Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/EP4OVfA4AKJoX8RjVLMq1N31ebo.roa
File: EP4OVfA4AKJoX8RjVLMq1N31ebo.roa (raw, json)
Hash identifier: bPTrN7NajWwyrxLDv/SOEFjULfT7TGCarCToC+5P2cs=
Subject key identifier: 10:FE:0E:55:F0:38:00:A2:68:5F:C4:63:54:B3:2A:D4:DD:F5:79:BA
Certificate issuer: /CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Certificate serial: 0186A21855D36E417F31981E04D13E9676BC
Authority key identifier: B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/EP4OVfA4AKJoX8RjVLMq1N31ebo.roa
Signing time: Thu 02 Mar 2023 11:32:29 +0000
ROA not before: Thu 02 Mar 2023 11:32:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 194.88.150.0/24 maxlen: 24
194.88.150.0/23 maxlen: 23
194.88.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Mar 2023 07:27:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:18:55:d3:6e:41:7f:31:98:1e:04:d1:3e:96:76:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5c7d81ec4c4055c673ff571ccad07c3a699105e
Validity
Not Before: Mar 2 11:32:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10fe0e55f03800a2685fc46354b32ad4ddf579ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6d:58:eb:91:44:32:aa:cd:b0:00:57:4e:e9:
c8:b2:69:2c:44:98:a1:42:ac:01:b8:a0:b4:94:db:
7b:57:a9:76:39:2d:9f:40:75:99:5c:ea:5b:d9:69:
d6:25:6c:a2:a9:9b:09:13:b9:c3:45:33:32:46:33:
f0:dd:67:03:de:37:da:75:d3:4c:a3:9a:bd:af:5d:
97:e9:4d:3c:11:28:db:c9:14:e4:0f:13:8f:fb:6e:
d4:69:c1:2a:cc:21:30:ce:bc:2c:12:1d:ab:28:f9:
ce:cf:54:da:e3:50:89:87:8e:7b:04:ff:cc:72:7b:
31:04:88:dd:65:57:48:50:c8:db:69:bb:ec:63:09:
0e:aa:8b:a6:69:e7:d9:d5:44:ea:40:58:0a:31:e3:
24:a5:c0:ca:0a:57:54:92:6a:f7:ae:8c:9a:11:6c:
2e:bb:43:10:41:20:37:d3:40:02:3d:3b:85:4b:00:
fd:f8:28:f1:34:38:9d:0f:2c:03:1a:5f:59:c4:ac:
d6:08:e4:21:ee:0b:dd:c0:51:91:4f:8c:b3:b4:5d:
50:06:a8:5e:e8:56:f5:5a:eb:1b:15:e9:88:5c:45:
a2:ca:92:48:4f:e4:57:76:c4:20:ab:1c:52:0d:0c:
78:5e:56:97:eb:f4:0f:85:8d:08:7f:d0:89:44:88:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FE:0E:55:F0:38:00:A2:68:5F:C4:63:54:B3:2A:D4:DD:F5:79:BA
X509v3 Authority Key Identifier:
keyid:B5:C7:D8:1E:C4:C4:05:5C:67:3F:F5:71:CC:AD:07:C3:A6:99:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/EP4OVfA4AKJoX8RjVLMq1N31ebo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/672a2f-ac2b-4631-ab3d-c2bc1451f271/1/tcfYHsTEBVxnP_VxzK0Hw6aZEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.150.0/23
Signature Algorithm: sha256WithRSAEncryption
70:4f:a5:0b:40:d1:b6:0b:e1:66:bd:cd:f9:ee:1d:e2:78:d9:
fd:bc:7c:09:3a:c0:9e:8a:be:26:4c:de:2f:ea:61:67:55:70:
6a:87:3c:24:41:31:e8:2d:17:49:46:1d:c4:73:ac:37:52:ed:
24:6f:ca:34:d4:fd:ce:ac:a5:11:ec:50:ab:56:8d:2d:23:64:
12:4e:77:03:6f:16:07:b0:78:25:f1:48:ed:4d:3c:fd:f0:14:
5e:a8:b5:50:9b:84:da:87:9f:c9:84:58:4f:09:f4:11:78:5d:
b5:5d:f7:2b:0d:8a:1c:85:bc:be:43:bb:0a:9d:53:20:5e:2d:
1d:e6:20:c9:8a:33:d5:b7:5f:33:18:38:c0:e6:84:0b:f7:8c:
53:41:00:61:97:81:a0:ae:b4:bd:24:3b:57:26:cc:24:df:b5:
3c:37:c4:81:c0:10:a2:e0:cc:75:f1:8a:64:cf:77:d3:fe:af:
ae:81:e2:4e:79:5b:05:f4:19:26:7c:d2:35:9b:97:a8:00:83:
4a:69:d1:dc:b7:fb:ae:f0:06:15:aa:0a:ee:ad:20:26:14:d0:
fe:d1:7d:ef:11:2c:66:3f:dc:a7:7f:36:2b:5a:7a:01:30:76:
f7:ef:9d:0f:1e:e0:fa:49:0d:75:de:93:33:04:f4:e3:84:a9:
35:c2:c1:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaiGFXTbkF/MZgeBNE+lna8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YzdkODFlYzRjNDA1NWM2NzNmZjU3MWNjYWQwN2MzYTY5
OTEwNWUwHhcNMjMwMzAyMTEzMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZlMGU1NWYwMzgwMGEyNjg1ZmM0NjM1NGIzMmFkNGRkZjU3OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW1Y65FEMqrNsABXTunIsmksRJih
QqwBuKC0lNt7V6l2OS2fQHWZXOpb2WnWJWyiqZsJE7nDRTMyRjPw3WcD3jfaddNM
o5q9r12X6U08ESjbyRTkDxOP+27UacEqzCEwzrwsEh2rKPnOz1Ta41CJh457BP/M
cnsxBIjdZVdIUMjbabvsYwkOqoumaefZ1UTqQFgKMeMkpcDKCldUkmr3royaEWwu
u0MQQSA300ACPTuFSwD9+CjxNDidDywDGl9ZxKzWCOQh7gvdwFGRT4yztF1QBqhe
6Fb1WusbFemIXEWiypJIT+RXdsQgqxxSDQx4XlaX6/QPhY0If9CJRIi6pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBD+DlXwOACiaF/EY1SzKtTd9Xm6MB8GA1UdIwQY
MBaAFLXH2B7ExAVcZz/1ccytB8OmmRBeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2Qt
YzJiYzE0NTFmMjcxLzEvRVA0T1ZmQTRBS0pvWDhSalZMTXExTjMxZWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82NzJhMmYtYWMyYi00NjMxLWFiM2QtYzJiYzE0NTFmMjcx
LzEvdGNmWUhzVEVCVnhuUF9WeHpLMEh3NmFaRUY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwliWMA0G
CSqGSIb3DQEBCwUAA4IBAQBwT6ULQNG2C+Fmvc357h3ieNn9vHwJOsCeir4mTN4v
6mFnVXBqhzwkQTHoLRdJRh3Ec6w3Uu0kb8o01P3OrKUR7FCrVo0tI2QSTncDbxYH
sHgl8UjtTTz98BReqLVQm4Tah5/JhFhPCfQReF21XfcrDYochby+Q7sKnVMgXi0d
5iDJijPVt18zGDjA5oQL94xTQQBhl4GgrrS9JDtXJswk37U8N8SBwBCi4Mx18Ypk
z3fT/q+ugeJOeVsF9BkmfNI1m5eoAINKadHct/uu8AYVqgrurSAmFND+0X3vESxm
P9ynfzYrWnoBMHb3750PHuD6SQ113pMzBPTjhKk1wsHM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:51 2024 by rpki-client on console-fra.rpki-client.org