Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/4pbsYeR60niKwibYO82GJZW_YAk.roa
File: 4pbsYeR60niKwibYO82GJZW_YAk.roa (raw, json)
Hash identifier: XjM3FkxZJFaaD30GK7TpMLniUYP2PpsW4iZ0BYqAS6I=
Subject key identifier: E2:96:EC:61:E4:7A:D2:78:8A:C2:26:D8:3B:CD:86:25:95:BF:60:09
Certificate issuer: /CN=f57c1aaadb8320dd843235458cf2c5cbf4704ad6
Certificate serial: 0189209C241662B13CAF1DB93E9C2DE4D7E6
Authority key identifier: F5:7C:1A:AA:DB:83:20:DD:84:32:35:45:8C:F2:C5:CB:F4:70:4A:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/4pbsYeR60niKwibYO82GJZW_YAk.roa
Signing time: Tue 04 Jul 2023 11:14:10 +0000
ROA not before: Tue 04 Jul 2023 11:14:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35242
IP address blocks: 194.45.208.0/21 maxlen: 21
193.29.132.0/24 maxlen: 24
195.80.239.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:9c:24:16:62:b1:3c:af:1d:b9:3e:9c:2d:e4:d7:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57c1aaadb8320dd843235458cf2c5cbf4704ad6
Validity
Not Before: Jul 4 11:14:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e296ec61e47ad2788ac226d83bcd862595bf6009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:64:7a:bb:51:12:08:4c:af:8c:41:3d:2d:59:
8e:a1:54:54:70:56:bd:c0:9b:8f:e4:83:cd:bd:78:
27:4b:cf:5f:37:09:28:a8:dd:4f:33:b2:57:97:54:
b2:52:ab:68:55:77:6b:2d:73:20:5d:de:4d:01:ad:
3b:85:ab:0a:3d:6c:31:10:53:51:c8:99:3a:51:56:
b9:2d:02:33:ac:8f:8b:1e:ba:d7:46:32:1b:5e:b0:
9b:1d:80:8d:7e:9d:f4:95:e6:1b:f4:67:e5:ec:74:
3a:51:93:15:9c:90:7f:4c:b2:5d:60:66:fe:75:71:
26:a2:b4:50:74:66:78:01:d8:35:2f:38:b1:c6:a3:
54:73:87:ca:2f:e9:bc:18:98:22:00:2c:bd:b8:92:
27:ec:13:23:a7:fc:39:ad:30:5d:66:62:82:2d:00:
18:2c:9e:a4:55:e6:be:5a:97:87:64:52:97:10:ea:
8c:40:8b:69:6a:fd:ca:0e:59:0c:03:87:39:a9:7f:
c4:03:e5:33:ca:4f:b8:db:3c:fa:f4:31:36:8c:f4:
db:69:2a:db:d8:db:ad:2b:db:e5:a5:46:c6:09:05:
4b:b7:36:82:24:e7:d1:72:1b:2f:b2:47:9b:37:da:
2d:a7:02:f3:f1:2d:53:71:10:79:99:11:ea:a9:61:
d0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:96:EC:61:E4:7A:D2:78:8A:C2:26:D8:3B:CD:86:25:95:BF:60:09
X509v3 Authority Key Identifier:
keyid:F5:7C:1A:AA:DB:83:20:DD:84:32:35:45:8C:F2:C5:CB:F4:70:4A:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/4pbsYeR60niKwibYO82GJZW_YAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/9XwaqtuDIN2EMjVFjPLFy_RwStY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.132.0/24
194.45.208.0/21
195.80.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:a8:92:f1:f3:2a:ee:e6:16:2e:1a:14:00:6b:e4:19:23:62:
ce:b9:26:f3:05:c6:e3:5c:a3:80:e6:cf:63:0b:43:26:d4:2a:
35:7d:30:3c:20:11:ad:13:d1:3c:3f:5b:95:c3:17:80:b8:ce:
67:f1:f6:87:ab:4b:cf:1e:89:b6:46:e2:ea:95:c5:5d:f4:16:
8d:7d:96:cf:8b:71:28:0d:ac:c4:ac:61:84:31:2a:21:d9:9d:
5c:56:37:c3:53:b0:8e:c5:06:d4:09:47:ad:25:f9:d9:6a:17:
51:d7:77:40:81:10:97:59:23:3f:66:80:5b:7b:0c:15:7c:20:
46:cf:76:a2:1d:76:a9:5b:75:6b:ad:a7:c0:16:81:59:64:7c:
73:73:78:60:46:82:93:14:db:e0:0d:98:10:e5:a2:04:ac:d3:
2a:7e:b6:fe:7c:d5:73:43:96:0b:39:f5:a9:64:b9:98:6d:50:
80:9f:88:0e:8a:ab:61:99:c7:12:62:8f:e1:32:1f:15:4f:8e:
1f:df:d7:68:65:9a:d2:af:5a:4d:56:66:66:e2:cb:ed:25:85:
c5:60:12:f7:5a:a5:ed:52:10:92:88:19:f5:1a:04:10:2f:c5:
70:8a:29:56:07:9b:5d:23:71:58:2f:a8:a2:e0:98:e4:6a:07:
6f:b9:6b:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkgnCQWYrE8rx25Ppwt5NfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2MxYWFhZGI4MzIwZGQ4NDMyMzU0NThjZjJjNWNiZjQ3
MDRhZDYwHhcNMjMwNzA0MTExNDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjk2ZWM2MWU0N2FkMjc4OGFjMjI2ZDgzYmNkODYyNTk1YmY2MDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWR6u1ESCEyvjEE9LVmOoVRUcFa9
wJuP5IPNvXgnS89fNwkoqN1PM7JXl1SyUqtoVXdrLXMgXd5NAa07hasKPWwxEFNR
yJk6UVa5LQIzrI+LHrrXRjIbXrCbHYCNfp30leYb9Gfl7HQ6UZMVnJB/TLJdYGb+
dXEmorRQdGZ4Adg1LzixxqNUc4fKL+m8GJgiACy9uJIn7BMjp/w5rTBdZmKCLQAY
LJ6kVea+WpeHZFKXEOqMQItpav3KDlkMA4c5qX/EA+Uzyk+42zz69DE2jPTbaSrb
2NutK9vlpUbGCQVLtzaCJOfRchsvskebN9otpwLz8S1TcRB5mRHqqWHQYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOKW7GHketJ4isIm2DvNhiWVv2AJMB8GA1UdIwQY
MBaAFPV8GqrbgyDdhDI1RYzyxcv0cErWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVh3YXF0dURJTjJFTWpWRmpQTEZ5X1J3U3RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jM2U4NzEtMjBjYy00NGY0LWJmYTAt
YTE4NTZkZDdiNWQ4LzEvNHBic1llUjYwbmlLd2liWU84MkdKWldfWUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jM2U4NzEtMjBjYy00NGY0LWJmYTAtYTE4NTZkZDdiNWQ4
LzEvOVh3YXF0dURJTjJFTWpWRmpQTEZ5X1J3U3RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwR2EAwQD
wi3QAwQAw1DvMA0GCSqGSIb3DQEBCwUAA4IBAQAvqJLx8yru5hYuGhQAa+QZI2LO
uSbzBcbjXKOA5s9jC0Mm1Co1fTA8IBGtE9E8P1uVwxeAuM5n8faHq0vPHom2RuLq
lcVd9BaNfZbPi3EoDazErGGEMSoh2Z1cVjfDU7COxQbUCUetJfnZahdR13dAgRCX
WSM/ZoBbewwVfCBGz3aiHXapW3VrrafAFoFZZHxzc3hgRoKTFNvgDZgQ5aIErNMq
frb+fNVzQ5YLOfWpZLmYbVCAn4gOiqthmccSYo/hMh8VT44f39doZZrSr1pNVmZm
4svtJYXFYBL3WqXtUhCSiBn1GgQQL8VwiilWB5tdI3FYL6ii4JjkagdvuWu1
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:38:04 2024 by rpki-client on console-fra.rpki-client.org