Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/ni2bFjuoUWJzSfvOFCETo0hrOMU.roa
File: ni2bFjuoUWJzSfvOFCETo0hrOMU.roa (raw, json)
Hash identifier: eie+KXkqg+cpOrk2VD/rULWJq6ZkcR3WwqnCv4D1sP8=
Subject key identifier: 9E:2D:9B:16:3B:A8:51:62:73:49:FB:CE:14:21:13:A3:48:6B:38:C5
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018B04AFAE65B5194BC99967C50ECE078334
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/ni2bFjuoUWJzSfvOFCETo0hrOMU.roa
Signing time: Fri 06 Oct 2023 11:11:44 +0000
ROA not before: Fri 06 Oct 2023 11:11:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213005
IP address blocks: 188.93.117.0/24 maxlen: 24
46.253.138.0/24 maxlen: 24
185.219.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:af:ae:65:b5:19:4b:c9:99:67:c5:0e:ce:07:83:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Oct 6 11:11:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e2d9b163ba851627349fbce142113a3486b38c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2e:85:b8:b6:c4:8e:e6:7c:0c:bb:f3:40:62:
f4:da:9d:82:e7:20:5e:8a:34:5d:33:af:40:da:15:
ec:f3:f8:53:e5:c6:4f:2a:d5:df:c6:ff:0b:6b:5c:
8a:c9:56:fe:f2:40:01:f0:56:3b:62:f3:a8:45:91:
25:32:46:2e:f7:27:b8:68:71:ef:e3:01:ea:5a:f0:
8b:f1:15:00:fa:1d:27:47:3d:98:40:e8:69:e1:d5:
4f:d8:eb:72:50:41:40:2e:7e:c4:ce:51:44:0b:a5:
7d:0d:eb:88:fb:37:84:d8:b7:34:ab:41:90:d9:94:
8b:b7:6e:c8:4f:5e:2e:70:a8:cc:fe:35:95:f3:85:
2d:c9:0e:2c:6c:25:18:17:85:81:3a:41:ae:dd:3b:
b5:05:e1:7a:96:1e:9c:48:df:43:af:b4:69:d5:c6:
27:64:90:81:8a:9c:43:f4:71:cb:7b:bb:d3:ab:66:
b0:14:71:45:03:43:b8:2b:91:d1:60:2a:a5:37:3e:
0b:9b:40:50:ec:b6:b1:0b:a4:aa:f8:79:78:d0:7f:
6d:da:bb:42:6e:09:13:5a:27:12:0b:fd:e7:4b:73:
5f:dd:b3:a0:6a:f2:5f:af:96:13:eb:c9:b7:cb:66:
fc:71:ff:af:2e:2b:cc:65:0c:9f:ed:d3:28:80:5e:
ab:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:2D:9B:16:3B:A8:51:62:73:49:FB:CE:14:21:13:A3:48:6B:38:C5
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/ni2bFjuoUWJzSfvOFCETo0hrOMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.138.0/24
185.219.7.0/24
188.93.117.0/24
Signature Algorithm: sha256WithRSAEncryption
56:3c:0b:2c:7d:99:22:1f:94:d3:0d:67:ff:38:c1:fc:57:aa:
32:b6:09:61:9f:91:b9:92:97:cf:40:d2:b7:3c:05:e5:37:6b:
32:b2:a3:2b:df:71:34:9c:e8:fa:86:0a:08:01:fd:84:d6:00:
be:3c:6a:0f:29:7c:04:fa:7c:13:5a:41:d5:15:ad:8a:79:68:
3f:a3:69:98:b7:8e:7c:a7:07:22:1a:04:dc:39:88:98:60:bf:
bf:28:ba:6d:bd:94:8b:85:43:a1:6a:2b:c6:41:9b:a7:81:95:
7e:4b:d7:ab:7b:87:19:b9:7b:91:6c:68:13:f8:5f:89:b7:24:
58:8a:bb:50:54:9e:8a:59:17:93:f1:c8:33:85:4b:50:b9:6e:
64:7b:25:16:be:93:55:58:91:a5:81:0e:40:5e:ab:d2:c0:41:
50:ea:a4:49:48:e3:0a:60:1d:c0:61:92:2d:ef:c5:b1:b1:79:
87:40:56:f7:0d:3d:17:a8:ff:68:1f:27:54:eb:ae:bb:2b:f4:
df:ae:7e:b0:91:4f:1b:a5:81:a9:ea:47:d9:c1:db:69:ec:51:
64:d7:40:3d:75:a3:12:94:c5:63:36:4f:e9:4c:77:21:7a:ed:
36:07:14:42:58:64:ea:98:2f:3d:b0:9f:6b:b7:17:99:1a:f6:
1c:a4:61:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsEr65ltRlLyZlnxQ7OB4M0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMxMDA2MTExMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTJkOWIxNjNiYTg1MTYyNzM0OWZiY2UxNDIxMTNhMzQ4NmIzOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi6FuLbEjuZ8DLvzQGL02p2C5yBe
ijRdM69A2hXs8/hT5cZPKtXfxv8La1yKyVb+8kAB8FY7YvOoRZElMkYu9ye4aHHv
4wHqWvCL8RUA+h0nRz2YQOhp4dVP2OtyUEFALn7EzlFEC6V9DeuI+zeE2Lc0q0GQ
2ZSLt27IT14ucKjM/jWV84UtyQ4sbCUYF4WBOkGu3Tu1BeF6lh6cSN9Dr7Rp1cYn
ZJCBipxD9HHLe7vTq2awFHFFA0O4K5HRYCqlNz4Lm0BQ7LaxC6Sq+Hl40H9t2rtC
bgkTWicSC/3nS3Nf3bOgavJfr5YT68m3y2b8cf+vLivMZQyf7dMogF6r6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ4tmxY7qFFic0n7zhQhE6NIazjFMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvbmkyYkZqdW9VV0p6U2Z2T0ZDRVRvMGhyT01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALv2KAwQA
udsHAwQAvF11MA0GCSqGSIb3DQEBCwUAA4IBAQBWPAssfZkiH5TTDWf/OMH8V6oy
tglhn5G5kpfPQNK3PAXlN2sysqMr33E0nOj6hgoIAf2E1gC+PGoPKXwE+nwTWkHV
Fa2KeWg/o2mYt458pwciGgTcOYiYYL+/KLptvZSLhUOhaivGQZungZV+S9ere4cZ
uXuRbGgT+F+JtyRYirtQVJ6KWReT8cgzhUtQuW5keyUWvpNVWJGlgQ5AXqvSwEFQ
6qRJSOMKYB3AYZIt78WxsXmHQFb3DT0XqP9oHydU6667K/Tfrn6wkU8bpYGp6kfZ
wdtp7FFk10A9daMSlMVjNk/pTHcheu02BxRCWGTqmC89sJ9rtxeZGvYcpGHy
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:20 2024 by rpki-client on console-fra.rpki-client.org