Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/vOhx7LGbs5NncexHbrKQT6sB02c.roa
File: vOhx7LGbs5NncexHbrKQT6sB02c.roa (raw, json)
Hash identifier: Isvb4uDiOefdcAWbIxU/jr+f7dxscr7i91EtGl9Wa0E=
Subject key identifier: BC:E8:71:EC:B1:9B:B3:93:67:71:EC:47:6E:B2:90:4F:AB:01:D3:67
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 01856DDD52C013F05FB8DDC7D30BF2F4573C
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/vOhx7LGbs5NncexHbrKQT6sB02c.roa
Signing time: Sun 01 Jan 2023 15:04:58 +0000
ROA not before: Sun 01 Jan 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203584
IP address blocks: 193.58.217.0/24 maxlen: 24
193.58.216.0/24 maxlen: 24
91.206.86.0/24 maxlen: 24
91.206.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:52:c0:13:f0:5f:b8:dd:c7:d3:0b:f2:f4:57:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 1 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bce871ecb19bb3936771ec476eb2904fab01d367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a6:06:57:39:5e:5d:2a:f5:fe:99:68:ee:7e:
84:45:35:c3:43:bc:34:26:29:0a:3b:0d:f7:ff:0d:
8b:91:45:e3:e0:b5:0d:9e:2f:d8:68:93:e6:b9:7a:
40:ea:d4:b7:d6:85:03:0b:92:1a:db:49:81:82:a3:
1d:06:21:ba:96:80:fd:50:8c:ce:25:cf:cd:69:e8:
79:bc:45:d4:ad:3b:18:95:9b:fc:ff:0f:fa:23:92:
cf:93:e3:3b:c5:ab:b0:35:e9:c2:7f:d0:82:0d:bd:
93:23:54:84:23:2d:c6:d2:53:91:01:16:56:85:fc:
0c:35:1e:cb:c2:2f:34:5c:53:da:bf:1a:cc:35:41:
34:db:6b:a9:07:cd:03:50:56:ad:4e:88:73:9f:19:
43:8b:c1:a5:62:55:60:44:3a:17:87:ae:fc:ae:a6:
3a:aa:0e:d5:ee:d7:c9:b2:21:50:e0:2b:8c:33:0f:
6f:fa:51:ca:66:a4:5d:9d:fe:ba:38:ed:71:5a:7d:
ed:2b:a7:a5:9e:f7:67:53:30:ba:54:7c:05:47:c9:
c4:d0:5f:6f:90:b2:d7:e1:21:98:b3:bc:96:46:78:
36:67:09:97:80:3a:9f:29:b2:98:7b:46:6b:5a:0e:
5b:40:82:af:e8:e0:75:84:68:0b:7d:1f:4c:54:ba:
a3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E8:71:EC:B1:9B:B3:93:67:71:EC:47:6E:B2:90:4F:AB:01:D3:67
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/vOhx7LGbs5NncexHbrKQT6sB02c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.86.0/23
193.58.216.0/23
Signature Algorithm: sha256WithRSAEncryption
81:f3:43:8b:b3:09:32:bd:e3:5b:ae:55:2f:3f:3d:54:98:01:
07:a0:9d:55:a4:23:13:5a:91:bb:d8:17:18:b0:13:e6:83:5f:
2f:17:87:87:89:bd:e8:62:61:cf:05:b2:fe:3c:f8:c4:65:b5:
cf:a8:7d:a4:70:28:4b:06:bb:f6:d8:79:f4:08:e2:30:1a:e9:
31:a1:37:a4:2f:ac:b9:53:06:5d:93:cf:0f:29:2c:a0:b5:1d:
15:4b:78:f1:fd:6f:03:3d:6d:b4:8f:e2:4f:d7:bb:aa:7b:6e:
9c:9d:e3:74:19:7a:83:61:f6:d6:f2:5f:80:79:68:d0:6e:35:
48:d5:8e:91:47:1e:0b:42:7d:c0:3a:5b:85:9b:80:42:06:d8:
d8:9d:ae:cb:5f:b3:1d:be:9a:49:2e:8e:55:67:c1:26:b6:64:
52:aa:9a:46:27:d6:0a:a7:0e:e0:c0:e5:d3:8b:17:43:c4:4e:
58:67:19:98:cd:97:49:f1:e4:19:cb:a6:26:de:b3:54:22:be:
69:ef:9b:d6:d8:55:8b:3b:07:72:c2:bc:e6:d4:89:a7:3c:f0:
38:5d:37:af:57:58:49:e6:a4:06:a4:a3:2d:34:7e:d0:45:98:
70:7c:63:fe:9d:cd:fe:28:f8:4d:68:91:83:fd:fd:79:69:e2:
76:12:94:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt3VLAE/BfuN3H0wvy9Fc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjMwMTAxMTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U4NzFlY2IxOWJiMzkzNjc3MWVjNDc2ZWIyOTA0ZmFiMDFkMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KYGVzleXSr1/plo7n6ERTXDQ7w0
JikKOw33/w2LkUXj4LUNni/YaJPmuXpA6tS31oUDC5Ia20mBgqMdBiG6loD9UIzO
Jc/Naeh5vEXUrTsYlZv8/w/6I5LPk+M7xauwNenCf9CCDb2TI1SEIy3G0lORARZW
hfwMNR7Lwi80XFPavxrMNUE022upB80DUFatTohznxlDi8GlYlVgRDoXh678rqY6
qg7V7tfJsiFQ4CuMMw9v+lHKZqRdnf66OO1xWn3tK6elnvdnUzC6VHwFR8nE0F9v
kLLX4SGYs7yWRng2ZwmXgDqfKbKYe0ZrWg5bQIKv6OB1hGgLfR9MVLqj3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLzoceyxm7OTZ3HsR26ykE+rAdNnMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvdk9oeDdMR2JzNU5uY2V4SGJyS1FUNnNCMDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW85WAwQB
wTrYMA0GCSqGSIb3DQEBCwUAA4IBAQCB80OLswkyveNbrlUvPz1UmAEHoJ1VpCMT
WpG72BcYsBPmg18vF4eHib3oYmHPBbL+PPjEZbXPqH2kcChLBrv22Hn0COIwGukx
oTekL6y5UwZdk88PKSygtR0VS3jx/W8DPW20j+JP17uqe26cneN0GXqDYfbW8l+A
eWjQbjVI1Y6RRx4LQn3AOluFm4BCBtjYna7LX7MdvppJLo5VZ8EmtmRSqppGJ9YK
pw7gwOXTixdDxE5YZxmYzZdJ8eQZy6Ym3rNUIr5p75vW2FWLOwdywrzm1ImnPPA4
XTevV1hJ5qQGpKMtNH7QRZhwfGP+nc3+KPhNaJGD/f15aeJ2EpTS
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:36:08 2024 by rpki-client on console-ams.rpki-client.org