Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/7DTSjieX48ePLTcyEyN-blj7kHo.roa
File: 7DTSjieX48ePLTcyEyN-blj7kHo.roa (raw, json)
Hash identifier: XkDsLro3EgeVqc1352GQnV0qRFnn5g+spLFHZYk5gx4=
Subject key identifier: EC:34:D2:8E:27:97:E3:C7:8F:2D:37:32:13:23:7E:6E:58:FB:90:7A
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 018732596E7AE2F7B9702ED350C9CE005451
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/7DTSjieX48ePLTcyEyN-blj7kHo.roa
Signing time: Thu 30 Mar 2023 11:48:54 +0000
ROA not before: Thu 30 Mar 2023 11:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42894
IP address blocks: 145.31.0.0/16 maxlen: 24
145.50.0.0/16 maxlen: 24
145.45.0.0/17 maxlen: 24
131.237.0.0/16 maxlen: 24
194.104.116.0/22 maxlen: 24
2a13:e080::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:59:6e:7a:e2:f7:b9:70:2e:d3:50:c9:ce:00:54:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Mar 30 11:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec34d28e2797e3c78f2d373213237e6e58fb907a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:b9:c3:d1:dc:0d:ab:a5:c6:31:0b:c1:56:
c2:93:23:ca:8c:cc:8e:06:83:f6:fb:bc:ff:aa:45:
ae:b5:9c:13:64:c0:da:63:1a:cb:8f:de:a7:19:c5:
54:7d:df:96:aa:38:0b:ca:01:e2:93:79:6b:ad:95:
26:50:62:6d:7d:5f:40:9e:a7:5e:00:c4:7c:d3:ec:
0a:02:2c:f2:11:91:a7:d0:1e:52:74:a2:c1:ce:e7:
ff:96:1f:46:7f:8e:6f:60:c5:b7:4f:ac:ed:bb:da:
ba:06:3a:9b:56:d7:28:08:9f:44:59:00:8d:23:c9:
01:14:ee:2d:d5:78:a9:ab:eb:11:3b:fe:d3:61:cc:
2c:fe:64:77:93:f7:5c:24:b6:92:6d:83:62:a7:38:
9f:22:72:9c:fb:11:76:07:7f:88:1a:4a:87:af:5e:
66:6d:da:01:30:44:77:a3:46:c3:d8:1a:16:e3:49:
a9:e4:40:ec:94:53:cd:21:25:68:07:e1:dc:66:7e:
22:f8:cf:22:e3:ee:c7:ed:00:2e:35:a8:41:b7:ca:
f5:18:0e:b6:df:83:e3:02:3d:7f:79:83:6b:35:b0:
28:b6:19:3c:46:68:4b:ad:71:94:fd:f3:ee:73:7f:
87:7d:26:4a:52:09:39:6d:71:90:0a:06:f9:b3:cb:
23:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:34:D2:8E:27:97:E3:C7:8F:2D:37:32:13:23:7E:6E:58:FB:90:7A
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/7DTSjieX48ePLTcyEyN-blj7kHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
194.104.116.0/22
IPv6:
2a13:e080::/32
Signature Algorithm: sha256WithRSAEncryption
60:b7:e8:ac:99:cb:e4:ed:b2:d0:5b:f9:92:4d:da:19:73:5e:
bf:60:a1:8d:fc:43:2a:f3:0f:7f:c5:bb:a5:1f:00:d0:a1:96:
74:da:ce:26:84:2d:2b:48:bc:b0:73:19:61:a5:22:db:0b:e5:
7a:79:4f:9d:b5:31:64:5a:07:f8:1c:69:3d:41:dc:d7:e8:14:
7f:38:cf:12:3a:a9:7e:4c:1d:6e:c7:a2:d0:fb:7b:dc:8c:47:
3c:c9:21:79:22:6a:56:17:1c:ef:0e:fd:e6:83:52:9e:db:45:
1a:da:09:a8:e9:cb:15:76:fd:dc:73:10:3c:b3:42:9d:9f:90:
31:77:86:84:68:2a:f2:15:75:d9:32:b7:8d:3c:f1:ae:04:ac:
ed:35:4c:8e:ab:98:96:fa:79:b9:dd:20:27:ff:97:60:41:02:
27:f5:3c:6b:16:fe:ed:af:41:bb:76:17:c3:0f:6a:de:09:ff:
e7:d9:1f:53:7d:4f:e3:f3:8d:71:fa:5f:29:5d:4f:d1:a4:c7:
6c:d0:66:09:0b:d9:6b:ee:95:a6:fc:6d:3b:95:e2:14:bc:d5:
7c:90:20:fb:9c:46:64:05:5a:f7:5a:79:e9:b1:dd:ed:e2:66:
46:8a:f6:f7:00:cb:0e:cd:5e:cf:ef:40:22:db:3e:9b:f0:da:
e9:8a:59:6b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYcyWW564ve5cC7TUMnOAFRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjMwMzMwMTE0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzM0ZDI4ZTI3OTdlM2M3OGYyZDM3MzIxMzIzN2U2ZTU4ZmI5MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4u5w9HcDaulxjELwVbCkyPKjMyO
BoP2+7z/qkWutZwTZMDaYxrLj96nGcVUfd+WqjgLygHik3lrrZUmUGJtfV9Anqde
AMR80+wKAizyEZGn0B5SdKLBzuf/lh9Gf45vYMW3T6ztu9q6BjqbVtcoCJ9EWQCN
I8kBFO4t1Xipq+sRO/7TYcws/mR3k/dcJLaSbYNipzifInKc+xF2B3+IGkqHr15m
bdoBMER3o0bD2BoW40mp5EDslFPNISVoB+HcZn4i+M8i4+7H7QAuNahBt8r1GA62
34PjAj1/eYNrNbAothk8RmhLrXGU/fPuc3+HfSZKUgk5bXGQCgb5s8sj9QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOw00o4nl+PHjy03MhMjfm5Y+5B6MB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvN0RUU2ppZVg0OGVQTFRjeUV5Ti1ibGo3a0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQBgt+ismcvk7bLQW/mSTdoZc16/YKGN/EMq8w9/xbulHwDQoZZ02s4mhC0r
SLywcxlhpSLbC+V6eU+dtTFkWgf4HGk9QdzX6BR/OM8SOql+TB1ux6LQ+3vcjEc8
ySF5ImpWFxzvDv3mg1Ke20Ua2gmo6csVdv3ccxA8s0Kdn5Axd4aEaCryFXXZMreN
PPGuBKztNUyOq5iW+nm53SAn/5dgQQIn9TxrFv7tr0G7dhfDD2reCf/n2R9TfU/j
841x+l8pXU/RpMds0GYJC9lr7pWm/G07leIUvNV8kCD7nEZkBVr3Wnnpsd3t4mZG
ivb3AMsOzV7P70Ai2z6b8Nrpillr
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:53:10 2024 by rpki-client on console-fra.rpki-client.org