Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/b1VtQgTq5v7UXbKwNgl9VtQxRUo.roa
File: b1VtQgTq5v7UXbKwNgl9VtQxRUo.roa (raw, json)
Hash identifier: GZE128aHOD0W7k714Kq4Sy5gSNSMtDj9r1MTYEcPBoI=
Subject key identifier: 6F:55:6D:42:04:EA:E6:FE:D4:5D:B2:B0:36:09:7D:56:D4:31:45:4A
Certificate issuer: /CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Certificate serial: 0186041E1E9DA637BD67E7FF13FA69C16BA7
Authority key identifier: E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/b1VtQgTq5v7UXbKwNgl9VtQxRUo.roa
Signing time: Mon 30 Jan 2023 19:18:47 +0000
ROA not before: Mon 30 Jan 2023 19:18:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12773
IP address blocks: 185.28.109.0/24 maxlen: 24
185.28.111.0/24 maxlen: 24
185.28.108.0/24 maxlen: 24
130.193.73.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:04:1e:1e:9d:a6:37:bd:67:e7:ff:13:fa:69:c1:6b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Validity
Not Before: Jan 30 19:18:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f556d4204eae6fed45db2b036097d56d431454a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:99:1f:9b:aa:3b:7d:d0:94:ce:07:5f:1d:5f:
44:9b:5e:d5:db:1a:64:0c:cd:76:56:ef:47:1c:83:
6a:83:1b:29:fb:b0:8f:6a:a5:c3:70:81:a2:82:00:
12:15:6a:8d:f8:a3:7f:92:16:14:bb:e7:4b:bd:20:
ec:7f:35:f6:6c:a4:ec:64:48:34:7e:40:74:5d:d9:
32:20:cc:52:10:77:63:85:ef:77:93:68:38:3a:09:
0c:e8:50:cd:34:97:ab:f8:e9:e5:80:17:70:4c:3b:
0b:c1:4a:97:e4:21:d3:b7:a5:73:0c:e8:d9:26:ee:
6a:68:37:a4:15:d9:db:63:6d:41:f4:e8:e2:66:37:
db:3d:40:1d:fa:78:fa:d6:d2:2f:12:08:39:19:3a:
d6:7c:2a:d4:68:7f:bd:a8:79:ab:f0:31:64:51:bc:
95:c8:a7:bc:c1:9e:21:6d:ce:d6:27:c1:3b:74:12:
c0:51:54:71:a0:f4:a2:02:e1:a8:89:70:66:60:c9:
1c:1b:13:95:94:1c:a6:66:bf:44:55:3c:54:c9:32:
f6:b6:93:5c:2c:33:e0:5c:ba:db:39:18:ad:94:80:
f3:5d:ba:13:62:80:68:af:2f:9a:4b:49:49:2a:0c:
bd:da:90:84:6d:27:49:7f:ba:28:a7:9a:7c:d4:44:
2a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:55:6D:42:04:EA:E6:FE:D4:5D:B2:B0:36:09:7D:56:D4:31:45:4A
X509v3 Authority Key Identifier:
keyid:E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/b1VtQgTq5v7UXbKwNgl9VtQxRUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.73.0/24
185.28.108.0/23
185.28.111.0/24
Signature Algorithm: sha256WithRSAEncryption
49:14:1f:dd:f6:2f:3e:48:70:56:fb:09:04:c4:f4:08:96:3f:
6d:5d:c9:1d:3d:70:14:b7:74:c8:0b:24:1e:c0:3b:32:b7:81:
3b:de:6d:72:50:f6:6b:e6:60:3d:8c:c3:d4:16:4c:eb:3a:53:
52:39:5c:3c:aa:1d:02:ab:1d:9f:5b:12:4e:0b:8e:7a:4d:8f:
ae:41:26:7c:30:99:d8:41:5a:4f:43:7f:d3:0d:8c:f2:83:b8:
b1:ec:35:6d:27:51:7f:80:c8:be:0a:f5:2a:1a:9d:df:ac:d8:
85:a6:07:b9:3d:17:60:da:82:7b:50:1c:f0:38:77:25:be:c0:
82:86:4f:83:1d:71:70:20:23:18:33:98:c8:b4:db:84:e1:bc:
6f:22:0a:10:4b:91:8a:5a:07:c6:52:88:46:67:4e:39:ef:80:
cd:d8:cf:cc:ae:31:5d:21:d5:c3:79:af:11:62:59:d0:5c:ab:
4a:05:27:87:7b:cb:fa:8e:00:1c:94:08:90:e8:76:8a:d1:fc:
a5:df:fc:b4:19:77:58:3d:cd:8d:7f:6b:65:7b:f0:e8:3b:f7:
b2:32:9d:03:1d:35:81:b6:c3:49:93:83:9c:9f:e5:9c:b6:8f:
0f:66:0e:8f:f1:8e:47:e5:6e:94:40:61:7b:a9:d8:ef:9c:ee:
10:3d:73:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYEHh6dpje9Z+f/E/ppwWunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZWExNGQxMzQzYjk5MjUwNmJlZTZjM2Q5MGUxOWE2OTc5
OGIwMTgwHhcNMjMwMTMwMTkxODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjU1NmQ0MjA0ZWFlNmZlZDQ1ZGIyYjAzNjA5N2Q1NmQ0MzE0NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5kfm6o7fdCUzgdfHV9Em17V2xpk
DM12Vu9HHINqgxsp+7CPaqXDcIGiggASFWqN+KN/khYUu+dLvSDsfzX2bKTsZEg0
fkB0XdkyIMxSEHdjhe93k2g4OgkM6FDNNJer+OnlgBdwTDsLwUqX5CHTt6VzDOjZ
Ju5qaDekFdnbY21B9OjiZjfbPUAd+nj61tIvEgg5GTrWfCrUaH+9qHmr8DFkUbyV
yKe8wZ4hbc7WJ8E7dBLAUVRxoPSiAuGoiXBmYMkcGxOVlBymZr9EVTxUyTL2tpNc
LDPgXLrbORitlIDzXboTYoBory+aS0lJKgy92pCEbSdJf7oop5p81EQqTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG9VbUIE6ub+1F2ysDYJfVbUMUVKMB8GA1UdIwQY
MBaAFOPqFNE0O5klBr7mw9kOGaaXmLAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQt
ZDRhNGYzNDcxN2YwLzEvYjFWdFFnVHE1djdVWGJLd05nbDlWdFF4UlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQtZDRhNGYzNDcxN2Yw
LzEvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAgsFJAwQB
uRxsAwQAuRxvMA0GCSqGSIb3DQEBCwUAA4IBAQBJFB/d9i8+SHBW+wkExPQIlj9t
XckdPXAUt3TICyQewDsyt4E73m1yUPZr5mA9jMPUFkzrOlNSOVw8qh0Cqx2fWxJO
C456TY+uQSZ8MJnYQVpPQ3/TDYzyg7ix7DVtJ1F/gMi+CvUqGp3frNiFpge5PRdg
2oJ7UBzwOHclvsCChk+DHXFwICMYM5jItNuE4bxvIgoQS5GKWgfGUohGZ04574DN
2M/MrjFdIdXDea8RYlnQXKtKBSeHe8v6jgAclAiQ6HaK0fyl3/y0GXdYPc2Nf2tl
e/DoO/eyMp0DHTWBtsNJk4Ocn+Wcto8PZg6P8Y5H5W6UQGF7qdjvnO4QPXOX
-----END CERTIFICATE-----
Generated at Wed Nov 1 22:47:30 2023 by rpki-client on console-ams.rpki-client.org