Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/4E3DWurWTWzk3Imgm9m5msN3W78.roa
File: 4E3DWurWTWzk3Imgm9m5msN3W78.roa (raw, json)
Hash identifier: KEFkzNCMMl/rM9FwT/eXs9BHgs+ZPANx1+L8s2WK3Cs=
Subject key identifier: E0:4D:C3:5A:EA:D6:4D:6C:E4:DC:89:A0:9B:D9:B9:9A:C3:77:5B:BF
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 018C81693A1843C86192909966C621EBAB89
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/4E3DWurWTWzk3Imgm9m5msN3W78.roa
Signing time: Tue 19 Dec 2023 09:30:06 +0000
ROA not before: Tue 19 Dec 2023 09:30:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21343
IP address blocks: 195.234.112.0/22 maxlen: 24
91.223.19.0/24 maxlen: 24
2a02:2278:ff00::/40 maxlen: 56
2a02:2278:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:69:3a:18:43:c8:61:92:90:99:66:c6:21:eb:ab:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Dec 19 09:30:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e04dc35aead64d6ce4dc89a09bd9b99ac3775bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8f:9a:ba:93:4f:c1:3c:04:81:53:4e:30:2e:
9f:68:24:ff:bf:94:fa:66:3a:b1:d8:85:45:29:05:
60:eb:a8:a0:ee:0b:90:c2:c3:6d:40:b5:f1:b5:5c:
55:85:22:84:ab:7e:c2:02:c9:2f:13:b6:62:cc:ae:
d2:46:c9:f1:95:ff:e0:46:48:71:b5:ae:13:96:88:
6f:04:eb:3e:44:94:a3:00:b4:f8:c9:0c:ff:11:87:
0e:67:9f:a0:92:1d:a8:cb:38:d6:58:d3:19:bb:a7:
08:b2:77:5c:34:10:20:b3:9e:fb:0d:6d:8b:1f:51:
63:90:86:d6:e2:19:5c:a2:bf:7b:50:6d:96:a5:02:
cb:26:5a:20:48:e6:4d:d5:0b:25:2d:d7:cf:56:8b:
35:6f:5c:d7:eb:89:5a:e4:ad:f1:b9:72:12:ea:2c:
a8:ab:1d:7f:0d:b6:60:40:0f:88:78:c8:0b:ba:77:
c6:da:4e:02:2d:83:45:23:97:98:84:a1:fd:20:d2:
fa:81:18:31:0c:bb:74:59:3a:4c:e3:01:1d:46:69:
3f:ba:88:0b:a5:fe:24:d6:f8:00:ad:67:93:ef:14:
da:94:9f:f3:9c:b0:c2:ed:1b:d2:64:83:9f:54:79:
0d:b0:77:39:2b:82:e6:a5:20:b5:4b:70:3c:a9:6c:
e3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4D:C3:5A:EA:D6:4D:6C:E4:DC:89:A0:9B:D9:B9:9A:C3:77:5B:BF
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/4E3DWurWTWzk3Imgm9m5msN3W78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.19.0/24
195.234.112.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
7d:30:fa:d0:c4:7f:a4:cd:8c:23:66:34:5b:44:92:07:c6:55:
e9:fb:b2:e2:d0:b1:78:85:18:90:42:2a:60:cf:07:70:12:76:
30:0a:96:ad:d8:c2:bc:0d:4f:b8:42:3a:70:d1:7f:11:9c:43:
11:36:e8:32:4c:23:ae:db:d1:50:bd:43:57:f7:64:1c:53:39:
e8:11:b5:dc:b2:09:fd:81:ea:51:11:b5:1a:04:da:54:cb:88:
07:6d:b2:fc:84:d6:9e:90:38:56:a3:7f:8f:66:fd:70:45:56:
84:f3:55:52:a1:99:3d:8b:0f:7e:ba:95:45:5f:9b:f5:4b:fd:
40:17:2a:db:24:67:a8:0a:e0:96:b0:d9:b8:b2:b6:3f:d3:67:
1a:06:dd:8d:38:12:07:fc:55:ed:ce:9c:26:c9:d6:e0:21:00:
7d:43:bd:3c:38:76:ed:d7:47:18:43:2c:03:e9:5a:03:5b:d6:
24:90:83:bc:08:04:be:bf:d2:09:09:a2:c1:23:d0:e9:9a:ba:
1b:25:0a:d5:07:6c:c7:b3:aa:67:27:93:b4:a6:ce:ae:51:54:
1e:6d:ff:50:c2:89:19:9b:35:92:03:a0:d5:8f:9f:cd:dd:3e:
3b:28:14:3e:6c:bf:53:e4:89:ad:7d:d8:c8:16:ce:b7:5c:65:
50:ca:56:18
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYyBaToYQ8hhkpCZZsYh66uJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMxMjE5MDkzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDRkYzM1YWVhZDY0ZDZjZTRkYzg5YTA5YmQ5Yjk5YWMzNzc1YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho+aupNPwTwEgVNOMC6faCT/v5T6
Zjqx2IVFKQVg66ig7guQwsNtQLXxtVxVhSKEq37CAskvE7ZizK7SRsnxlf/gRkhx
ta4TlohvBOs+RJSjALT4yQz/EYcOZ5+gkh2oyzjWWNMZu6cIsndcNBAgs577DW2L
H1FjkIbW4hlcor97UG2WpQLLJlogSOZN1QslLdfPVos1b1zX64la5K3xuXIS6iyo
qx1/DbZgQA+IeMgLunfG2k4CLYNFI5eYhKH9INL6gRgxDLt0WTpM4wEdRmk/uogL
pf4k1vgArWeT7xTalJ/znLDC7RvSZIOfVHkNsHc5K4LmpSC1S3A8qWzjxwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOBNw1rq1k1s5NyJoJvZuZrDd1u/MB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvNEUzRFd1cldUV3prM0ltZ205bTVtc04zVzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAW98TAwQC
w+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEAfTD60MR/pM2M
I2Y0W0SSB8ZV6fuy4tCxeIUYkEIqYM8HcBJ2MAqWrdjCvA1PuEI6cNF/EZxDETbo
MkwjrtvRUL1DV/dkHFM56BG13LIJ/YHqURG1GgTaVMuIB22y/ITWnpA4VqN/j2b9
cEVWhPNVUqGZPYsPfrqVRV+b9Uv9QBcq2yRnqArglrDZuLK2P9NnGgbdjTgSB/xV
7c6cJsnW4CEAfUO9PDh27ddHGEMsA+laA1vWJJCDvAgEvr/SCQmiwSPQ6Zq6GyUK
1Qdsx7OqZyeTtKbOrlFUHm3/UMKJGZs1kgOg1Y+fzd0+OygUPmy/U+SJrX3YyBbO
t1xlUMpWGA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:01 2024 by rpki-client on console-fra.rpki-client.org