Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/ePXObZQHVVTxyEook3mBLNo-UQ8.roa
File: ePXObZQHVVTxyEook3mBLNo-UQ8.roa (raw, json)
Hash identifier: BVPWKMJOLcZFeV8fHJrkIfymNDd5z4c8FbpKF8QprOA=
Subject key identifier: 78:F5:CE:6D:94:07:55:54:F1:C8:4A:28:93:79:81:2C:DA:3E:51:0F
Certificate issuer: /CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Certificate serial: 01891E4CB3F9FB79E708DBF0A3156BBF79E4
Authority key identifier: E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/ePXObZQHVVTxyEook3mBLNo-UQ8.roa
Signing time: Tue 04 Jul 2023 00:28:10 +0000
ROA not before: Tue 04 Jul 2023 00:28:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202194
IP address blocks: 185.50.188.0/22 maxlen: 22
2a04:c000::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1e:4c:b3:f9:fb:79:e7:08:db:f0:a3:15:6b:bf:79:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Validity
Not Before: Jul 4 00:28:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78f5ce6d94075554f1c84a289379812cda3e510f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ff:5b:77:4c:ef:7a:d9:72:0c:fb:38:06:84:
9f:2e:4c:5f:9d:dd:92:f9:59:53:60:8f:cc:53:b9:
9c:6d:57:31:29:57:77:28:55:06:f6:c5:ba:05:c9:
d8:14:c8:f0:8d:f8:55:92:d2:bb:e4:32:4c:ad:2c:
fd:06:b9:c5:e4:38:e4:69:31:82:19:c2:a9:e7:32:
03:60:e0:f3:d3:c9:51:0c:52:93:36:a4:62:e1:54:
5b:26:32:2a:cd:09:27:e5:31:84:70:5a:52:92:b7:
69:ae:0e:9e:34:ba:a6:fe:e3:56:b5:3d:4a:31:66:
c3:9f:03:5d:fe:35:cc:a2:a3:23:71:ed:ee:db:e4:
fa:32:f6:c8:f0:6b:9c:1a:b6:d2:c2:38:2b:e5:fe:
c5:15:6d:8e:8e:80:6c:e5:b9:92:f5:c1:bb:07:de:
a2:d5:0a:fb:0c:93:f0:70:1e:a1:68:b4:26:b4:52:
ff:a4:f4:b3:8e:bc:ee:03:6d:45:16:3d:d8:a1:36:
7b:a3:69:cb:52:10:a2:1f:b2:f8:fe:22:e2:4e:ab:
5e:15:d0:3f:e8:ad:85:c4:9b:4c:df:2b:d6:87:b2:
7c:40:04:4f:78:c7:1c:2f:b1:ca:00:91:54:00:c2:
a2:8e:07:5b:47:74:7c:e7:8e:ae:ab:0f:b5:fc:4c:
00:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F5:CE:6D:94:07:55:54:F1:C8:4A:28:93:79:81:2C:DA:3E:51:0F
X509v3 Authority Key Identifier:
keyid:E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/ePXObZQHVVTxyEook3mBLNo-UQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/5HUh57azir-4i_cem8WgKy7M07M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.188.0/22
IPv6:
2a04:c000::/29
Signature Algorithm: sha256WithRSAEncryption
12:da:e6:a5:ad:b4:7b:62:79:ad:21:57:de:c0:4b:a3:7f:93:
93:6c:d6:2d:e8:fd:13:16:66:88:6c:c2:d4:f7:40:1b:8c:86:
48:0e:45:97:e4:ac:41:92:ef:d9:46:ae:6a:b9:cb:3d:a4:34:
71:03:fe:1d:51:a8:eb:a4:dd:e4:4d:8b:ab:f1:b9:56:07:80:
e2:cd:54:b8:0e:bc:27:05:b1:4b:cc:f7:2c:a4:56:46:d5:ba:
c9:f7:4f:1d:9d:c6:72:63:1d:d7:e0:0e:06:a4:6b:8d:6d:b8:
de:32:9b:aa:de:f3:45:d0:04:8c:95:a1:bd:80:75:72:52:8a:
2a:a0:37:c7:0a:65:03:72:a4:ee:41:89:b9:96:73:3c:f4:cb:
49:a7:fe:77:1a:95:6f:52:d8:39:96:81:1f:9b:61:9d:b7:f1:
a1:3e:53:67:f3:0c:6c:12:99:03:f5:e1:c6:9d:64:b3:48:42:
e6:dc:10:c2:18:ae:0f:c7:de:08:96:5a:05:1c:bd:5f:bb:25:
b6:4a:1c:3f:f4:1a:19:bd:67:ab:50:8b:87:fb:41:87:6f:43:
c0:04:74:3b:12:87:1e:83:f2:7d:8a:00:80:f6:75:b5:f9:fa:
5a:8b:cf:8c:4a:d5:81:6b:ef:5c:36:c8:c8:fb:8a:f7:13:13:
f4:b7:9f:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkeTLP5+3nnCNvwoxVrv3nkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzUyMWU3YjZiMzhhYmZiODhiZjcxZTliYzVhMDJiMmVj
Y2QzYjMwHhcNMjMwNzA0MDAyODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGY1Y2U2ZDk0MDc1NTU0ZjFjODRhMjg5Mzc5ODEyY2RhM2U1MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP9bd0zvetlyDPs4BoSfLkxfnd2S
+VlTYI/MU7mcbVcxKVd3KFUG9sW6BcnYFMjwjfhVktK75DJMrSz9BrnF5DjkaTGC
GcKp5zIDYODz08lRDFKTNqRi4VRbJjIqzQkn5TGEcFpSkrdprg6eNLqm/uNWtT1K
MWbDnwNd/jXMoqMjce3u2+T6MvbI8GucGrbSwjgr5f7FFW2OjoBs5bmS9cG7B96i
1Qr7DJPwcB6haLQmtFL/pPSzjrzuA21FFj3YoTZ7o2nLUhCiH7L4/iLiTqteFdA/
6K2FxJtM3yvWh7J8QARPeMccL7HKAJFUAMKijgdbR3R8546uqw+1/EwAhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHj1zm2UB1VU8chKKJN5gSzaPlEPMB8GA1UdIwQY
MBaAFOR1Iee2s4q/uIv3HpvFoCsuzNOzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhVaDU3YXppci00aV9jZW04V2dLeTdNMDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xOTEzNmUtNDI5Zi00M2FkLTk0ZWYt
ODM2MWE4MzAzNTIyLzEvZVBYT2JaUUhWVlR4eUVvb2szbUJMTm8tVVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xOTEzNmUtNDI5Zi00M2FkLTk0ZWYtODM2MWE4MzAzNTIy
LzEvNUhVaDU3YXppci00aV9jZW04V2dLeTdNMDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTK8MA0E
AgACMAcDBQMqBMAAMA0GCSqGSIb3DQEBCwUAA4IBAQAS2ualrbR7YnmtIVfewEuj
f5OTbNYt6P0TFmaIbMLU90AbjIZIDkWX5KxBku/ZRq5qucs9pDRxA/4dUajrpN3k
TYur8blWB4DizVS4DrwnBbFLzPcspFZG1brJ908dncZyYx3X4A4GpGuNbbjeMpuq
3vNF0ASMlaG9gHVyUooqoDfHCmUDcqTuQYm5lnM89MtJp/53GpVvUtg5loEfm2Gd
t/GhPlNn8wxsEpkD9eHGnWSzSELm3BDCGK4Px94IlloFHL1fuyW2Shw/9BoZvWer
UIuH+0GHb0PABHQ7Eoceg/J9igCA9nW1+fpai8+MStWBa+9cNsjI+4r3ExP0t58L
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:56 2024 by rpki-client on console-ams.rpki-client.org