Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/yrDNSXL7LFWqcQHDJCxfq-HnxHM.roa
File: yrDNSXL7LFWqcQHDJCxfq-HnxHM.roa (raw, json)
Hash identifier: d0ZkUa/9bdiPELCDiJc/Oxfk18EllYjr/UxMaXd7F/Q=
Subject key identifier: CA:B0:CD:49:72:FB:2C:55:AA:71:01:C3:24:2C:5F:AB:E1:E7:C4:73
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018A64C5EEF3A4A9441C6A2C770B8E706B45
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/yrDNSXL7LFWqcQHDJCxfq-HnxHM.roa
Signing time: Tue 05 Sep 2023 09:56:47 +0000
ROA not before: Tue 05 Sep 2023 09:56:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 176.118.34.0/24 maxlen: 24
185.21.131.0/24 maxlen: 24
195.225.98.0/24 maxlen: 24
185.25.104.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:c5:ee:f3:a4:a9:44:1c:6a:2c:77:0b:8e:70:6b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Sep 5 09:56:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cab0cd4972fb2c55aa7101c3242c5fabe1e7c473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:28:b8:75:86:ad:11:07:4b:6b:4b:10:fd:
43:13:8b:b8:72:e4:e6:79:98:72:ce:c3:9a:1a:b8:
77:8d:f0:31:71:7d:a3:ec:b6:52:44:49:36:20:13:
7c:b4:3f:9d:3b:80:8e:72:26:cf:ad:94:7d:64:d4:
65:ea:d2:b9:d2:33:88:50:84:ff:e9:0b:0e:d3:8c:
4a:99:d1:c5:07:6b:7c:50:6c:df:c2:26:f2:b1:0c:
37:06:36:81:8a:76:75:25:85:66:26:bb:95:9c:a5:
98:d9:41:94:f0:f5:6a:7f:0c:c1:fe:9f:88:94:86:
e4:46:0f:0f:10:44:76:23:c8:c0:d7:3f:6e:d7:88:
7b:99:57:e0:bd:b9:14:e8:ea:5b:b4:44:be:d9:4b:
51:b9:30:0e:a5:ff:aa:dc:7a:eb:89:01:0c:fd:49:
c1:04:68:5f:a2:3d:8f:3d:e5:89:78:80:ed:85:9d:
67:19:45:f6:bf:4e:f3:7c:7b:b0:e9:74:9e:cf:51:
91:77:79:b9:f5:d6:0b:75:f2:6b:a6:03:f9:39:c0:
03:ee:c0:e8:47:bd:cb:ee:82:10:00:05:ba:dc:95:
22:d8:32:30:e0:14:7d:d1:0b:ba:e4:58:40:07:e5:
20:d6:e7:7a:cc:29:85:c0:b5:eb:86:c7:a2:ff:67:
92:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B0:CD:49:72:FB:2C:55:AA:71:01:C3:24:2C:5F:AB:E1:E7:C4:73
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/yrDNSXL7LFWqcQHDJCxfq-HnxHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.34.0/24
185.21.131.0/24
185.25.104.0/24
195.225.98.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:ce:f6:37:5a:22:40:db:c9:54:8c:03:26:8b:4b:3d:ef:ae:
8c:29:4a:f0:22:98:79:1a:78:d0:0c:bb:16:69:fd:da:11:81:
ec:8f:0d:46:05:e4:99:ac:61:90:83:29:b6:10:63:c2:66:8e:
da:34:ae:9e:d8:1d:c8:60:65:9a:07:0c:9f:bf:53:87:d7:4c:
12:06:2b:0a:ac:e2:11:27:65:2d:4a:d6:81:9b:0f:ad:11:a6:
c2:69:49:b7:fb:c5:47:91:7b:fa:a8:db:06:09:f9:ab:25:33:
5d:82:fd:2f:69:8d:e5:2d:0b:20:f5:9d:f7:62:33:fa:a2:f4:
ba:9c:f9:e3:c4:da:2e:dd:e9:45:88:63:4c:24:97:db:0f:92:
a5:a5:e8:62:15:23:e0:09:dd:2a:63:63:5c:7a:80:c0:3b:00:
13:db:33:70:14:1e:e2:b7:88:fb:2e:a7:74:ea:f4:d8:36:72:
f0:f5:d9:ed:0b:80:56:bf:1c:65:f4:08:f9:9a:99:9a:8f:14:
c3:49:2d:f0:cc:93:61:c5:43:f7:32:f9:a3:d1:43:a2:be:25:
c5:13:bf:ed:76:38:ab:7c:61:2b:ec:76:95:02:fa:36:ac:fe:
aa:8d:ca:b2:e7:83:15:d4:75:3a:64:75:35:d0:3f:02:c2:6e:
d5:97:d4:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpkxe7zpKlEHGosdwuOcGtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMwOTA1MDk1NjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIwY2Q0OTcyZmIyYzU1YWE3MTAxYzMyNDJjNWZhYmUxZTdjNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSAouHWGrREHS2tLEP1DE4u4cuTm
eZhyzsOaGrh3jfAxcX2j7LZSREk2IBN8tD+dO4COcibPrZR9ZNRl6tK50jOIUIT/
6QsO04xKmdHFB2t8UGzfwibysQw3BjaBinZ1JYVmJruVnKWY2UGU8PVqfwzB/p+I
lIbkRg8PEER2I8jA1z9u14h7mVfgvbkU6OpbtES+2UtRuTAOpf+q3HrriQEM/UnB
BGhfoj2PPeWJeIDthZ1nGUX2v07zfHuw6XSez1GRd3m59dYLdfJrpgP5OcAD7sDo
R73L7oIQAAW63JUi2DIw4BR90Qu65FhAB+Ug1ud6zCmFwLXrhsei/2eSewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMqwzUly+yxVqnEBwyQsX6vh58RzMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEveXJETlNYTDdMRldxY1FIREpDeGZxLUhueEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsHYiAwQA
uRWDAwQAuRloAwQAw+FiMA0GCSqGSIb3DQEBCwUAA4IBAQClzvY3WiJA28lUjAMm
i0s9766MKUrwIph5GnjQDLsWaf3aEYHsjw1GBeSZrGGQgym2EGPCZo7aNK6e2B3I
YGWaBwyfv1OH10wSBisKrOIRJ2UtStaBmw+tEabCaUm3+8VHkXv6qNsGCfmrJTNd
gv0vaY3lLQsg9Z33YjP6ovS6nPnjxNou3elFiGNMJJfbD5KlpehiFSPgCd0qY2Nc
eoDAOwAT2zNwFB7it4j7Lqd06vTYNnLw9dntC4BWvxxl9Aj5mpmajxTDSS3wzJNh
xUP3Mvmj0UOiviXFE7/tdjirfGEr7HaVAvo2rP6qjcqy54MV1HU6ZHU10D8Cwm7V
l9R+
-----END CERTIFICATE-----
Generated at Wed Oct 11 10:52:59 2023 by rpki-client on console-ams.rpki-client.org