Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/18e882-97d7-41dd-9efb-7d4fa4cdc7a2/1/hlDnN27Igp7mdxY9GVuEsVw9ZsA.roa
File: hlDnN27Igp7mdxY9GVuEsVw9ZsA.roa (raw, json)
Hash identifier: xRJRka9A7qKYlEfEq+BOti2lj280NC8PXCNrJ+hJRjw=
Subject key identifier: 86:50:E7:37:6E:C8:82:9E:E6:77:16:3D:19:5B:84:B1:5C:3D:66:C0
Certificate issuer: /CN=785ef4bd2976bf292ab73304907f510cd00cc8a2
Certificate serial: 018BECF15889CDFE89BD343CCC03050599DB
Authority key identifier: 78:5E:F4:BD:29:76:BF:29:2A:B7:33:04:90:7F:51:0C:D0:0C:C8:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eF70vSl2vykqtzMEkH9RDNAMyKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/18e882-97d7-41dd-9efb-7d4fa4cdc7a2/1/hlDnN27Igp7mdxY9GVuEsVw9ZsA.roa
Signing time: Mon 20 Nov 2023 13:35:21 +0000
ROA not before: Mon 20 Nov 2023 13:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29500
IP address blocks: 193.135.102.0/23 maxlen: 23
193.134.164.0/24 maxlen: 24
193.134.165.0/24 maxlen: 24
193.134.161.0/24 maxlen: 24
193.26.4.0/24 maxlen: 24
193.134.160.0/20 maxlen: 20
193.134.170.0/24 maxlen: 24
193.31.252.0/23 maxlen: 23
193.246.224.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:f1:58:89:cd:fe:89:bd:34:3c:cc:03:05:05:99:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785ef4bd2976bf292ab73304907f510cd00cc8a2
Validity
Not Before: Nov 20 13:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8650e7376ec8829ee677163d195b84b15c3d66c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:45:6e:41:4f:54:c4:df:34:9b:4c:b3:38:e9:
d6:f2:48:23:43:39:b3:25:bc:fb:f8:2e:d7:c9:0c:
b5:14:d2:ce:57:c9:7d:80:4b:48:f4:a8:7d:98:70:
cc:d5:eb:bd:8b:d9:c2:7a:4d:ff:c4:e7:cb:66:cc:
1d:f2:0f:32:f8:52:29:1c:73:de:08:d5:c9:64:4f:
1a:83:a1:cb:d7:81:2a:0a:67:ac:25:b9:3b:0f:95:
fb:62:8f:dc:93:c1:a3:b6:46:4f:71:6a:13:70:95:
38:19:98:d4:26:08:ec:f8:05:69:33:3e:98:fa:eb:
d7:c4:16:07:f7:5a:5e:62:1f:be:62:70:95:b1:35:
9e:db:f5:16:ee:9f:d7:67:4b:98:21:82:0f:ef:5f:
25:d6:43:ae:41:ab:c5:a6:21:d7:98:45:d0:83:98:
29:6a:18:d5:26:c4:d1:d9:b4:d4:1c:04:e9:2f:e0:
cd:2e:0d:96:32:b4:52:2b:ac:6a:7c:c6:a2:b2:5b:
7a:03:98:91:e2:49:c2:74:f6:da:50:3f:aa:d1:b6:
76:bf:a5:99:bb:ed:30:3e:d6:eb:ff:81:8f:b4:dd:
7b:c3:af:66:ed:0d:fe:4c:49:5c:23:d2:0f:5e:3e:
c8:64:a7:9f:25:69:6c:63:bb:75:ea:bc:96:f8:6d:
0c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:50:E7:37:6E:C8:82:9E:E6:77:16:3D:19:5B:84:B1:5C:3D:66:C0
X509v3 Authority Key Identifier:
keyid:78:5E:F4:BD:29:76:BF:29:2A:B7:33:04:90:7F:51:0C:D0:0C:C8:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eF70vSl2vykqtzMEkH9RDNAMyKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/18e882-97d7-41dd-9efb-7d4fa4cdc7a2/1/hlDnN27Igp7mdxY9GVuEsVw9ZsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/18e882-97d7-41dd-9efb-7d4fa4cdc7a2/1/eF70vSl2vykqtzMEkH9RDNAMyKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.4.0/24
193.31.252.0/23
193.134.160.0/20
193.135.102.0/23
193.246.224.0/20
Signature Algorithm: sha256WithRSAEncryption
48:b2:26:32:a6:ab:34:f5:cc:88:12:76:3c:65:74:20:1a:e5:
b6:5a:06:c2:cf:9e:36:ce:e1:57:52:fc:d9:09:30:7a:59:a2:
38:56:9e:67:cb:da:e7:d5:bf:8d:d2:34:84:7f:95:56:8e:6f:
b4:e6:08:59:e6:dc:40:a5:02:1f:b9:e5:68:96:8e:74:ab:18:
eb:31:78:a9:74:58:26:24:db:fe:fe:0d:ac:25:89:2a:6f:1f:
f4:c0:47:80:42:47:13:53:d2:31:15:24:7e:de:cf:05:85:33:
64:1e:95:e9:c4:34:8c:06:02:7a:87:b2:c8:a6:47:79:64:d9:
23:c0:2f:2b:7a:60:36:cc:86:db:8c:06:17:ed:e6:af:07:fe:
a4:40:fa:f5:a4:9c:9c:9b:9d:d0:68:de:f2:02:5a:6b:e1:08:
ac:dd:24:c9:03:75:f2:a5:1e:a5:7f:cf:ca:06:14:ba:01:3b:
8e:ca:72:aa:a4:71:02:07:49:e5:a0:5d:6b:83:d3:20:2b:cb:
88:2c:05:d4:82:26:7a:60:59:f3:24:5a:02:2f:94:23:b6:38:
ef:ff:84:ad:12:34:42:38:25:3a:9c:d2:f5:b0:13:82:57:5f:
d4:2e:b8:2c:1a:2e:5d:cb:b6:f2:7a:c7:11:c8:d0:40:48:59:
65:d7:a8:e2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvs8ViJzf6JvTQ8zAMFBZnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWVmNGJkMjk3NmJmMjkyYWI3MzMwNDkwN2Y1MTBjZDAw
Y2M4YTIwHhcNMjMxMTIwMTMzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjUwZTczNzZlYzg4MjllZTY3NzE2M2QxOTViODRiMTVjM2Q2NmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkVuQU9UxN80m0yzOOnW8kgjQzmz
Jbz7+C7XyQy1FNLOV8l9gEtI9Kh9mHDM1eu9i9nCek3/xOfLZswd8g8y+FIpHHPe
CNXJZE8ag6HL14EqCmesJbk7D5X7Yo/ck8GjtkZPcWoTcJU4GZjUJgjs+AVpMz6Y
+uvXxBYH91peYh++YnCVsTWe2/UW7p/XZ0uYIYIP718l1kOuQavFpiHXmEXQg5gp
ahjVJsTR2bTUHATpL+DNLg2WMrRSK6xqfMaislt6A5iR4knCdPbaUD+q0bZ2v6WZ
u+0wPtbr/4GPtN17w69m7Q3+TElcI9IPXj7IZKefJWlsY7t16ryW+G0M9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIZQ5zduyIKe5ncWPRlbhLFcPWbAMB8GA1UdIwQY
MBaAFHhe9L0pdr8pKrczBJB/UQzQDMiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUY3MHZTbDJ2eWtxdHpNRWtIOVJETkFNeUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xOGU4ODItOTdkNy00MWRkLTllZmIt
N2Q0ZmE0Y2RjN2EyLzEvaGxEbk4yN0lncDdtZHhZOUdWdUVzVnc5WnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xOGU4ODItOTdkNy00MWRkLTllZmItN2Q0ZmE0Y2RjN2Ey
LzEvZUY3MHZTbDJ2eWtxdHpNRWtIOVJETkFNeUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwRoEAwQB
wR/8AwQEwYagAwQBwYdmAwQEwfbgMA0GCSqGSIb3DQEBCwUAA4IBAQBIsiYypqs0
9cyIEnY8ZXQgGuW2WgbCz542zuFXUvzZCTB6WaI4Vp5ny9rn1b+N0jSEf5VWjm+0
5ghZ5txApQIfueVolo50qxjrMXipdFgmJNv+/g2sJYkqbx/0wEeAQkcTU9IxFSR+
3s8FhTNkHpXpxDSMBgJ6h7LIpkd5ZNkjwC8remA2zIbbjAYX7eavB/6kQPr1pJyc
m53QaN7yAlpr4Qis3STJA3XypR6lf8/KBhS6ATuOynKqpHECB0nloF1rg9MgK8uI
LAXUgiZ6YFnzJFoCL5Qjtjjv/4StEjRCOCU6nNL1sBOCV1/ULrgsGi5dy7byescR
yNBASFll16ji
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:56 2024 by rpki-client on console.sobornost.net