Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/t7jhRq0HweWF2bL8EvqEamkOvoU.roa
File: t7jhRq0HweWF2bL8EvqEamkOvoU.roa (raw, json)
Hash identifier: QlisCuBV1F7lElRfjEufyXS4NoFXyQ6LPtPr0hbSv1s=
Subject key identifier: B7:B8:E1:46:AD:07:C1:E5:85:D9:B2:FC:12:FA:84:6A:69:0E:BE:85
Certificate issuer: /CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Certificate serial: 018C6F553C752E7FA55A28B38BEC451BFE93
Authority key identifier: E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/t7jhRq0HweWF2bL8EvqEamkOvoU.roa
Signing time: Fri 15 Dec 2023 21:15:06 +0000
ROA not before: Fri 15 Dec 2023 21:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51859
IP address blocks: 87.237.204.0/24 maxlen: 24
87.237.204.0/22 maxlen: 24
87.237.200.0/21 maxlen: 24
87.237.201.0/24 maxlen: 24
87.237.202.0/23 maxlen: 24
87.237.203.0/24 maxlen: 24
185.29.100.0/22 maxlen: 24
92.249.52.0/22 maxlen: 22
92.249.52.0/24 maxlen: 24
188.93.120.0/22 maxlen: 24
91.222.4.0/22 maxlen: 24
2a04:2e40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6f:55:3c:75:2e:7f:a5:5a:28:b3:8b:ec:45:1b:fe:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Validity
Not Before: Dec 15 21:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7b8e146ad07c1e585d9b2fc12fa846a690ebe85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:df:4d:84:c3:db:09:38:49:c3:48:0b:c0:e1:
ba:45:62:1c:4a:4c:bc:26:eb:ae:49:c6:bf:b7:99:
2c:fb:c8:30:03:55:63:23:9e:bf:19:ef:c6:69:95:
96:79:bb:5f:5f:60:f8:22:02:19:d8:49:b8:93:8b:
a9:da:15:62:08:40:82:cb:cb:3d:d2:12:a3:40:71:
2b:f5:03:fd:98:38:cb:a8:83:b6:0a:c6:db:a2:27:
fd:f8:4f:97:68:56:bf:60:7b:a2:83:e0:ec:5a:cc:
f8:fa:b6:1d:ed:44:45:32:39:07:4c:4b:a6:a7:6c:
01:84:d8:3e:bf:d1:3d:54:bc:66:3b:59:c2:89:58:
01:d6:b4:3b:63:38:71:61:7c:64:10:05:b6:ef:00:
1d:e9:42:ac:31:f3:1a:b5:35:80:05:a9:18:24:57:
a2:20:7f:d4:5d:ea:89:8a:d8:30:95:c9:62:82:4b:
5f:e7:86:b5:ac:6e:74:c5:69:a9:a6:b1:0b:8d:c5:
b6:d8:a7:9c:0c:b0:a1:6a:b9:e2:1f:3c:a0:bb:67:
91:d8:45:9d:ed:4a:f9:42:4c:5e:ff:a9:68:3c:ab:
ff:c6:08:ea:6e:7d:d0:e8:bb:cb:69:a1:18:a5:56:
16:28:ec:e2:c3:47:be:5f:63:0b:f8:85:9d:1f:2f:
90:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B8:E1:46:AD:07:C1:E5:85:D9:B2:FC:12:FA:84:6A:69:0E:BE:85
X509v3 Authority Key Identifier:
keyid:E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/t7jhRq0HweWF2bL8EvqEamkOvoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.200.0/21
91.222.4.0/22
92.249.52.0/22
185.29.100.0/22
188.93.120.0/22
IPv6:
2a04:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
49:9d:ac:8f:01:94:e6:ea:27:e9:90:a2:21:0b:f3:11:54:f8:
91:b9:a3:bb:35:91:89:ad:91:98:f2:35:03:e1:7a:42:27:36:
c8:27:fd:1a:78:58:6b:46:fd:4e:d1:64:d7:ae:8b:99:8c:35:
99:37:2f:92:11:55:39:e1:3e:57:23:05:cc:e8:57:64:7f:02:
1b:03:8d:73:de:6a:41:53:5a:f6:70:24:8a:b8:dc:f6:4d:a2:
06:3e:0c:75:39:f6:04:f5:6a:37:b5:f1:45:33:b6:8f:f1:15:
af:7f:66:71:4b:32:da:db:5b:d7:c9:d8:a8:3b:9f:b1:f7:28:
1c:2f:19:59:fc:5a:10:9d:cc:e7:e9:37:18:a8:89:f3:03:77:
f4:14:5d:28:e5:d2:0e:c3:79:5d:f9:ad:28:c2:f5:ad:3d:b8:
37:df:db:3a:a3:3c:56:22:4c:4c:04:27:27:47:07:ba:19:a7:
cb:18:5e:e5:97:14:e6:d0:d0:3e:49:95:28:d6:63:39:4d:6d:
26:9d:f5:44:b4:76:49:86:34:c1:cc:50:44:99:df:16:d9:50:
49:db:c3:e9:28:a0:d0:d7:00:1c:c4:99:ad:dc:11:ca:aa:22:
f5:3b:67:ce:87:7e:a1:e4:d6:75:8d:a6:bb:0d:28:ff:1a:ba:
ec:6a:1f:61
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYxvVTx1Ln+lWiizi+xFG/6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5M2YzYTQxZTZiZTUyNDExNWM2YzJiNTU4YmMyODAwNDNh
MDIyNGUwHhcNMjMxMjE1MjExNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2I4ZTE0NmFkMDdjMWU1ODVkOWIyZmMxMmZhODQ2YTY5MGViZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN9NhMPbCThJw0gLwOG6RWIcSky8
JuuuSca/t5ks+8gwA1VjI56/Ge/GaZWWebtfX2D4IgIZ2Em4k4up2hViCECCy8s9
0hKjQHEr9QP9mDjLqIO2Csbboif9+E+XaFa/YHuig+DsWsz4+rYd7URFMjkHTEum
p2wBhNg+v9E9VLxmO1nCiVgB1rQ7YzhxYXxkEAW27wAd6UKsMfMatTWABakYJFei
IH/UXeqJitgwlcligktf54a1rG50xWmpprELjcW22KecDLCharniHzygu2eR2EWd
7Ur5Qkxe/6loPKv/xgjqbn3Q6LvLaaEYpVYWKOziw0e+X2ML+IWdHy+QxQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLe44UatB8Hlhdmy/BL6hGppDr6FMB8GA1UdIwQY
MBaAFOk/OkHmvlJBFcbCtVi8KABDoCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMt
MTBlMjQ2MjVhNGQ0LzEvdDdqaFJxMEh3ZVdGMmJMOEV2cUVhbWtPdm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMtMTBlMjQ2MjVhNGQ0
LzEvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDV+3IAwQC
W94EAwQCXPk0AwQCuR1kAwQCvF14MA0EAgACMAcDBQMqBC5AMA0GCSqGSIb3DQEB
CwUAA4IBAQBJnayPAZTm6ifpkKIhC/MRVPiRuaO7NZGJrZGY8jUD4XpCJzbIJ/0a
eFhrRv1O0WTXrouZjDWZNy+SEVU54T5XIwXM6FdkfwIbA41z3mpBU1r2cCSKuNz2
TaIGPgx1OfYE9Wo3tfFFM7aP8RWvf2ZxSzLa21vXydioO5+x9ygcLxlZ/FoQnczn
6TcYqInzA3f0FF0o5dIOw3ld+a0owvWtPbg339s6ozxWIkxMBCcnRwe6GafLGF7l
lxTm0NA+SZUo1mM5TW0mnfVEtHZJhjTBzFBEmd8W2VBJ28PpKKDQ1wAcxJmt3BHK
qiL1O2fOh36h5NZ1jaa7DSj/Grrsah9h
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:22 2024 by rpki-client on console-fra.rpki-client.org