Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/Rw26L5Ug0HH3nng9dOqZkDc0Xog.roa
File: Rw26L5Ug0HH3nng9dOqZkDc0Xog.roa (raw, json)
Hash identifier: AefADPRZKqPLHFr1drPP8Kul1SIskL0BbaHg33MlAjE=
Subject key identifier: 47:0D:BA:2F:95:20:D0:71:F7:9E:78:3D:74:EA:99:90:37:34:5E:88
Certificate issuer: /CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Certificate serial: 018B8CE98474E1078738897CEAA766BA1C95
Authority key identifier: E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/Rw26L5Ug0HH3nng9dOqZkDc0Xog.roa
Signing time: Wed 01 Nov 2023 22:03:15 +0000
ROA not before: Wed 01 Nov 2023 22:03:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12773
IP address blocks: 185.28.109.0/24 maxlen: 24
185.28.111.0/24 maxlen: 24
185.28.108.0/24 maxlen: 24
185.28.110.0/24 maxlen: 24
130.193.73.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:e9:84:74:e1:07:87:38:89:7c:ea:a7:66:ba:1c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Validity
Not Before: Nov 1 22:03:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=470dba2f9520d071f79e783d74ea999037345e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9b:94:73:b5:c7:f4:5a:a8:bb:53:4e:68:90:
a4:04:86:7e:20:3a:20:64:84:d1:c8:0b:f4:c3:1d:
6e:2f:be:57:96:44:4d:8c:0b:15:d3:80:c7:83:0d:
81:c6:66:b7:5a:de:c6:94:56:c1:90:de:59:5c:78:
30:65:54:ba:c0:28:72:b7:ea:ae:a0:99:34:3b:b2:
b3:a7:46:a6:f0:66:8c:52:47:fd:df:42:1b:cd:f2:
3c:fe:d7:e4:ef:d3:89:cf:9f:2d:f4:99:9c:9e:00:
86:86:24:d6:fc:e7:b2:37:7a:d0:2e:42:7a:a4:52:
8c:f3:5f:8c:90:58:16:46:f2:1d:6b:52:35:85:f9:
0c:77:0e:1f:97:2f:bd:e6:62:b2:05:f5:50:7d:65:
af:f3:07:0d:67:92:87:c9:22:e8:ad:e7:ba:7e:24:
78:21:71:06:e5:08:96:47:95:99:1b:72:93:5c:e9:
9b:ee:36:b2:b7:76:05:37:2d:72:97:d7:64:ec:45:
3d:11:31:c9:de:3b:f9:45:71:73:44:35:f6:bf:b5:
78:13:63:05:04:e2:34:9b:c9:8a:8d:8c:52:cc:1b:
a1:43:c7:b1:75:94:fa:f0:e5:58:b8:52:21:57:5f:
e3:29:10:2f:fd:69:ab:75:c1:bf:c6:61:d3:ad:64:
84:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0D:BA:2F:95:20:D0:71:F7:9E:78:3D:74:EA:99:90:37:34:5E:88
X509v3 Authority Key Identifier:
keyid:E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/Rw26L5Ug0HH3nng9dOqZkDc0Xog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.73.0/24
185.28.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:0b:cc:82:e8:b8:1c:fa:1d:06:99:7d:47:24:fb:64:fb:96:
21:c1:cb:6c:68:51:97:8d:ad:5d:e5:f1:3e:36:86:13:e9:9f:
6c:28:83:9d:c5:fd:0e:2a:bf:f2:ac:08:ac:11:2e:bc:09:c3:
0b:98:35:c7:97:ec:f7:ca:df:c1:26:b9:df:0e:b1:be:14:90:
d4:9b:11:be:a9:b7:f0:6a:68:53:17:48:7a:ab:81:a8:7a:33:
d4:17:48:dc:3e:ee:69:5c:86:80:96:26:4c:da:b1:37:51:63:
97:dc:8e:2c:f4:e8:ef:d0:7a:fd:22:56:d0:13:a1:73:ff:c0:
0e:ba:29:64:01:e8:6b:13:13:6b:f0:6e:85:ce:9e:b5:d0:6a:
20:dd:d0:38:2f:f7:b5:36:59:6d:52:8e:64:45:73:09:d5:fe:
00:af:40:d7:08:c9:b7:08:1a:d8:ef:9f:91:82:99:fd:d8:6b:
2f:26:78:5f:4a:cd:e2:b3:a9:3f:7c:f0:ba:43:a6:7e:f9:ca:
98:a2:2c:94:69:da:04:57:12:b5:83:e3:26:be:28:82:70:b5:
a4:b6:e6:6f:7a:bd:bd:bd:32:b6:21:d4:3e:23:67:ce:c5:94:
1b:e6:57:9a:de:2e:7e:d8:5b:b0:f6:13:34:3f:f2:88:fe:a5:
39:ce:11:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuM6YR04QeHOIl86qdmuhyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZWExNGQxMzQzYjk5MjUwNmJlZTZjM2Q5MGUxOWE2OTc5
OGIwMTgwHhcNMjMxMTAxMjIwMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzBkYmEyZjk1MjBkMDcxZjc5ZTc4M2Q3NGVhOTk5MDM3MzQ1ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJuUc7XH9Fqou1NOaJCkBIZ+IDog
ZITRyAv0wx1uL75XlkRNjAsV04DHgw2Bxma3Wt7GlFbBkN5ZXHgwZVS6wChyt+qu
oJk0O7Kzp0am8GaMUkf930IbzfI8/tfk79OJz58t9JmcngCGhiTW/OeyN3rQLkJ6
pFKM81+MkFgWRvIda1I1hfkMdw4fly+95mKyBfVQfWWv8wcNZ5KHySLoree6fiR4
IXEG5QiWR5WZG3KTXOmb7jayt3YFNy1yl9dk7EU9ETHJ3jv5RXFzRDX2v7V4E2MF
BOI0m8mKjYxSzBuhQ8exdZT68OVYuFIhV1/jKRAv/WmrdcG/xmHTrWSEswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEcNui+VINBx9554PXTqmZA3NF6IMB8GA1UdIwQY
MBaAFOPqFNE0O5klBr7mw9kOGaaXmLAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQt
ZDRhNGYzNDcxN2YwLzEvUncyNkw1VWcwSEgzbm5nOWRPcVprRGMwWG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQtZDRhNGYzNDcxN2Yw
LzEvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAgsFJAwQC
uRxsMA0GCSqGSIb3DQEBCwUAA4IBAQCgC8yC6Lgc+h0GmX1HJPtk+5YhwctsaFGX
ja1d5fE+NoYT6Z9sKIOdxf0OKr/yrAisES68CcMLmDXHl+z3yt/BJrnfDrG+FJDU
mxG+qbfwamhTF0h6q4GoejPUF0jcPu5pXIaAliZM2rE3UWOX3I4s9Ojv0Hr9IlbQ
E6Fz/8AOuilkAehrExNr8G6Fzp610Gog3dA4L/e1NlltUo5kRXMJ1f4Ar0DXCMm3
CBrY75+Rgpn92GsvJnhfSs3is6k/fPC6Q6Z++cqYoiyUadoEVxK1g+MmviiCcLWk
tuZver29vTK2IdQ+I2fOxZQb5lea3i5+2Fuw9hM0P/KI/qU5zhGE
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:52 2024 by rpki-client on console-fra.rpki-client.org