Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/883qINL6bd89EaXCPFjrL0heLgQ.roa
File: 883qINL6bd89EaXCPFjrL0heLgQ.roa (raw, json)
Hash identifier: yEF+jvzGPuTFr1Ks6ZY2//zEOb99yg8GoewDkIW7pu8=
Subject key identifier: F3:CD:EA:20:D2:FA:6D:DF:3D:11:A5:C2:3C:58:EB:2F:48:5E:2E:04
Certificate issuer: /CN=04c5f1d1779eb709090365db982917adfd0f8049
Certificate serial: 01857227F7984114FBBD02FAF163DC374FD2
Authority key identifier: 04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/883qINL6bd89EaXCPFjrL0heLgQ.roa
Signing time: Mon 02 Jan 2023 11:04:59 +0000
ROA not before: Mon 02 Jan 2023 11:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 195.114.106.0/24 maxlen: 24
195.114.107.0/24 maxlen: 24
194.126.231.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:f7:98:41:14:fb:bd:02:fa:f1:63:dc:37:4f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04c5f1d1779eb709090365db982917adfd0f8049
Validity
Not Before: Jan 2 11:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3cdea20d2fa6ddf3d11a5c23c58eb2f485e2e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:91:f8:2f:79:93:13:79:f0:a8:bd:ac:f7:80:
b7:1b:99:1f:e9:d5:e5:79:50:05:1a:5d:b6:1a:8c:
8e:31:b8:84:5a:25:21:f6:a2:c1:37:5c:b3:73:07:
08:2b:72:bf:bb:e6:e6:79:a4:49:4d:b0:04:df:e9:
2d:5d:e1:7a:f9:54:64:3d:4a:8d:48:e9:2e:10:f8:
fe:69:8e:5d:11:d3:91:a6:cc:3f:7d:b3:7a:0e:5c:
43:96:ee:5b:4c:26:97:fc:11:7e:33:a9:ee:e3:34:
cc:0c:b1:d5:ac:b3:be:4a:bf:d2:20:e6:10:a9:b4:
99:a8:10:0e:42:e8:a7:52:5d:fa:f1:67:4b:d1:8b:
95:2a:2a:79:5b:d4:e3:bb:5b:29:69:56:62:3c:00:
c5:c7:d8:4d:db:d7:5e:b5:f8:85:11:11:11:0d:3d:
5e:a7:93:54:bf:80:7d:a2:df:6e:15:4c:0b:cc:e2:
f5:15:f1:2c:ac:e9:6b:84:f5:4b:ca:f3:7e:9c:eb:
cf:0d:af:77:dd:c0:de:df:e5:74:dc:7a:6a:1b:71:
e0:70:db:f3:8a:7d:9d:78:74:b0:33:99:7e:e5:f2:
5b:32:cb:97:87:69:cc:58:e7:2c:46:27:5e:d9:52:
0d:67:6a:1b:98:ae:97:dd:20:cb:61:cd:a4:6d:6e:
16:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CD:EA:20:D2:FA:6D:DF:3D:11:A5:C2:3C:58:EB:2F:48:5E:2E:04
X509v3 Authority Key Identifier:
keyid:04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/883qINL6bd89EaXCPFjrL0heLgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.231.0/24
195.114.106.0/23
Signature Algorithm: sha256WithRSAEncryption
08:57:fa:99:b4:45:b7:a9:21:3e:79:96:95:96:bf:90:42:d7:
87:0d:8d:27:bf:c2:14:df:0d:39:52:bc:4d:af:5b:5a:7d:40:
30:69:f0:5e:38:1c:de:eb:26:d5:b1:c4:0a:43:fe:a0:7d:a3:
9c:ca:50:f9:80:05:ea:c7:37:03:f8:cc:10:17:af:8e:e4:f6:
1d:d5:00:e5:88:33:fd:f2:67:f5:ca:69:5d:53:26:42:79:07:
b9:33:37:92:57:50:09:fd:38:25:86:dc:6e:8d:00:ce:e8:20:
b3:a7:96:ab:f9:72:ce:85:42:3c:18:64:be:4b:45:8d:e9:d3:
2a:d1:dc:b1:d8:5b:c3:cb:94:37:0d:01:c1:c8:59:b9:8d:cd:
f0:04:fc:18:59:4a:f2:a7:30:ce:c4:d5:a9:30:cd:26:01:24:
52:80:56:3a:b9:d4:fc:10:7a:69:0f:06:78:0d:0f:52:6c:bb:
e5:5b:0d:6d:f2:c2:0f:72:6e:c1:92:88:00:be:fa:08:ad:e4:
3f:e1:f5:d7:56:8f:ca:b1:ee:f7:d7:27:7e:c6:09:c1:c3:ce:
04:05:29:c5:1c:1a:60:c9:f3:fb:df:51:35:83:06:1d:ac:f8:
32:35:6f:84:00:a3:98:5b:83:06:3c:7a:34:ad:7f:83:d7:9c:
02:6c:da:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyJ/eYQRT7vQL68WPcN0/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YzVmMWQxNzc5ZWI3MDkwOTAzNjVkYjk4MjkxN2FkZmQw
ZjgwNDkwHhcNMjMwMTAyMTEwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NkZWEyMGQyZmE2ZGRmM2QxMWE1YzIzYzU4ZWIyZjQ4NWUyZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJH4L3mTE3nwqL2s94C3G5kf6dXl
eVAFGl22GoyOMbiEWiUh9qLBN1yzcwcIK3K/u+bmeaRJTbAE3+ktXeF6+VRkPUqN
SOkuEPj+aY5dEdORpsw/fbN6DlxDlu5bTCaX/BF+M6nu4zTMDLHVrLO+Sr/SIOYQ
qbSZqBAOQuinUl368WdL0YuVKip5W9Tju1spaVZiPADFx9hN29detfiFERERDT1e
p5NUv4B9ot9uFUwLzOL1FfEsrOlrhPVLyvN+nOvPDa933cDe3+V03HpqG3HgcNvz
in2deHSwM5l+5fJbMsuXh2nMWOcsRide2VINZ2obmK6X3SDLYc2kbW4WsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPPN6iDS+m3fPRGlwjxY6y9IXi4EMB8GA1UdIwQY
MBaAFATF8dF3nrcJCQNl25gpF639D4BJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYt
MDU5MjQ1M2RmN2QyLzEvODgzcUlOTDZiZDg5RWFYQ1BGanJMMGhlTGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYtMDU5MjQ1M2RmN2Qy
LzEvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwn7nAwQB
w3JqMA0GCSqGSIb3DQEBCwUAA4IBAQAIV/qZtEW3qSE+eZaVlr+QQteHDY0nv8IU
3w05UrxNr1tafUAwafBeOBze6ybVscQKQ/6gfaOcylD5gAXqxzcD+MwQF6+O5PYd
1QDliDP98mf1ymldUyZCeQe5MzeSV1AJ/TglhtxujQDO6CCzp5ar+XLOhUI8GGS+
S0WN6dMq0dyx2FvDy5Q3DQHByFm5jc3wBPwYWUrypzDOxNWpMM0mASRSgFY6udT8
EHppDwZ4DQ9SbLvlWw1t8sIPcm7BkogAvvoIreQ/4fXXVo/Kse731yd+xgnBw84E
BSnFHBpgyfP731E1gwYdrPgyNW+EAKOYW4MGPHo0rX+D15wCbNrg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:07 2023 by rpki-client on console-fra.rpki-client.org