Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/T7gfs0U08GUuteSzBrarVVOTOek.roa
File: T7gfs0U08GUuteSzBrarVVOTOek.roa (raw, json)
Hash identifier: XN5pTeu3atk5EkpasT7F0rHoVoErwR97FaWx/eokD1U=
Subject key identifier: 4F:B8:1F:B3:45:34:F0:65:2E:B5:E4:B3:06:B6:AB:55:53:93:39:E9
Certificate issuer: /CN=beb12ce6a91030e27d5abad146df27bc2880652b
Certificate serial: 018BC8F231D857AB16C8D035C2741FC72C46
Authority key identifier: BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/T7gfs0U08GUuteSzBrarVVOTOek.roa
Signing time: Mon 13 Nov 2023 13:49:57 +0000
ROA not before: Mon 13 Nov 2023 13:49:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 193.186.199.0/24 maxlen: 24
5.11.23.0/24 maxlen: 24
5.11.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:f2:31:d8:57:ab:16:c8:d0:35:c2:74:1f:c7:2c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb12ce6a91030e27d5abad146df27bc2880652b
Validity
Not Before: Nov 13 13:49:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fb81fb34534f0652eb5e4b306b6ab55539339e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:00:9f:2d:c9:59:67:ed:5d:93:56:19:ca:15:
bb:28:b9:9d:a2:29:31:96:85:19:7a:9e:58:c9:2f:
4b:1d:4d:a3:2b:a7:0c:30:af:23:bd:b9:ca:54:e0:
d3:1d:44:41:c1:5e:c2:59:a1:92:90:58:15:ae:be:
73:99:e1:b5:ac:7e:dc:98:a8:31:f0:86:31:59:71:
58:61:20:42:18:d0:51:e9:c9:9c:4b:74:f0:57:67:
d0:d6:b4:dc:cc:47:26:14:83:54:1b:5c:77:6f:34:
5b:e2:fb:78:b9:b1:5b:dc:76:2c:58:c0:65:80:42:
89:67:10:ef:6e:1f:e6:af:bd:f3:51:9e:36:e5:17:
88:86:8d:bf:3a:3d:93:83:9c:fe:48:00:a5:6e:09:
39:84:e7:c3:49:62:c9:8e:77:4e:94:64:da:90:b8:
c8:44:37:91:17:86:d8:e5:39:0c:34:7c:28:8a:b1:
9a:3e:ee:ca:0a:72:c5:ad:1e:30:bd:75:a4:3a:dc:
92:f5:cb:c4:20:a0:87:9c:db:94:ed:2d:5e:8e:f5:
d3:02:65:f5:d5:f0:07:f7:0f:11:84:33:be:b1:95:
e7:79:b1:d3:7b:18:9b:7e:54:4b:95:2b:8b:3a:bb:
13:9d:f5:3d:58:42:76:0a:2c:dd:ad:d3:7f:6b:46:
18:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B8:1F:B3:45:34:F0:65:2E:B5:E4:B3:06:B6:AB:55:53:93:39:E9
X509v3 Authority Key Identifier:
keyid:BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/T7gfs0U08GUuteSzBrarVVOTOek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.20.0/24
5.11.23.0/24
193.186.199.0/24
Signature Algorithm: sha256WithRSAEncryption
54:90:ca:c4:7a:26:0c:9f:9d:bf:6e:19:4f:00:6c:64:bb:74:
a5:76:49:ad:94:22:b1:0b:cb:18:11:1d:ae:26:6a:ff:fe:10:
9d:8e:e0:a0:ae:ba:e8:0b:25:cc:7a:88:89:c7:0f:cf:81:b0:
1b:17:48:4e:ea:a9:cc:27:05:c4:3f:ba:53:b2:dc:54:9a:f9:
5f:7b:53:ac:0b:dd:b6:e3:09:04:09:45:7e:76:3e:ae:83:a8:
13:95:a8:e3:a0:e4:6a:4c:ea:e6:6c:64:8f:c8:47:fa:90:e4:
af:74:b3:9c:79:5d:17:93:42:b8:b9:c0:67:54:5a:90:28:c2:
e2:51:c8:10:53:72:35:87:b8:52:7c:33:7c:0e:7f:13:cb:0d:
3b:26:c9:b4:0b:2f:f3:c2:d6:8c:64:f6:c5:d7:1d:81:fd:d5:
0b:1e:f9:ce:e9:9b:b6:6b:de:5d:94:95:b2:33:df:c0:2e:6b:
c2:70:45:02:d3:d9:a8:9c:b1:2f:3a:78:39:1b:a4:9e:33:c0:
41:a3:6a:d2:f4:18:f5:2e:18:6c:2c:c6:cf:11:79:53:3e:d3:
97:88:0e:60:6f:98:0a:bc:07:1f:56:db:e9:96:ce:79:85:87:
57:9c:4c:67:ca:04:f0:fe:3c:a8:73:5b:f2:8b:92:8f:dd:78:
9b:f7:95:47
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvI8jHYV6sWyNA1wnQfxyxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjEyY2U2YTkxMDMwZTI3ZDVhYmFkMTQ2ZGYyN2JjMjg4
MDY1MmIwHhcNMjMxMTEzMTM0OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmI4MWZiMzQ1MzRmMDY1MmViNWU0YjMwNmI2YWI1NTUzOTMzOWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggCfLclZZ+1dk1YZyhW7KLmdoikx
loUZep5YyS9LHU2jK6cMMK8jvbnKVODTHURBwV7CWaGSkFgVrr5zmeG1rH7cmKgx
8IYxWXFYYSBCGNBR6cmcS3TwV2fQ1rTczEcmFINUG1x3bzRb4vt4ubFb3HYsWMBl
gEKJZxDvbh/mr73zUZ425ReIho2/Oj2Tg5z+SAClbgk5hOfDSWLJjndOlGTakLjI
RDeRF4bY5TkMNHwoirGaPu7KCnLFrR4wvXWkOtyS9cvEIKCHnNuU7S1ejvXTAmX1
1fAH9w8RhDO+sZXnebHTexibflRLlSuLOrsTnfU9WEJ2CizdrdN/a0YYcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE+4H7NFNPBlLrXkswa2q1VTkznpMB8GA1UdIwQY
MBaAFL6xLOapEDDifVq60UbfJ7wogGUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMt
YTdhZGU0MzRkNDUxLzEvVDdnZnMwVTA4R1V1dGVTekJyYXJWVk9UT2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMtYTdhZGU0MzRkNDUx
LzEvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQsUAwQA
BQsXAwQAwbrHMA0GCSqGSIb3DQEBCwUAA4IBAQBUkMrEeiYMn52/bhlPAGxku3Sl
dkmtlCKxC8sYER2uJmr//hCdjuCgrrroCyXMeoiJxw/PgbAbF0hO6qnMJwXEP7pT
stxUmvlfe1OsC9224wkECUV+dj6ug6gTlajjoORqTOrmbGSPyEf6kOSvdLOceV0X
k0K4ucBnVFqQKMLiUcgQU3I1h7hSfDN8Dn8Tyw07Jsm0Cy/zwtaMZPbF1x2B/dUL
HvnO6Zu2a95dlJWyM9/ALmvCcEUC09monLEvOng5G6SeM8BBo2rS9Bj1LhhsLMbP
EXlTPtOXiA5gb5gKvAcfVtvpls55hYdXnExnygTw/jyoc1vyi5KP3Xib95VH
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:35 2024 by rpki-client on console-fra.rpki-client.org