Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/eXbxLL6p0g_gWj07VOCijx920_Y.roa
File: eXbxLL6p0g_gWj07VOCijx920_Y.roa (raw, json)
Hash identifier: 3nbhfRpdnTHe1NsDqbG5DpvJpgUNRWiQmWksh00nWxg=
Subject key identifier: 79:76:F1:2C:BE:A9:D2:0F:E0:5A:3D:3B:54:E0:A2:8F:1F:76:D3:F6
Certificate issuer: /CN=fe076c4eb82198289b13ff528593907d3214d648
Certificate serial: 018C154D119E583D8158427C063227606FA3
Authority key identifier: FE:07:6C:4E:B8:21:98:28:9B:13:FF:52:85:93:90:7D:32:14:D6:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_gdsTrghmCibE_9ShZOQfTIU1kg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/eXbxLL6p0g_gWj07VOCijx920_Y.roa
Signing time: Tue 28 Nov 2023 09:40:21 +0000
ROA not before: Tue 28 Nov 2023 09:40:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211871
IP address blocks: 78.111.111.0/24 maxlen: 24
217.195.202.0/24 maxlen: 24
217.195.207.0/24 maxlen: 24
185.139.5.0/24 maxlen: 24
2a12:94c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:4d:11:9e:58:3d:81:58:42:7c:06:32:27:60:6f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe076c4eb82198289b13ff528593907d3214d648
Validity
Not Before: Nov 28 09:40:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7976f12cbea9d20fe05a3d3b54e0a28f1f76d3f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:75:2a:4d:07:fd:d9:27:60:7a:7e:33:66:0f:
69:9f:88:f3:0b:f2:58:05:c0:21:29:d0:e0:c0:32:
61:ce:43:94:c2:10:37:90:d5:53:f6:0e:da:95:6f:
5b:5b:a6:0c:c8:59:79:2c:0b:e9:e7:69:a4:53:6b:
b0:28:29:78:24:ba:cf:6d:58:2a:2f:c7:c4:41:06:
6e:a8:32:72:52:a3:ba:0c:a7:83:fe:d4:b5:b8:75:
f6:49:33:c2:f0:f5:98:00:aa:40:ad:6a:fc:e6:2e:
cd:67:02:b8:18:55:2f:c7:3f:d2:ab:bb:7d:b5:9c:
a4:59:81:e6:bb:8c:aa:a3:22:f1:49:a3:d3:5a:f1:
ac:16:c6:ca:52:26:aa:82:1e:1a:83:75:18:c6:08:
50:6a:e0:e1:e5:a8:a3:f5:56:f4:dc:81:74:7c:c4:
97:d5:e9:ba:c6:d0:17:1e:c2:60:b8:60:e1:aa:ab:
73:da:73:98:16:4b:9e:45:70:6c:88:27:b7:0b:ea:
55:f8:22:7e:d7:ac:29:5b:b0:a6:2b:d2:27:c2:4c:
e3:3d:41:53:83:0b:e7:87:9e:bd:59:c9:19:da:7a:
e7:f8:77:77:5e:71:52:3f:01:e5:44:52:a8:11:cb:
d1:3d:a3:47:78:9d:64:a7:f4:60:f9:b7:81:7a:f6:
44:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:76:F1:2C:BE:A9:D2:0F:E0:5A:3D:3B:54:E0:A2:8F:1F:76:D3:F6
X509v3 Authority Key Identifier:
keyid:FE:07:6C:4E:B8:21:98:28:9B:13:FF:52:85:93:90:7D:32:14:D6:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_gdsTrghmCibE_9ShZOQfTIU1kg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/eXbxLL6p0g_gWj07VOCijx920_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/_gdsTrghmCibE_9ShZOQfTIU1kg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.111.0/24
185.139.5.0/24
217.195.202.0/24
217.195.207.0/24
IPv6:
2a12:94c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:bb:8d:10:d0:c5:13:2a:3d:53:b5:93:1a:dd:44:25:b2:9d:
b2:ae:45:6e:f9:ae:15:71:5a:b9:87:69:27:49:03:5a:e7:2c:
0a:c0:c8:d9:4c:33:da:2e:61:87:a0:2b:3b:cc:84:f6:56:4d:
61:66:6f:82:7c:85:52:3e:c1:26:8e:94:4f:cd:d6:90:24:e4:
2e:97:fd:45:66:04:ce:a8:1c:f3:d0:ce:8a:78:23:d8:af:9e:
a5:1a:a2:22:60:38:2e:8c:c7:8a:69:4e:0c:78:f6:97:70:af:
fb:17:f2:70:88:8c:d5:c8:d8:96:1a:c3:57:86:f1:99:b6:d0:
00:ff:2b:6e:f0:1e:28:7c:3d:27:1d:55:61:e0:91:47:a1:45:
51:a3:16:10:af:56:cd:20:99:c0:ae:f7:4b:27:b8:f7:8e:92:
de:49:e3:6b:36:48:4e:25:b0:e5:0b:b1:11:5b:93:97:13:76:
15:70:07:77:23:dd:ea:04:61:43:04:8b:f0:b4:c9:1f:2d:26:
83:71:56:41:3f:fb:7b:da:e8:09:6a:69:51:cc:ea:9d:1f:2b:
81:49:23:ca:0e:59:81:62:8c:b9:74:d6:34:d5:9d:1c:6b:97:
0e:8e:76:0f:76:a6:50:d2:29:98:6b:fe:51:92:fe:51:36:38:
62:3c:d5:64
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYwVTRGeWD2BWEJ8BjInYG+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMDc2YzRlYjgyMTk4Mjg5YjEzZmY1Mjg1OTM5MDdkMzIx
NGQ2NDgwHhcNMjMxMTI4MDk0MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTc2ZjEyY2JlYTlkMjBmZTA1YTNkM2I1NGUwYTI4ZjFmNzZkM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHUqTQf92Sdgen4zZg9pn4jzC/JY
BcAhKdDgwDJhzkOUwhA3kNVT9g7alW9bW6YMyFl5LAvp52mkU2uwKCl4JLrPbVgq
L8fEQQZuqDJyUqO6DKeD/tS1uHX2STPC8PWYAKpArWr85i7NZwK4GFUvxz/Sq7t9
tZykWYHmu4yqoyLxSaPTWvGsFsbKUiaqgh4ag3UYxghQauDh5aij9Vb03IF0fMSX
1em6xtAXHsJguGDhqqtz2nOYFkueRXBsiCe3C+pV+CJ+16wpW7CmK9InwkzjPUFT
gwvnh569WckZ2nrn+Hd3XnFSPwHlRFKoEcvRPaNHeJ1kp/Rg+beBevZEJQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHl28Sy+qdIP4Fo9O1Tgoo8fdtP2MB8GA1UdIwQY
MBaAFP4HbE64IZgomxP/UoWTkH0yFNZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2dkc1RyZ2htQ2liRV85U2haT1FmVElVMWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lNDdiN2QtMzYwYS00YTQxLWI3NmIt
MzY3YTQxMWY5ZWM2LzEvZVhieExMNnAwZ19nV2owN1ZPQ2lqeDkyMF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lNDdiN2QtMzYwYS00YTQxLWI3NmItMzY3YTQxMWY5ZWM2
LzEvX2dkc1RyZ2htQ2liRV85U2haT1FmVElVMWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQATm9vAwQA
uYsFAwQA2cPKAwQA2cPPMA0EAgACMAcDBQMqEpTAMA0GCSqGSIb3DQEBCwUAA4IB
AQAnu40Q0MUTKj1TtZMa3UQlsp2yrkVu+a4VcVq5h2knSQNa5ywKwMjZTDPaLmGH
oCs7zIT2Vk1hZm+CfIVSPsEmjpRPzdaQJOQul/1FZgTOqBzz0M6KeCPYr56lGqIi
YDgujMeKaU4MePaXcK/7F/JwiIzVyNiWGsNXhvGZttAA/ytu8B4ofD0nHVVh4JFH
oUVRoxYQr1bNIJnArvdLJ7j3jpLeSeNrNkhOJbDlC7ERW5OXE3YVcAd3I93qBGFD
BIvwtMkfLSaDcVZBP/t72ugJamlRzOqdHyuBSSPKDlmBYoy5dNY01Z0ca5cOjnYP
dqZQ0imYa/5Rkv5RNjhiPNVk
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:26 2024 by rpki-client on console-fra.rpki-client.org