Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1--aTbl593JOeBRkpHp1PN93mNeQ.roa
File: 1--aTbl593JOeBRkpHp1PN93mNeQ.roa (raw, json)
Hash identifier: Tig4xtKYUhxvlipRXisIdPWyvRkA1gWN47bPI/HQI58=
Subject key identifier: FB:E6:93:6E:5E:7D:DC:93:9E:05:19:29:1E:9D:4F:37:DD:E6:35:E4
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018796E6335569E0643C335194C26DC50B03
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1--aTbl593JOeBRkpHp1PN93mNeQ.roa
Signing time: Wed 19 Apr 2023 00:24:41 +0000
ROA not before: Wed 19 Apr 2023 00:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 84.234.16.0/20 maxlen: 24
194.88.96.0/21 maxlen: 24
5.35.192.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
62.112.0.0/21 maxlen: 24
89.37.128.0/24 maxlen: 24
194.88.112.0/20 maxlen: 24
93.113.184.0/21 maxlen: 24
91.232.136.0/22 maxlen: 24
176.223.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:96:e6:33:55:69:e0:64:3c:33:51:94:c2:6d:c5:0b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 19 00:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbe6936e5e7ddc939e0519291e9d4f37dde635e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f8:d2:9c:6e:e3:04:ef:34:4d:ac:72:2a:43:
2f:dc:31:28:86:74:10:cb:cd:38:84:7d:75:ae:88:
5e:09:5f:01:6e:eb:3e:3e:cc:86:f1:15:7d:96:19:
ae:82:3d:dd:f1:b1:02:58:5a:03:b1:26:13:39:7b:
da:ee:3b:29:e8:c2:53:db:49:fb:a5:64:af:f9:76:
1d:47:df:90:2d:fa:65:7a:b6:0c:4e:41:50:ca:da:
df:27:c3:08:d3:8a:5b:97:23:83:c1:9d:02:82:2f:
d0:91:f4:72:4d:12:ed:f0:9f:70:a0:01:fb:c4:66:
3a:f5:92:4b:a4:f3:d2:0e:68:11:c5:b9:30:1f:3e:
cc:b9:0a:f9:95:e8:91:19:a1:be:9b:a8:bb:e7:5b:
f6:c3:99:f2:97:01:05:6a:4f:c5:01:32:3f:d1:7c:
be:0f:7c:c9:a2:83:09:fd:9b:46:c8:6a:1b:ba:97:
fe:43:1d:ba:26:87:8e:ef:f7:85:50:65:ab:af:a8:
54:a4:60:ff:7c:4b:b5:da:25:58:70:30:cb:53:c9:
45:6d:f3:56:65:03:c4:71:db:d6:a6:6c:90:0c:47:
b0:81:fe:80:8a:15:12:f4:78:8d:6a:92:30:82:cf:
c5:89:57:6e:f8:c6:01:20:62:99:82:6e:9b:29:3a:
60:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E6:93:6E:5E:7D:DC:93:9E:05:19:29:1E:9D:4F:37:DD:E6:35:E4
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1--aTbl593JOeBRkpHp1PN93mNeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
62.112.0.0/21
84.234.16.0/20
85.204.160.0/22
89.37.128.0/24
91.232.136.0/22
93.113.184.0/21
176.223.190.0/24
194.88.96.0/21
194.88.112.0/20
Signature Algorithm: sha256WithRSAEncryption
50:94:b9:02:a7:af:c0:70:7b:11:26:ef:4f:ee:08:83:8f:21:
15:50:cf:da:4f:ca:29:c6:d7:a7:45:5c:af:68:5c:d6:8c:a0:
c2:85:26:4f:42:54:b6:b0:7f:65:55:6a:66:0a:15:13:1d:a5:
70:3b:c3:d6:22:0b:ec:f2:81:ab:3e:b1:7d:95:f0:86:e1:07:
2e:19:21:8e:d9:18:b3:58:3a:27:7c:62:a3:21:10:90:bf:8b:
4b:dc:48:b7:d1:13:e1:e3:1b:68:cb:fb:82:06:49:1d:4b:3c:
81:c8:39:f8:82:83:c8:b6:09:56:2f:4d:c2:36:09:fa:ae:8e:
7f:4b:4d:34:af:30:08:56:64:74:09:4f:3e:4f:43:22:71:63:
67:e7:cf:89:df:c0:15:73:f3:f1:3d:48:02:23:b8:c6:6f:79:
94:0e:a0:4f:d8:fa:d1:91:60:df:7d:64:94:ad:42:29:14:65:
75:55:f6:52:0e:4c:4d:9d:18:4b:93:bc:98:8a:f0:40:ca:7f:
ed:14:a6:7d:61:b0:c2:ba:ed:89:4b:4b:b4:0b:1f:48:90:38:
e7:1b:c2:b1:70:b6:d8:43:62:72:a7:29:e7:9c:f3:e0:17:17:
77:8a:8a:90:e7:73:cc:f8:e3:02:59:dd:c0:60:93:a6:d1:bc:
89:80:8b:16
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYeW5jNVaeBkPDNRlMJtxQsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNDE5MDAyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU2OTM2ZTVlN2RkYzkzOWUwNTE5MjkxZTlkNGYzN2RkZTYzNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/jSnG7jBO80TaxyKkMv3DEohnQQ
y804hH11roheCV8Bbus+PsyG8RV9lhmugj3d8bECWFoDsSYTOXva7jsp6MJT20n7
pWSv+XYdR9+QLfplerYMTkFQytrfJ8MI04pblyODwZ0Cgi/QkfRyTRLt8J9woAH7
xGY69ZJLpPPSDmgRxbkwHz7MuQr5leiRGaG+m6i751v2w5nylwEFak/FATI/0Xy+
D3zJooMJ/ZtGyGobupf+Qx26JoeO7/eFUGWrr6hUpGD/fEu12iVYcDDLU8lFbfNW
ZQPEcdvWpmyQDEewgf6AihUS9HiNapIwgs/FiVdu+MYBIGKZgm6bKTpgGwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFPvmk25efdyTngUZKR6dTzfd5jXkMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMS0tYVRibDU5M0pPZUJSa3BIcDFQTjkzbU5lUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1
ZS8xLzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAwUjwAME
Az5wAAMEBFTqEAMEAlXMoAMEAFklgAMEAlvoiAMEA11xuAMEALDfvgMEA8JYYAME
BMJYcDANBgkqhkiG9w0BAQsFAAOCAQEAUJS5AqevwHB7ESbvT+4Ig48hFVDP2k/K
KcbXp0Vcr2hc1oygwoUmT0JUtrB/ZVVqZgoVEx2lcDvD1iIL7PKBqz6xfZXwhuEH
LhkhjtkYs1g6J3xioyEQkL+LS9xIt9ET4eMbaMv7ggZJHUs8gcg5+IKDyLYJVi9N
wjYJ+q6Of0tNNK8wCFZkdAlPPk9DInFjZ+fPid/AFXPz8T1IAiO4xm95lA6gT9j6
0ZFg331klK1CKRRldVX2Ug5MTZ0YS5O8mIrwQMp/7RSmfWGwwrrtiUtLtAsfSJA4
5xvCsXC22ENicqcp55zz4BcXd4qKkOdzzPjjAlndwGCTptG8iYCLFg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-fra.rpki-client.org