Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/eHGaesVxeqMosgecReSho17A8Pk.roa
File: eHGaesVxeqMosgecReSho17A8Pk.roa (raw, json)
Hash identifier: 7wM0dBBmSItg63teh7brTurcugMBk9GnmjIUrmeYFSg=
Subject key identifier: 78:71:9A:7A:C5:71:7A:A3:28:B2:07:9C:45:E4:A1:A3:5E:C0:F0:F9
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018570CBD4D460729512C637EA24C0A4A98A
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/eHGaesVxeqMosgecReSho17A8Pk.roa
Signing time: Mon 02 Jan 2023 04:44:44 +0000
ROA not before: Mon 02 Jan 2023 04:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34950
IP address blocks: 193.44.172.0/22 maxlen: 24
193.44.76.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d4:d4:60:72:95:12:c6:37:ea:24:c0:a4:a9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 2 04:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78719a7ac5717aa328b2079c45e4a1a35ec0f0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:47:b1:fb:cb:c7:2c:23:ed:65:e4:57:ed:58:
20:73:9c:38:d7:b5:45:7b:61:29:f7:49:d5:2b:99:
45:52:3a:4a:6f:44:40:12:c0:96:bc:52:de:4f:09:
1c:83:3f:0b:6e:72:13:59:89:18:66:61:5c:19:cb:
1d:68:2e:bf:e1:bc:03:f6:e4:ea:3a:a2:fc:28:65:
f4:50:27:ce:81:1f:4c:a9:33:b0:15:cd:12:e3:3e:
3a:57:b2:e2:e8:ac:d5:9c:0c:3d:d8:c5:9f:2a:c5:
82:ca:d0:5a:ff:cb:a8:6b:3d:19:f0:02:fa:8c:59:
51:1c:ae:8f:37:1e:d0:98:7e:6d:c1:d2:ff:fb:78:
ec:29:cf:95:58:b2:fb:43:2d:5a:35:cc:7f:bd:ff:
40:e4:21:10:43:dd:3e:89:37:9e:33:4d:f6:6e:23:
80:5d:94:51:e6:96:30:7c:e6:c1:b9:13:ff:6a:0a:
4a:e1:c6:53:51:54:21:f4:2f:60:f0:0c:d4:7a:ff:
9a:e8:15:03:38:e7:23:94:15:b1:12:22:42:83:60:
0d:77:c8:0d:e6:ef:6f:c8:c7:6f:87:54:77:6b:06:
00:cc:14:74:51:59:bf:7e:7a:4c:a1:31:65:2b:97:
9b:c8:af:8f:89:bd:83:69:26:ae:06:d0:1b:b9:af:
5a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:71:9A:7A:C5:71:7A:A3:28:B2:07:9C:45:E4:A1:A3:5E:C0:F0:F9
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/eHGaesVxeqMosgecReSho17A8Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.44.76.0/22
193.44.172.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:8f:3a:7e:4b:01:f3:e5:5e:15:85:4b:29:50:fd:f7:53:69:
10:7c:28:05:36:c6:e3:a5:d9:9e:5a:05:ca:29:8e:f4:6a:27:
3d:3b:5e:b4:a6:33:dd:d0:e6:de:b4:22:39:c2:60:bc:e1:4b:
bf:dc:0b:e9:57:10:a7:34:39:d0:29:90:58:19:5f:3c:19:36:
7a:80:33:8a:75:96:3b:4b:1f:d6:ed:5b:7a:97:d9:c2:e1:d9:
d3:d4:62:d2:7c:9c:b5:e7:0c:28:00:00:24:5e:d4:44:07:87:
71:c9:0f:35:2a:13:e9:1b:3e:04:4a:8a:44:62:85:1f:9b:54:
8a:a7:0e:84:4e:74:89:b2:14:41:66:91:2b:35:b8:ff:f7:30:
fe:45:9a:2a:a5:e8:d8:cb:0c:70:11:6f:76:00:fd:40:23:94:
59:75:98:e3:21:02:a7:d8:2c:d0:44:7b:9f:c0:0d:e1:4e:4e:
a8:63:e6:b7:b4:ce:3c:de:82:e2:50:e2:8c:f8:7e:3e:7b:c1:
82:5d:fb:ca:d2:1c:ff:54:a6:e6:43:e2:ae:f8:84:14:93:f6:
59:a6:a2:c4:73:10:1a:a0:2e:fe:0c:9d:97:d0:b2:d7:6b:03:
f4:a2:78:c6:cd:7c:d1:a4:a0:b3:c2:e8:dd:95:68:e6:ff:b2:
91:f1:df:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwy9TUYHKVEsY36iTApKmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjMwMTAyMDQ0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODcxOWE3YWM1NzE3YWEzMjhiMjA3OWM0NWU0YTFhMzVlYzBmMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0ex+8vHLCPtZeRX7Vggc5w417VF
e2Ep90nVK5lFUjpKb0RAEsCWvFLeTwkcgz8LbnITWYkYZmFcGcsdaC6/4bwD9uTq
OqL8KGX0UCfOgR9MqTOwFc0S4z46V7Li6KzVnAw92MWfKsWCytBa/8uoaz0Z8AL6
jFlRHK6PNx7QmH5twdL/+3jsKc+VWLL7Qy1aNcx/vf9A5CEQQ90+iTeeM032biOA
XZRR5pYwfObBuRP/agpK4cZTUVQh9C9g8AzUev+a6BUDOOcjlBWxEiJCg2ANd8gN
5u9vyMdvh1R3awYAzBR0UVm/fnpMoTFlK5ebyK+Pib2DaSauBtAbua9aSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHhxmnrFcXqjKLIHnEXkoaNewPD5MB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvZUhHYWVzVnhlcU1vc2dlY1JlU2hvMTdBOFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwSxMAwQC
wSysMA0GCSqGSIb3DQEBCwUAA4IBAQCejzp+SwHz5V4VhUspUP33U2kQfCgFNsbj
pdmeWgXKKY70aic9O160pjPd0ObetCI5wmC84Uu/3AvpVxCnNDnQKZBYGV88GTZ6
gDOKdZY7Sx/W7Vt6l9nC4dnT1GLSfJy15wwoAAAkXtREB4dxyQ81KhPpGz4ESopE
YoUfm1SKpw6ETnSJshRBZpErNbj/9zD+RZoqpejYywxwEW92AP1AI5RZdZjjIQKn
2CzQRHufwA3hTk6oY+a3tM483oLiUOKM+H4+e8GCXfvK0hz/VKbmQ+Ku+IQUk/ZZ
pqLEcxAaoC7+DJ2X0LLXawP0onjGzXzRpKCzwujdlWjm/7KR8d+p
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:41 2024 by rpki-client on console-ams.rpki-client.org