Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/FHai7EJRltQhy1q4aGZoCHY4nKw.roa
File: FHai7EJRltQhy1q4aGZoCHY4nKw.roa (raw, json)
Hash identifier: RMVBfWvYV/TOHh2sA1ceN1udzjutHZBaCS28aEvyjoU=
Subject key identifier: 14:76:A2:EC:42:51:96:D4:21:CB:5A:B8:68:66:68:08:76:38:9C:AC
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018A8C74A8B310C6DC7A1C4F70D9C8652A3A
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/FHai7EJRltQhy1q4aGZoCHY4nKw.roa
Signing time: Wed 13 Sep 2023 02:52:50 +0000
ROA not before: Wed 13 Sep 2023 02:52:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42216
IP address blocks: 188.132.240.0/24 maxlen: 24
188.132.242.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.147.0/24 maxlen: 24
212.68.48.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8c:74:a8:b3:10:c6:dc:7a:1c:4f:70:d9:c8:65:2a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Sep 13 02:52:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1476a2ec425196d421cb5ab86866680876389cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fe:0d:c5:d6:e3:2e:ad:9e:f6:3f:71:ff:62:
80:15:b3:88:3d:2a:e7:e3:07:28:f8:27:a7:06:39:
ec:a4:e5:64:7f:ea:2d:c7:8e:d9:ec:0d:bc:cb:8e:
89:89:b5:98:65:1e:05:9a:9a:75:74:9a:3a:eb:9c:
6b:a4:89:6f:86:d4:8b:73:7b:15:11:a0:66:92:46:
41:67:89:8c:da:04:8e:df:6d:b2:d3:75:80:fd:3f:
38:e8:10:33:e5:0b:3e:e5:21:be:20:af:49:c6:6d:
8e:be:92:58:f7:8e:31:a8:d1:79:c5:b7:cf:be:6c:
5b:82:1f:00:5b:54:42:4d:fd:51:24:16:8e:ed:da:
75:bd:d9:a0:5f:3d:25:8e:b5:b8:5e:52:82:97:15:
9a:78:0c:61:e5:cc:f0:5d:b9:36:c8:74:6e:ef:3d:
5f:2a:9e:da:d9:b1:d3:c7:66:9c:f7:90:56:bb:97:
b8:3c:72:23:88:e1:53:94:05:b4:fe:14:ee:a6:dc:
c8:65:68:91:1a:79:cc:cb:6b:b3:75:b8:03:88:de:
f1:98:de:3f:2a:39:1f:55:a8:71:b0:52:89:f0:af:
6e:fa:98:79:0f:2a:22:04:9b:79:1b:5e:3a:59:61:
28:7f:02:d4:9e:91:2b:18:78:df:87:36:47:3b:d2:
97:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:76:A2:EC:42:51:96:D4:21:CB:5A:B8:68:66:68:08:76:38:9C:AC
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/FHai7EJRltQhy1q4aGZoCHY4nKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/24
77.92.145.0/24
77.92.147.0/24
188.132.184.0/24
188.132.210.0/24
188.132.240.0/24
188.132.242.0/24
212.68.48.0/24
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
47:2c:5c:4b:ce:ca:c0:b7:6a:f6:ca:23:d9:5f:35:21:ec:e9:
66:0d:21:98:ab:51:c1:62:56:9f:90:eb:6b:d0:fe:25:25:0f:
c7:fc:68:39:93:68:68:b3:cc:c6:86:ee:0c:79:e6:59:26:de:
e3:38:2d:00:c4:dd:06:41:47:73:74:9a:c0:66:8b:aa:55:fd:
e0:f6:79:b3:b1:1f:4f:56:63:b4:fe:e8:cb:64:dc:3d:28:02:
44:c6:e9:d8:a9:c5:38:74:26:fd:a6:c8:07:d7:42:f1:0f:e4:
27:58:1d:9a:cb:9a:1b:7e:0d:cd:b8:30:7f:a3:67:70:a4:3f:
36:86:98:44:8d:1b:7c:03:8e:d6:ed:31:8d:81:4c:37:a4:d4:
c4:64:df:93:9b:c9:49:cc:5a:15:fe:04:45:21:dc:2a:e3:a9:
7d:21:79:0f:c8:ef:41:23:c8:3e:61:5e:1a:11:ef:fc:f1:b7:
1c:6f:0e:87:fc:39:4d:62:ed:85:40:92:07:c4:bd:13:43:9b:
31:8d:3d:19:86:c9:1e:eb:d2:30:3d:7e:da:e1:bd:07:73:b4:
68:25:e7:e6:20:00:dd:41:0c:63:de:fc:2d:19:e5:b0:6d:06:
f5:69:db:6a:30:96:df:1a:75:10:67:06:98:4e:97:d0:e6:88:
67:ea:20:20
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYqMdKizEMbcehxPcNnIZSo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMwOTEzMDI1MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDc2YTJlYzQyNTE5NmQ0MjFjYjVhYjg2ODY2NjgwODc2Mzg5Y2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/4NxdbjLq2e9j9x/2KAFbOIPSrn
4wco+CenBjnspOVkf+otx47Z7A28y46JibWYZR4Fmpp1dJo665xrpIlvhtSLc3sV
EaBmkkZBZ4mM2gSO322y03WA/T846BAz5Qs+5SG+IK9Jxm2OvpJY944xqNF5xbfP
vmxbgh8AW1RCTf1RJBaO7dp1vdmgXz0ljrW4XlKClxWaeAxh5czwXbk2yHRu7z1f
Kp7a2bHTx2ac95BWu5e4PHIjiOFTlAW0/hTuptzIZWiRGnnMy2uzdbgDiN7xmN4/
KjkfVahxsFKJ8K9u+ph5DyoiBJt5G146WWEofwLUnpErGHjfhzZHO9KXFwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBR2ouxCUZbUIctauGhmaAh2OJysMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvRkhhaTdFSlJsdFFoeTFxNGFHWm9DSFk0bkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATVyOAwQA
TVyRAwQATVyTAwQAvIS4AwQAvITSAwQAvITwAwQAvITyAwQA1EQwAwQA1EQ3MA0G
CSqGSIb3DQEBCwUAA4IBAQBHLFxLzsrAt2r2yiPZXzUh7OlmDSGYq1HBYlafkOtr
0P4lJQ/H/Gg5k2hos8zGhu4MeeZZJt7jOC0AxN0GQUdzdJrAZouqVf3g9nmzsR9P
VmO0/ujLZNw9KAJExunYqcU4dCb9psgH10LxD+QnWB2ay5obfg3NuDB/o2dwpD82
hphEjRt8A47W7TGNgUw3pNTEZN+Tm8lJzFoV/gRFIdwq46l9IXkPyO9BI8g+YV4a
Ee/88bccbw6H/DlNYu2FQJIHxL0TQ5sxjT0Zhske69IwPX7a4b0Hc7RoJefmIADd
QQxj3vwtGeWwbQb1adtqMJbfGnUQZwaYTpfQ5ohn6iAg
-----END CERTIFICATE-----
Generated at Wed Sep 13 21:54:10 2023 by rpki-client on console-fra.rpki-client.org