Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/7E2MrtVQc9ZvdJKEOTitDNR80Yg.roa
File: 7E2MrtVQc9ZvdJKEOTitDNR80Yg.roa (raw, json)
Hash identifier: eJ5zhrSWYktzdvhqNlZ7h5eTZMV5G6+7oseH1599CT8=
Subject key identifier: EC:4D:8C:AE:D5:50:73:D6:6F:74:92:84:39:38:AD:0C:D4:7C:D1:88
Certificate issuer: /CN=7b8985faea08598c05cc30b82e282306af793316
Certificate serial: 0187949D2DD50BDB6897FFE73D5C4CCFBF1C
Authority key identifier: 7B:89:85:FA:EA:08:59:8C:05:CC:30:B8:2E:28:23:06:AF:79:33:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4mF-uoIWYwFzDC4LigjBq95MxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/7E2MrtVQc9ZvdJKEOTitDNR80Yg.roa
Signing time: Tue 18 Apr 2023 13:45:41 +0000
ROA not before: Tue 18 Apr 2023 13:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203352
IP address blocks: 185.131.81.0/24 maxlen: 24
185.131.80.0/24 maxlen: 24
185.131.80.0/23 maxlen: 23
185.131.80.0/22 maxlen: 22
185.131.83.0/24 maxlen: 24
185.131.82.0/23 maxlen: 23
185.131.82.0/24 maxlen: 24
2a06:97c0::/29 maxlen: 29
2a06:97c4::/30 maxlen: 30
2a06:97c0::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:9d:2d:d5:0b:db:68:97:ff:e7:3d:5c:4c:cf:bf:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b8985faea08598c05cc30b82e282306af793316
Validity
Not Before: Apr 18 13:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec4d8caed55073d66f7492843938ad0cd47cd188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f1:ec:cf:6d:3f:c5:df:e9:7d:f4:91:30:ac:
2e:be:0c:15:35:4a:27:05:22:9e:50:76:a9:0f:9c:
05:cb:0e:8d:29:5d:d4:a4:30:73:f3:79:a9:ae:a0:
6e:ad:00:7b:ea:97:7c:6a:36:f4:7e:bd:b4:c2:40:
b8:dc:4f:63:06:c5:2a:74:b7:66:57:0e:ee:44:9d:
06:d6:2c:c9:22:de:76:84:a9:fc:a4:17:e0:dc:1a:
a0:25:7e:ee:ab:a6:1b:b9:d2:27:7c:35:9d:b4:19:
f0:78:1b:cf:6e:a2:58:0a:41:47:78:d9:57:16:13:
54:80:32:b8:94:2e:aa:59:fa:59:e1:36:ae:66:b9:
2e:5d:e0:23:57:2c:20:62:d1:69:24:34:5e:b6:8a:
93:67:7a:22:d7:33:e3:e3:dc:bb:d1:fe:23:ac:52:
ff:52:88:3c:eb:9a:52:a0:4e:3a:5c:18:62:2b:2c:
a6:67:25:d3:75:ec:39:1f:13:99:ae:54:5f:80:f3:
a7:a3:cd:3d:78:d9:33:89:0a:27:e2:36:ec:e6:c3:
36:42:ac:91:4a:f0:20:42:9e:81:fc:c8:a8:80:d7:
91:88:b6:81:92:10:04:bd:09:58:48:7e:87:ab:6c:
26:c7:60:41:85:e8:d9:a8:80:bd:13:91:75:c5:99:
c0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4D:8C:AE:D5:50:73:D6:6F:74:92:84:39:38:AD:0C:D4:7C:D1:88
X509v3 Authority Key Identifier:
keyid:7B:89:85:FA:EA:08:59:8C:05:CC:30:B8:2E:28:23:06:AF:79:33:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4mF-uoIWYwFzDC4LigjBq95MxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/7E2MrtVQc9ZvdJKEOTitDNR80Yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/e4mF-uoIWYwFzDC4LigjBq95MxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.80.0/22
IPv6:
2a06:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:3f:79:f8:72:35:88:ab:97:d1:67:61:e0:43:72:65:14:92:
a8:53:ed:e5:8d:66:bc:4e:44:b1:3c:a0:41:20:08:0a:7c:13:
ad:a6:59:b6:18:b6:cd:73:7b:71:51:e6:0a:fe:dd:20:d8:44:
cd:73:20:4e:4e:67:46:c6:42:ec:04:4b:0d:e0:30:83:85:39:
92:c7:71:fd:e5:ea:16:04:d8:16:6b:c4:70:45:ff:bc:12:1e:
a6:bf:b8:64:a6:a1:f7:e8:75:4c:ca:bb:2f:8c:48:94:da:56:
42:f8:a2:b9:07:e7:3f:95:eb:99:6b:f9:ac:58:d8:53:f5:ec:
6d:b5:0d:59:7e:f7:c5:89:b3:45:f6:10:c4:3e:24:5e:31:63:
fa:09:79:92:08:86:60:95:45:00:dc:27:de:bc:46:8f:0d:12:
98:69:6e:02:6f:f8:a0:69:f1:41:63:33:12:14:40:fa:12:d1:
d7:a1:01:6c:11:1e:f3:ed:ee:7b:c3:85:69:f2:2a:9e:75:4e:
02:a4:2d:05:07:53:4e:20:7f:de:45:a9:56:60:36:d0:4b:62:
b3:2e:a9:25:12:0c:7d:9b:56:e8:42:c9:97:b7:51:03:1a:f5:
82:9a:bf:6f:5b:a9:00:8b:f2:ed:bc:3b:05:9d:95:19:e2:7c:
14:68:3e:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYeUnS3VC9tol//nPVxMz78cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODk4NWZhZWEwODU5OGMwNWNjMzBiODJlMjgyMzA2YWY3
OTMzMTYwHhcNMjMwNDE4MTM0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzRkOGNhZWQ1NTA3M2Q2NmY3NDkyODQzOTM4YWQwY2Q0N2NkMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/Hsz20/xd/pffSRMKwuvgwVNUon
BSKeUHapD5wFyw6NKV3UpDBz83mprqBurQB76pd8ajb0fr20wkC43E9jBsUqdLdm
Vw7uRJ0G1izJIt52hKn8pBfg3BqgJX7uq6YbudInfDWdtBnweBvPbqJYCkFHeNlX
FhNUgDK4lC6qWfpZ4TauZrkuXeAjVywgYtFpJDRetoqTZ3oi1zPj49y70f4jrFL/
Uog865pSoE46XBhiKyymZyXTdew5HxOZrlRfgPOno809eNkziQon4jbs5sM2QqyR
SvAgQp6B/MiogNeRiLaBkhAEvQlYSH6Hq2wmx2BBhejZqIC9E5F1xZnALwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOxNjK7VUHPWb3SShDk4rQzUfNGIMB8GA1UdIwQY
MBaAFHuJhfrqCFmMBcwwuC4oIwaveTMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRtRi11b0lXWXdGekRDNExpZ2pCcTk1TXhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lNTliYTEtM2Q1Yi00Mjk5LWE4NTIt
MzdjODZlMzU1MjY3LzEvN0UyTXJ0VlFjOVp2ZEpLRU9UaXRETlI4MFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lNTliYTEtM2Q1Yi00Mjk5LWE4NTItMzdjODZlMzU1MjY3
LzEvZTRtRi11b0lXWXdGekRDNExpZ2pCcTk1TXhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYNQMA0E
AgACMAcDBQMqBpfAMA0GCSqGSIb3DQEBCwUAA4IBAQCnP3n4cjWIq5fRZ2HgQ3Jl
FJKoU+3ljWa8TkSxPKBBIAgKfBOtplm2GLbNc3txUeYK/t0g2ETNcyBOTmdGxkLs
BEsN4DCDhTmSx3H95eoWBNgWa8RwRf+8Eh6mv7hkpqH36HVMyrsvjEiU2lZC+KK5
B+c/leuZa/msWNhT9exttQ1ZfvfFibNF9hDEPiReMWP6CXmSCIZglUUA3CfevEaP
DRKYaW4Cb/igafFBYzMSFED6EtHXoQFsER7z7e57w4Vp8iqedU4CpC0FB1NOIH/e
RalWYDbQS2KzLqklEgx9m1boQsmXt1EDGvWCmr9vW6kAi/LtvDsFnZUZ4nwUaD7l
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:24 2024 by rpki-client on console-fra.rpki-client.org