Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/rsU1ofsckzhCFFKB88djF9jpsoI.roa
File: rsU1ofsckzhCFFKB88djF9jpsoI.roa (raw, json)
Hash identifier: Yi/X4ptsTqcyr50H/ur55+4ihYaNZ0F8u0QHmu2oRWs=
Subject key identifier: AE:C5:35:A1:FB:1C:93:38:42:14:52:81:F3:C7:63:17:D8:E9:B2:82
Certificate issuer: /CN=e017872403452f3e008ab798047342db24edb35a
Certificate serial: 018571A79C522C22CA9ECC194277C9CEB362
Authority key identifier: E0:17:87:24:03:45:2F:3E:00:8A:B7:98:04:73:42:DB:24:ED:B3:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4BeHJANFLz4AireYBHNC2yTts1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/rsU1ofsckzhCFFKB88djF9jpsoI.roa
Signing time: Mon 02 Jan 2023 08:44:48 +0000
ROA not before: Mon 02 Jan 2023 08:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212415
IP address blocks: 193.104.187.0/24 maxlen: 24
194.153.85.0/24 maxlen: 24
2001:67c:28d0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:9c:52:2c:22:ca:9e:cc:19:42:77:c9:ce:b3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e017872403452f3e008ab798047342db24edb35a
Validity
Not Before: Jan 2 08:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aec535a1fb1c933842145281f3c76317d8e9b282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8b:6d:b6:e6:d1:3c:cc:19:20:fc:5e:61:e0:
6b:30:d2:e3:e5:b5:ec:f1:cc:85:f1:fa:f1:e7:ca:
f6:07:e3:87:ea:06:b2:21:80:4e:c6:6e:d0:97:df:
9d:7d:0f:91:fd:6e:59:a7:e1:d6:e4:82:36:d4:57:
9e:f1:8a:6b:25:af:29:cc:8a:ef:01:00:1e:32:0e:
b5:0e:d0:6d:69:3c:8f:9f:2c:72:c8:45:82:1a:9f:
c7:85:47:f8:82:9e:0a:2c:cf:65:93:77:3d:0a:88:
99:aa:66:bd:c8:6f:42:e1:87:23:74:70:c5:22:4a:
2c:00:34:4f:04:be:74:6a:0e:55:6c:7c:c6:52:e8:
46:a6:92:d4:a7:b6:f3:a1:31:58:2e:c9:ce:94:01:
0d:65:ed:2f:28:ef:70:ee:3f:ce:de:f0:a8:13:49:
d6:b2:0c:e8:1d:22:c9:8f:05:27:95:da:ab:64:4b:
48:e8:97:18:10:89:b0:99:ff:aa:82:11:4d:56:97:
48:79:00:51:99:e7:ae:4a:21:c5:4d:1a:80:b7:b6:
2a:a7:cb:99:86:5d:f1:f8:a4:fb:0e:72:d7:68:83:
de:c3:43:e7:64:12:a4:13:72:0b:20:83:8c:f5:db:
66:b9:82:4b:be:8d:65:a6:b6:c0:f3:23:ca:22:28:
7e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C5:35:A1:FB:1C:93:38:42:14:52:81:F3:C7:63:17:D8:E9:B2:82
X509v3 Authority Key Identifier:
keyid:E0:17:87:24:03:45:2F:3E:00:8A:B7:98:04:73:42:DB:24:ED:B3:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BeHJANFLz4AireYBHNC2yTts1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/rsU1ofsckzhCFFKB88djF9jpsoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/4BeHJANFLz4AireYBHNC2yTts1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.187.0/24
194.153.85.0/24
IPv6:
2001:67c:28d0::/48
Signature Algorithm: sha256WithRSAEncryption
20:97:00:2a:14:4d:da:3d:95:2b:57:46:d5:30:36:4c:8b:26:
df:37:70:18:92:6d:1e:99:74:c8:b9:2f:26:9a:10:85:02:6f:
54:20:fa:2f:d7:bc:3b:19:98:42:5d:92:14:33:f3:fe:96:e8:
89:09:17:9f:cc:ad:33:de:14:80:b3:f8:bc:73:26:00:07:9c:
e7:3b:d3:bc:b5:60:50:59:32:69:f4:0a:65:46:4a:1a:70:24:
bf:8f:05:c7:dd:71:b7:ca:46:50:74:b3:a0:6c:70:be:7f:bd:
98:46:4e:ad:e4:3d:2e:45:87:fc:13:63:49:99:96:87:c1:63:
88:4a:d8:0c:47:08:bc:09:f1:d0:7e:d5:cc:d6:9e:5f:40:be:
4e:d8:7a:5c:fb:35:46:13:ec:48:11:98:cd:3f:ca:78:78:9d:
bb:dc:36:ca:c0:7d:95:10:7a:f6:15:2e:27:46:33:83:e1:f7:
b4:d2:54:93:43:46:32:e3:2e:a6:14:7a:28:f2:6b:53:46:da:
02:df:8b:53:f0:d2:b9:de:03:6d:5b:a7:26:bc:45:d8:49:2f:
30:4b:06:73:b5:42:ad:4b:d2:01:52:f0:18:ec:26:5b:78:4e:
29:bd:77:12:41:18:95:d7:71:c6:fd:ac:36:fe:a5:c9:bb:cf:
62:3a:3f:de
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxp5xSLCLKnswZQnfJzrNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMTc4NzI0MDM0NTJmM2UwMDhhYjc5ODA0NzM0MmRiMjRl
ZGIzNWEwHhcNMjMwMTAyMDg0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM1MzVhMWZiMWM5MzM4NDIxNDUyODFmM2M3NjMxN2Q4ZTliMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgotttubRPMwZIPxeYeBrMNLj5bXs
8cyF8frx58r2B+OH6gayIYBOxm7Ql9+dfQ+R/W5Zp+HW5II21Fee8YprJa8pzIrv
AQAeMg61DtBtaTyPnyxyyEWCGp/HhUf4gp4KLM9lk3c9CoiZqma9yG9C4YcjdHDF
IkosADRPBL50ag5VbHzGUuhGppLUp7bzoTFYLsnOlAENZe0vKO9w7j/O3vCoE0nW
sgzoHSLJjwUnldqrZEtI6JcYEImwmf+qghFNVpdIeQBRmeeuSiHFTRqAt7Yqp8uZ
hl3x+KT7DnLXaIPew0PnZBKkE3ILIIOM9dtmuYJLvo1lprbA8yPKIih+OQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK7FNaH7HJM4QhRSgfPHYxfY6bKCMB8GA1UdIwQY
MBaAFOAXhyQDRS8+AIq3mARzQtsk7bNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJlSEpBTkZMejRBaXJlWUJITkMyeVR0czFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS80Y2MxNDUtOTY3ZC00ZDhkLWFmNWMt
ODc3ZTBlODY2YjI0LzEvcnNVMW9mc2NremhDRkZLQjg4ZGpGOWpwc29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS80Y2MxNDUtOTY3ZC00ZDhkLWFmNWMtODc3ZTBlODY2YjI0
LzEvNEJlSEpBTkZMejRBaXJlWUJITkMyeVR0czFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWi7AwQA
wplVMA8EAgACMAkDBwAgAQZ8KNAwDQYJKoZIhvcNAQELBQADggEBACCXACoUTdo9
lStXRtUwNkyLJt83cBiSbR6ZdMi5LyaaEIUCb1Qg+i/XvDsZmEJdkhQz8/6W6IkJ
F5/MrTPeFICz+LxzJgAHnOc707y1YFBZMmn0CmVGShpwJL+PBcfdcbfKRlB0s6Bs
cL5/vZhGTq3kPS5Fh/wTY0mZlofBY4hK2AxHCLwJ8dB+1czWnl9Avk7Yelz7NUYT
7EgRmM0/ynh4nbvcNsrAfZUQevYVLidGM4Ph97TSVJNDRjLjLqYUeijya1NG2gLf
i1Pw0rneA21bpya8RdhJLzBLBnO1Qq1L0gFS8BjsJlt4Tim9dxJBGJXXccb9rDb+
pcm7z2I6P94=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:37 2024 by rpki-client on console-fra.rpki-client.org