Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/477pqFmzYdeCP0PWEUJ_bQm0rr4.roa
File: 477pqFmzYdeCP0PWEUJ_bQm0rr4.roa (raw, json)
Hash identifier: hhjGguAOm+GZR/ovVCOrGWw375raAY9RqkfiH8l8ZgI=
Subject key identifier: E3:BE:E9:A8:59:B3:61:D7:82:3F:43:D6:11:42:7F:6D:09:B4:AE:BE
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 0188A4CE6E6ABC9DA32F215E6925996504F7
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/477pqFmzYdeCP0PWEUJ_bQm0rr4.roa
Signing time: Sat 10 Jun 2023 10:16:12 +0000
ROA not before: Sat 10 Jun 2023 10:16:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 92.51.44.0/24 maxlen: 24
92.51.45.0/24 maxlen: 24
92.51.46.0/24 maxlen: 24
92.51.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:ce:6e:6a:bc:9d:a3:2f:21:5e:69:25:99:65:04:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jun 10 10:16:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3bee9a859b361d7823f43d611427f6d09b4aebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d9:52:f3:f5:f1:12:52:34:85:74:28:ef:0c:
3a:71:d2:6b:e1:f9:e4:f9:1b:1e:70:33:41:8d:66:
52:34:cd:f0:42:8c:73:be:ad:7a:d6:b7:c7:4b:90:
b1:84:15:d2:64:a5:a9:56:b7:27:23:e0:12:91:48:
a2:42:2f:ec:1f:c4:97:79:c4:ca:8e:b2:8a:12:b5:
99:ab:29:74:06:80:fc:21:d4:d8:b5:ce:bf:4d:7a:
0b:6d:b1:31:10:db:42:6b:4e:08:70:87:c8:3a:21:
ce:ad:04:5e:57:9d:0e:62:7b:27:9d:ec:28:cd:c0:
0c:3f:52:56:97:57:0a:53:19:92:c2:d7:bd:bb:e0:
0b:cf:85:fb:3c:54:5a:6c:1a:7c:9a:2b:c0:ee:e9:
8e:2c:32:36:ea:38:30:f9:38:61:8c:89:47:bf:cd:
1d:70:9e:d8:72:49:83:44:c0:77:d8:8e:e3:4c:c5:
fb:d9:83:c6:99:70:f1:4a:50:4e:48:7d:4c:96:d7:
d0:a9:38:86:2a:df:a0:81:89:bc:0d:42:87:5a:71:
95:e4:cc:e9:80:0a:80:57:4b:7b:3d:9d:d4:37:53:
7f:00:c0:d2:3a:76:a5:b6:18:5d:08:7b:af:cf:55:
26:d1:e6:6a:bf:59:5f:2a:ff:b9:5a:68:01:89:dc:
44:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BE:E9:A8:59:B3:61:D7:82:3F:43:D6:11:42:7F:6D:09:B4:AE:BE
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/477pqFmzYdeCP0PWEUJ_bQm0rr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.44.0/22
Signature Algorithm: sha256WithRSAEncryption
90:90:19:7c:02:21:38:db:c1:3f:27:7a:59:50:88:bb:2f:55:
ed:f5:53:ed:7c:83:20:5a:28:ed:25:c5:90:8a:e5:73:44:9f:
fb:34:29:5c:ad:11:c1:70:1b:8c:ca:f3:3b:f6:f8:e4:6d:b6:
97:d8:b8:c9:a7:c8:50:3d:2a:ae:50:ed:95:4d:be:d9:c7:17:
cc:f1:ff:22:63:3f:9b:77:69:7c:9d:94:3e:fa:b3:8f:03:83:
94:f9:d6:b5:75:9a:44:d4:8b:26:97:b4:f0:75:17:05:10:0a:
d9:a7:73:a6:d7:1d:3e:70:87:de:f5:0d:f9:84:6c:66:8c:da:
d7:49:42:df:b2:20:cc:47:98:8b:0a:6d:7b:45:d6:f1:31:af:
06:ab:60:65:5f:b7:0a:66:9a:b3:ef:cf:df:63:63:08:90:6a:
9d:d2:cd:0a:83:20:c0:cb:2a:dd:c2:fc:50:84:86:50:69:90:
0c:c9:44:3a:db:9e:e1:58:0a:27:ce:9e:49:43:55:66:fd:ac:
12:e5:ec:7a:85:19:98:51:f8:a1:9e:88:85:cd:7a:e6:9a:2c:
35:6a:d9:59:e9:60:c6:83:e8:49:8a:ef:64:b0:54:99:8c:cb:
64:63:86:3c:1a:34:23:a0:dc:f7:ff:e0:6d:95:2e:57:14:84:
7f:90:48:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYikzm5qvJ2jLyFeaSWZZQT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjMwNjEwMTAxNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2JlZTlhODU5YjM2MWQ3ODIzZjQzZDYxMTQyN2Y2ZDA5YjRhZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdlS8/XxElI0hXQo7ww6cdJr4fnk
+RsecDNBjWZSNM3wQoxzvq161rfHS5CxhBXSZKWpVrcnI+ASkUiiQi/sH8SXecTK
jrKKErWZqyl0BoD8IdTYtc6/TXoLbbExENtCa04IcIfIOiHOrQReV50OYnsnnewo
zcAMP1JWl1cKUxmSwte9u+ALz4X7PFRabBp8mivA7umOLDI26jgw+ThhjIlHv80d
cJ7YckmDRMB32I7jTMX72YPGmXDxSlBOSH1MltfQqTiGKt+ggYm8DUKHWnGV5Mzp
gAqAV0t7PZ3UN1N/AMDSOnalthhdCHuvz1Um0eZqv1lfKv+5WmgBidxEcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOO+6ahZs2HXgj9D1hFCf20JtK6+MB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvNDc3cHFGbXpZZGVDUDBQV0VVSl9iUW0wcnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXDMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCQkBl8AiE428E/J3pZUIi7L1Xt9VPtfIMgWijtJcWQ
iuVzRJ/7NClcrRHBcBuMyvM79vjkbbaX2LjJp8hQPSquUO2VTb7ZxxfM8f8iYz+b
d2l8nZQ++rOPA4OU+da1dZpE1Isml7TwdRcFEArZp3Om1x0+cIfe9Q35hGxmjNrX
SULfsiDMR5iLCm17RdbxMa8Gq2BlX7cKZpqz78/fY2MIkGqd0s0KgyDAyyrdwvxQ
hIZQaZAMyUQ6257hWAonzp5JQ1Vm/awS5ex6hRmYUfihnoiFzXrmmiw1atlZ6WDG
g+hJiu9ksFSZjMtkY4Y8GjQjoNz3/+BtlS5XFIR/kEit
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:42 2024 by rpki-client on console-fra.rpki-client.org