Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/eB9NmwN_llM4eLXGQxxKpwUR-a0.roa
File: eB9NmwN_llM4eLXGQxxKpwUR-a0.roa (raw, json)
Hash identifier: cY6ggqMSmKymO4co3KswrW1pZmARRBY+jdDzfjytl/k=
Subject key identifier: 78:1F:4D:9B:03:7F:96:53:38:78:B5:C6:43:1C:4A:A7:05:11:F9:AD
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 0189C11669FCA7AFE5FBB7D801EC6FED7DA9
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/eB9NmwN_llM4eLXGQxxKpwUR-a0.roa
Signing time: Fri 04 Aug 2023 15:06:58 +0000
ROA not before: Fri 04 Aug 2023 15:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40994
IP address blocks: 46.102.157.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
193.219.97.0/24 maxlen: 24
31.14.17.0/24 maxlen: 24
94.177.8.0/23 maxlen: 24
86.106.182.0/23 maxlen: 24
2a0d:f302::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c1:16:69:fc:a7:af:e5:fb:b7:d8:01:ec:6f:ed:7d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Aug 4 15:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=781f4d9b037f96533878b5c6431c4aa70511f9ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3e:b8:44:9b:c1:69:ab:43:77:c1:7e:60:25:
43:a2:da:15:01:59:22:41:c2:2d:36:99:b5:db:e1:
27:fe:13:0a:42:6f:f0:ee:7e:f8:be:75:d4:8a:9e:
b3:d1:e3:7a:ec:7f:cc:a4:67:d5:d9:06:ed:ed:b3:
00:eb:eb:d0:f9:85:af:e2:97:17:c7:c6:e2:45:d3:
a2:cb:a2:ea:c4:c1:49:72:72:f2:ae:2b:e8:a5:b2:
31:0a:ee:ee:b7:c8:44:1f:d0:f9:8a:1c:a8:35:cc:
7e:b2:4e:13:64:b8:92:5b:17:db:1d:5c:1f:05:fe:
c3:e4:57:5a:93:34:89:4f:c7:61:b9:f1:c2:b1:10:
90:38:78:e5:58:d7:d8:a6:79:33:f4:b4:80:6a:89:
1a:a1:30:bd:95:38:e9:af:53:96:6f:b4:a5:ce:ec:
be:47:1b:21:c2:aa:88:8e:5e:13:79:a9:65:1e:15:
d8:ac:58:2a:d8:af:d1:d9:c9:5b:cc:9c:d4:15:65:
bc:bb:b6:39:1f:cc:22:97:32:2d:20:c0:c9:c2:15:
df:47:3e:54:90:ba:db:ed:cd:5f:38:b5:6a:a3:95:
f6:20:70:08:7a:ea:03:dc:3c:88:11:c5:d4:f3:9f:
56:8d:f0:30:79:3f:32:0a:d5:13:a2:df:76:68:2c:
f8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:1F:4D:9B:03:7F:96:53:38:78:B5:C6:43:1C:4A:A7:05:11:F9:AD
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/eB9NmwN_llM4eLXGQxxKpwUR-a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
86.106.182.0/23
94.177.8.0/23
193.219.97.0/24
IPv6:
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
17:60:0c:e4:fe:b3:a3:fd:b5:b4:35:c9:ea:f4:ea:04:5e:b2:
95:f5:9f:cf:08:3d:40:69:b4:1b:c7:00:46:d4:f1:8d:d9:f4:
64:a2:83:cc:f6:0e:bc:96:44:00:bc:0a:64:de:2e:e6:c0:f7:
24:26:08:17:10:d1:4e:1b:8f:eb:6e:8d:e6:5d:78:88:9a:28:
c5:51:9d:f1:07:54:85:fa:86:52:84:89:fc:37:8a:d0:6d:d2:
ba:d4:fb:6a:b3:b8:10:2f:f0:37:a6:3d:6c:71:00:ae:a3:f4:
84:d6:f0:02:91:a3:03:09:b9:95:08:c3:33:d7:04:a1:c8:7e:
1c:e5:c2:7d:a4:a0:46:d4:77:bb:74:98:6d:cd:c0:dc:61:d5:
79:7d:10:25:da:dd:f5:4e:f1:14:89:af:2c:b4:e7:5a:fc:59:
a3:f7:6c:c6:a7:9c:3e:ea:61:de:7c:e6:1b:6e:45:db:4a:32:
9f:b9:1f:3c:eb:e2:6c:6d:5a:be:b8:73:eb:9c:7a:50:74:84:
0e:cc:39:a2:ee:d2:cb:8c:0d:b8:c0:04:d0:71:04:dc:27:8e:
8c:c4:2b:04:cc:50:70:6d:ae:9b:97:2f:c9:cb:9b:5f:64:0f:
42:9b:e4:e5:e9:2f:10:95:ab:e0:ae:13:3f:82:4e:00:c7:34:
f4:8e:a9:38
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYnBFmn8p6/l+7fYAexv7X2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2YwZmJkNWY2ZTE3NTk5MDNjYzY5ZGUwZGM0ZWEyNGMx
ZjgzZGYwHhcNMjMwODA0MTUwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODFmNGQ5YjAzN2Y5NjUzMzg3OGI1YzY0MzFjNGFhNzA1MTFmOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT64RJvBaatDd8F+YCVDotoVAVki
QcItNpm12+En/hMKQm/w7n74vnXUip6z0eN67H/MpGfV2Qbt7bMA6+vQ+YWv4pcX
x8biRdOiy6LqxMFJcnLyrivopbIxCu7ut8hEH9D5ihyoNcx+sk4TZLiSWxfbHVwf
Bf7D5FdakzSJT8dhufHCsRCQOHjlWNfYpnkz9LSAaokaoTC9lTjpr1OWb7Slzuy+
RxshwqqIjl4TeallHhXYrFgq2K/R2clbzJzUFWW8u7Y5H8wilzItIMDJwhXfRz5U
kLrb7c1fOLVqo5X2IHAIeuoD3DyIEcXU859WjfAweT8yCtUTot92aCz4FwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHgfTZsDf5ZTOHi1xkMcSqcFEfmtMB8GA1UdIwQY
MBaAFNTPD71fbhdZkDzGneDcTqJMH4PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMt
NTg1N2YxYzE3NjI0LzEvZUI5Tm13Tl9sbE00ZUxYR1F4eEtwd1VSLWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMtNTg1N2YxYzE3NjI0
LzEvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAHw4RAwQB
LmacAwQBVmq2AwQBXrEIAwQAwdthMA0EAgACMAcDBQAqDfMCMA0GCSqGSIb3DQEB
CwUAA4IBAQAXYAzk/rOj/bW0Ncnq9OoEXrKV9Z/PCD1AabQbxwBG1PGN2fRkooPM
9g68lkQAvApk3i7mwPckJggXENFOG4/rbo3mXXiImijFUZ3xB1SF+oZShIn8N4rQ
bdK61Ptqs7gQL/A3pj1scQCuo/SE1vACkaMDCbmVCMMz1wShyH4c5cJ9pKBG1He7
dJhtzcDcYdV5fRAl2t31TvEUia8stOda/Fmj92zGp5w+6mHefOYbbkXbSjKfuR88
6+JsbVq+uHPrnHpQdIQOzDmi7tLLjA24wATQcQTcJ46MxCsEzFBwba6bly/Jy5tf
ZA9Cm+Tl6S8QlavgrhM/gk4AxzT0jqk4
-----END CERTIFICATE-----
Generated at Tue Aug 15 09:18:54 2023 by rpki-client on console-fra.rpki-client.org