Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/r_CA6gEr9KwfA1LnAdh9oY4A86s.roa
File: r_CA6gEr9KwfA1LnAdh9oY4A86s.roa (raw, json)
Hash identifier: sUoC+EZN5leWeS5/R+715EbFBjko5I61L/8YWkig3Ig=
Subject key identifier: AF:F0:80:EA:01:2B:F4:AC:1F:03:52:E7:01:D8:7D:A1:8E:00:F3:AB
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018BA8FC698561CE4F5FA127697606833A2B
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/r_CA6gEr9KwfA1LnAdh9oY4A86s.roa
Signing time: Tue 07 Nov 2023 08:53:16 +0000
ROA not before: Tue 07 Nov 2023 08:53:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21263
IP address blocks: 149.238.32.0/19 maxlen: 19
149.238.160.0/19 maxlen: 19
193.33.52.0/23 maxlen: 23
192.112.208.0/24 maxlen: 24
192.77.114.0/23 maxlen: 23
149.238.192.0/19 maxlen: 19
149.238.0.0/19 maxlen: 19
149.238.224.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:fc:69:85:61:ce:4f:5f:a1:27:69:76:06:83:3a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Nov 7 08:53:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aff080ea012bf4ac1f0352e701d87da18e00f3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:02:8e:7b:06:3a:69:f3:06:a3:e3:0f:9d:8d:
d9:1a:38:72:86:76:84:de:5c:f2:01:ab:cb:0c:7d:
52:f4:1a:68:86:cf:8b:41:aa:c4:8f:69:e0:35:ee:
41:89:89:5a:8b:30:7d:ec:0a:e7:b3:c6:6a:d9:0d:
8b:b2:2b:c9:5b:80:63:40:94:0a:ec:7a:c5:22:43:
8d:18:ef:f1:00:f9:96:b8:99:10:5b:a1:15:eb:91:
c7:ce:be:b5:1c:ac:01:28:a0:1d:6a:a9:ac:b8:19:
50:99:a5:3c:e1:67:a7:a7:a7:f2:98:3f:5a:ef:7b:
f3:0d:af:5f:b6:e7:77:62:1d:69:d7:75:4b:3f:3b:
dc:04:c8:ce:19:1f:45:96:8a:a7:94:66:e3:3b:32:
67:1b:8e:48:ce:22:f5:7e:c4:bb:df:a3:94:6c:e8:
c5:66:95:3e:dc:5f:2e:eb:f4:fe:a7:a4:35:6f:fb:
9b:4a:cb:ae:e4:a2:7a:e7:dd:b9:2d:1b:f3:dd:a7:
11:11:57:ee:64:af:3e:47:30:3c:cd:3c:f1:5c:d7:
f3:3b:dd:a5:fa:b4:e6:99:e0:8a:0b:7e:39:a0:24:
2b:c9:fc:2a:55:92:25:a9:6d:ab:a9:3f:9b:54:1e:
da:b2:f0:6a:3d:89:66:c4:73:f1:60:68:93:4f:f2:
5b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F0:80:EA:01:2B:F4:AC:1F:03:52:E7:01:D8:7D:A1:8E:00:F3:AB
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/r_CA6gEr9KwfA1LnAdh9oY4A86s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/18
149.238.160.0-149.238.255.255
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
Signature Algorithm: sha256WithRSAEncryption
24:83:a1:e2:a7:9d:be:a9:f1:b3:84:ff:2d:c4:19:92:51:e4:
46:6e:88:fd:b3:6f:7a:6e:a9:79:9b:ed:20:13:d4:29:7e:72:
bd:31:18:85:f0:26:3f:25:1c:f8:c1:2a:12:10:45:4b:fc:cf:
93:eb:ed:96:87:df:3e:09:71:f7:a9:4e:39:2b:92:a7:00:0f:
8b:bd:f9:88:d9:00:39:23:da:47:7d:bf:5b:e6:5b:80:d3:8e:
aa:e7:01:b0:52:35:a3:be:e2:3d:5a:34:37:fa:35:ea:b4:46:
b9:39:8f:d0:68:c1:73:89:cc:51:7f:c9:e4:3f:bb:bd:89:91:
fc:cd:b3:a3:81:7c:32:83:17:03:40:09:71:6a:94:1b:58:69:
3c:95:3f:e3:b1:26:96:d7:2a:9e:24:94:86:aa:64:ee:f1:12:
b7:f9:1b:bd:12:34:49:ba:64:69:18:87:0e:92:75:4a:a0:9c:
47:08:92:59:5f:08:99:de:dc:b3:41:50:3f:60:07:05:9d:02:
86:62:ff:30:79:d4:b0:44:af:6b:e2:19:8b:85:0c:0e:c8:c9:
0f:95:cc:d6:53:16:ec:d8:fc:c3:7b:e8:2a:d2:13:56:49:73:
b8:53:dd:ae:e1:45:2a:46:e5:d3:00:ca:4a:b0:04:cf:75:24:
6f:1f:42:d2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYuo/GmFYc5PX6EnaXYGgzorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjMxMTA3MDg1MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmYwODBlYTAxMmJmNGFjMWYwMzUyZTcwMWQ4N2RhMThlMDBmM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAKOewY6afMGo+MPnY3ZGjhyhnaE
3lzyAavLDH1S9Bpohs+LQarEj2ngNe5BiYlaizB97Arns8Zq2Q2LsivJW4BjQJQK
7HrFIkONGO/xAPmWuJkQW6EV65HHzr61HKwBKKAdaqmsuBlQmaU84Wenp6fymD9a
73vzDa9ftud3Yh1p13VLPzvcBMjOGR9FloqnlGbjOzJnG45IziL1fsS736OUbOjF
ZpU+3F8u6/T+p6Q1b/ubSsuu5KJ65925LRvz3acREVfuZK8+RzA8zTzxXNfzO92l
+rTmmeCKC345oCQryfwqVZIlqW2rqT+bVB7asvBqPYlmxHPxYGiTT/JbawIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFK/wgOoBK/SsHwNS5wHYfaGOAPOrMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvcl9DQTZnRXI5S3dmQTFMbkFkaDlvWTRBODZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQGle4AMAsD
BAWV7qADAwCV7gMEAcBNcgMEAMBw0AMEAcEhNDANBgkqhkiG9w0BAQsFAAOCAQEA
JIOh4qedvqnxs4T/LcQZklHkRm6I/bNvem6peZvtIBPUKX5yvTEYhfAmPyUc+MEq
EhBFS/zPk+vtloffPglx96lOOSuSpwAPi735iNkAOSPaR32/W+ZbgNOOqucBsFI1
o77iPVo0N/o16rRGuTmP0GjBc4nMUX/J5D+7vYmR/M2zo4F8MoMXA0AJcWqUG1hp
PJU/47EmltcqniSUhqpk7vESt/kbvRI0SbpkaRiHDpJ1SqCcRwiSWV8Imd7cs0FQ
P2AHBZ0ChmL/MHnUsESva+IZi4UMDsjJD5XM1lMW7Nj8w3voKtITVklzuFPdruFF
Kkbl0wDKSrAEz3Ukbx9C0g==
-----END CERTIFICATE-----
Generated at Thu Dec 14 10:12:34 2023 by rpki-client on console-fra.rpki-client.org