Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/1f86d3-087d-4d69-b8e7-73b0c74e9b64/1/4YBEcZhaM8nFQwXm5rBeWdAwTr8.roa
File: 4YBEcZhaM8nFQwXm5rBeWdAwTr8.roa (raw, json)
Hash identifier: v9SfXmHkeYcB3t23OLZhKA99Ar99uKODykB1W6V4MeU=
Subject key identifier: E1:80:44:71:98:5A:33:C9:C5:43:05:E6:E6:B0:5E:59:D0:30:4E:BF
Certificate issuer: /CN=f49502c97482b28502852c97ef9bd3a0a2a5e9f0
Certificate serial: 01856D8AE137C8D43F5D39BD64DF4185BEF2
Authority key identifier: F4:95:02:C9:74:82:B2:85:02:85:2C:97:EF:9B:D3:A0:A2:A5:E9:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JUCyXSCsoUChSyX75vToKKl6fA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/1f86d3-087d-4d69-b8e7-73b0c74e9b64/1/4YBEcZhaM8nFQwXm5rBeWdAwTr8.roa
Signing time: Sun 01 Jan 2023 13:34:56 +0000
ROA not before: Sun 01 Jan 2023 13:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208310
IP address blocks: 94.137.128.0/20 maxlen: 20
193.223.248.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:e1:37:c8:d4:3f:5d:39:bd:64:df:41:85:be:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f49502c97482b28502852c97ef9bd3a0a2a5e9f0
Validity
Not Before: Jan 1 13:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1804471985a33c9c54305e6e6b05e59d0304ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:40:ad:67:c9:0d:f7:83:6a:c3:de:58:7b:1f:
43:f7:94:66:88:b4:4c:99:6e:50:b9:10:6a:db:c6:
1d:9a:97:18:08:2d:00:a0:de:94:08:93:76:a7:c6:
31:38:c1:71:82:bf:65:38:79:06:a1:43:92:46:b9:
30:c0:0e:5f:23:4c:4b:97:4e:9a:44:ed:74:fa:dc:
46:e1:e4:0c:fc:24:f1:7f:ad:7f:11:45:e4:ca:30:
77:04:0f:5f:50:e0:00:24:78:67:12:02:23:b9:a5:
1e:92:44:d0:9f:bd:7b:13:2c:ed:d9:4f:6f:be:18:
2e:59:9d:a9:9a:44:75:3d:c5:54:1d:7f:00:53:0f:
dc:36:67:11:8a:da:e7:be:1d:ba:ff:b8:ba:2f:c5:
f5:9f:70:a6:02:62:09:c9:f4:33:86:67:49:a7:4a:
12:05:ec:80:1c:ed:1f:be:31:7d:dd:b7:bb:98:b1:
66:fe:43:08:eb:97:f4:91:15:88:0b:21:04:fe:b5:
b5:c5:cb:9f:be:37:de:48:c7:91:57:b1:30:4a:34:
37:1f:59:78:c1:97:6f:d7:9b:f8:dc:60:87:ba:5b:
59:66:a8:55:ad:8d:b3:95:c9:d2:00:2c:c1:d2:ec:
24:e4:16:db:c9:06:56:62:d4:3c:39:fd:ee:0f:d1:
2d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:80:44:71:98:5A:33:C9:C5:43:05:E6:E6:B0:5E:59:D0:30:4E:BF
X509v3 Authority Key Identifier:
keyid:F4:95:02:C9:74:82:B2:85:02:85:2C:97:EF:9B:D3:A0:A2:A5:E9:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JUCyXSCsoUChSyX75vToKKl6fA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/1f86d3-087d-4d69-b8e7-73b0c74e9b64/1/4YBEcZhaM8nFQwXm5rBeWdAwTr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/1f86d3-087d-4d69-b8e7-73b0c74e9b64/1/9JUCyXSCsoUChSyX75vToKKl6fA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.137.128.0/20
193.223.248.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:04:f5:a4:b9:c2:d4:21:81:04:86:99:13:63:2d:08:fc:82:
5d:2f:64:bb:3e:ad:8e:b3:85:e0:2e:5d:a6:38:42:ec:14:b7:
65:ee:8c:bd:49:ae:93:51:9a:80:4f:a0:58:80:9a:ff:f0:e0:
29:e0:f1:2e:82:67:ff:c3:df:69:ce:ec:f9:77:ca:5d:0f:52:
ee:02:a8:34:47:87:dd:d5:0b:e9:0e:05:94:9f:ad:c7:4b:28:
83:5c:cc:bd:cb:45:3a:5d:55:0a:84:7d:a6:69:34:05:8d:5f:
c9:e8:59:fb:af:d4:a5:33:13:bf:b4:13:71:25:3d:f7:61:00:
35:07:05:68:09:a7:b6:5e:d0:72:fe:e3:b5:86:5e:b0:54:68:
5d:d7:54:ba:04:8b:2f:e5:d8:76:cf:8e:85:9b:04:8a:4b:ec:
2c:c2:c6:26:ef:6f:90:b4:37:dd:52:a8:b4:6a:0e:dd:02:c5:
d8:55:9f:41:cd:d2:b4:10:07:0c:ff:64:95:72:02:80:34:2c:
c3:f7:b5:b5:91:90:0e:1c:4b:fb:1d:71:b8:8d:4e:7b:e5:b9:
36:62:3d:02:dd:10:69:7d:3f:25:d8:09:97:bb:c1:71:a1:f3:
62:e7:b8:01:88:94:89:cb:1c:e8:62:38:c6:b0:30:78:65:93:
b5:89:06:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtiuE3yNQ/XTm9ZN9Bhb7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OTUwMmM5NzQ4MmIyODUwMjg1MmM5N2VmOWJkM2EwYTJh
NWU5ZjAwHhcNMjMwMTAxMTMzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTgwNDQ3MTk4NWEzM2M5YzU0MzA1ZTZlNmIwNWU1OWQwMzA0ZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUCtZ8kN94Nqw95Yex9D95RmiLRM
mW5QuRBq28YdmpcYCC0AoN6UCJN2p8YxOMFxgr9lOHkGoUOSRrkwwA5fI0xLl06a
RO10+txG4eQM/CTxf61/EUXkyjB3BA9fUOAAJHhnEgIjuaUekkTQn717Eyzt2U9v
vhguWZ2pmkR1PcVUHX8AUw/cNmcRitrnvh26/7i6L8X1n3CmAmIJyfQzhmdJp0oS
BeyAHO0fvjF93be7mLFm/kMI65f0kRWICyEE/rW1xcufvjfeSMeRV7EwSjQ3H1l4
wZdv15v43GCHultZZqhVrY2zlcnSACzB0uwk5BbbyQZWYtQ8Of3uD9EtJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGARHGYWjPJxUMF5uawXlnQME6/MB8GA1UdIwQY
MBaAFPSVAsl0grKFAoUsl++b06CipenwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUpVQ3lYU0Nzb1VDaFN5WDc1dlRvS0tsNmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8xZjg2ZDMtMDg3ZC00ZDY5LWI4ZTct
NzNiMGM3NGU5YjY0LzEvNFlCRWNaaGFNOG5GUXdYbTVyQmVXZEF3VHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8xZjg2ZDMtMDg3ZC00ZDY5LWI4ZTctNzNiMGM3NGU5YjY0
LzEvOUpVQ3lYU0Nzb1VDaFN5WDc1dlRvS0tsNmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXomAAwQC
wd/4MA0GCSqGSIb3DQEBCwUAA4IBAQB/BPWkucLUIYEEhpkTYy0I/IJdL2S7Pq2O
s4XgLl2mOELsFLdl7oy9Sa6TUZqAT6BYgJr/8OAp4PEugmf/w99pzuz5d8pdD1Lu
Aqg0R4fd1QvpDgWUn63HSyiDXMy9y0U6XVUKhH2maTQFjV/J6Fn7r9SlMxO/tBNx
JT33YQA1BwVoCae2XtBy/uO1hl6wVGhd11S6BIsv5dh2z46FmwSKS+wswsYm72+Q
tDfdUqi0ag7dAsXYVZ9BzdK0EAcM/2SVcgKANCzD97W1kZAOHEv7HXG4jU575bk2
Yj0C3RBpfT8l2AmXu8FxofNi57gBiJSJyxzoYjjGsDB4ZZO1iQa7
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:10 2024 by rpki-client on console-fra.rpki-client.org