Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/mO5x0EcAqM1NktGBT8IdCZAyoEw.roa
File: mO5x0EcAqM1NktGBT8IdCZAyoEw.roa (raw, json)
Hash identifier: Ivixqm+c3q8r9C2imoyZfgOqyN96ZQhvfuvZIy/TdGo=
Subject key identifier: 98:EE:71:D0:47:00:A8:CD:4D:92:D1:81:4F:C2:1D:09:90:32:A0:4C
Certificate issuer: /CN=e4cc76e3b5477ffd42a0fe4b8c783aad2f96fe70
Certificate serial: 018BD6F7F90DCECAF9E71065C733E3B2775F
Authority key identifier: E4:CC:76:E3:B5:47:7F:FD:42:A0:FE:4B:8C:78:3A:AD:2F:96:FE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/mO5x0EcAqM1NktGBT8IdCZAyoEw.roa
Signing time: Thu 16 Nov 2023 07:10:57 +0000
ROA not before: Thu 16 Nov 2023 07:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 193.0.178.0/24 maxlen: 24
193.0.179.0/24 maxlen: 24
185.149.194.0/24 maxlen: 24
2a0b:9080:2::/48 maxlen: 48
2a0b:9080::/48 maxlen: 48
2a0b:9080:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:f7:f9:0d:ce:ca:f9:e7:10:65:c7:33:e3:b2:77:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4cc76e3b5477ffd42a0fe4b8c783aad2f96fe70
Validity
Not Before: Nov 16 07:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98ee71d04700a8cd4d92d1814fc21d099032a04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b0:b5:5e:29:99:ce:aa:49:36:7d:bf:1f:01:
ef:19:56:24:7c:9c:14:14:bf:a8:9a:ad:c8:ac:1f:
b3:3c:24:18:d4:9e:99:6f:da:4b:89:38:01:52:b9:
db:c4:0d:86:9f:53:ce:37:7b:b9:39:25:f6:aa:7a:
12:c8:be:66:b2:97:0e:1a:a6:b3:2d:74:13:f9:c6:
78:3e:e3:55:b0:4b:14:f9:ae:8c:df:33:ee:7a:63:
3d:89:db:78:b4:8a:77:7e:73:26:1b:e3:6c:74:ea:
a8:86:37:ef:1c:ec:03:71:98:63:ac:aa:10:d6:13:
29:76:75:f5:39:60:69:5b:85:59:a6:fd:d4:b5:46:
54:55:50:e3:5a:30:10:e8:56:6f:cc:bc:c3:ed:2e:
4d:13:ea:4e:8b:bc:55:a0:59:ca:2f:ea:f6:0d:9f:
83:eb:27:77:a3:8a:67:d9:48:31:51:95:fe:70:33:
4b:68:27:0b:5c:d6:ea:4b:f7:2b:6e:39:bf:5b:17:
a0:c7:ac:f5:65:fc:17:74:80:d5:ad:5e:75:b9:22:
b3:9c:c0:91:d4:f1:63:d0:e0:19:1f:bc:ba:7c:9d:
12:69:9b:57:2c:08:ed:0d:28:50:f7:9a:e7:d1:dc:
c5:24:26:fc:3c:d6:35:cc:db:77:4f:a5:1b:f4:8f:
30:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EE:71:D0:47:00:A8:CD:4D:92:D1:81:4F:C2:1D:09:90:32:A0:4C
X509v3 Authority Key Identifier:
keyid:E4:CC:76:E3:B5:47:7F:FD:42:A0:FE:4B:8C:78:3A:AD:2F:96:FE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/mO5x0EcAqM1NktGBT8IdCZAyoEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/5Mx247VHf_1CoP5LjHg6rS-W_nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.194.0/24
193.0.178.0/23
IPv6:
2a0b:9080::-2a0b:9080:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:30:1e:8f:e4:6f:7d:7c:e1:94:19:93:1f:95:15:ce:8b:9d:
38:37:a0:51:1e:d4:a7:0b:1b:78:a1:a8:04:bf:1c:39:a8:0b:
36:dc:75:b2:09:a8:6d:03:e4:a8:dc:e1:81:a8:22:cc:fa:bf:
c8:fe:df:4f:e8:89:b6:7d:72:75:72:de:ff:5d:40:26:68:9d:
da:f5:25:bc:9e:58:b3:af:a0:16:69:a9:f5:1d:a8:af:37:f3:
39:a0:42:8b:5e:5d:c6:a8:d9:f7:e3:a3:21:e4:16:19:72:b6:
90:67:ca:82:90:18:0b:7e:a1:47:b0:06:42:f5:11:e6:c9:c7:
2b:2d:7b:59:c3:ec:1e:2f:85:aa:4a:cf:cd:4a:33:f0:8e:b3:
58:b3:17:f3:45:16:2c:ca:a1:68:6c:6f:e3:e4:15:bc:e0:d0:
f1:de:1b:4a:66:43:14:91:3e:36:02:8e:ad:d4:c8:95:78:61:
f3:9f:fc:4b:e6:eb:fd:ad:bc:5e:7f:b9:b6:63:df:4a:1e:63:
3e:43:a9:bb:59:6d:81:04:1c:c9:46:7e:23:26:aa:b7:7b:08:
02:55:f5:0e:f4:19:55:2e:b8:07:71:f7:25:d1:78:52:01:50:
d4:24:e0:c8:c1:f0:8d:91:60:5c:5b:3c:07:f5:2a:e5:30:9c:
c7:cc:b4:ab
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYvW9/kNzsr55xBlxzPjsndfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Y2M3NmUzYjU0NzdmZmQ0MmEwZmU0YjhjNzgzYWFkMmY5
NmZlNzAwHhcNMjMxMTE2MDcxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGVlNzFkMDQ3MDBhOGNkNGQ5MmQxODE0ZmMyMWQwOTkwMzJhMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbC1XimZzqpJNn2/HwHvGVYkfJwU
FL+omq3IrB+zPCQY1J6Zb9pLiTgBUrnbxA2Gn1PON3u5OSX2qnoSyL5mspcOGqaz
LXQT+cZ4PuNVsEsU+a6M3zPuemM9idt4tIp3fnMmG+NsdOqohjfvHOwDcZhjrKoQ
1hMpdnX1OWBpW4VZpv3UtUZUVVDjWjAQ6FZvzLzD7S5NE+pOi7xVoFnKL+r2DZ+D
6yd3o4pn2UgxUZX+cDNLaCcLXNbqS/crbjm/Wxegx6z1ZfwXdIDVrV51uSKznMCR
1PFj0OAZH7y6fJ0SaZtXLAjtDShQ95rn0dzFJCb8PNY1zNt3T6Ub9I8wsQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJjucdBHAKjNTZLRgU/CHQmQMqBMMB8GA1UdIwQY
MBaAFOTMduO1R3/9QqD+S4x4Oq0vlv5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU14MjQ3VkhmXzFDb1A1TGpIZzZyUy1XX25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81Zjg4ODEtOGE0NC00ODQyLTgwMDkt
MTE2NWQxZDE1NjRmLzEvbU81eDBFY0FxTTFOa3RHQlQ4SWRDWkF5b0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81Zjg4ODEtOGE0NC00ODQyLTgwMDktMTE2NWQxZDE1NjRm
LzEvNU14MjQ3VkhmXzFDb1A1TGpIZzZyUy1XX25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuZXCAwQB
wQCyMBgEAgACMBIwEAMFByoLkIADBwAqC5CAAAIwDQYJKoZIhvcNAQELBQADggEB
AHQwHo/kb3184ZQZkx+VFc6LnTg3oFEe1KcLG3ihqAS/HDmoCzbcdbIJqG0D5Kjc
4YGoIsz6v8j+30/oibZ9cnVy3v9dQCZondr1JbyeWLOvoBZpqfUdqK838zmgQote
Xcao2ffjoyHkFhlytpBnyoKQGAt+oUewBkL1EebJxyste1nD7B4vhapKz81KM/CO
s1izF/NFFizKoWhsb+PkFbzg0PHeG0pmQxSRPjYCjq3UyJV4YfOf/Evm6/2tvF5/
ubZj30oeYz5DqbtZbYEEHMlGfiMmqrd7CAJV9Q70GVUuuAdx9yXReFIBUNQk4MjB
8I2RYFxbPAf1KuUwnMfMtKs=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:11 2024 by rpki-client on console-fra.rpki-client.org