Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/EFdEDh35N2IKeg_FXyfh8nzwlRE.roa
File: EFdEDh35N2IKeg_FXyfh8nzwlRE.roa (raw, json)
Hash identifier: 0ffRjyFKjjU+fkRKeLLtLRESjviFRoAdQWrebMqsh8w=
Subject key identifier: 10:57:44:0E:1D:F9:37:62:0A:7A:0F:C5:5F:27:E1:F2:7C:F0:95:11
Certificate issuer: /CN=3c177b528043a85953fc250f991d9d8020e2810d
Certificate serial: 01856D8AED1FF05A3FFE30EBF86863C67F38
Authority key identifier: 3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/EFdEDh35N2IKeg_FXyfh8nzwlRE.roa
Signing time: Sun 01 Jan 2023 13:34:59 +0000
ROA not before: Sun 01 Jan 2023 13:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212754
IP address blocks: 193.19.248.0/22 maxlen: 24
2a0a:2302::/32 maxlen: 32
2a0a:2300::/31 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:ed:1f:f0:5a:3f:fe:30:eb:f8:68:63:c6:7f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c177b528043a85953fc250f991d9d8020e2810d
Validity
Not Before: Jan 1 13:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1057440e1df937620a7a0fc55f27e1f27cf09511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:f7:1b:4f:12:7f:e5:0c:6b:1a:2e:12:45:
2f:a6:55:df:39:52:de:27:bd:c9:be:ca:39:aa:bc:
dc:31:2f:8f:68:3b:e8:4d:3a:7b:0f:84:a0:1f:63:
cb:a1:55:fd:d8:9d:39:ac:75:a6:8e:48:ea:9f:f1:
ca:5b:27:60:8d:87:29:fe:65:19:76:d0:92:53:5d:
18:bd:39:09:ea:93:bf:98:b4:4f:65:5c:9b:ff:5f:
9c:97:76:68:28:78:d7:09:bc:9c:a4:ad:ad:b4:a9:
c2:bd:fd:1e:65:36:6f:ba:07:72:45:22:3c:6b:e4:
d6:57:42:4c:22:fd:bd:f2:63:2a:d3:db:61:8f:cf:
cc:b6:d4:47:69:1f:c6:5f:f0:18:10:1a:4e:31:aa:
3d:8c:95:f5:e3:74:62:c8:b2:c5:d5:54:a0:33:ed:
0c:de:5c:e5:03:69:fb:c9:4a:58:ad:e1:81:14:4d:
b7:fd:91:5f:10:6b:97:c2:43:06:29:0f:30:fc:e4:
7f:78:9c:bc:1c:7e:fb:ef:eb:e8:76:a0:16:9a:db:
cb:b1:62:a9:c3:b7:ad:dc:6b:b9:d0:2b:e1:59:ec:
1e:13:77:cf:69:6e:88:b9:d3:e4:d3:11:a8:d9:87:
bf:29:33:ea:ff:ab:18:e8:91:cf:4d:6d:cc:62:45:
20:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:57:44:0E:1D:F9:37:62:0A:7A:0F:C5:5F:27:E1:F2:7C:F0:95:11
X509v3 Authority Key Identifier:
keyid:3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/EFdEDh35N2IKeg_FXyfh8nzwlRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.248.0/22
IPv6:
2a0a:2300::-2a0a:2302:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
aa:f8:ba:7c:e8:3c:fc:4f:aa:b7:04:b2:8e:42:d2:08:e8:4a:
82:e2:42:14:a0:a1:b9:80:30:4d:ea:5d:44:c1:b5:17:78:65:
71:b7:db:98:64:5b:2a:81:12:70:49:49:bb:66:65:c4:7e:53:
7c:07:56:8e:dc:2a:9a:e1:13:10:36:ea:3b:1f:0f:80:be:e6:
f4:a4:ab:8b:1b:e8:33:82:16:bc:4c:6d:54:48:16:9c:29:3a:
3c:07:f1:8e:94:91:60:c3:97:4a:cc:af:a7:1f:6b:6d:e5:80:
30:74:f6:e1:a8:59:01:d7:74:fa:de:75:0f:c9:c5:ad:e8:6c:
62:4d:21:65:a6:7b:0d:2d:b6:89:41:e6:20:41:55:c6:a2:f6:
5c:7a:38:44:df:0e:01:9d:9e:65:e2:de:6d:7f:59:0e:84:e3:
b9:5b:ec:05:1f:5f:ed:ce:e9:6f:66:cb:31:0c:1b:c0:37:d0:
88:ca:d6:ba:a3:66:f3:2d:48:a6:7f:0a:92:ff:aa:43:28:4e:
09:69:9d:58:84:81:27:56:db:c7:6c:98:e7:1c:08:2d:bf:1e:
29:36:71:b9:03:70:03:65:71:98:15:ec:76:81:23:55:ab:dc:
03:11:d0:53:81:e6:80:bc:3b:7d:c8:a9:a0:95:74:03:a1:ea:
a8:ef:05:08
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtiu0f8Fo//jDr+Ghjxn84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTc3YjUyODA0M2E4NTk1M2ZjMjUwZjk5MWQ5ZDgwMjBl
MjgxMGQwHhcNMjMwMTAxMTMzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDU3NDQwZTFkZjkzNzYyMGE3YTBmYzU1ZjI3ZTFmMjdjZjA5NTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnf3G08Sf+UMaxouEkUvplXfOVLe
J73Jvso5qrzcMS+PaDvoTTp7D4SgH2PLoVX92J05rHWmjkjqn/HKWydgjYcp/mUZ
dtCSU10YvTkJ6pO/mLRPZVyb/1+cl3ZoKHjXCbycpK2ttKnCvf0eZTZvugdyRSI8
a+TWV0JMIv298mMq09thj8/MttRHaR/GX/AYEBpOMao9jJX143RiyLLF1VSgM+0M
3lzlA2n7yUpYreGBFE23/ZFfEGuXwkMGKQ8w/OR/eJy8HH777+vodqAWmtvLsWKp
w7et3Gu50CvhWeweE3fPaW6IudPk0xGo2Ye/KTPq/6sY6JHPTW3MYkUgtwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBBXRA4d+TdiCnoPxV8n4fJ88JURMB8GA1UdIwQY
MBaAFDwXe1KAQ6hZU/wlD5kdnYAg4oENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMt
YTQxNTFiNWUyZmNmLzEvRUZkRURoMzVOMklLZWdfRlh5Zmg4bnp3bFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMtYTQxNTFiNWUyZmNm
LzEvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQCwRP4MBUE
AgACMA8wDQMEACoKIwMFACoKIwIwDQYJKoZIhvcNAQELBQADggEBAKr4unzoPPxP
qrcEso5C0gjoSoLiQhSgobmAME3qXUTBtRd4ZXG325hkWyqBEnBJSbtmZcR+U3wH
Vo7cKprhExA26jsfD4C+5vSkq4sb6DOCFrxMbVRIFpwpOjwH8Y6UkWDDl0rMr6cf
a23lgDB09uGoWQHXdPredQ/Jxa3obGJNIWWmew0ttolB5iBBVcai9lx6OETfDgGd
nmXi3m1/WQ6E47lb7AUfX+3O6W9myzEMG8A30IjK1rqjZvMtSKZ/CpL/qkMoTglp
nViEgSdW28dsmOccCC2/Hik2cbkDcANlcZgV7HaBI1Wr3AMR0FOB5oC8O33IqaCV
dAOh6qjvBQg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:23 2024 by rpki-client on console-fra.rpki-client.org