Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/eWF0c3ZdTlzg8pbeWi9XYwJIE2Q.roa
File: eWF0c3ZdTlzg8pbeWi9XYwJIE2Q.roa (raw, json)
Hash identifier: o24xICjAnyVXSS/zUL4Cosvii+EM2ykqsatSvyEuiE0=
Subject key identifier: 79:61:74:73:76:5D:4E:5C:E0:F2:96:DE:5A:2F:57:63:02:48:13:64
Certificate issuer: /CN=a4c93ab364c87832e7776226eee6c131dbe153bb
Certificate serial: 018B616BCAD09C6E0A9B1D938D1A5A2EC0F2
Authority key identifier: A4:C9:3A:B3:64:C8:78:32:E7:77:62:26:EE:E6:C1:31:DB:E1:53:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/eWF0c3ZdTlzg8pbeWi9XYwJIE2Q.roa
Signing time: Tue 24 Oct 2023 11:22:16 +0000
ROA not before: Tue 24 Oct 2023 11:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197830
IP address blocks: 185.52.128.0/22 maxlen: 22
176.28.83.0/24 maxlen: 24
176.28.80.0/21 maxlen: 21
176.28.84.0/24 maxlen: 24
2a04:c840::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Oct 2023 15:11:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:6b:ca:d0:9c:6e:0a:9b:1d:93:8d:1a:5a:2e:c0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4c93ab364c87832e7776226eee6c131dbe153bb
Validity
Not Before: Oct 24 11:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79617473765d4e5ce0f296de5a2f576302481364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d8:1e:9d:7c:cd:3c:7b:96:10:88:87:05:98:
a0:75:83:df:a1:89:43:65:68:cd:20:14:ee:ae:9d:
25:23:38:74:ca:e1:6e:9c:83:6f:89:0c:a3:a1:85:
15:e3:2d:b6:c4:65:f0:79:19:5c:9d:42:9e:f7:6f:
d6:c0:3e:6c:b9:25:fa:af:57:91:94:97:d1:bc:93:
48:bc:ba:49:ac:5b:7f:3f:52:3d:9b:b4:6e:09:77:
c2:a2:e9:ed:a5:cd:c2:18:0a:6c:2b:d3:a4:d9:70:
37:13:69:b5:ff:95:3d:64:7e:76:9f:25:27:31:9f:
d4:44:47:a5:a2:f9:08:9d:67:46:6c:20:a9:95:ac:
e1:e4:3d:eb:26:5f:78:25:ad:24:51:3a:49:d1:4b:
ff:9c:0a:bd:5d:60:2f:6a:5d:ed:81:86:9b:bd:66:
ae:e3:b5:f9:d6:6a:05:f8:41:7d:69:dd:eb:a8:cf:
8f:0a:ad:fc:f9:a9:3f:f6:89:a8:cf:d0:71:e6:04:
c9:d9:a6:dd:08:01:1b:f4:f6:2d:72:10:aa:53:77:
07:24:96:1d:36:c8:00:4e:a7:bb:c9:9d:c2:38:b4:
84:dd:8e:26:91:6c:d1:6e:50:2a:f2:50:b4:3e:ef:
f9:97:03:86:32:e9:6c:f9:da:49:69:67:b9:bc:9e:
4e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:61:74:73:76:5D:4E:5C:E0:F2:96:DE:5A:2F:57:63:02:48:13:64
X509v3 Authority Key Identifier:
keyid:A4:C9:3A:B3:64:C8:78:32:E7:77:62:26:EE:E6:C1:31:DB:E1:53:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/eWF0c3ZdTlzg8pbeWi9XYwJIE2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/pMk6s2TIeDLnd2Im7ubBMdvhU7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.28.80.0/21
185.52.128.0/22
IPv6:
2a04:c840::/29
Signature Algorithm: sha256WithRSAEncryption
00:30:54:0f:cc:2f:96:3b:e2:f5:b6:01:ca:09:bf:a7:d3:dd:
93:14:98:c7:42:6c:36:5f:29:ed:2b:06:7e:e4:31:4f:5a:9a:
7c:39:d1:72:9e:81:b6:d6:f1:a6:3c:1c:95:08:7e:d9:55:cb:
c0:7c:41:42:44:b3:57:ea:fc:fb:26:b7:89:af:bb:29:8a:a7:
82:22:5a:7d:59:0d:57:8f:d4:d9:d9:a2:7e:4d:7b:cd:c4:58:
bd:84:b0:42:9a:8c:92:f1:c9:fb:a6:3b:af:fd:45:d2:c0:de:
c3:0e:da:8b:db:c4:ea:06:96:57:a4:d0:73:f7:c7:54:b8:07:
25:b3:d0:9a:17:f8:62:3e:ae:98:5d:6e:3b:77:f9:cb:67:67:
f3:2f:52:cc:be:c7:34:df:94:f0:3e:e1:64:e4:44:38:55:2d:
49:00:58:cf:90:cb:dc:ca:e7:06:15:e2:87:a2:5c:ae:60:2a:
5f:50:b5:3a:f7:28:65:aa:48:75:2b:b2:a3:a4:30:72:77:47:
b6:80:71:0e:2c:3b:eb:ad:67:9c:0b:ea:56:fe:dd:50:bf:a4:
05:39:c8:7d:90:f2:cc:7d:b8:bc:22:1a:6d:83:7f:54:24:70:
83:02:40:4e:62:b5:7c:07:7e:17:8c:f4:7b:3c:ae:4a:5c:a2:
98:49:67:c6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtha8rQnG4Kmx2TjRpaLsDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YzkzYWIzNjRjODc4MzJlNzc3NjIyNmVlZTZjMTMxZGJl
MTUzYmIwHhcNMjMxMDI0MTEyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTYxNzQ3Mzc2NWQ0ZTVjZTBmMjk2ZGU1YTJmNTc2MzAyNDgxMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydgenXzNPHuWEIiHBZigdYPfoYlD
ZWjNIBTurp0lIzh0yuFunINviQyjoYUV4y22xGXweRlcnUKe92/WwD5suSX6r1eR
lJfRvJNIvLpJrFt/P1I9m7RuCXfCountpc3CGApsK9Ok2XA3E2m1/5U9ZH52nyUn
MZ/UREelovkInWdGbCCplazh5D3rJl94Ja0kUTpJ0Uv/nAq9XWAval3tgYabvWau
47X51moF+EF9ad3rqM+PCq38+ak/9omoz9Bx5gTJ2abdCAEb9PYtchCqU3cHJJYd
NsgATqe7yZ3COLSE3Y4mkWzRblAq8lC0Pu/5lwOGMuls+dpJaWe5vJ5ODwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHlhdHN2XU5c4PKW3lovV2MCSBNkMB8GA1UdIwQY
MBaAFKTJOrNkyHgy53diJu7mwTHb4VO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE1rNnMyVEllRExuZDJJbTd1YkJNZHZoVTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80OWRmZWEtYzc4OS00NDAxLWEyNTEt
ZTI1MzNjZGQyNWFmLzEvZVdGMGMzWmRUbHpnOHBiZVdpOVhZd0pJRTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80OWRmZWEtYzc4OS00NDAxLWEyNTEtZTI1MzNjZGQyNWFm
LzEvcE1rNnMyVEllRExuZDJJbTd1YkJNZHZoVTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsBxQAwQC
uTSAMA0EAgACMAcDBQMqBMhAMA0GCSqGSIb3DQEBCwUAA4IBAQAAMFQPzC+WO+L1
tgHKCb+n092TFJjHQmw2XyntKwZ+5DFPWpp8OdFynoG21vGmPByVCH7ZVcvAfEFC
RLNX6vz7JreJr7spiqeCIlp9WQ1Xj9TZ2aJ+TXvNxFi9hLBCmoyS8cn7pjuv/UXS
wN7DDtqL28TqBpZXpNBz98dUuAcls9CaF/hiPq6YXW47d/nLZ2fzL1LMvsc035Tw
PuFk5EQ4VS1JAFjPkMvcyucGFeKHolyuYCpfULU69yhlqkh1K7KjpDByd0e2gHEO
LDvrrWecC+pW/t1Qv6QFOch9kPLMfbi8Ihptg39UJHCDAkBOYrV8B34XjPR7PK5K
XKKYSWfG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:49 2024 by rpki-client on console-fra.rpki-client.org