Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/kfNrYJhHfmHqTDyYEkCHTx2718A.roa
File: kfNrYJhHfmHqTDyYEkCHTx2718A.roa (raw, json)
Hash identifier: D86dpk95lz174zCAI1nkFpmyHhfPob4KxnYL3C3BLGQ=
Subject key identifier: 91:F3:6B:60:98:47:7E:61:EA:4C:3C:98:12:40:87:4F:1D:BB:D7:C0
Certificate issuer: /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial: 0189E55E6F5973B56FB1B86799A1AA1E28DF
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/kfNrYJhHfmHqTDyYEkCHTx2718A.roa
Signing time: Fri 11 Aug 2023 16:11:58 +0000
ROA not before: Fri 11 Aug 2023 16:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 178.236.226.0/24 maxlen: 24
178.236.235.0/24 maxlen: 24
185.2.50.0/23 maxlen: 24
185.2.49.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e5:5e:6f:59:73:b5:6f:b1:b8:67:99:a1:aa:1e:28:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Validity
Not Before: Aug 11 16:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91f36b6098477e61ea4c3c981240874f1dbbd7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:de:d8:95:91:56:3f:b9:47:95:4a:ab:fd:93:
29:43:fe:a6:0c:cf:6d:3c:71:56:ff:7f:d5:a0:37:
67:d6:0a:fb:9e:0c:0e:38:b7:cf:fe:c3:c5:24:70:
2a:f6:48:1d:1b:3b:39:5f:81:76:74:5b:c7:df:cb:
7f:cf:ea:65:62:3b:80:48:14:2a:d2:ce:3e:88:fa:
23:ba:bd:30:0c:e2:dc:a9:70:f0:82:2a:d1:f3:67:
05:80:84:32:2b:b8:4e:07:95:e6:b2:7a:59:65:3a:
bb:0e:4a:03:b2:a2:4c:85:23:b6:5d:03:87:99:d7:
03:5d:b2:51:0d:8f:ed:fb:34:0c:db:57:5a:cc:b9:
82:ed:43:7a:70:76:2b:19:b0:b1:b7:2a:3b:7d:f1:
b5:be:31:bf:94:f8:50:a9:6a:9e:5f:20:75:c8:3a:
a8:ac:27:a7:9a:53:07:be:0e:68:b9:8d:03:8c:d5:
5c:ba:5d:4a:5c:ac:1a:af:a9:70:bb:ed:f7:47:78:
35:a1:40:65:62:36:a1:4f:9b:8c:72:3e:df:51:79:
b6:6b:d9:00:60:77:88:d5:32:38:54:45:f6:00:c6:
f8:84:76:e9:92:c1:23:9c:32:02:7f:c5:c2:3c:ad:
07:6f:00:05:24:03:9a:55:9a:9c:ea:08:fd:44:e9:
06:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F3:6B:60:98:47:7E:61:EA:4C:3C:98:12:40:87:4F:1D:BB:D7:C0
X509v3 Authority Key Identifier:
keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/kfNrYJhHfmHqTDyYEkCHTx2718A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.226.0/24
178.236.235.0/24
185.2.49.0-185.2.51.255
Signature Algorithm: sha256WithRSAEncryption
1c:d1:ca:e1:7f:12:d0:bc:50:08:fe:f5:46:56:bd:d8:0c:75:
fd:2c:37:17:ae:2f:6b:07:85:47:bc:67:cb:0f:0c:35:0e:fd:
0c:08:14:5a:d3:12:bd:8b:f9:8d:06:14:e7:fe:6c:9a:d9:2d:
46:d8:7b:cd:04:c3:48:75:8a:27:eb:c0:c2:1e:99:92:43:f0:
5b:c6:20:ec:11:4e:e8:f2:00:ee:c9:64:10:13:13:bf:98:dc:
b1:eb:78:d5:05:9a:e3:24:6b:17:49:e8:7f:82:f6:a2:cb:02:
00:a8:3b:94:0b:44:fc:e3:8b:3f:e4:c6:a9:8f:e2:2d:48:83:
11:33:53:38:1c:65:dc:0c:4b:d4:74:e6:8d:43:2e:69:23:61:
e8:ef:3a:f6:bb:cc:ac:b8:5d:bf:32:52:31:b0:b0:56:a3:89:
29:00:45:22:dc:bb:3c:e4:0d:61:eb:66:de:60:ef:f3:ca:69:
12:b6:d4:7e:aa:17:49:f8:82:a6:d0:b9:40:7e:47:1f:9b:7c:
ff:da:52:97:9e:46:ef:a3:13:c6:73:a1:d3:bd:b5:b6:0d:2d:
50:05:82:09:db:c9:7e:f7:4c:14:56:92:e6:aa:16:e1:e1:52:
77:e9:43:33:92:11:a1:81:62:23:b0:c0:58:83:74:2f:8f:da:
5d:6e:90:d1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYnlXm9Zc7VvsbhnmaGqHijfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjMwODExMTYxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWYzNmI2MDk4NDc3ZTYxZWE0YzNjOTgxMjQwODc0ZjFkYmJkN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr97YlZFWP7lHlUqr/ZMpQ/6mDM9t
PHFW/3/VoDdn1gr7ngwOOLfP/sPFJHAq9kgdGzs5X4F2dFvH38t/z+plYjuASBQq
0s4+iPojur0wDOLcqXDwgirR82cFgIQyK7hOB5XmsnpZZTq7DkoDsqJMhSO2XQOH
mdcDXbJRDY/t+zQM21dazLmC7UN6cHYrGbCxtyo7ffG1vjG/lPhQqWqeXyB1yDqo
rCenmlMHvg5ouY0DjNVcul1KXKwar6lwu+33R3g1oUBlYjahT5uMcj7fUXm2a9kA
YHeI1TI4VEX2AMb4hHbpksEjnDICf8XCPK0HbwAFJAOaVZqc6gj9ROkGqQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJHza2CYR35h6kw8mBJAh08du9fAMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEva2ZOcllKaEhmbUhxVER5WUVrQ0hUeDI3MThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAsuziAwQA
suzrMAwDBAC5AjEDBAK5AjAwDQYJKoZIhvcNAQELBQADggEBABzRyuF/EtC8UAj+
9UZWvdgMdf0sNxeuL2sHhUe8Z8sPDDUO/QwIFFrTEr2L+Y0GFOf+bJrZLUbYe80E
w0h1iifrwMIemZJD8FvGIOwRTujyAO7JZBATE7+Y3LHreNUFmuMkaxdJ6H+C9qLL
AgCoO5QLRPzjiz/kxqmP4i1IgxEzUzgcZdwMS9R05o1DLmkjYejvOva7zKy4Xb8y
UjGwsFajiSkARSLcuzzkDWHrZt5g7/PKaRK21H6qF0n4gqbQuUB+Rx+bfP/aUpee
Ru+jE8ZzodO9tbYNLVAFggnbyX73TBRWkuaqFuHhUnfpQzOSEaGBYiOwwFiDdC+P
2l1ukNE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:17 2024 by rpki-client on console-fra.rpki-client.org