Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/4fK1m7LUbqpZNsJi5FYeJKiI6go.roa
File: 4fK1m7LUbqpZNsJi5FYeJKiI6go.roa (raw, json)
Hash identifier: ngWNbuMLfoBmX2w9AKfq5NpQgUhXDIoSgjzXk6wkaxk=
Subject key identifier: E1:F2:B5:9B:B2:D4:6E:AA:59:36:C2:62:E4:56:1E:24:A8:88:EA:0A
Certificate issuer: /CN=ed5a6ba2d2248bc4782ac0fdb3c64b946640b09c
Certificate serial: 018BF172E7FD7535F534E2A82478AF4333B4
Authority key identifier: ED:5A:6B:A2:D2:24:8B:C4:78:2A:C0:FD:B3:C6:4B:94:66:40:B0:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7VprotIki8R4KsD9s8ZLlGZAsJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/4fK1m7LUbqpZNsJi5FYeJKiI6go.roa
Signing time: Tue 21 Nov 2023 10:35:21 +0000
ROA not before: Tue 21 Nov 2023 10:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 188.64.143.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:72:e7:fd:75:35:f5:34:e2:a8:24:78:af:43:33:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed5a6ba2d2248bc4782ac0fdb3c64b946640b09c
Validity
Not Before: Nov 21 10:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1f2b59bb2d46eaa5936c262e4561e24a888ea0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cb:de:b0:7b:3b:a7:04:47:91:79:49:b7:a7:
c6:cd:6b:b7:7b:55:1b:cb:63:dd:0c:1b:37:07:05:
7f:4c:78:d5:14:b0:9e:4b:66:3d:6f:a8:9a:4b:a6:
b4:56:ea:e4:de:6c:c4:36:03:56:e3:a6:00:4a:0e:
45:31:9d:5e:24:b0:3c:8d:e4:ba:d3:cc:02:7c:14:
25:c5:e0:c8:34:5d:dc:75:e0:4e:3f:b5:d6:d3:6f:
85:db:6d:d4:64:85:6f:67:99:60:c3:df:64:f6:b0:
cb:13:3e:df:a0:71:c7:3e:52:21:39:c4:64:f7:8c:
fd:60:1c:18:8b:b5:27:03:0a:99:ed:5c:eb:c7:7d:
b7:46:30:76:9e:03:e1:6a:5d:b9:ca:b6:a4:02:d1:
89:8d:b5:11:83:35:e3:ad:0e:a2:a2:06:2d:61:bd:
6b:45:ab:c7:6d:39:f2:8e:24:a6:c6:23:e8:15:fe:
98:84:73:20:19:d7:93:1e:0f:ee:55:23:70:00:dd:
bf:73:de:0d:aa:4c:fc:8f:b2:ff:23:fc:b4:25:0f:
d8:ea:69:8e:d9:f4:0a:27:6f:ec:3b:c0:a3:31:62:
92:dd:14:61:9c:0b:f7:21:ed:1b:0b:dc:d8:9a:56:
36:b6:b7:e9:34:70:a0:9d:ac:43:a4:08:e9:33:11:
b2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F2:B5:9B:B2:D4:6E:AA:59:36:C2:62:E4:56:1E:24:A8:88:EA:0A
X509v3 Authority Key Identifier:
keyid:ED:5A:6B:A2:D2:24:8B:C4:78:2A:C0:FD:B3:C6:4B:94:66:40:B0:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7VprotIki8R4KsD9s8ZLlGZAsJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/4fK1m7LUbqpZNsJi5FYeJKiI6go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/7VprotIki8R4KsD9s8ZLlGZAsJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.143.0/24
Signature Algorithm: sha256WithRSAEncryption
52:c7:4c:93:9e:01:1d:ed:f3:d6:d3:8b:8e:22:ac:98:58:20:
a7:05:bc:77:f6:52:24:dc:d8:9d:e3:4a:9a:30:86:c3:4c:34:
65:02:7b:60:57:8d:fd:9b:1a:62:4c:de:8a:78:bd:f4:04:79:
96:48:1e:42:a1:f4:aa:c0:4c:f5:90:5b:33:4c:60:f1:63:29:
74:26:dd:e8:20:4e:8b:37:69:3f:ea:f7:de:c6:fe:2d:11:6b:
9e:af:8e:e3:dc:c0:34:42:c0:cc:00:b2:5f:f9:60:aa:48:25:
75:69:3b:70:bf:fe:b1:ab:66:89:90:42:33:de:2f:69:4f:9b:
8c:0c:b5:1d:79:fe:82:6b:09:01:3c:17:4b:18:9b:65:cb:68:
3f:69:14:8a:05:d1:a8:dc:d9:9f:bd:73:f5:6b:da:e9:00:ac:
98:73:e1:55:77:04:64:cb:7b:59:57:58:54:e3:9f:87:88:dc:
1c:f2:6f:b7:5c:5b:79:77:09:50:3a:d4:9d:64:03:26:30:70:
0d:6e:51:b0:90:09:1f:21:1c:ee:fc:b6:66:7d:c3:85:83:6c:
9c:c3:78:66:50:f5:47:14:5b:10:f8:e4:75:5c:2b:66:2d:14:
a5:99:67:8c:cc:7c:a6:c3:eb:5f:17:64:9a:b0:1a:d8:61:0e:
37:04:43:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvxcuf9dTX1NOKoJHivQzO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNWE2YmEyZDIyNDhiYzQ3ODJhYzBmZGIzYzY0Yjk0NjY0
MGIwOWMwHhcNMjMxMTIxMTAzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWYyYjU5YmIyZDQ2ZWFhNTkzNmMyNjJlNDU2MWUyNGE4ODhlYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8vesHs7pwRHkXlJt6fGzWu3e1Ub
y2PdDBs3BwV/THjVFLCeS2Y9b6iaS6a0Vurk3mzENgNW46YASg5FMZ1eJLA8jeS6
08wCfBQlxeDINF3cdeBOP7XW02+F223UZIVvZ5lgw99k9rDLEz7foHHHPlIhOcRk
94z9YBwYi7UnAwqZ7Vzrx323RjB2ngPhal25yrakAtGJjbURgzXjrQ6iogYtYb1r
RavHbTnyjiSmxiPoFf6YhHMgGdeTHg/uVSNwAN2/c94Nqkz8j7L/I/y0JQ/Y6mmO
2fQKJ2/sO8CjMWKS3RRhnAv3Ie0bC9zYmlY2trfpNHCgnaxDpAjpMxGyuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOHytZuy1G6qWTbCYuRWHiSoiOoKMB8GA1UdIwQY
MBaAFO1aa6LSJIvEeCrA/bPGS5RmQLCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1Zwcm90SWtpOFI0S3NEOXM4WkxsR1pBc0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iMjc4ZGYtZWQzNy00ZGU3LWE2NzUt
MTA3YThkODViZDMwLzEvNGZLMW03TFVicXBaTnNKaTVGWWVKS2lJNmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iMjc4ZGYtZWQzNy00ZGU3LWE2NzUtMTA3YThkODViZDMw
LzEvN1Zwcm90SWtpOFI0S3NEOXM4WkxsR1pBc0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvECPMA0G
CSqGSIb3DQEBCwUAA4IBAQBSx0yTngEd7fPW04uOIqyYWCCnBbx39lIk3Nid40qa
MIbDTDRlAntgV439mxpiTN6KeL30BHmWSB5CofSqwEz1kFszTGDxYyl0Jt3oIE6L
N2k/6vfexv4tEWuer47j3MA0QsDMALJf+WCqSCV1aTtwv/6xq2aJkEIz3i9pT5uM
DLUdef6CawkBPBdLGJtly2g/aRSKBdGo3NmfvXP1a9rpAKyYc+FVdwRky3tZV1hU
45+HiNwc8m+3XFt5dwlQOtSdZAMmMHANblGwkAkfIRzu/LZmfcOFg2ycw3hmUPVH
FFsQ+OR1XCtmLRSlmWeMzHymw+tfF2SasBrYYQ43BEOE
-----END CERTIFICATE-----
Generated at Sun Dec 17 16:06:54 2023 by rpki-client on console-fra.rpki-client.org