Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/46aabf-dad0-4d76-a5b5-88db0125a6b8/1/sRlCgq_LeFgbVMR0bVHHwGN61-8.roa
File: sRlCgq_LeFgbVMR0bVHHwGN61-8.roa (raw, json)
Hash identifier: u/45MrmotHaUniQi0PwAFlA2p9U3ebVmb5cMmsRd5W0=
Subject key identifier: B1:19:42:82:AF:CB:78:58:1B:54:C4:74:6D:51:C7:C0:63:7A:D7:EF
Certificate issuer: /CN=e4b4c53af65f0b8396b95b4d07d4ec4e7be277e5
Certificate serial: 0185729EBD1BB147FFF35BE7BAAC2183F08D
Authority key identifier: E4:B4:C5:3A:F6:5F:0B:83:96:B9:5B:4D:07:D4:EC:4E:7B:E2:77:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5LTFOvZfC4OWuVtNB9TsTnvid-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/46aabf-dad0-4d76-a5b5-88db0125a6b8/1/sRlCgq_LeFgbVMR0bVHHwGN61-8.roa
Signing time: Mon 02 Jan 2023 13:14:43 +0000
ROA not before: Mon 02 Jan 2023 13:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33823
IP address blocks: 195.12.52.0/22 maxlen: 24
195.28.184.0/23 maxlen: 24
193.25.110.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:bd:1b:b1:47:ff:f3:5b:e7:ba:ac:21:83:f0:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4b4c53af65f0b8396b95b4d07d4ec4e7be277e5
Validity
Not Before: Jan 2 13:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1194282afcb78581b54c4746d51c7c0637ad7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d9:53:e7:b6:c5:f6:5f:81:b2:d1:cd:a3:7d:
cf:da:b7:0f:9c:2b:1b:37:1a:a2:80:9b:40:da:50:
ac:3a:af:94:fa:1a:9a:aa:aa:00:d6:8e:f3:bf:83:
5d:43:f5:ef:3d:dc:ba:59:ce:7b:8e:04:52:69:b0:
21:44:d3:18:e7:bf:f6:85:ee:4b:17:9e:4a:01:5c:
92:d1:2b:2c:f4:07:ca:01:67:d0:0e:a4:ef:37:e4:
3e:ae:8c:f7:9b:2f:6a:fd:6c:7b:63:eb:1b:f6:74:
24:56:41:66:61:fc:91:28:97:37:5d:2c:4b:3a:f3:
0e:4f:0e:99:a6:5c:3d:15:d1:94:b7:85:53:89:c1:
94:b5:86:55:c1:19:a8:08:91:a6:9f:08:50:f5:ae:
12:57:71:33:aa:83:03:8f:a1:bd:0c:a7:e8:e2:fe:
38:ad:b5:23:23:72:cb:06:e8:49:63:13:d5:4b:ce:
57:e8:96:47:b6:f8:1b:38:20:5d:8e:7f:2c:10:96:
aa:e0:a7:e8:ae:bd:1e:71:75:da:69:2d:24:a3:16:
2f:82:0d:5b:52:2e:03:60:c5:09:f8:8a:2f:64:cd:
27:c7:8a:2f:c5:3a:51:8c:40:fe:c2:ad:8a:96:ce:
ad:f7:04:c4:57:6a:6a:be:6c:44:30:39:5b:69:bc:
68:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:19:42:82:AF:CB:78:58:1B:54:C4:74:6D:51:C7:C0:63:7A:D7:EF
X509v3 Authority Key Identifier:
keyid:E4:B4:C5:3A:F6:5F:0B:83:96:B9:5B:4D:07:D4:EC:4E:7B:E2:77:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LTFOvZfC4OWuVtNB9TsTnvid-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/46aabf-dad0-4d76-a5b5-88db0125a6b8/1/sRlCgq_LeFgbVMR0bVHHwGN61-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/46aabf-dad0-4d76-a5b5-88db0125a6b8/1/5LTFOvZfC4OWuVtNB9TsTnvid-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.110.0/23
195.12.52.0/22
195.28.184.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:ca:9a:62:15:b8:8d:2e:52:65:d0:2a:45:52:75:f1:fb:70:
c6:17:3d:f6:88:79:7f:95:52:23:16:85:4e:74:e7:0e:e8:5b:
2a:9a:bf:a4:23:c2:f0:08:4f:83:93:5f:7d:35:a2:e0:d7:22:
13:4f:7b:8c:48:4d:d3:8d:0f:eb:a5:f4:e2:31:d2:cb:54:a0:
8c:87:33:e1:69:49:96:51:0d:68:3d:ef:5b:11:b3:2a:71:c0:
1e:1f:e8:81:5c:a9:f5:85:0e:7a:70:0f:94:bb:65:3c:66:7e:
3e:38:9b:63:05:73:ac:41:4d:90:3b:a6:54:ca:72:a4:61:92:
dd:b1:37:65:af:de:b4:b5:c1:0f:0d:f5:95:6a:aa:16:67:03:
90:5a:c8:43:99:22:e6:d9:8b:80:37:a4:c4:8a:54:f0:4f:b4:
af:80:b6:02:3b:bf:40:dc:79:e5:e0:42:b3:a7:b0:38:63:32:
3f:ca:c3:8b:b0:80:e2:40:a8:2e:c7:e1:0c:43:ff:ad:f8:e5:
32:4a:56:a9:ce:d3:22:2c:0d:79:c4:51:fb:03:2f:60:eb:62:
16:4b:fa:d8:69:cf:ee:92:7c:48:8c:f4:bd:4c:2f:a9:82:03:
60:74:f2:3b:0e:40:da:bb:d0:c7:50:8e:4d:e0:8f:9d:90:31:
e5:a3:7f:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVynr0bsUf/81vnuqwhg/CNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjRjNTNhZjY1ZjBiODM5NmI5NWI0ZDA3ZDRlYzRlN2Jl
Mjc3ZTUwHhcNMjMwMTAyMTMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTE5NDI4MmFmY2I3ODU4MWI1NGM0NzQ2ZDUxYzdjMDYzN2FkN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtlT57bF9l+BstHNo33P2rcPnCsb
NxqigJtA2lCsOq+U+hqaqqoA1o7zv4NdQ/XvPdy6Wc57jgRSabAhRNMY57/2he5L
F55KAVyS0Sss9AfKAWfQDqTvN+Q+roz3my9q/Wx7Y+sb9nQkVkFmYfyRKJc3XSxL
OvMOTw6Zplw9FdGUt4VTicGUtYZVwRmoCJGmnwhQ9a4SV3EzqoMDj6G9DKfo4v44
rbUjI3LLBuhJYxPVS85X6JZHtvgbOCBdjn8sEJaq4Kforr0ecXXaaS0koxYvgg1b
Ui4DYMUJ+IovZM0nx4ovxTpRjED+wq2Kls6t9wTEV2pqvmxEMDlbabxoMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLEZQoKvy3hYG1TEdG1Rx8BjetfvMB8GA1UdIwQY
MBaAFOS0xTr2XwuDlrlbTQfU7E574nflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxURk92WmZDNE9XdVZ0TkI5VHNUbnZpZC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80NmFhYmYtZGFkMC00ZDc2LWE1YjUt
ODhkYjAxMjVhNmI4LzEvc1JsQ2dxX0xlRmdiVk1SMGJWSEh3R042MS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80NmFhYmYtZGFkMC00ZDc2LWE1YjUtODhkYjAxMjVhNmI4
LzEvNUxURk92WmZDNE9XdVZ0TkI5VHNUbnZpZC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwRluAwQC
www0AwQBwxy4MA0GCSqGSIb3DQEBCwUAA4IBAQBsyppiFbiNLlJl0CpFUnXx+3DG
Fz32iHl/lVIjFoVOdOcO6Fsqmr+kI8LwCE+Dk199NaLg1yITT3uMSE3TjQ/rpfTi
MdLLVKCMhzPhaUmWUQ1oPe9bEbMqccAeH+iBXKn1hQ56cA+Uu2U8Zn4+OJtjBXOs
QU2QO6ZUynKkYZLdsTdlr960tcEPDfWVaqoWZwOQWshDmSLm2YuAN6TEilTwT7Sv
gLYCO79A3Hnl4EKzp7A4YzI/ysOLsIDiQKgux+EMQ/+t+OUySlapztMiLA15xFH7
Ay9g62IWS/rYac/uknxIjPS9TC+pggNgdPI7DkDau9DHUI5N4I+dkDHlo39+
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:25 2024 by rpki-client on console-fra.rpki-client.org