Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/S1yN8awUIdjolXE5BaFPShusAJk.roa
File: S1yN8awUIdjolXE5BaFPShusAJk.roa (raw, json)
Hash identifier: sw5Os0dN+aOTjbTDf/DylN3FDkyF8WLfrqYWsARGO3s=
Subject key identifier: 4B:5C:8D:F1:AC:14:21:D8:E8:95:71:39:05:A1:4F:4A:1B:AC:00:99
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 0188907A92ABDC7D0695091C0C399E001764
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/S1yN8awUIdjolXE5BaFPShusAJk.roa
Signing time: Tue 06 Jun 2023 11:32:11 +0000
ROA not before: Tue 06 Jun 2023 11:32:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21416
IP address blocks: 62.76.253.0/24 maxlen: 24
212.193.104.0/24 maxlen: 24
212.193.105.0/24 maxlen: 24
212.193.112.0/24 maxlen: 24
212.193.109.0/24 maxlen: 24
212.193.108.0/24 maxlen: 24
212.193.111.0/24 maxlen: 24
212.193.110.0/24 maxlen: 24
212.193.106.0/24 maxlen: 24
212.193.107.0/24 maxlen: 24
212.193.113.0/24 maxlen: 24
212.193.114.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:7a:92:ab:dc:7d:06:95:09:1c:0c:39:9e:00:17:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Jun 6 11:32:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b5c8df1ac1421d8e895713905a14f4a1bac0099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d1:41:b0:62:25:a0:73:39:87:97:e8:fc:f2:
ac:b7:67:93:06:a2:39:f0:6d:63:b2:3c:cb:91:48:
6f:a1:47:af:3e:e6:37:71:7c:b0:e5:03:2a:55:80:
68:ee:4e:3d:6c:c5:33:53:83:56:97:49:7d:d8:4f:
cf:6d:fe:3a:ba:4c:a2:3f:bd:5c:46:52:4e:a6:6e:
eb:e1:8d:d2:fa:c0:5d:73:e2:ae:d2:ec:d0:ae:e4:
08:3d:c2:1e:4e:9a:21:f7:e0:9f:77:02:18:2e:0c:
c8:71:a4:ac:15:22:0e:89:5c:4d:55:55:84:fc:16:
a1:3c:72:c9:3c:e2:63:03:be:b3:a0:e4:48:94:85:
44:60:df:d4:3b:0f:9c:28:b8:1c:67:e2:40:22:ad:
f0:d5:86:69:c3:70:97:85:b7:52:fc:d8:41:ba:ed:
56:de:c9:3e:a9:cb:92:6a:7c:8d:72:61:aa:d2:26:
ee:95:08:ee:2d:cc:7f:e2:ee:26:4b:e0:d4:5a:f9:
c8:ef:95:e3:68:ef:9e:6c:d1:cd:3a:56:a2:bc:21:
35:c1:61:e4:1d:1f:ee:b6:eb:44:c0:a3:b7:8f:77:
cd:e7:30:d4:8c:b5:29:92:02:53:8b:da:ce:78:b7:
d3:f4:6c:4c:f6:2d:98:b7:09:76:80:02:e7:e8:fd:
c2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5C:8D:F1:AC:14:21:D8:E8:95:71:39:05:A1:4F:4A:1B:AC:00:99
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/S1yN8awUIdjolXE5BaFPShusAJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.253.0/24
212.193.104.0-212.193.114.255
Signature Algorithm: sha256WithRSAEncryption
49:dd:e1:53:b0:43:ad:e1:b4:b5:71:d4:f1:df:57:b4:04:da:
c8:07:da:70:4d:16:b7:74:bc:82:ec:d0:d6:d3:33:1e:99:3f:
c6:39:15:b7:ee:cc:32:f7:b1:eb:a0:f7:6a:3c:1b:87:bd:8a:
82:71:87:be:1e:3d:c6:b2:53:26:89:8e:cf:89:d5:4f:70:63:
50:9d:c0:e9:a6:33:6c:42:21:d9:14:ea:46:14:da:46:00:9f:
c6:a9:ff:a6:8d:89:17:d6:40:d7:fc:3e:2e:ed:74:fc:43:f0:
95:ed:df:33:0d:54:9c:b3:5f:87:be:4e:c8:bd:8d:0f:4f:30:
12:7a:dd:34:2f:e8:66:de:13:bc:2d:59:2e:b1:9c:2a:dc:3f:
19:cd:f3:b5:2d:8e:f8:f0:f0:29:23:75:8e:3c:71:6d:b8:94:
7c:d6:ab:e8:73:4a:9c:e5:a2:44:f7:8a:7c:76:1d:01:3c:63:
2e:d0:fa:93:fc:ba:3e:cd:d0:b6:ea:a6:19:51:90:81:36:7d:
e2:3d:fa:23:ee:b2:cc:5a:a0:23:76:ec:10:52:e8:b8:33:81:
17:6e:79:37:fd:de:f9:1a:7b:25:30:77:fb:41:e5:94:48:9f:
d9:93:ae:9c:02:ea:e8:48:6a:80:b8:b3:12:41:9c:8f:8d:23:
e5:0e:65:08
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYiQepKr3H0GlQkcDDmeABdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjMwNjA2MTEzMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVjOGRmMWFjMTQyMWQ4ZTg5NTcxMzkwNWExNGY0YTFiYWMwMDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodFBsGIloHM5h5fo/PKst2eTBqI5
8G1jsjzLkUhvoUevPuY3cXyw5QMqVYBo7k49bMUzU4NWl0l92E/Pbf46ukyiP71c
RlJOpm7r4Y3S+sBdc+Ku0uzQruQIPcIeTpoh9+CfdwIYLgzIcaSsFSIOiVxNVVWE
/BahPHLJPOJjA76zoORIlIVEYN/UOw+cKLgcZ+JAIq3w1YZpw3CXhbdS/NhBuu1W
3sk+qcuSanyNcmGq0ibulQjuLcx/4u4mS+DUWvnI75XjaO+ebNHNOlaivCE1wWHk
HR/ututEwKO3j3fN5zDUjLUpkgJTi9rOeLfT9GxM9i2Ytwl2gALn6P3CMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEtcjfGsFCHY6JVxOQWhT0obrACZMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvUzF5Tjhhd1VJZGpvbFhFNUJhRlBTaHVzQUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAPkz9MAwD
BAPUwWgDBADUwXIwDQYJKoZIhvcNAQELBQADggEBAEnd4VOwQ63htLVx1PHfV7QE
2sgH2nBNFrd0vILs0NbTMx6ZP8Y5FbfuzDL3seug92o8G4e9ioJxh74ePcayUyaJ
js+J1U9wY1CdwOmmM2xCIdkU6kYU2kYAn8ap/6aNiRfWQNf8Pi7tdPxD8JXt3zMN
VJyzX4e+Tsi9jQ9PMBJ63TQv6GbeE7wtWS6xnCrcPxnN87Utjvjw8CkjdY48cW24
lHzWq+hzSpzlokT3inx2HQE8Yy7Q+pP8uj7N0LbqphlRkIE2feI9+iPussxaoCN2
7BBS6LgzgRdueTf93vkaeyUwd/tB5ZRIn9mTrpwC6uhIaoC4sxJBnI+NI+UOZQg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:29 2024 by rpki-client on console-fra.rpki-client.org