Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2d0e9b-5020-49a6-a391-6373d36ceef6/1/eKW7uTysKIo3VR6BN5-WQlPRVLA.roa
File: eKW7uTysKIo3VR6BN5-WQlPRVLA.roa (raw, json)
Hash identifier: N8t6+RZpeXxCS1TTGFJ9ZMuhR7UCsp+nrYvlso2LSv4=
Subject key identifier: 78:A5:BB:B9:3C:AC:28:8A:37:55:1E:81:37:9F:96:42:53:D1:54:B0
Certificate issuer: /CN=044b22d249b6663f9fa34b1762d25ffd9fb3fed3
Certificate serial: 01856C4122EA635C6A1210EE23748D72D897
Authority key identifier: 04:4B:22:D2:49:B6:66:3F:9F:A3:4B:17:62:D2:5F:FD:9F:B3:FE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BEsi0km2Zj-fo0sXYtJf_Z-z_tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/2d0e9b-5020-49a6-a391-6373d36ceef6/1/eKW7uTysKIo3VR6BN5-WQlPRVLA.roa
Signing time: Sun 01 Jan 2023 07:34:46 +0000
ROA not before: Sun 01 Jan 2023 07:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15768
IP address blocks: 195.35.91.0/24 maxlen: 24
195.35.90.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:22:ea:63:5c:6a:12:10:ee:23:74:8d:72:d8:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044b22d249b6663f9fa34b1762d25ffd9fb3fed3
Validity
Not Before: Jan 1 07:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78a5bbb93cac288a37551e81379f964253d154b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3a:65:29:bc:c6:fe:aa:af:40:de:8f:38:dd:
73:84:ef:58:94:10:bf:b5:8d:75:5a:3b:e2:f0:e3:
c1:fc:71:49:e6:27:0b:74:5d:52:f1:de:75:dc:ec:
6d:9f:5d:36:e5:ed:7d:a9:81:08:6b:b8:51:aa:19:
1e:4c:4c:f1:40:79:ba:3d:72:20:2d:64:7f:91:00:
a6:c3:7c:da:ae:26:37:70:78:22:61:f4:02:94:69:
4f:75:03:f9:7d:f4:eb:d7:ce:8a:63:8f:81:ac:e4:
9d:6a:2d:bb:b3:62:4c:ca:da:8d:1f:be:91:2f:50:
2b:52:ad:15:a9:5c:e6:52:8e:6e:ec:1d:c6:b7:e5:
d9:54:08:3d:0f:4d:ea:d0:c7:c5:69:4c:8a:77:e8:
85:a6:b1:79:cd:40:a9:b5:0e:8e:f0:96:b2:8a:a8:
a5:31:7e:a3:f3:6c:4b:a0:e8:b8:6d:25:15:cd:d1:
7b:5a:17:de:c3:37:e1:9d:d6:72:ee:c8:e2:c0:ec:
2f:19:aa:85:a7:90:05:e8:74:40:b3:06:6e:90:dd:
c3:ba:aa:ac:8d:b6:c8:28:5c:c5:ee:43:72:f9:b6:
ee:ae:6b:ba:66:29:7b:15:1a:82:64:a6:e5:36:aa:
10:a1:99:fb:d4:02:0d:02:a7:5f:a1:0c:b2:53:87:
fd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A5:BB:B9:3C:AC:28:8A:37:55:1E:81:37:9F:96:42:53:D1:54:B0
X509v3 Authority Key Identifier:
keyid:04:4B:22:D2:49:B6:66:3F:9F:A3:4B:17:62:D2:5F:FD:9F:B3:FE:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEsi0km2Zj-fo0sXYtJf_Z-z_tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2d0e9b-5020-49a6-a391-6373d36ceef6/1/eKW7uTysKIo3VR6BN5-WQlPRVLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2d0e9b-5020-49a6-a391-6373d36ceef6/1/BEsi0km2Zj-fo0sXYtJf_Z-z_tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.90.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:f2:a6:c7:c4:64:9a:65:6a:3a:bd:51:02:57:1d:1a:1b:bf:
43:44:df:a8:29:9c:d5:10:c2:08:4c:88:82:70:fd:fe:bc:93:
5b:fe:28:06:03:6f:13:5a:c5:44:2e:ac:12:9a:b8:fc:ad:06:
93:e0:48:3c:80:83:2a:13:29:52:d8:7f:c1:b0:35:2d:ce:80:
c6:bf:7b:78:b6:29:d6:8a:cb:3b:26:fc:b1:06:af:9d:a9:af:
e9:1e:3b:46:95:47:49:94:ed:1d:9a:81:f4:d7:d3:3a:fb:aa:
5d:e7:14:43:11:fd:72:b7:5f:ee:85:64:9f:a9:47:a9:89:74:
be:b1:dc:4e:f6:88:a7:09:9a:c5:0d:dc:81:f3:06:e5:e2:ae:
4b:82:26:15:a5:43:11:dc:98:71:94:db:f5:e4:11:d7:65:97:
31:55:a7:00:61:d5:a3:72:dd:0f:a9:6d:c6:a4:67:04:88:c4:
e6:6d:e4:a5:e9:18:f5:38:c9:52:4e:23:f8:d2:99:da:59:b8:
28:23:68:fe:32:b8:dd:91:ea:27:73:c7:53:5b:3f:ed:b4:96:
67:b8:68:85:a8:4a:b8:9b:6e:22:34:a0:e7:29:31:38:f5:27:
e5:29:4a:e0:23:70:56:76:4d:8b:9f:47:cb:de:93:51:58:c3:
ff:56:a5:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQSLqY1xqEhDuI3SNctiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGIyMmQyNDliNjY2M2Y5ZmEzNGIxNzYyZDI1ZmZkOWZi
M2ZlZDMwHhcNMjMwMTAxMDczNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE1YmJiOTNjYWMyODhhMzc1NTFlODEzNzlmOTY0MjUzZDE1NGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTplKbzG/qqvQN6PON1zhO9YlBC/
tY11Wjvi8OPB/HFJ5icLdF1S8d513Oxtn1025e19qYEIa7hRqhkeTEzxQHm6PXIg
LWR/kQCmw3zariY3cHgiYfQClGlPdQP5ffTr186KY4+BrOSdai27s2JMytqNH76R
L1ArUq0VqVzmUo5u7B3Gt+XZVAg9D03q0MfFaUyKd+iFprF5zUCptQ6O8Jayiqil
MX6j82xLoOi4bSUVzdF7WhfewzfhndZy7sjiwOwvGaqFp5AF6HRAswZukN3Duqqs
jbbIKFzF7kNy+bburmu6Zil7FRqCZKblNqoQoZn71AINAqdfoQyyU4f91QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHilu7k8rCiKN1UegTeflkJT0VSwMB8GA1UdIwQY
MBaAFARLItJJtmY/n6NLF2LSX/2fs/7TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVzaTBrbTJaai1mbzBzWFl0SmZfWi16X3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yZDBlOWItNTAyMC00OWE2LWEzOTEt
NjM3M2QzNmNlZWY2LzEvZUtXN3VUeXNLSW8zVlI2Qk41LVdRbFBSVkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yZDBlOWItNTAyMC00OWE2LWEzOTEtNjM3M2QzNmNlZWY2
LzEvQkVzaTBrbTJaai1mbzBzWFl0SmZfWi16X3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwyNaMA0G
CSqGSIb3DQEBCwUAA4IBAQB88qbHxGSaZWo6vVECVx0aG79DRN+oKZzVEMIITIiC
cP3+vJNb/igGA28TWsVELqwSmrj8rQaT4Eg8gIMqEylS2H/BsDUtzoDGv3t4tinW
iss7JvyxBq+dqa/pHjtGlUdJlO0dmoH019M6+6pd5xRDEf1yt1/uhWSfqUepiXS+
sdxO9oinCZrFDdyB8wbl4q5LgiYVpUMR3JhxlNv15BHXZZcxVacAYdWjct0PqW3G
pGcEiMTmbeSl6Rj1OMlSTiP40pnaWbgoI2j+Mrjdkeonc8dTWz/ttJZnuGiFqEq4
m24iNKDnKTE49SflKUrgI3BWdk2Ln0fL3pNRWMP/VqXS
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:33 2024 by rpki-client on console-fra.rpki-client.org