Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/bEVl23Ymg8py8XcIEbdKB33EKsA.roa
File: bEVl23Ymg8py8XcIEbdKB33EKsA.roa (raw, json)
Hash identifier: wTEFUT0UHULhQmXRjmDhUXgSkBuDEqzdn8NslT3XFuY=
Subject key identifier: 6C:45:65:DB:76:26:83:CA:72:F1:77:08:11:B7:4A:07:7D:C4:2A:C0
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018794C7956757C9B6BF9401748BC9017422
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/bEVl23Ymg8py8XcIEbdKB33EKsA.roa
Signing time: Tue 18 Apr 2023 14:32:00 +0000
ROA not before: Tue 18 Apr 2023 14:32:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 195.211.40.0/23 maxlen: 23
91.226.212.0/23 maxlen: 23
176.103.48.0/20 maxlen: 20
91.207.60.0/23 maxlen: 23
193.169.86.0/23 maxlen: 23
91.217.90.0/23 maxlen: 23
2a13:f580:1::/48 maxlen: 48
2001:678:334::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:c7:95:67:57:c9:b6:bf:94:01:74:8b:c9:01:74:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Apr 18 14:32:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c4565db762683ca72f1770811b74a077dc42ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:26:0c:64:ac:29:59:61:5d:da:2b:61:17:90:
29:59:94:cb:dc:01:33:23:af:f7:c6:03:ee:7b:05:
27:ac:7f:08:ac:c3:8e:0d:9d:b2:79:3d:51:21:9c:
c1:de:e4:04:d5:6b:9a:ea:ef:00:9d:b3:bf:5b:cd:
03:7f:cd:48:fb:04:67:4e:a0:1e:3b:5d:bc:98:b8:
66:dc:05:e8:b2:b6:4d:5c:84:bc:c9:41:d2:df:66:
1a:86:0a:33:eb:67:e2:2f:0c:a6:71:6f:36:bd:01:
84:a2:71:19:c2:09:0a:87:dd:7e:35:7b:f4:fb:d6:
32:66:97:b3:9d:15:24:8e:b3:56:dd:6c:f6:37:e3:
4b:98:cc:8b:b2:96:b0:bf:10:36:e0:10:f3:40:d0:
7f:23:9d:a5:9a:46:9a:93:49:35:2b:64:14:61:c4:
81:08:99:72:3e:39:f5:05:d4:76:85:77:0d:fc:b9:
8e:21:7d:1e:ea:91:cf:b4:f8:69:c1:88:b2:78:ea:
19:e4:8a:1f:d2:06:15:dd:6b:f5:a5:a9:03:38:0b:
4e:8c:a7:d8:89:63:15:04:5b:cc:74:27:b7:ff:eb:
8f:ab:6d:41:48:42:3a:3a:55:67:90:c7:d6:63:d4:
50:ae:ee:e8:62:35:9d:f5:05:d4:78:ab:49:30:45:
b6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:45:65:DB:76:26:83:CA:72:F1:77:08:11:B7:4A:07:7D:C4:2A:C0
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/bEVl23Ymg8py8XcIEbdKB33EKsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.60.0/23
91.217.90.0/23
91.226.212.0/23
176.103.48.0/20
193.169.86.0/23
195.211.40.0/23
IPv6:
2001:678:334::/48
2a13:f580:1::/48
Signature Algorithm: sha256WithRSAEncryption
6a:63:18:ff:d1:72:c3:e2:8a:1f:93:b2:94:5b:33:aa:da:98:
f1:11:36:e0:33:ef:ce:c4:0d:d4:a3:a1:de:e5:3b:69:62:b3:
db:46:d6:6e:5b:4d:a9:56:14:fe:e2:6e:8c:5b:9c:46:60:0e:
ac:40:f4:2c:6c:14:1d:ee:6e:99:df:96:2e:54:d4:56:cd:5e:
11:b8:22:27:77:29:02:91:8c:a3:0e:54:71:29:6f:33:f7:26:
ea:8a:69:51:2e:36:6e:85:8a:54:90:92:16:56:a9:3d:d0:22:
c0:59:a8:01:7e:0f:de:02:e7:49:d5:e1:5e:df:d6:a7:83:e2:
8a:ef:c9:15:97:e3:7f:9a:59:cd:72:69:37:97:a0:05:3c:25:
c8:29:bc:de:9b:20:7d:f1:6f:b2:b4:f5:41:4d:65:41:15:1f:
b4:04:e1:bb:4c:7f:6b:73:ef:36:9e:5f:23:75:f5:47:f3:bf:
7c:10:a3:fd:6e:a9:ae:d6:90:35:a9:3c:ee:e9:66:5d:cd:f0:
33:c8:c5:50:73:1f:03:aa:35:ce:f4:d1:be:01:17:36:1b:55:
7d:8a:a3:02:3b:96:2c:16:0a:f0:4d:9a:22:50:b8:f0:7d:82:
75:09:8f:df:41:0f:0e:b4:8f:1b:16:f5:8c:4c:96:6e:98:66:
34:b9:5c:c9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYeUx5VnV8m2v5QBdIvJAXQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjMwNDE4MTQzMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQ1NjVkYjc2MjY4M2NhNzJmMTc3MDgxMWI3NGEwNzdkYzQyYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCYMZKwpWWFd2ithF5ApWZTL3AEz
I6/3xgPuewUnrH8IrMOODZ2yeT1RIZzB3uQE1Wua6u8AnbO/W80Df81I+wRnTqAe
O128mLhm3AXosrZNXIS8yUHS32Yahgoz62fiLwymcW82vQGEonEZwgkKh91+NXv0
+9YyZpeznRUkjrNW3Wz2N+NLmMyLspawvxA24BDzQNB/I52lmkaak0k1K2QUYcSB
CJlyPjn1BdR2hXcN/LmOIX0e6pHPtPhpwYiyeOoZ5Iof0gYV3Wv1pakDOAtOjKfY
iWMVBFvMdCe3/+uPq21BSEI6OlVnkMfWY9RQru7oYjWd9QXUeKtJMEW2WwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFGxFZdt2JoPKcvF3CBG3Sgd9xCrAMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvYkVWbDIzWW1nOHB5OFhjSUViZEtCMzNFS3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQBW888AwQB
W9laAwQBW+LUAwQEsGcwAwQBwalWAwQBw9MoMBgEAgACMBIDBwAgAQZ4AzQDBwAq
E/WAAAEwDQYJKoZIhvcNAQELBQADggEBAGpjGP/RcsPiih+TspRbM6ramPERNuAz
787EDdSjod7lO2lis9tG1m5bTalWFP7iboxbnEZgDqxA9CxsFB3ubpnfli5U1FbN
XhG4Iid3KQKRjKMOVHEpbzP3JuqKaVEuNm6FilSQkhZWqT3QIsBZqAF+D94C50nV
4V7f1qeD4orvyRWX43+aWc1yaTeXoAU8JcgpvN6bIH3xb7K09UFNZUEVH7QE4btM
f2tz7zaeXyN19Ufzv3wQo/1uqa7WkDWpPO7pZl3N8DPIxVBzHwOqNc700b4BFzYb
VX2KowI7liwWCvBNmiJQuPB9gnUJj99BDw60jxsW9YxMlm6YZjS5XMk=
-----END CERTIFICATE-----
Generated at Thu Oct 26 13:48:20 2023 by rpki-client on console-fra.rpki-client.org