Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/7mzuy93EoabZCeXwyjI6ulQEr-8.roa
File: 7mzuy93EoabZCeXwyjI6ulQEr-8.roa (raw, json)
Hash identifier: m8VfylVDNULABOBcGt+niLH1GZmMvSWyHrzfindWE2I=
Subject key identifier: EE:6C:EE:CB:DD:C4:A1:A6:D9:09:E5:F0:CA:32:3A:BA:54:04:AF:EF
Certificate issuer: /CN=94962e2afa7748f45265d89fd15624b584e72466
Certificate serial: 01887211D8EB4B7C532F71D21D6057FABD09
Authority key identifier: 94:96:2E:2A:FA:77:48:F4:52:65:D8:9F:D1:56:24:B5:84:E7:24:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJYuKvp3SPRSZdif0VYktYTnJGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/7mzuy93EoabZCeXwyjI6ulQEr-8.roa
Signing time: Wed 31 May 2023 13:49:12 +0000
ROA not before: Wed 31 May 2023 13:49:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207611
IP address blocks: 131.220.0.0/16 maxlen: 17
193.23.254.0/24 maxlen: 32
193.30.3.0/24 maxlen: 24
2a00:5ba0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:11:d8:eb:4b:7c:53:2f:71:d2:1d:60:57:fa:bd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94962e2afa7748f45265d89fd15624b584e72466
Validity
Not Before: May 31 13:49:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee6ceecbddc4a1a6d909e5f0ca323aba5404afef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7d:38:05:20:11:3c:29:ac:10:90:1f:7f:d1:
d6:74:97:9f:5c:41:33:5b:b8:bb:57:e2:d3:93:c3:
09:ba:06:b1:74:a0:e3:d8:7e:d6:26:cd:6c:d2:1b:
7b:8d:dc:39:dc:59:b0:bd:b0:c6:f1:d0:bc:e8:c8:
58:a5:f7:2c:06:41:22:19:7a:ce:d9:09:92:d9:f2:
39:99:c4:67:e7:26:1e:57:e8:22:46:ad:00:f9:87:
3d:28:af:98:fb:0f:08:17:47:76:48:79:41:92:49:
fe:10:08:93:1a:56:0c:52:cc:56:78:cc:5d:bb:ed:
8e:e5:7d:f6:c1:7e:55:c4:65:a6:3f:d1:d7:33:a3:
fa:bd:f4:91:94:2d:df:64:22:ef:0a:66:ee:0a:d2:
39:80:ee:79:5e:6e:2f:bf:09:31:ac:fd:bb:04:9c:
c9:4c:ab:d9:fb:31:83:90:52:0c:06:26:7f:00:f6:
dd:38:4c:6f:4b:fe:45:9f:5c:89:2f:10:1c:5d:64:
92:cb:f9:53:5e:cb:49:2e:d1:cc:0f:b7:14:66:6c:
0a:f5:d1:f0:d2:58:03:19:58:5d:ed:b6:35:6b:c6:
1a:c9:d4:fd:d1:f1:ef:f0:1f:1f:4e:4e:f5:e9:24:
80:79:1c:64:09:b3:a3:77:4b:f2:9e:ec:92:01:4b:
19:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:6C:EE:CB:DD:C4:A1:A6:D9:09:E5:F0:CA:32:3A:BA:54:04:AF:EF
X509v3 Authority Key Identifier:
keyid:94:96:2E:2A:FA:77:48:F4:52:65:D8:9F:D1:56:24:B5:84:E7:24:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJYuKvp3SPRSZdif0VYktYTnJGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/7mzuy93EoabZCeXwyjI6ulQEr-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/lJYuKvp3SPRSZdif0VYktYTnJGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.220.0.0/16
193.23.254.0/24
193.30.3.0/24
IPv6:
2a00:5ba0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:1e:91:18:34:71:03:d8:c5:8f:3f:bd:ae:be:ce:b2:1c:54:
ba:01:7c:4b:cc:c1:60:ef:1f:9a:3d:95:7f:ff:fd:37:00:3e:
3c:05:6a:ad:22:b4:71:8c:e9:db:89:30:71:36:a5:46:68:dc:
29:64:09:ce:01:da:e0:9b:68:56:65:e6:5c:cb:6e:1d:c9:2d:
2a:4b:d7:a9:62:48:26:b9:dc:46:b3:9e:3c:4e:48:18:6a:28:
b6:0c:97:38:a7:04:fa:ed:31:08:3c:42:d0:a6:4e:5c:99:f5:
09:b7:33:59:1d:6b:f7:e8:dd:db:d9:a3:00:0e:8d:7c:ef:ac:
12:87:8b:9b:88:1b:0d:bd:71:2b:75:f0:a4:e2:45:50:33:b5:
6a:f7:f7:a5:9d:94:a7:5c:f4:78:7c:47:d7:7a:e1:13:3d:27:
5c:7a:a4:91:d4:5a:7b:30:71:4a:89:48:9e:14:f0:2e:52:b3:
8e:f5:50:f9:5a:29:42:c5:83:73:e8:a9:c2:29:b9:09:1b:a2:
5a:53:ee:11:88:60:3a:e2:63:fd:0d:72:6d:2d:6f:92:d8:7b:
29:ce:b3:3b:cb:ce:e5:94:81:de:2d:f3:fb:52:43:77:0d:26:
5e:6d:c2:2c:df:bb:34:d0:0f:ca:8f:48:b7:18:ea:7e:5a:26:
b1:b1:da:0a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYhyEdjrS3xTL3HSHWBX+r0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTYyZTJhZmE3NzQ4ZjQ1MjY1ZDg5ZmQxNTYyNGI1ODRl
NzI0NjYwHhcNMjMwNTMxMTM0OTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTZjZWVjYmRkYzRhMWE2ZDkwOWU1ZjBjYTMyM2FiYTU0MDRhZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX04BSARPCmsEJAff9HWdJefXEEz
W7i7V+LTk8MJugaxdKDj2H7WJs1s0ht7jdw53FmwvbDG8dC86MhYpfcsBkEiGXrO
2QmS2fI5mcRn5yYeV+giRq0A+Yc9KK+Y+w8IF0d2SHlBkkn+EAiTGlYMUsxWeMxd
u+2O5X32wX5VxGWmP9HXM6P6vfSRlC3fZCLvCmbuCtI5gO55Xm4vvwkxrP27BJzJ
TKvZ+zGDkFIMBiZ/APbdOExvS/5Fn1yJLxAcXWSSy/lTXstJLtHMD7cUZmwK9dHw
0lgDGVhd7bY1a8YaydT90fHv8B8fTk716SSAeRxkCbOjd0vynuySAUsZ1wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO5s7svdxKGm2Qnl8MoyOrpUBK/vMB8GA1UdIwQY
MBaAFJSWLir6d0j0UmXYn9FWJLWE5yRmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpZdUt2cDNTUFJTWmRpZjBWWWt0WVRuSkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yZGI2ODMtYzllOS00NjQ3LTgyM2It
Y2Q0MDNiZGVlNGRmLzEvN216dXk5M0VvYWJaQ2VYd3lqSTZ1bFFFci04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yZGI2ODMtYzllOS00NjQ3LTgyM2ItY2Q0MDNiZGVlNGRm
LzEvbEpZdUt2cDNTUFJTWmRpZjBWWWt0WVRuSkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAg9wDBADB
F/4DBADBHgMwDQQCAAIwBwMFAyoAW6AwDQYJKoZIhvcNAQELBQADggEBAF4ekRg0
cQPYxY8/va6+zrIcVLoBfEvMwWDvH5o9lX///TcAPjwFaq0itHGM6duJMHE2pUZo
3ClkCc4B2uCbaFZl5lzLbh3JLSpL16liSCa53EaznjxOSBhqKLYMlzinBPrtMQg8
QtCmTlyZ9Qm3M1kda/fo3dvZowAOjXzvrBKHi5uIGw29cSt18KTiRVAztWr396Wd
lKdc9Hh8R9d64RM9J1x6pJHUWnswcUqJSJ4U8C5Ss471UPlaKULFg3PoqcIpuQkb
olpT7hGIYDriY/0Ncm0tb5LYeynOszvLzuWUgd4t8/tSQ3cNJl5twizfuzTQD8qP
SLcY6n5aJrGx2go=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:29 2024 by rpki-client on console-ams.rpki-client.org