Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/y1dQiY52sPB7ngXAFysD9A_vE2c.roa
File: y1dQiY52sPB7ngXAFysD9A_vE2c.roa (raw, json)
Hash identifier: lGeJG7qbx/A6YbTx7uwDEOTAX4TFUQBuWqykQQysLgs=
Subject key identifier: CB:57:50:89:8E:76:B0:F0:7B:9E:05:C0:17:2B:03:F4:0F:EF:13:67
Certificate issuer: /CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Certificate serial: 0187374E599D719310FD78399B3325C5BF79
Authority key identifier: 70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/y1dQiY52sPB7ngXAFysD9A_vE2c.roa
Signing time: Fri 31 Mar 2023 10:54:54 +0000
ROA not before: Fri 31 Mar 2023 10:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49825
IP address blocks: 195.211.76.0/22 maxlen: 24
194.165.0.0/24 maxlen: 24
194.165.1.0/24 maxlen: 24
193.19.82.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:4e:59:9d:71:93:10:fd:78:39:9b:33:25:c5:bf:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Validity
Not Before: Mar 31 10:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb5750898e76b0f07b9e05c0172b03f40fef1367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4c:62:07:ef:04:fb:58:bf:dd:70:13:06:31:
7c:74:e0:82:c7:81:af:9b:43:cd:86:86:1d:6e:99:
05:5b:cd:44:15:f3:ef:0f:f9:a1:9a:08:ce:13:64:
46:03:20:c2:79:17:fe:54:a1:99:86:ac:5d:7f:18:
ba:86:49:8b:06:2e:28:8d:eb:c0:9f:66:f8:39:da:
4f:b9:82:90:b8:27:e4:95:85:31:72:7b:6e:38:c4:
0c:9a:76:16:3a:c8:86:b9:dd:bd:09:3f:00:40:8b:
1f:0c:50:21:86:9b:19:eb:85:6c:34:dd:28:07:42:
0e:e0:02:30:93:38:9e:ae:07:21:98:26:56:c4:7e:
24:30:ff:0d:7b:88:69:06:f1:40:b6:77:4b:16:d9:
16:06:bf:a4:7b:5e:58:43:c2:c0:7d:fb:2b:6c:14:
20:44:d7:94:d4:f5:8a:14:02:3f:86:a6:27:31:68:
b7:a6:92:65:84:77:59:90:17:b6:17:b1:40:03:bf:
a5:80:33:8a:2b:8f:7d:e9:34:2d:61:e9:de:33:7b:
72:80:78:a1:e9:be:7e:0e:b8:ee:0c:f3:9d:0d:84:
e2:b0:4f:7a:16:74:f8:37:80:0a:46:fa:aa:7b:8b:
23:59:d9:83:73:f8:f7:00:53:bf:7d:81:45:c0:e3:
cb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:57:50:89:8E:76:B0:F0:7B:9E:05:C0:17:2B:03:F4:0F:EF:13:67
X509v3 Authority Key Identifier:
keyid:70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/y1dQiY52sPB7ngXAFysD9A_vE2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.82.0/23
194.165.0.0/23
195.211.76.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:84:df:8f:c5:b4:dd:d4:4d:b5:31:d0:d9:78:a3:08:7d:38:
f3:09:0c:f1:3d:1c:15:80:1c:81:70:00:ca:e4:49:2f:2d:05:
12:ed:25:ea:67:3a:0d:23:9d:7a:c0:42:2f:35:2e:04:99:1b:
18:42:83:84:83:21:55:b2:a8:7a:f9:d8:81:5c:22:7d:23:ea:
cb:93:ca:97:89:b9:21:b3:94:a4:05:b8:14:b5:f2:cf:3a:a4:
f2:35:01:d0:27:77:8b:89:a2:b0:ea:b3:1e:8c:0b:f4:dc:0c:
59:fc:61:fa:6b:e3:7e:d7:25:b6:b6:57:ca:c8:d5:3c:b4:a9:
1d:4b:88:50:40:50:ae:a5:fb:6d:3f:09:33:bb:8c:2e:46:21:
40:62:82:64:14:c4:6c:64:04:a5:c1:9a:44:a4:41:43:62:8f:
c6:e3:e2:aa:85:59:f2:f7:af:99:85:8a:45:49:16:f3:b5:3d:
58:b2:f2:70:e4:f1:fd:b4:e3:70:35:4d:d4:c3:3a:9f:16:05:
c8:ec:d9:dc:a5:8c:14:13:76:e9:9b:38:da:af:87:b3:cb:f0:
b9:e4:f9:40:4c:16:2c:04:86:0a:fe:cd:1b:64:f7:2f:75:bf:
64:0e:f0:62:7d:8d:11:cd:8e:28:1f:14:03:2f:12:b9:e9:37:
b4:f6:37:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYc3TlmdcZMQ/Xg5mzMlxb95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWViNmVhYWE0OWRkNmI0ODNlMDRiMTQzNGU0ZGFjNzll
ZDlkMzEwHhcNMjMwMzMxMTA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjU3NTA4OThlNzZiMGYwN2I5ZTA1YzAxNzJiMDNmNDBmZWYxMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUxiB+8E+1i/3XATBjF8dOCCx4Gv
m0PNhoYdbpkFW81EFfPvD/mhmgjOE2RGAyDCeRf+VKGZhqxdfxi6hkmLBi4ojevA
n2b4OdpPuYKQuCfklYUxcntuOMQMmnYWOsiGud29CT8AQIsfDFAhhpsZ64VsNN0o
B0IO4AIwkziergchmCZWxH4kMP8Ne4hpBvFAtndLFtkWBr+ke15YQ8LAffsrbBQg
RNeU1PWKFAI/hqYnMWi3ppJlhHdZkBe2F7FAA7+lgDOKK4996TQtYeneM3tygHih
6b5+DrjuDPOdDYTisE96FnT4N4AKRvqqe4sjWdmDc/j3AFO/fYFFwOPL+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMtXUImOdrDwe54FwBcrA/QP7xNnMB8GA1UdIwQY
MBaAFHCetuqqSd1rSD4EsUNOTax57Z0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAt
OWY2ZmEwZTFhNWE1LzEveTFkUWlZNTJzUEI3bmdYQUZ5c0Q5QV92RTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAtOWY2ZmEwZTFhNWE1
LzEvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwRNSAwQB
wqUAAwQCw9NMMA0GCSqGSIb3DQEBCwUAA4IBAQB9hN+PxbTd1E21MdDZeKMIfTjz
CQzxPRwVgByBcADK5EkvLQUS7SXqZzoNI516wEIvNS4EmRsYQoOEgyFVsqh6+diB
XCJ9I+rLk8qXibkhs5SkBbgUtfLPOqTyNQHQJ3eLiaKw6rMejAv03AxZ/GH6a+N+
1yW2tlfKyNU8tKkdS4hQQFCupfttPwkzu4wuRiFAYoJkFMRsZASlwZpEpEFDYo/G
4+KqhVny96+ZhYpFSRbztT1YsvJw5PH9tONwNU3UwzqfFgXI7NncpYwUE3bpmzja
r4ezy/C55PlATBYsBIYK/s0bZPcvdb9kDvBifY0RzY4oHxQDLxK56Te09jf3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org