Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/1XWacPGKssdr2IZRdLasM2lC7vA.roa
File: 1XWacPGKssdr2IZRdLasM2lC7vA.roa (raw, json)
Hash identifier: Bg2/+H6+Jh5hHzRHdTr8nXdA+49EPhLbRJKeFad3zgE=
Subject key identifier: D5:75:9A:70:F1:8A:B2:C7:6B:D8:86:51:74:B6:AC:33:69:42:EE:F0
Certificate issuer: /CN=e5cf78f5f339ee777da749210a96eced96b7f2e7
Certificate serial: 018571F0DE58A4321C18E548ADFBD4568E13
Authority key identifier: E5:CF:78:F5:F3:39:EE:77:7D:A7:49:21:0A:96:EC:ED:96:B7:F2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5c949fM57nd9p0khCpbs7Za38uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/1XWacPGKssdr2IZRdLasM2lC7vA.roa
Signing time: Mon 02 Jan 2023 10:04:48 +0000
ROA not before: Mon 02 Jan 2023 10:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207021
IP address blocks: 185.80.191.0/24 maxlen: 24
185.80.190.0/24 maxlen: 24
185.80.189.0/24 maxlen: 24
185.80.188.0/24 maxlen: 24
2a05:7f00:190::/48 maxlen: 48
2a05:7f00:188::/48 maxlen: 48
2a05:7f00:191::/48 maxlen: 48
2a05:7f00:189::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:de:58:a4:32:1c:18:e5:48:ad:fb:d4:56:8e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5cf78f5f339ee777da749210a96eced96b7f2e7
Validity
Not Before: Jan 2 10:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5759a70f18ab2c76bd8865174b6ac336942eef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3b:6d:5f:3c:6c:06:4a:48:52:e8:d1:77:4c:
e1:cb:1f:7c:74:dd:f0:56:ec:c0:8c:c4:9e:62:dc:
44:d9:91:a3:c8:23:fe:43:e8:8a:96:eb:82:40:aa:
24:1c:5d:18:4a:95:5f:8e:01:e1:2f:22:d9:77:c7:
c6:74:5e:34:c9:b5:b9:8c:f7:f4:53:81:e1:aa:18:
f9:ce:c5:9b:43:e9:6d:ef:79:fb:9b:95:c5:56:13:
a9:51:cf:4f:93:b9:a8:13:d1:69:d1:c8:b8:1a:e6:
a1:65:29:b7:86:5f:ee:5b:70:8b:69:9a:cb:3b:5b:
1d:d4:6a:58:2a:04:9f:41:15:b5:a3:e6:96:ac:53:
9b:57:1c:71:d2:52:f0:0a:7b:44:e0:eb:9e:7d:40:
eb:48:cc:3e:af:f8:54:7a:67:f6:67:52:4f:db:ad:
85:43:f3:ba:2e:80:ab:91:2b:0f:c2:f3:98:4f:64:
f2:82:0a:bf:1a:6a:86:33:99:15:7a:ef:ff:a0:79:
59:cd:f4:49:fa:fc:86:03:8f:7c:6d:d7:f9:bf:8b:
51:aa:03:0c:c3:30:6a:e6:79:d7:e6:04:c0:87:9d:
2a:cc:24:75:8e:e1:fd:51:ec:3d:f8:33:6e:af:a4:
81:c7:71:36:c4:69:72:e3:13:e6:47:88:9d:b0:31:
9b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:75:9A:70:F1:8A:B2:C7:6B:D8:86:51:74:B6:AC:33:69:42:EE:F0
X509v3 Authority Key Identifier:
keyid:E5:CF:78:F5:F3:39:EE:77:7D:A7:49:21:0A:96:EC:ED:96:B7:F2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c949fM57nd9p0khCpbs7Za38uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/1XWacPGKssdr2IZRdLasM2lC7vA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/5c949fM57nd9p0khCpbs7Za38uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.188.0/22
IPv6:
2a05:7f00:188::/47
2a05:7f00:190::/47
Signature Algorithm: sha256WithRSAEncryption
46:e7:ca:c1:f6:81:5c:f0:3e:6a:d0:64:5f:7b:8d:ff:d6:ec:
a6:e9:f5:00:05:47:e2:dc:00:f3:7e:2f:60:13:48:0a:50:c3:
83:8c:eb:86:cc:fc:24:ff:3d:64:61:81:1e:5c:e8:ec:38:60:
ec:e3:80:bd:8e:e3:d3:28:f4:34:b3:99:0e:46:00:f7:92:ea:
9e:22:fb:0e:7a:c8:39:a0:ab:33:bf:1c:f4:78:eb:ea:d9:ce:
bb:4b:91:6a:7e:14:b7:3c:88:ae:51:6d:70:1f:1d:5f:c9:e8:
10:8b:fa:75:5f:2b:0d:ef:eb:29:5d:66:91:fc:36:b5:39:16:
ac:5e:73:a7:93:4a:41:cf:be:08:89:16:6e:74:ba:71:27:f5:
e1:ce:7a:59:21:27:13:ab:92:f5:00:86:92:fe:47:15:93:9d:
97:17:66:6c:ab:e8:be:18:b9:f5:98:b2:93:ca:f6:ec:e5:0f:
e3:c6:2a:fd:e2:ca:af:0c:68:bb:f3:4a:e0:4f:0d:12:3d:ba:
79:37:1d:c6:bf:a7:6d:7d:56:37:1f:72:77:8f:25:fa:60:2b:
70:36:e4:cb:68:c9:78:b5:b5:7c:3c:76:33:55:2c:db:0f:32:
33:c1:d3:a3:ac:ce:66:82:af:93:d2:5c:73:61:d2:c3:6f:d2:
c5:27:bf:b6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVx8N5YpDIcGOVIrfvUVo4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1Y2Y3OGY1ZjMzOWVlNzc3ZGE3NDkyMTBhOTZlY2VkOTZi
N2YyZTcwHhcNMjMwMTAyMTAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTc1OWE3MGYxOGFiMmM3NmJkODg2NTE3NGI2YWMzMzY5NDJlZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjttXzxsBkpIUujRd0zhyx98dN3w
VuzAjMSeYtxE2ZGjyCP+Q+iKluuCQKokHF0YSpVfjgHhLyLZd8fGdF40ybW5jPf0
U4Hhqhj5zsWbQ+lt73n7m5XFVhOpUc9Pk7moE9Fp0ci4GuahZSm3hl/uW3CLaZrL
O1sd1GpYKgSfQRW1o+aWrFObVxxx0lLwCntE4OuefUDrSMw+r/hUemf2Z1JP262F
Q/O6LoCrkSsPwvOYT2Tyggq/GmqGM5kVeu//oHlZzfRJ+vyGA498bdf5v4tRqgMM
wzBq5nnX5gTAh50qzCR1juH9Uew9+DNur6SBx3E2xGly4xPmR4idsDGbUwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNV1mnDxirLHa9iGUXS2rDNpQu7wMB8GA1UdIwQY
MBaAFOXPePXzOe53fadJIQqW7O2Wt/LnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWM5NDlmTTU3bmQ5cDBraENwYnM3WmEzOHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jNGJkOTUtYzY3MC00OTBkLThjYzAt
YjdkYzgzNzA2YTJhLzEvMVhXYWNQR0tzc2RyMklaUmRMYXNNMmxDN3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jNGJkOTUtYzY3MC00OTBkLThjYzAtYjdkYzgzNzA2YTJh
LzEvNWM5NDlmTTU3bmQ5cDBraENwYnM3WmEzOHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuVC8MBgE
AgACMBIDBwEqBX8AAYgDBwEqBX8AAZAwDQYJKoZIhvcNAQELBQADggEBAEbnysH2
gVzwPmrQZF97jf/W7Kbp9QAFR+LcAPN+L2ATSApQw4OM64bM/CT/PWRhgR5c6Ow4
YOzjgL2O49Mo9DSzmQ5GAPeS6p4i+w56yDmgqzO/HPR46+rZzrtLkWp+FLc8iK5R
bXAfHV/J6BCL+nVfKw3v6yldZpH8NrU5Fqxec6eTSkHPvgiJFm50unEn9eHOelkh
JxOrkvUAhpL+RxWTnZcXZmyr6L4YufWYspPK9uzlD+PGKv3iyq8MaLvzSuBPDRI9
unk3Hca/p219VjcfcnePJfpgK3A25MtoyXi1tXw8djNVLNsPMjPB06OszmaCr5PS
XHNh0sNv0sUnv7Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:11 2024 by rpki-client on console-fra.rpki-client.org