Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/t2ld2tLXXLo7UwPtFLkueEIeBjA.roa
File: t2ld2tLXXLo7UwPtFLkueEIeBjA.roa (raw, json)
Hash identifier: Zbc+RSwYBECXDKBcHdqYjTF4F6GH4aIOKNfB9nNxRIs=
Subject key identifier: B7:69:5D:DA:D2:D7:5C:BA:3B:53:03:ED:14:B9:2E:78:42:1E:06:30
Certificate issuer: /CN=1dde756a9b6d14000c3e150d5b7d6095b7613fe4
Certificate serial: 0185719562C02E9575474A84DED49DA85861
Authority key identifier: 1D:DE:75:6A:9B:6D:14:00:0C:3E:15:0D:5B:7D:60:95:B7:61:3F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/t2ld2tLXXLo7UwPtFLkueEIeBjA.roa
Signing time: Mon 02 Jan 2023 08:24:53 +0000
ROA not before: Mon 02 Jan 2023 08:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47224
IP address blocks: 193.169.242.0/23 maxlen: 23
185.10.32.0/23 maxlen: 23
185.10.34.0/23 maxlen: 23
171.25.191.0/24 maxlen: 24
91.221.32.0/24 maxlen: 24
91.221.33.0/24 maxlen: 24
194.152.49.0/24 maxlen: 24
194.152.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:62:c0:2e:95:75:47:4a:84:de:d4:9d:a8:58:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dde756a9b6d14000c3e150d5b7d6095b7613fe4
Validity
Not Before: Jan 2 08:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7695ddad2d75cba3b5303ed14b92e78421e0630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fa:0f:da:57:99:7c:9e:2f:d0:89:de:cf:37:
93:ae:69:d4:02:d2:27:9e:a9:2d:1c:fb:37:9c:2c:
db:ba:90:36:6d:6a:aa:f2:d5:88:11:5c:f2:46:2d:
11:25:98:00:a0:fa:e1:17:be:b7:c3:78:85:e2:fb:
ac:8e:da:55:bd:97:7f:fd:dd:8b:72:b1:1e:83:1c:
e9:30:f5:b9:2c:47:41:9b:d5:c8:08:2e:df:ec:22:
33:8e:b4:4e:48:f0:9a:89:64:0b:9f:2e:11:c7:57:
60:89:49:d2:a6:bf:b6:4b:f7:d5:36:ba:5e:72:a1:
04:c1:35:d0:41:c1:6f:ab:12:c3:69:73:9d:2c:18:
9f:ae:21:a5:0d:82:f6:05:96:6d:da:be:61:d1:e6:
30:af:56:75:48:b9:e4:a7:5c:5d:a7:d5:b5:6b:92:
47:bf:c8:e3:d4:48:ab:b2:e7:a4:cc:9e:1e:7d:fa:
c9:e4:04:6d:70:91:48:06:73:95:50:68:b7:7e:45:
87:52:63:9f:bc:5a:ea:dc:3d:75:b2:94:8a:ec:26:
78:13:f2:8c:e9:6d:cf:c4:7a:23:9a:94:a9:79:ae:
61:99:ae:0b:b8:81:b1:34:f5:b4:80:96:9f:69:24:
af:56:b9:ae:d1:29:12:7e:2b:44:eb:ac:ef:b7:4f:
da:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:69:5D:DA:D2:D7:5C:BA:3B:53:03:ED:14:B9:2E:78:42:1E:06:30
X509v3 Authority Key Identifier:
keyid:1D:DE:75:6A:9B:6D:14:00:0C:3E:15:0D:5B:7D:60:95:B7:61:3F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/t2ld2tLXXLo7UwPtFLkueEIeBjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.32.0/23
171.25.191.0/24
185.10.32.0/22
193.169.242.0/23
194.152.48.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:4d:00:68:bb:44:89:e9:85:70:5f:96:52:49:ef:b4:6f:eb:
e0:06:0a:d0:29:9e:68:cd:ef:e8:69:87:9f:d4:e5:2b:0c:2d:
6f:e1:93:1c:5d:7d:ce:2d:ba:f6:51:23:65:2f:2b:f7:c2:c2:
02:b6:39:66:4b:35:09:4f:f6:5e:d4:e6:8b:64:3a:cb:b5:69:
84:57:16:8e:dd:70:2e:6f:e4:98:1a:18:cd:f9:9d:ea:01:2b:
9c:b2:f1:70:2f:1f:ad:51:8e:c3:b1:eb:64:e1:da:ed:0d:6f:
c9:2b:f7:03:ca:b2:dd:d4:5e:e1:ea:7d:85:35:ae:5b:c7:a6:
1d:9e:89:ff:cd:69:86:0f:bf:7b:96:51:e2:12:ec:da:1d:bc:
f1:95:51:69:ca:e9:24:87:be:c3:7e:a5:dd:91:df:1f:8f:c5:
66:33:e7:53:d3:60:b9:c5:13:43:62:1f:b5:cf:d4:c2:00:3a:
23:06:43:9c:d1:cb:74:1a:83:c9:65:f1:9d:f8:4b:73:e3:b1:
4e:49:f2:2b:85:24:fe:bd:d6:55:95:2c:61:fb:59:49:31:44:
b2:12:01:36:18:27:b7:7b:cc:a5:70:2e:ad:6e:95:39:65:16:
dd:44:5f:48:89:59:c6:93:d9:fe:07:f7:13:1d:44:c3:c5:57:
4c:c0:90:a1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxlWLALpV1R0qE3tSdqFhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGU3NTZhOWI2ZDE0MDAwYzNlMTUwZDViN2Q2MDk1Yjc2
MTNmZTQwHhcNMjMwMTAyMDgyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzY5NWRkYWQyZDc1Y2JhM2I1MzAzZWQxNGI5MmU3ODQyMWUwNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/oP2leZfJ4v0InezzeTrmnUAtIn
nqktHPs3nCzbupA2bWqq8tWIEVzyRi0RJZgAoPrhF763w3iF4vusjtpVvZd//d2L
crEegxzpMPW5LEdBm9XICC7f7CIzjrROSPCaiWQLny4Rx1dgiUnSpr+2S/fVNrpe
cqEEwTXQQcFvqxLDaXOdLBifriGlDYL2BZZt2r5h0eYwr1Z1SLnkp1xdp9W1a5JH
v8jj1EirsuekzJ4effrJ5ARtcJFIBnOVUGi3fkWHUmOfvFrq3D11spSK7CZ4E/KM
6W3PxHojmpSpea5hma4LuIGxNPW0gJafaSSvVrmu0SkSfitE66zvt0/aHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLdpXdrS11y6O1MD7RS5LnhCHgYwMB8GA1UdIwQY
MBaAFB3edWqbbRQADD4VDVt9YJW3YT/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ1MWFwdHRGQUFNUGhVTlczMWdsYmRoUC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80YTFlYmQtZDQ0ZS00ODkyLTg1YjMt
NzM1YTBjYzFlNzg5LzEvdDJsZDJ0TFhYTG83VXdQdEZMa3VlRUllQmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80YTFlYmQtZDQ0ZS00ODkyLTg1YjMtNzM1YTBjYzFlNzg5
LzEvSGQ1MWFwdHRGQUFNUGhVTlczMWdsYmRoUC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW90gAwQA
qxm/AwQCuQogAwQBwanyAwQBwpgwMA0GCSqGSIb3DQEBCwUAA4IBAQBfTQBou0SJ
6YVwX5ZSSe+0b+vgBgrQKZ5oze/oaYef1OUrDC1v4ZMcXX3OLbr2USNlLyv3wsIC
tjlmSzUJT/Ze1OaLZDrLtWmEVxaO3XAub+SYGhjN+Z3qASucsvFwLx+tUY7Dsetk
4drtDW/JK/cDyrLd1F7h6n2FNa5bx6Ydnon/zWmGD797llHiEuzaHbzxlVFpyukk
h77DfqXdkd8fj8VmM+dT02C5xRNDYh+1z9TCADojBkOc0ct0GoPJZfGd+Etz47FO
SfIrhST+vdZVlSxh+1lJMUSyEgE2GCe3e8ylcC6tbpU5ZRbdRF9IiVnGk9n+B/cT
HUTDxVdMwJCh
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:03 2024 by rpki-client on console-fra.rpki-client.org