Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/SkBgkMN8eR581tJv29xZNVTnJgQ.roa
File: SkBgkMN8eR581tJv29xZNVTnJgQ.roa (raw, json)
Hash identifier: KbajeTxCV+JMOS6aRF4kgmLiGDFrQHpbU6VU7w6edFg=
Subject key identifier: 4A:40:60:90:C3:7C:79:1E:7C:D6:D2:6F:DB:DC:59:35:54:E7:26:04
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018573438D51F03E0BF8C39A6A8B1F3DA2B2
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/SkBgkMN8eR581tJv29xZNVTnJgQ.roa
Signing time: Mon 02 Jan 2023 16:14:45 +0000
ROA not before: Mon 02 Jan 2023 16:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202613
IP address blocks: 176.107.152.0/21 maxlen: 24
195.231.96.0/19 maxlen: 24
80.73.232.0/21 maxlen: 24
185.58.120.0/22 maxlen: 24
217.198.128.0/20 maxlen: 24
2a00:6d43::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:8d:51:f0:3e:0b:f8:c3:9a:6a:8b:1f:3d:a2:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 2 16:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a406090c37c791e7cd6d26fdbdc593554e72604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:92:70:df:50:32:6b:88:46:f3:8b:a5:d9:c3:
cb:50:e9:c3:6b:76:27:eb:c5:6d:ce:e2:d9:fa:d7:
16:4b:85:0c:46:92:0e:24:74:14:04:ad:c5:e0:ec:
26:45:ff:7e:dc:3f:8d:95:d0:75:8e:07:30:82:b6:
3c:af:1c:14:60:20:cb:fe:e2:2b:4d:b1:4b:4f:ea:
da:53:d8:bf:2c:98:65:f6:9c:d0:61:98:ef:96:43:
1b:e2:05:02:9f:e3:bf:3b:61:86:a1:32:0b:7b:24:
4e:4e:3e:c0:59:20:35:14:db:b5:ea:cb:e1:91:8b:
87:72:78:bc:6b:34:cc:5a:9c:b8:d3:1b:59:ed:73:
94:f2:65:07:ef:ea:dd:77:46:59:4f:35:c3:0b:a0:
10:19:ae:d2:f5:25:9d:1b:d9:f1:12:4f:ff:0c:4c:
e0:4a:e6:c9:ca:0f:56:8e:3f:97:94:54:4d:4c:2b:
99:06:18:0f:72:10:ad:0d:d0:06:08:54:88:de:36:
a3:ce:bc:ae:e1:35:c3:e1:e2:25:42:88:fb:97:26:
a9:06:d2:ea:4b:4d:cf:9f:50:a6:01:47:0a:09:42:
af:c6:b0:ee:fd:df:dc:37:d1:6f:ef:2e:d3:d7:56:
a0:66:db:5e:99:57:d8:b4:9d:87:0c:0a:38:1a:7f:
82:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:40:60:90:C3:7C:79:1E:7C:D6:D2:6F:DB:DC:59:35:54:E7:26:04
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/SkBgkMN8eR581tJv29xZNVTnJgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.232.0/21
176.107.152.0/21
185.58.120.0/22
195.231.96.0/19
217.198.128.0/20
IPv6:
2a00:6d43::/32
Signature Algorithm: sha256WithRSAEncryption
80:e5:77:a9:41:df:1b:77:be:a7:91:4b:ef:8c:f6:f8:46:79:
3f:77:fe:93:d7:ce:c7:3a:41:bb:92:3a:0a:80:62:b6:f3:91:
42:d7:a2:de:cc:36:02:55:d7:81:9f:0b:7e:ed:b8:41:93:71:
5a:a1:5a:d0:42:01:5a:29:e9:4d:2e:77:2e:26:60:2f:1f:1e:
d1:44:4b:92:f1:82:bb:a2:c9:c4:89:21:5b:07:d1:40:2f:c4:
08:08:b2:27:7f:e6:5f:b0:c2:ea:cc:45:8f:fe:c3:08:2f:4b:
c7:b3:72:d2:21:26:9e:2b:a3:cf:2e:82:86:dc:30:88:7c:e9:
45:c4:94:e7:3c:55:16:b2:2d:37:bd:0a:c8:fe:f0:aa:c1:bf:
dc:fb:f0:ee:20:c2:3b:27:8b:94:97:47:ca:b5:bc:e9:98:4b:
c0:38:fe:17:89:e1:c8:d1:ef:6f:ce:17:a1:43:31:f5:e7:1f:
f7:58:a1:89:1d:a6:87:d4:f5:64:bc:f6:ea:b0:62:ac:7a:7d:
bb:ff:fe:3e:87:fb:b9:4e:2e:68:91:1f:57:4a:fc:62:12:dc:
c9:58:6f:fb:6a:d0:55:aa:07:19:2a:ad:64:52:36:05:4b:99:
d6:9b:51:18:5a:06:d1:72:95:83:28:c7:b4:67:83:65:0f:85:
93:2d:28:e4
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVzQ41R8D4L+MOaaosfPaKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwMTAyMTYxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQwNjA5MGMzN2M3OTFlN2NkNmQyNmZkYmRjNTkzNTU0ZTcyNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJJw31Aya4hG84ul2cPLUOnDa3Yn
68VtzuLZ+tcWS4UMRpIOJHQUBK3F4OwmRf9+3D+NldB1jgcwgrY8rxwUYCDL/uIr
TbFLT+raU9i/LJhl9pzQYZjvlkMb4gUCn+O/O2GGoTILeyROTj7AWSA1FNu16svh
kYuHcni8azTMWpy40xtZ7XOU8mUH7+rdd0ZZTzXDC6AQGa7S9SWdG9nxEk//DEzg
SubJyg9Wjj+XlFRNTCuZBhgPchCtDdAGCFSI3jajzryu4TXD4eIlQoj7lyapBtLq
S03Pn1CmAUcKCUKvxrDu/d/cN9Fv7y7T11agZttemVfYtJ2HDAo4Gn+C+wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEpAYJDDfHkefNbSb9vcWTVU5yYEMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvU2tCZ2tNTjhlUjU4MXRKdjI5eFpOVlRuSmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDUEnoAwQD
sGuYAwQCuTp4AwQFw+dgAwQE2caAMA0EAgACMAcDBQAqAG1DMA0GCSqGSIb3DQEB
CwUAA4IBAQCA5XepQd8bd76nkUvvjPb4Rnk/d/6T187HOkG7kjoKgGK285FC16Le
zDYCVdeBnwt+7bhBk3FaoVrQQgFaKelNLncuJmAvHx7RREuS8YK7osnEiSFbB9FA
L8QICLInf+ZfsMLqzEWP/sMIL0vHs3LSISaeK6PPLoKG3DCIfOlFxJTnPFUWsi03
vQrI/vCqwb/c+/DuIMI7J4uUl0fKtbzpmEvAOP4XieHI0e9vzhehQzH15x/3WKGJ
HaaH1PVkvPbqsGKsen27//4+h/u5Ti5okR9XSvxiEtzJWG/7atBVqgcZKq1kUjYF
S5nWm1EYWgbRcpWDKMe0Z4NlD4WTLSjk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-fra.rpki-client.org