Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/1-4pEDnyta3gDuI15m_5HJGnpqeQ.roa
File: 1-4pEDnyta3gDuI15m_5HJGnpqeQ.roa (raw, json)
Hash identifier: rpATbllH7JVJFkSzb2VoFJvOiMzZc8/cQqB70fvNWVk=
Subject key identifier: FB:8A:44:0E:7C:AD:6B:78:03:B8:8D:79:9B:FE:47:24:69:E9:A9:E4
Certificate issuer: /CN=ef7dd1ebee513ffa318cdc88b81ac18cfe726b30
Certificate serial: 01856D6634EC17B0388B9B4BD24D0B780197
Authority key identifier: EF:7D:D1:EB:EE:51:3F:FA:31:8C:DC:88:B8:1A:C1:8C:FE:72:6B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/733R6-5RP_oxjNyIuBrBjP5yazA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/1-4pEDnyta3gDuI15m_5HJGnpqeQ.roa
Signing time: Sun 01 Jan 2023 12:54:52 +0000
ROA not before: Sun 01 Jan 2023 12:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30972
IP address blocks: 141.138.88.0/21 maxlen: 21
193.22.143.0/24 maxlen: 24
193.242.217.0/24 maxlen: 24
195.88.194.0/23 maxlen: 23
185.97.184.0/22 maxlen: 22
2a0a:21c0::/29 maxlen: 29
2a01:a580::/32 maxlen: 32
2a01:a580::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:34:ec:17:b0:38:8b:9b:4b:d2:4d:0b:78:01:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7dd1ebee513ffa318cdc88b81ac18cfe726b30
Validity
Not Before: Jan 1 12:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb8a440e7cad6b7803b88d799bfe472469e9a9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c0:65:51:6a:bd:f6:74:1b:4a:e8:07:eb:ca:
a0:35:21:80:26:e8:39:d1:04:82:3d:01:05:05:1f:
ac:6a:86:be:ef:df:6d:6d:bb:c2:4c:97:aa:e6:d8:
80:fe:82:73:b2:74:35:ca:7f:17:39:ad:67:10:5f:
56:6e:59:72:d8:61:71:bc:e5:f3:bc:0b:ff:34:36:
65:86:65:6e:9d:20:8a:07:d3:ba:b0:b0:12:44:de:
b1:83:da:e7:1b:da:c4:35:29:bd:24:8f:49:3e:0f:
a0:a0:32:58:60:b6:0e:87:5e:07:8d:8e:f6:77:a3:
d6:44:34:98:7f:e9:ce:09:7f:4f:eb:04:c9:eb:1b:
2c:ce:49:f8:7d:d3:cf:dd:3d:d1:61:53:54:48:f3:
d5:e9:55:ee:8e:14:6e:9b:07:a9:09:64:21:c7:52:
c2:75:f0:3d:da:f6:4a:6b:47:85:99:14:6a:0e:a4:
8e:7f:51:d9:2c:c7:52:ef:3f:3d:16:1e:6c:c0:07:
11:9c:96:7e:0b:84:0e:19:50:d2:eb:86:64:8a:92:
84:98:1d:03:c4:ef:5c:06:70:13:15:0d:90:43:02:
32:d7:81:92:f4:b1:79:e3:62:10:ea:67:76:b4:2f:
02:c6:ac:2b:a3:2b:ac:2e:ff:79:39:85:41:03:5e:
2a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8A:44:0E:7C:AD:6B:78:03:B8:8D:79:9B:FE:47:24:69:E9:A9:E4
X509v3 Authority Key Identifier:
keyid:EF:7D:D1:EB:EE:51:3F:FA:31:8C:DC:88:B8:1A:C1:8C:FE:72:6B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/733R6-5RP_oxjNyIuBrBjP5yazA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/1-4pEDnyta3gDuI15m_5HJGnpqeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/733R6-5RP_oxjNyIuBrBjP5yazA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.88.0/21
185.97.184.0/22
193.22.143.0/24
193.242.217.0/24
195.88.194.0/23
IPv6:
2a01:a580::/29
2a0a:21c0::/29
Signature Algorithm: sha256WithRSAEncryption
ba:00:2c:e4:83:08:e9:20:02:53:f7:e9:a7:90:0f:3e:d5:89:
6b:9f:ee:a4:fc:53:fa:2c:b3:05:63:29:9d:02:ec:5c:1b:83:
2f:fb:cd:c3:c5:eb:a7:db:69:7d:98:55:81:82:8b:b7:37:95:
54:b8:c8:ac:a6:ef:50:59:65:03:0c:89:d6:bd:ae:dc:30:7a:
c4:ae:50:f5:c1:b2:8f:ae:b5:56:23:1c:c3:66:ed:ef:22:d4:
9d:e3:c4:5e:e9:20:c9:e3:77:3c:7c:6f:89:39:63:cb:61:3b:
0d:73:5e:92:59:85:bf:dd:81:7e:e1:24:c3:5a:ef:4e:32:35:
37:66:95:03:c8:28:7c:fa:a6:0a:e9:d7:89:eb:1e:09:2a:cd:
34:46:a3:83:4c:e3:a1:65:29:60:03:44:89:ed:4b:4c:99:6a:
cd:c0:47:97:20:28:2d:dc:0d:83:53:8d:1a:5c:97:6d:eb:d8:
98:bc:01:57:d5:bc:db:aa:59:2a:26:a2:c6:33:16:00:ca:ec:
0d:c5:71:38:1a:94:49:99:88:17:8b:ee:f9:48:71:e3:8b:8e:
7e:23:5e:e9:c9:af:d0:b9:bc:51:8d:2d:cc:88:81:61:db:82:
da:61:cf:ad:94:12:31:96:05:8c:81:35:81:50:c9:8d:d6:b0:
1e:83:2a:f4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVtZjTsF7A4i5tL0k0LeAGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2RkMWViZWU1MTNmZmEzMThjZGM4OGI4MWFjMThjZmU3
MjZiMzAwHhcNMjMwMTAxMTI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjhhNDQwZTdjYWQ2Yjc4MDNiODhkNzk5YmZlNDcyNDY5ZTlhOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8BlUWq99nQbSugH68qgNSGAJug5
0QSCPQEFBR+saoa+799tbbvCTJeq5tiA/oJzsnQ1yn8XOa1nEF9Wblly2GFxvOXz
vAv/NDZlhmVunSCKB9O6sLASRN6xg9rnG9rENSm9JI9JPg+goDJYYLYOh14HjY72
d6PWRDSYf+nOCX9P6wTJ6xsszkn4fdPP3T3RYVNUSPPV6VXujhRumwepCWQhx1LC
dfA92vZKa0eFmRRqDqSOf1HZLMdS7z89Fh5swAcRnJZ+C4QOGVDS64ZkipKEmB0D
xO9cBnATFQ2QQwIy14GS9LF542IQ6md2tC8CxqwroyusLv95OYVBA14qmwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPuKRA58rWt4A7iNeZv+RyRp6ankMB8GA1UdIwQY
MBaAFO990evuUT/6MYzciLgawYz+cmswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzMzUjYtNVJQX294ak55SXVCckJqUDV5YXpBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mOWVlNmQtNzY0MC00ZTNkLTliNDUt
ZTU2ZmVjYTYxMmU3LzEvMS00cEVEbnl0YTNnRHVJMTVtXzVISkducHFlUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTQvZjllZTZkLTc2NDAtNGUzZC05YjQ1LWU1NmZlY2E2MTJl
Ny8xLzczM1I2LTVSUF9veGpOeUl1QnJCalA1eWF6QS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBNBggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEA42KWAME
ArlhuAMEAMEWjwMEAMHy2QMEAcNYwjAUBAIAAjAOAwUDKgGlgAMFAyoKIcAwDQYJ
KoZIhvcNAQELBQADggEBALoALOSDCOkgAlP36aeQDz7ViWuf7qT8U/osswVjKZ0C
7Fwbgy/7zcPF66fbaX2YVYGCi7c3lVS4yKym71BZZQMMida9rtwwesSuUPXBso+u
tVYjHMNm7e8i1J3jxF7pIMnjdzx8b4k5Y8thOw1zXpJZhb/dgX7hJMNa704yNTdm
lQPIKHz6pgrp14nrHgkqzTRGo4NM46FlKWADRIntS0yZas3AR5cgKC3cDYNTjRpc
l23r2Ji8AVfVvNuqWSomosYzFgDK7A3FcTgalEmZiBeL7vlIceOLjn4jXunJr9C5
vFGNLcyIgWHbgtphz62UEjGWBYyBNYFQyY3WsB6DKvQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:21 2024 by rpki-client on console-ams.rpki-client.org