Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/gMl2zkaY7yMKLwBV2seJabEqfCY.roa
File: gMl2zkaY7yMKLwBV2seJabEqfCY.roa (raw, json)
Hash identifier: HgR4Z6oKMFnLksEsnzf+7hoXn+wmZAKTu0kRkEoByF4=
Subject key identifier: 80:C9:76:CE:46:98:EF:23:0A:2F:00:55:DA:C7:89:69:B1:2A:7C:26
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018852862B209E26D48BA27712034DDFFFAA
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/gMl2zkaY7yMKLwBV2seJabEqfCY.roa
Signing time: Thu 25 May 2023 10:48:24 +0000
ROA not before: Thu 25 May 2023 10:48:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43697
IP address blocks: 195.57.128.0/24 maxlen: 24
195.235.199.0/24 maxlen: 24
195.57.169.0/24 maxlen: 24
194.179.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:86:2b:20:9e:26:d4:8b:a2:77:12:03:4d:df:ff:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: May 25 10:48:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80c976ce4698ef230a2f0055dac78969b12a7c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:93:48:85:5a:5a:4c:15:26:f0:02:26:95:bc:
06:b4:b2:22:1c:70:3a:de:59:5c:e0:1e:ce:c1:b3:
de:d9:06:7b:50:eb:8d:2c:38:93:18:13:1b:13:e2:
7a:26:b0:cb:25:d4:41:4f:68:1f:7f:b5:63:71:59:
73:b1:15:81:6b:5d:d9:4e:f9:97:0f:e8:97:9d:18:
64:27:c8:97:17:a2:26:1b:0e:cf:a4:95:88:9b:23:
0e:a5:2c:30:37:ef:1c:88:b4:a2:e7:2c:46:46:4e:
c9:b8:0f:3e:60:84:b8:76:49:03:9c:b6:7b:94:95:
45:a4:9c:ac:32:c4:64:e6:3a:88:9c:5f:ed:ff:dc:
c4:6f:be:27:65:57:c1:51:9a:d1:c0:2b:7f:d2:51:
dc:98:08:4e:d6:69:e8:a2:81:35:d2:50:c1:bb:52:
55:2f:6d:c1:22:96:84:3f:40:20:94:bc:62:cd:83:
35:9c:75:08:3a:0f:02:2e:81:cd:f8:3a:f4:24:06:
b5:08:6b:08:12:b0:f7:38:99:05:bc:3a:be:62:e1:
74:82:90:50:96:ee:24:cd:b7:cc:f1:e3:40:26:90:
b0:86:23:1c:58:4e:16:6d:e8:84:2e:c4:f0:1b:2d:
4e:8f:35:9c:87:a5:72:d8:9c:da:bc:2d:88:cf:3d:
71:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C9:76:CE:46:98:EF:23:0A:2F:00:55:DA:C7:89:69:B1:2A:7C:26
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/gMl2zkaY7yMKLwBV2seJabEqfCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.179.36.0/24
195.57.128.0/24
195.57.169.0/24
195.235.199.0/24
Signature Algorithm: sha256WithRSAEncryption
91:d3:b3:f3:44:dc:a3:5a:e7:32:b9:7d:a3:71:51:79:46:ec:
14:35:29:68:fc:c2:1a:77:d6:92:31:5f:30:7b:ee:3c:be:cf:
35:e6:bd:62:7d:b7:51:17:78:67:e1:aa:af:4a:7f:b1:0f:e1:
e7:3b:c4:f3:9f:9d:21:c4:56:d9:0f:79:33:b6:94:24:4c:5a:
18:c6:f5:9b:d2:32:45:62:9f:e4:69:59:17:69:ec:4e:b3:e4:
d3:53:4e:b6:cf:15:84:d7:1a:58:be:5f:f4:16:00:34:ec:a1:
f3:e7:c2:62:a8:6e:0f:07:05:e2:95:1f:c2:59:fb:51:aa:06:
29:c1:78:14:ef:c3:04:26:ab:76:b4:bd:f3:f6:74:7f:60:b9:
58:e0:bd:b8:fa:bf:78:1c:a6:b7:53:7e:9b:f1:1c:16:e4:95:
63:82:77:bf:b9:e1:51:06:18:c7:47:8c:cd:b2:49:84:cd:d3:
f2:4d:8e:09:cc:cd:5c:b4:25:d7:a4:48:b9:09:a5:26:3e:9e:
d2:1e:57:67:3c:b3:55:cf:44:b1:1b:f5:80:8f:b4:36:d2:ee:
52:a2:d6:ea:38:ce:7e:36:94:b3:03:19:40:03:1e:f4:d8:18:
2a:5d:20:f3:8a:6e:49:18:08:c1:85:42:e7:52:49:22:8f:02:
65:98:4a:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhShisgnibUi6J3EgNN3/+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwNTI1MTA0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGM5NzZjZTQ2OThlZjIzMGEyZjAwNTVkYWM3ODk2OWIxMmE3YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZNIhVpaTBUm8AImlbwGtLIiHHA6
3llc4B7OwbPe2QZ7UOuNLDiTGBMbE+J6JrDLJdRBT2gff7VjcVlzsRWBa13ZTvmX
D+iXnRhkJ8iXF6ImGw7PpJWImyMOpSwwN+8ciLSi5yxGRk7JuA8+YIS4dkkDnLZ7
lJVFpJysMsRk5jqInF/t/9zEb74nZVfBUZrRwCt/0lHcmAhO1mnoooE10lDBu1JV
L23BIpaEP0AglLxizYM1nHUIOg8CLoHN+Dr0JAa1CGsIErD3OJkFvDq+YuF0gpBQ
lu4kzbfM8eNAJpCwhiMcWE4WbeiELsTwGy1OjzWch6Vy2JzavC2Izz1xYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIDJds5GmO8jCi8AVdrHiWmxKnwmMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvZ01sMnprYVk3eU1LTHdCVjJzZUphYkVxZkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwrMkAwQA
wzmAAwQAwzmpAwQAw+vHMA0GCSqGSIb3DQEBCwUAA4IBAQCR07PzRNyjWucyuX2j
cVF5RuwUNSlo/MIad9aSMV8we+48vs815r1ifbdRF3hn4aqvSn+xD+HnO8Tzn50h
xFbZD3kztpQkTFoYxvWb0jJFYp/kaVkXaexOs+TTU062zxWE1xpYvl/0FgA07KHz
58JiqG4PBwXilR/CWftRqgYpwXgU78MEJqt2tL3z9nR/YLlY4L24+r94HKa3U36b
8RwW5JVjgne/ueFRBhjHR4zNskmEzdPyTY4JzM1ctCXXpEi5CaUmPp7SHldnPLNV
z0SxG/WAj7Q20u5SotbqOM5+NpSzAxlAAx702BgqXSDzim5JGAjBhULnUkkijwJl
mEqO
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:35 2024 by rpki-client on console-ams.rpki-client.org