:29:8F:56:36:FD:79:45
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0186CB40E62E242406993E65E1DAFE0A95FE
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/pbQXuWsrKsz8JhtSVCmPVjb9eUU.roa
Signing time: Fri 10 Mar 2023 11:21:13 +0000
ROA not before: Fri 10 Mar 2023 11:21:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked on Mon 22 May 2023 14:37:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:40:e6:2e:24:24:06:99:3e:65:e1:da:fe:0a:95:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Mar 10 11:21:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5b417b96b2b2accfc261b5254298f5636fd7945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:96:a9:1e:09:f1:7c:09:e7:ac:0b:fe:30:0f:
e3:e1:df:ed:fc:8b:ee:41:35:a4:e8:11:d3:06:a0:
cd:d5:ea:51:28:22:99:2d:58:3d:12:02:6d:77:92:
39:57:0c:3f:8e:7d:79:1d:de:86:60:5c:ae:1c:e7:
8c:69:7e:24:a3:6f:5d:50:61:ab:05:d7:f1:6f:7a:
8f:c8:c6:34:8d:9c:20:92:9e:5e:3f:16:d4:7a:1e:
a6:69:f9:84:6d:2a:63:68:1a:94:7e:58:a9:ae:e5:
69:d7:85:f1:9d:b9:06:fd:c8:3b:06:35:70:59:90:
b4:b5:99:11:c6:b4:4d:94:d2:b0:84:9e:9f:a5:fd:
fa:cc:4d:ec:41:68:5d:5f:c7:c3:1a:63:74:cc:9d:
2c:ce:7d:27:a6:79:34:32:8e:ad:88:52:91:9e:08:
c1:d1:d5:2b:ad:dd:52:31:b7:33:b4:91:37:8c:1e:
5a:d8:d9:07:eb:cc:e4:40:ec:3d:46:1f:54:c7:63:
fc:a6:0e:46:c1:3f:37:ae:7f:e2:97:4c:59:e0:21:
38:46:3e:50:f8:74:eb:4a:f6:be:26:00:a7:75:0c:
92:af:c9:b7:fd:03:2a:41:fe:21:95:05:1f:bf:a2:
bb:b1:10:a7:a8:1f:c5:74:ac:f6:a3:95:a4:64:01:
e8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B4:17:B9:6B:2B:2A:CC:FC:26:1B:52:54:29:8F:56:36:FD:79:45
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/pbQXuWsrKsz8JhtSVCmPVjb9eUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
76:c1:6b:23:37:aa:96:13:dc:f3:dc:14:b4:9a:d1:87:1c:c1:
22:fa:df:8a:d3:eb:75:80:f1:8d:61:4c:24:48:6e:67:f9:d4:
cb:e1:d8:86:d5:8b:07:6f:0b:ae:8e:51:2a:21:47:f1:1c:a5:
73:96:f3:6b:f1:47:0e:6d:d6:09:6e:f8:b5:0c:54:b6:c7:f6:
27:74:3b:b4:17:d4:f9:34:e6:e4:d5:89:13:9d:92:5d:fe:0b:
38:4d:6a:a1:e5:a5:6d:1d:a7:a3:44:65:ec:ba:6e:7d:bf:6c:
95:20:4a:d0:55:56:d2:ce:8c:04:2c:d2:49:b3:a7:40:81:5e:
ff:de:e1:72:f8:88:93:00:ad:f0:b7:e9:72:3c:0d:79:cf:2c:
4b:3b:11:77:90:41:43:80:cd:f9:f7:9b:7f:96:86:2b:07:48:
d2:61:c6:21:54:c8:e0:20:57:f1:9b:dd:f3:34:da:8d:e6:2f:
bd:6c:18:77:82:4e:fd:50:87:98:79:5f:f8:a9:f1:ff:50:eb:
e8:87:b2:7c:6f:4d:cd:4e:06:49:a3:ff:3f:83:37:c5:42:d2:
54:5d:57:35:e1:63:a2:53:70:c5:9a:29:29:01:b1:15:ab:84:
63:1b:ca:4f:00:7c:88:74:23:aa:94:25:52:8f:bf:90:2d:02:
91:74:12:19
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbLQOYuJCQGmT5l4dr+CpX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwMzEwMTEyMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI0MTdiOTZiMmIyYWNjZmMyNjFiNTI1NDI5OGY1NjM2ZmQ3OTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpapHgnxfAnnrAv+MA/j4d/t/Ivu
QTWk6BHTBqDN1epRKCKZLVg9EgJtd5I5Vww/jn15Hd6GYFyuHOeMaX4ko29dUGGr
Bdfxb3qPyMY0jZwgkp5ePxbUeh6mafmEbSpjaBqUflipruVp14XxnbkG/cg7BjVw
WZC0tZkRxrRNlNKwhJ6fpf36zE3sQWhdX8fDGmN0zJ0szn0npnk0Mo6tiFKRngjB
0dUrrd1SMbcztJE3jB5a2NkH68zkQOw9Rh9Ux2P8pg5GwT83rn/il0xZ4CE4Rj5Q
+HTrSva+JgCndQySr8m3/QMqQf4hlQUfv6K7sRCnqB/FdKz2o5WkZAHorQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKW0F7lrKyrM/CYbUlQpj1Y2/XlFMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvcGJRWHVXc3JLc3o4Smh0U1ZDbVBWamI5ZVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQA
w9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQB2wWsjN6qWE9zz
3BS0mtGHHMEi+t+K0+t1gPGNYUwkSG5n+dTL4diG1YsHbwuujlEqIUfxHKVzlvNr
8UcObdYJbvi1DFS2x/YndDu0F9T5NObk1YkTnZJd/gs4TWqh5aVtHaejRGXsum59
v2yVIErQVVbSzowELNJJs6dAgV7/3uFy+IiTAK3wt+lyPA15zyxLOxF3kEFDgM35
95t/loYrB0jSYcYhVMjgIFfxm93zNNqN5i+9bBh3gk79UIeYeV/4qfH/UOvoh7J8
b03NTgZJo/8/gzfFQtJUXVc14WOiU3DFmikpAbEVq4RjG8pPAHyIdCOqlCVSj7+Q
LQKRdBIZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org