Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/iMMSeeQ3z-vEschmSNAIo_f-3QU.roa
File: iMMSeeQ3z-vEschmSNAIo_f-3QU.roa (raw, json)
Hash identifier: JDWEA9XhELHGxOfZ3bW5BED0Ds2p8HeuUYIn5OngPk8=
Subject key identifier: 88:C3:12:79:E4:37:CF:EB:C4:B1:C8:66:48:D0:08:A3:F7:FE:DD:05
Certificate issuer: /CN=81a7ce8bacbeceeb16f600b607d1bfd08033b302
Certificate serial: 018AA8AFD47A374CD4E2B5227B706EC39B8E
Authority key identifier: 81:A7:CE:8B:AC:BE:CE:EB:16:F6:00:B6:07:D1:BF:D0:80:33:B3:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/iMMSeeQ3z-vEschmSNAIo_f-3QU.roa
Signing time: Mon 18 Sep 2023 14:26:50 +0000
ROA not before: Mon 18 Sep 2023 14:26:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1921
IP address blocks: 194.50.187.0/24 maxlen: 24
194.0.182.0/24 maxlen: 24
193.227.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:af:d4:7a:37:4c:d4:e2:b5:22:7b:70:6e:c3:9b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a7ce8bacbeceeb16f600b607d1bfd08033b302
Validity
Not Before: Sep 18 14:26:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88c31279e437cfebc4b1c86648d008a3f7fedd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:19:87:f7:55:8f:36:ac:73:f9:60:21:a4:4f:
87:0d:c2:c4:48:43:05:00:1f:87:c3:82:00:84:6f:
40:bd:e7:be:6e:e8:06:6c:9a:85:81:95:67:1f:6d:
37:43:14:11:a5:e5:08:9a:69:29:c0:91:64:d6:c8:
df:16:f2:56:72:46:35:7b:74:b7:79:9a:02:c0:9d:
8d:ec:fd:72:ed:58:41:e7:08:2b:1b:d8:fb:a1:d5:
19:3f:77:67:db:86:33:be:c6:77:09:c1:f5:00:3b:
ba:72:bb:02:18:94:6b:5e:31:6c:ca:14:2c:af:f4:
00:79:d3:c4:ea:86:c7:f4:86:f1:e0:f6:bf:8a:61:
13:ca:cf:2c:24:42:00:70:19:f5:d0:7a:97:25:53:
1c:ca:cb:a9:c0:f8:50:f7:85:f2:3b:04:b8:03:aa:
fc:ec:b4:86:3c:db:63:71:ac:cf:04:1f:12:58:b1:
f0:58:db:3a:f8:94:85:22:32:51:46:0a:c9:34:4c:
6d:b8:87:4f:bd:f7:7b:06:dd:3f:7f:fc:94:78:67:
ef:18:ec:e0:24:ab:e8:6d:cb:a6:86:d0:68:47:5e:
57:5c:b8:8b:da:0f:15:0c:e4:6d:bb:56:7e:f9:01:
13:9a:fe:8b:11:6c:62:0a:7d:50:ff:e4:7d:a1:f2:
1d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C3:12:79:E4:37:CF:EB:C4:B1:C8:66:48:D0:08:A3:F7:FE:DD:05
X509v3 Authority Key Identifier:
keyid:81:A7:CE:8B:AC:BE:CE:EB:16:F6:00:B6:07:D1:BF:D0:80:33:B3:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/iMMSeeQ3z-vEschmSNAIo_f-3QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/gafOi6y-zusW9gC2B9G_0IAzswI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.227.117.0/24
194.0.182.0/24
194.50.187.0/24
Signature Algorithm: sha256WithRSAEncryption
31:37:dd:8b:6e:07:e4:25:b3:e4:00:db:c5:1f:02:71:58:77:
5e:43:10:8b:80:e9:39:88:69:6e:37:94:4f:88:0a:5b:fe:a5:
0c:58:bb:8b:e3:7f:d5:f4:a8:8b:40:e4:b9:8f:56:c0:43:67:
4b:56:91:cf:f1:9c:1e:df:b1:fb:26:b3:28:66:61:36:ac:a3:
ca:0e:77:35:ef:52:d0:6e:d9:70:fc:61:f2:b6:52:2d:0d:8b:
26:44:7d:09:59:52:a8:39:96:6f:c2:75:22:82:36:03:da:82:
3f:b6:50:ba:c1:ae:f6:62:2f:f9:da:db:b0:41:6f:4b:26:f2:
76:2c:8c:61:98:d3:a6:f7:b5:52:4f:34:87:38:77:38:b9:a4:
6e:75:ef:55:da:de:2d:84:eb:ca:91:10:ac:c1:d6:67:d7:19:
a9:91:ed:af:1f:da:99:1b:5d:9f:6f:5f:22:7a:e9:41:2e:ed:
40:61:b1:77:9f:84:e8:a5:dd:b3:e2:fe:cc:7f:ad:db:5f:fd:
77:9f:23:68:41:cd:0f:8d:73:4d:ef:0b:0f:c0:eb:b4:63:02:
63:95:67:03:ce:ab:b5:11:21:37:e6:5e:8d:f6:1a:44:ab:47:
59:2a:09:74:79:91:77:96:3c:4e:e7:42:31:13:be:20:1b:1b:
b7:fd:a0:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqor9R6N0zU4rUie3Buw5uOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTdjZThiYWNiZWNlZWIxNmY2MDBiNjA3ZDFiZmQwODAz
M2IzMDIwHhcNMjMwOTE4MTQyNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGMzMTI3OWU0MzdjZmViYzRiMWM4NjY0OGQwMDhhM2Y3ZmVkZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihmH91WPNqxz+WAhpE+HDcLESEMF
AB+Hw4IAhG9Avee+bugGbJqFgZVnH203QxQRpeUImmkpwJFk1sjfFvJWckY1e3S3
eZoCwJ2N7P1y7VhB5wgrG9j7odUZP3dn24YzvsZ3CcH1ADu6crsCGJRrXjFsyhQs
r/QAedPE6obH9Ibx4Pa/imETys8sJEIAcBn10HqXJVMcysupwPhQ94XyOwS4A6r8
7LSGPNtjcazPBB8SWLHwWNs6+JSFIjJRRgrJNExtuIdPvfd7Bt0/f/yUeGfvGOzg
JKvobcumhtBoR15XXLiL2g8VDORtu1Z++QETmv6LEWxiCn1Q/+R9ofIdIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIjDEnnkN8/rxLHIZkjQCKP3/t0FMB8GA1UdIwQY
MBaAFIGnzousvs7rFvYAtgfRv9CAM7MCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FmT2k2eS16dXNXOWdDMkI5R18wSUF6c3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9lZTY2ZmItNWRjMC00MTIyLTliYzct
YjI3ZDg3MzBhMjcwLzEvaU1NU2VlUTN6LXZFc2NobVNOQUlvX2YtM1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9lZTY2ZmItNWRjMC00MTIyLTliYzctYjI3ZDg3MzBhMjcw
LzEvZ2FmT2k2eS16dXNXOWdDMkI5R18wSUF6c3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAweN1AwQA
wgC2AwQAwjK7MA0GCSqGSIb3DQEBCwUAA4IBAQAxN92LbgfkJbPkANvFHwJxWHde
QxCLgOk5iGluN5RPiApb/qUMWLuL43/V9KiLQOS5j1bAQ2dLVpHP8Zwe37H7JrMo
ZmE2rKPKDnc171LQbtlw/GHytlItDYsmRH0JWVKoOZZvwnUigjYD2oI/tlC6wa72
Yi/52tuwQW9LJvJ2LIxhmNOm97VSTzSHOHc4uaRude9V2t4thOvKkRCswdZn1xmp
ke2vH9qZG12fb18ieulBLu1AYbF3n4Topd2z4v7Mf63bX/13nyNoQc0PjXNN7wsP
wOu0YwJjlWcDzqu1ESE35l6N9hpEq0dZKgl0eZF3ljxO50IxE74gGxu3/aB4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:51 2024 by rpki-client on console-fra.rpki-client.org