Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/4aDhiMnwqHk9SpFfiHZjma6bcUQ.roa
File: 4aDhiMnwqHk9SpFfiHZjma6bcUQ.roa (raw, json)
Hash identifier: lci6dDXfFaGTRY2LMTxtnd13BP+oyeRP0ybi2k2gIYg=
Subject key identifier: E1:A0:E1:88:C9:F0:A8:79:3D:4A:91:5F:88:76:63:99:AE:9B:71:44
Certificate issuer: /CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Certificate serial: 018BECA1B10ED461C42FDA59D40F2394EE3E
Authority key identifier: 0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/4aDhiMnwqHk9SpFfiHZjma6bcUQ.roa
Signing time: Mon 20 Nov 2023 12:08:21 +0000
ROA not before: Mon 20 Nov 2023 12:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15719
IP address blocks: 194.152.233.0/24 maxlen: 24
195.29.139.0/24 maxlen: 24
194.152.232.0/23 maxlen: 23
194.152.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:a1:b1:0e:d4:61:c4:2f:da:59:d4:0f:23:94:ee:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Validity
Not Before: Nov 20 12:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1a0e188c9f0a8793d4a915f88766399ae9b7144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ba:f5:5f:95:a2:d4:ad:19:ae:ac:e7:c0:a3:
84:b0:a9:ce:d7:45:42:f8:9c:63:96:a8:21:84:de:
8e:78:5b:62:83:5a:da:39:dd:9c:a0:32:db:28:34:
55:c9:ff:3f:e6:81:f2:ba:a0:f3:5f:e8:f8:5a:8f:
cd:17:e1:30:00:ef:e9:92:34:c5:03:55:7c:c6:45:
61:3a:57:06:cb:62:42:27:5f:82:59:52:39:ab:aa:
c0:9f:da:6f:b8:83:d0:e0:59:68:b0:78:bd:22:08:
82:ab:e1:fd:0c:3f:26:a8:26:80:3a:fe:23:36:e4:
37:ef:c9:a0:92:7f:3b:88:02:62:5b:fa:c6:d1:c8:
e7:ee:10:71:09:ac:bd:d0:89:00:be:1d:7e:bd:4f:
98:c4:72:c1:30:ed:fd:3c:df:b5:79:57:97:60:f3:
27:7d:7c:39:55:77:be:dc:b7:b8:24:de:66:bd:4f:
aa:40:c1:bd:7e:3e:a3:c4:0a:29:65:d8:28:85:ad:
29:b5:92:30:09:a0:59:8f:69:8a:63:f5:6c:d4:7a:
63:40:6b:73:96:d4:40:f8:dd:8c:7c:81:db:41:e4:
7c:12:f0:a7:9f:4a:18:5a:a3:57:f2:95:a7:f7:8a:
7f:7e:cc:5b:45:17:be:40:96:0a:12:1e:ac:c3:aa:
56:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A0:E1:88:C9:F0:A8:79:3D:4A:91:5F:88:76:63:99:AE:9B:71:44
X509v3 Authority Key Identifier:
keyid:0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/4aDhiMnwqHk9SpFfiHZjma6bcUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.152.232.0/23
195.29.139.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:0d:6b:ed:ae:d7:ea:f2:2c:52:6b:08:74:41:ad:2c:6c:54:
ad:1e:57:2e:2d:3e:60:da:a1:24:06:7a:16:ff:fd:2a:52:57:
a2:ac:fc:d5:f1:76:1f:4c:92:ba:22:49:ad:61:01:d0:cd:81:
7b:af:66:c7:c1:24:3c:a5:11:5c:4d:a4:0e:1e:5f:c8:84:98:
f5:a4:53:e0:cd:7e:71:33:8b:bc:66:ea:fc:b2:86:b7:d9:b9:
14:5c:c6:12:91:76:43:90:09:ae:cd:94:a2:ef:34:78:1d:2f:
a6:53:41:3e:36:95:3a:da:2a:e1:aa:5f:19:09:3b:21:d8:d2:
71:af:eb:30:a6:54:76:9b:81:fd:eb:24:ee:1f:fa:84:e8:4f:
0d:4d:09:c6:c4:10:c2:ed:d6:49:23:95:d5:a4:f3:ed:d1:56:
91:63:9c:da:d2:13:5f:ba:ae:a6:82:26:dd:e9:c0:3d:c0:34:
72:90:1d:ba:ca:98:2f:5b:dc:70:13:8c:af:b1:8f:ba:fb:f8:
73:4e:d6:e2:d4:1e:e6:2e:03:85:08:bd:47:76:6f:d0:80:fc:
a7:0a:7c:d2:80:ca:0e:6e:3b:e6:4d:01:39:42:5a:b3:b1:9e:
5e:ce:20:f5:6d:cc:e7:7b:0b:b3:2f:df:5a:ca:c3:39:aa:a7:
72:eb:91:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvsobEO1GHEL9pZ1A8jlO4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGY0ODcyYWQxYzFmNGZjYjIxM2I2YjJlZGIzODhhMmQ5
YzlhMjMwHhcNMjMxMTIwMTIwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWEwZTE4OGM5ZjBhODc5M2Q0YTkxNWY4ODc2NjM5OWFlOWI3MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrr1X5Wi1K0ZrqznwKOEsKnO10VC
+JxjlqghhN6OeFtig1raOd2coDLbKDRVyf8/5oHyuqDzX+j4Wo/NF+EwAO/pkjTF
A1V8xkVhOlcGy2JCJ1+CWVI5q6rAn9pvuIPQ4FlosHi9IgiCq+H9DD8mqCaAOv4j
NuQ378mgkn87iAJiW/rG0cjn7hBxCay90IkAvh1+vU+YxHLBMO39PN+1eVeXYPMn
fXw5VXe+3Le4JN5mvU+qQMG9fj6jxAopZdgoha0ptZIwCaBZj2mKY/Vs1HpjQGtz
ltRA+N2MfIHbQeR8EvCnn0oYWqNX8pWn94p/fsxbRRe+QJYKEh6sw6pWYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGg4YjJ8Kh5PUqRX4h2Y5mum3FEMB8GA1UdIwQY
MBaAFA4PSHKtHB9PyyE7ay7bOIotnJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQt
YzAxZjgwYTFjODA1LzEvNGFEaGlNbndxSGs5U3BGZmlIWmptYTZiY1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQtYzAxZjgwYTFjODA1
LzEvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwpjoAwQA
wx2LMA0GCSqGSIb3DQEBCwUAA4IBAQA7DWvtrtfq8ixSawh0Qa0sbFStHlcuLT5g
2qEkBnoW//0qUleirPzV8XYfTJK6IkmtYQHQzYF7r2bHwSQ8pRFcTaQOHl/IhJj1
pFPgzX5xM4u8Zur8soa32bkUXMYSkXZDkAmuzZSi7zR4HS+mU0E+NpU62irhql8Z
CTsh2NJxr+swplR2m4H96yTuH/qE6E8NTQnGxBDC7dZJI5XVpPPt0VaRY5za0hNf
uq6mgibd6cA9wDRykB26ypgvW9xwE4yvsY+6+/hzTtbi1B7mLgOFCL1Hdm/QgPyn
CnzSgMoObjvmTQE5QlqzsZ5eziD1bcznewuzL99aysM5qqdy65Hv
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:16 2024 by rpki-client on console-fra.rpki-client.org