Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/joPXr3-MF213FhXOgdBKfF19Pj4.roa
File: joPXr3-MF213FhXOgdBKfF19Pj4.roa (raw, json)
Hash identifier: ZhCgJTJZkIvUCGiSHeiTOVliktU6IyfkV5IAusBB4LE=
Subject key identifier: 8E:83:D7:AF:7F:8C:17:6D:77:16:15:CE:81:D0:4A:7C:5D:7D:3E:3E
Certificate issuer: /CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Certificate serial: 0187E0095F033CA7BFB23E00D49E66F39B73
Authority key identifier: 05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/joPXr3-MF213FhXOgdBKfF19Pj4.roa
Signing time: Wed 03 May 2023 05:15:23 +0000
ROA not before: Wed 03 May 2023 05:15:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5605
IP address blocks: 193.101.58.0/24 maxlen: 24
193.102.227.0/24 maxlen: 24
195.244.226.0/24 maxlen: 24
195.244.225.0/24 maxlen: 24
195.244.224.0/24 maxlen: 24
195.244.228.0/24 maxlen: 24
195.244.227.0/24 maxlen: 24
195.244.233.0/24 maxlen: 24
195.244.232.0/24 maxlen: 24
195.244.229.0/24 maxlen: 24
195.244.231.0/24 maxlen: 24
195.244.230.0/24 maxlen: 24
195.244.240.0/24 maxlen: 24
195.244.239.0/24 maxlen: 24
195.244.236.0/24 maxlen: 24
195.244.238.0/24 maxlen: 24
195.244.237.0/24 maxlen: 24
195.244.235.0/24 maxlen: 24
195.244.234.0/24 maxlen: 24
195.244.242.0/24 maxlen: 24
195.244.241.0/24 maxlen: 24
195.244.246.0/24 maxlen: 24
195.244.243.0/24 maxlen: 24
195.244.245.0/24 maxlen: 24
195.244.244.0/24 maxlen: 24
193.98.110.0/24 maxlen: 24
195.244.253.0/24 maxlen: 24
195.244.250.0/24 maxlen: 24
195.244.252.0/24 maxlen: 24
195.244.251.0/24 maxlen: 24
195.244.247.0/24 maxlen: 24
195.244.249.0/24 maxlen: 24
195.244.248.0/24 maxlen: 24
195.244.254.0/24 maxlen: 24
195.244.255.0/24 maxlen: 24
2a00:fa8::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:09:5f:03:3c:a7:bf:b2:3e:00:d4:9e:66:f3:9b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Validity
Not Before: May 3 05:15:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e83d7af7f8c176d771615ce81d04a7c5d7d3e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d8:1b:ba:f0:78:8b:9a:28:e4:45:ca:31:7c:
ec:85:29:af:a4:88:91:39:1e:85:c1:66:ca:f9:d4:
7e:da:83:80:fe:dc:36:06:5f:eb:f4:75:36:20:58:
35:b8:d1:cf:72:f4:77:02:64:cb:34:c7:f4:ed:ec:
0e:49:89:ae:5b:eb:32:da:9f:51:7f:37:0b:4b:e6:
12:72:e9:a8:b3:12:a6:26:27:30:a9:3d:4e:19:7e:
31:5a:72:3c:30:63:ee:df:c7:ea:6d:b4:94:0f:74:
99:50:cc:a1:02:f7:bd:e5:e6:d8:03:10:ac:dd:5c:
72:58:d3:46:32:c9:b7:9b:fb:2f:b5:7f:c2:75:60:
3e:1e:15:49:12:7b:a6:fe:59:69:4f:dd:b3:52:ea:
db:a3:d1:dc:e0:36:b0:3a:29:2b:25:af:d2:24:58:
23:cb:cf:03:78:f1:60:8c:e6:d3:43:c2:29:7b:22:
53:58:be:6a:ab:31:5e:2f:9a:9f:03:1f:1b:78:ff:
48:be:af:4e:27:8e:f1:14:22:29:a5:39:f4:b1:c9:
4e:c8:0b:b1:e9:48:17:22:c7:9d:bf:84:23:f3:e0:
5d:aa:c7:0c:0a:f0:c7:40:4d:d7:96:db:3c:e4:b7:
1e:f3:59:78:ed:4e:e3:c4:37:96:b7:76:c6:a0:02:
80:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:83:D7:AF:7F:8C:17:6D:77:16:15:CE:81:D0:4A:7C:5D:7D:3E:3E
X509v3 Authority Key Identifier:
keyid:05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/joPXr3-MF213FhXOgdBKfF19Pj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/BWrS9P_Fhy41pCnlPvF5kl_0IV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.98.110.0/24
193.101.58.0/24
193.102.227.0/24
195.244.224.0/19
IPv6:
2a00:fa8::/32
Signature Algorithm: sha256WithRSAEncryption
91:cf:73:dd:6e:f7:c4:74:8f:04:6c:a1:ad:44:20:8f:62:60:
a8:77:b4:67:9a:ae:75:16:1b:a2:28:b7:f8:91:04:03:b3:10:
94:e3:47:0c:37:7c:93:07:24:2d:23:b6:33:86:91:7d:49:a3:
d9:66:ff:ec:79:5f:46:03:16:f6:a7:49:af:52:e2:85:6c:8f:
98:05:85:b0:40:99:e6:8c:e8:72:a4:8a:7a:05:6e:06:a0:bc:
69:f3:62:f6:51:22:71:be:e9:aa:e8:91:59:9e:84:00:d1:1e:
b2:f1:cd:4f:74:bf:6d:0b:99:44:fd:54:34:ff:c5:93:8c:cc:
1c:32:b7:d8:73:6c:cb:15:11:5b:ed:32:5c:65:91:fb:71:a1:
06:5a:c8:98:9f:b1:42:e9:83:3a:1b:e6:80:04:11:3a:88:d3:
d8:96:eb:09:76:1b:b6:a8:b4:f0:51:f9:0f:9e:f2:5e:a1:67:
b6:a9:31:a0:1d:7f:56:a9:32:d4:a9:0b:55:22:20:08:c9:b3:
8b:2d:5f:4d:a5:aa:f7:20:4b:d7:ed:9b:40:40:7e:82:5d:63:
28:23:bb:13:01:78:94:01:40:72:18:28:ad:84:52:cb:15:49:
34:4a:7d:f3:a4:ef:37:d1:64:ca:ff:58:3f:61:6c:7f:ca:60:
2c:32:43:4c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYfgCV8DPKe/sj4A1J5m85tzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NmFkMmY0ZmZjNTg3MmUzNWE0MjllNTNlZjE3OTkyNWZm
NDIxNWUwHhcNMjMwNTAzMDUxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTgzZDdhZjdmOGMxNzZkNzcxNjE1Y2U4MWQwNGE3YzVkN2QzZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9gbuvB4i5oo5EXKMXzshSmvpIiR
OR6FwWbK+dR+2oOA/tw2Bl/r9HU2IFg1uNHPcvR3AmTLNMf07ewOSYmuW+sy2p9R
fzcLS+YScumosxKmJicwqT1OGX4xWnI8MGPu38fqbbSUD3SZUMyhAve95ebYAxCs
3VxyWNNGMsm3m/svtX/CdWA+HhVJEnum/llpT92zUurbo9Hc4DawOikrJa/SJFgj
y88DePFgjObTQ8IpeyJTWL5qqzFeL5qfAx8beP9Ivq9OJ47xFCIppTn0sclOyAux
6UgXIsedv4Qj8+BdqscMCvDHQE3Xlts85Lce81l47U7jxDeWt3bGoAKAgQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI6D169/jBdtdxYVzoHQSnxdfT4+MB8GA1UdIwQY
MBaAFAVq0vT/xYcuNaQp5T7xeZJf9CFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldyUzlQX0ZoeTQxcENubFB2RjVrbF8wSVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC80MzMwZmUtZGJmYy00ODFmLThmZDkt
MWU0ZmNiMWM2MGNiLzEvam9QWHIzLU1GMjEzRmhYT2dkQktmRjE5UGo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC80MzMwZmUtZGJmYy00ODFmLThmZDktMWU0ZmNiMWM2MGNi
LzEvQldyUzlQX0ZoeTQxcENubFB2RjVrbF8wSVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwWJuAwQA
wWU6AwQAwWbjAwQFw/TgMA0EAgACMAcDBQAqAA+oMA0GCSqGSIb3DQEBCwUAA4IB
AQCRz3PdbvfEdI8EbKGtRCCPYmCod7Rnmq51FhuiKLf4kQQDsxCU40cMN3yTByQt
I7YzhpF9SaPZZv/seV9GAxb2p0mvUuKFbI+YBYWwQJnmjOhypIp6BW4GoLxp82L2
USJxvumq6JFZnoQA0R6y8c1PdL9tC5lE/VQ0/8WTjMwcMrfYc2zLFRFb7TJcZZH7
caEGWsiYn7FC6YM6G+aABBE6iNPYlusJdhu2qLTwUfkPnvJeoWe2qTGgHX9WqTLU
qQtVIiAIybOLLV9Npar3IEvX7ZtAQH6CXWMoI7sTAXiUAUByGCithFLLFUk0Sn3z
pO830WTK/1g/YWx/ymAsMkNM
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:11 2024 by rpki-client on console-ams.rpki-client.org