Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/EI5-p-y-oKgvrwEO4u-K8WOIiOI.roa
File: EI5-p-y-oKgvrwEO4u-K8WOIiOI.roa (raw, json)
Hash identifier: V/gYy7Ra4h2l55wh8mqgO4lFouOKkl2DF638ljAACmk=
Subject key identifier: 10:8E:7E:A7:EC:BE:A0:A8:2F:AF:01:0E:E2:EF:8A:F1:63:88:88:E2
Certificate issuer: /CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Certificate serial: 01856F79616ABC9A9BCB5AFCF7147FD09065
Authority key identifier: 48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/EI5-p-y-oKgvrwEO4u-K8WOIiOI.roa
Signing time: Sun 01 Jan 2023 22:35:03 +0000
ROA not before: Sun 01 Jan 2023 22:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203596
IP address blocks: 193.108.216.0/24 maxlen: 24
193.109.1.0/24 maxlen: 24
193.109.2.0/24 maxlen: 24
193.109.0.0/24 maxlen: 24
193.109.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:61:6a:bc:9a:9b:cb:5a:fc:f7:14:7f:d0:90:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Validity
Not Before: Jan 1 22:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=108e7ea7ecbea0a82faf010ee2ef8af1638888e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9d:71:4d:66:54:53:da:d7:85:e5:4d:12:fa:
d8:62:f2:1e:1e:25:60:f3:11:0c:12:bc:8a:df:77:
d3:93:96:bd:17:c8:30:a8:d0:90:cf:57:00:ce:63:
12:e9:db:3a:49:e5:b8:75:d3:28:4d:c6:dd:51:16:
d2:5e:c2:74:0f:36:42:2c:13:e7:6c:a1:91:f8:98:
42:4e:ca:57:3a:5e:7e:86:82:b7:c0:0e:72:e1:a6:
50:1d:50:48:15:7b:b1:8f:a6:91:57:79:cf:fc:b3:
11:b4:7d:b5:0c:10:c0:85:db:e4:7b:0d:44:ea:8b:
f5:62:e2:5e:69:f4:de:ff:e3:61:b3:c5:fd:7d:9a:
24:5b:8f:b6:1d:af:0e:9c:68:82:aa:0f:27:1e:8f:
a7:ab:81:07:1e:07:23:77:5f:97:c4:70:7b:6b:27:
69:61:92:42:95:24:06:cf:99:d6:68:9e:67:ed:f5:
88:40:50:f3:9c:88:66:55:40:8c:ad:1d:cb:41:c4:
e7:99:99:9e:78:4c:a9:f0:fe:23:1d:13:a2:76:5b:
55:e4:55:52:0d:91:b1:6f:e3:4a:0f:7e:9c:41:38:
6a:67:ad:db:d0:9e:8d:40:78:29:30:70:62:38:ce:
3b:25:09:05:39:9e:1c:2d:bb:51:65:c9:91:07:df:
53:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:8E:7E:A7:EC:BE:A0:A8:2F:AF:01:0E:E2:EF:8A:F1:63:88:88:E2
X509v3 Authority Key Identifier:
keyid:48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/EI5-p-y-oKgvrwEO4u-K8WOIiOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.216.0/24
193.109.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:85:41:92:3c:bf:84:f3:12:4f:1a:c3:2d:23:64:78:7c:f3:
78:ff:a8:a5:78:70:eb:8a:33:0a:6c:9d:f6:c4:3e:fd:37:cc:
f8:6e:85:29:6c:b1:d9:99:41:2a:e6:11:72:2f:9d:7f:c8:19:
0b:da:c8:9d:5f:d9:e3:bb:bb:f2:7b:ba:6b:35:c9:86:09:72:
35:73:e0:a6:16:24:cc:5a:c7:43:af:59:90:68:ae:d9:7c:1f:
4c:5f:83:5f:ab:dc:8c:f5:b2:08:a1:db:2d:f9:e0:34:a2:65:
3c:7d:99:45:76:99:f6:bd:f6:9f:dd:a4:58:5b:b6:13:a0:77:
4b:76:95:99:85:a9:dd:36:20:12:c8:f9:56:36:79:b0:22:b4:
87:8d:8e:ed:d9:a4:99:54:58:41:11:a7:86:03:16:bb:8b:ee:
02:36:77:1b:ae:70:e1:ee:2e:3a:14:12:7c:0f:ae:73:92:3a:
80:b5:a7:67:de:80:5e:27:e6:a0:68:72:c4:c5:34:47:36:16:
88:3c:ae:26:2f:40:dd:8e:0e:c7:a9:96:85:a8:02:a9:b5:06:
3e:af:c5:a3:3e:cd:53:89:79:f2:4f:ba:4e:f2:0d:44:4c:8e:
87:75:a8:5a:cd:16:19:c5:ec:06:b1:24:a2:5f:0a:ee:b1:c9:
af:1b:17:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVveWFqvJqby1r89xR/0JBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Y2YzN2IzNjQ2ZmRhOTNjYmRkMGI4YWFjY2ZmZjMxM2E2
ZjcxOGYwHhcNMjMwMTAxMjIzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDhlN2VhN2VjYmVhMGE4MmZhZjAxMGVlMmVmOGFmMTYzODg4OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAip1xTWZUU9rXheVNEvrYYvIeHiVg
8xEMEryK33fTk5a9F8gwqNCQz1cAzmMS6ds6SeW4ddMoTcbdURbSXsJ0DzZCLBPn
bKGR+JhCTspXOl5+hoK3wA5y4aZQHVBIFXuxj6aRV3nP/LMRtH21DBDAhdvkew1E
6ov1YuJeafTe/+Nhs8X9fZokW4+2Ha8OnGiCqg8nHo+nq4EHHgcjd1+XxHB7aydp
YZJClSQGz5nWaJ5n7fWIQFDznIhmVUCMrR3LQcTnmZmeeEyp8P4jHROidltV5FVS
DZGxb+NKD36cQThqZ63b0J6NQHgpMHBiOM47JQkFOZ4cLbtRZcmRB99TPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBCOfqfsvqCoL68BDuLvivFjiIjiMB8GA1UdIwQY
MBaAFEjPN7Nkb9qTy90LiqzP/zE6b3GPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQt
MTdlMzE1ODk1NGRhLzEvRUk1LXAteS1vS2d2cndFTzR1LUs4V09JaU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQtMTdlMzE1ODk1NGRh
LzEvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWzYAwQC
wW0AMA0GCSqGSIb3DQEBCwUAA4IBAQA6hUGSPL+E8xJPGsMtI2R4fPN4/6ileHDr
ijMKbJ32xD79N8z4boUpbLHZmUEq5hFyL51/yBkL2sidX9nju7vye7prNcmGCXI1
c+CmFiTMWsdDr1mQaK7ZfB9MX4Nfq9yM9bIIodst+eA0omU8fZlFdpn2vfaf3aRY
W7YToHdLdpWZhandNiASyPlWNnmwIrSHjY7t2aSZVFhBEaeGAxa7i+4CNncbrnDh
7i46FBJ8D65zkjqAtadn3oBeJ+agaHLExTRHNhaIPK4mL0Ddjg7HqZaFqAKptQY+
r8WjPs1TiXnyT7pO8g1ETI6HdahazRYZxewGsSSiXwruscmvGxcu
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:28 2024 by rpki-client on console-fra.rpki-client.org