Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/du2XvVbQi748daQXqtMp1YH8OI8.roa
File: du2XvVbQi748daQXqtMp1YH8OI8.roa (raw, json)
Hash identifier: JzIu0X+bGfiX4gpR5ePQats/x/ndaU4m+4jtqOgO78I=
Subject key identifier: 76:ED:97:BD:56:D0:8B:BE:3C:75:A4:17:AA:D3:29:D5:81:FC:38:8F
Certificate issuer: /CN=08422168eda8423054d82eb018c383e2dbe8afdf
Certificate serial: 018CC349323A6556310475C6FD35F7769349
Authority key identifier: 08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/du2XvVbQi748daQXqtMp1YH8OI8.roa
Signing time: Mon 01 Jan 2024 04:30:03 +0000
ROA not before: Mon 01 Jan 2024 04:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60278
IP address blocks: 193.178.220.0/23 maxlen: 23
193.178.230.0/23 maxlen: 23
2a04:4940::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Jan 2024 09:45:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:32:3a:65:56:31:04:75:c6:fd:35:f7:76:93:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08422168eda8423054d82eb018c383e2dbe8afdf
Validity
Not Before: Jan 1 04:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76ed97bd56d08bbe3c75a417aad329d581fc388f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:cd:b5:85:40:6c:df:5b:ad:e4:40:22:da:e4:
ae:e7:a6:62:d4:c2:23:67:21:68:c2:2b:8d:a6:46:
10:e5:68:5b:cb:86:27:d4:88:7d:36:09:4c:c5:ec:
9b:47:4d:fc:fb:14:b1:9c:b7:1a:fb:8f:3a:e4:ed:
ed:6d:fc:b0:55:33:f2:23:b9:19:ae:1d:36:b3:f6:
c9:c2:0b:48:5c:5f:65:37:b9:8d:92:62:34:04:b2:
33:23:3b:73:91:45:f9:46:c6:5a:0d:c8:d2:02:d6:
d9:53:cf:a1:23:d3:ba:55:c2:2d:db:10:38:dc:4b:
fa:f5:43:9a:8b:50:14:2a:80:38:8b:65:40:ea:3a:
32:b6:30:69:67:65:ef:e3:e0:8b:fb:a0:af:82:8c:
6c:17:2b:a9:39:9b:51:4c:65:5b:1c:1b:fc:b5:88:
11:11:cf:9c:36:ed:43:13:25:d0:01:7e:75:0c:bc:
f9:4f:e5:01:9b:34:8e:67:32:9c:00:94:1c:5e:24:
6e:69:51:dd:a1:9f:fa:21:0e:75:7d:38:cb:0f:cb:
18:06:d0:98:df:09:dd:ea:fb:9a:91:03:4c:2f:23:
63:a8:f6:9c:db:39:60:c0:a5:c4:d5:33:51:b9:17:
6c:32:3e:da:6a:64:ca:28:45:c5:6e:68:ce:dc:60:
fe:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:ED:97:BD:56:D0:8B:BE:3C:75:A4:17:AA:D3:29:D5:81:FC:38:8F
X509v3 Authority Key Identifier:
keyid:08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/du2XvVbQi748daQXqtMp1YH8OI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.220.0/23
193.178.230.0/23
IPv6:
2a04:4940::/29
Signature Algorithm: sha256WithRSAEncryption
2b:16:67:32:77:7e:e1:31:6b:bd:35:65:77:d3:dc:94:a3:1e:
a5:f6:de:b1:5d:7e:b5:ca:8b:a7:34:18:b0:7d:bf:80:bb:c3:
ce:b9:76:34:f8:ce:1c:8d:58:79:e1:c4:1b:1c:38:50:1c:67:
c3:04:1d:48:e4:76:94:d8:eb:e0:ff:85:a3:d9:df:70:d3:b2:
b0:ed:ae:25:7d:5d:52:f0:1c:f1:90:99:8c:64:fe:b0:5d:1d:
db:08:47:d0:71:50:43:11:16:0e:3c:9c:14:51:f3:1c:06:cf:
9c:e4:b6:32:4c:4b:50:f4:9f:73:f2:92:c0:93:f8:11:2c:ab:
66:01:a4:1b:4e:5b:00:2f:ae:bc:ba:c1:2e:49:16:13:06:c3:
35:83:f4:24:37:35:fc:e8:2c:20:08:c3:03:9c:1c:78:48:48:
6f:70:76:82:b7:a3:be:a9:6d:22:d0:80:27:fa:56:6d:ee:82:
c3:17:46:ae:c7:a6:db:cf:5c:00:be:59:25:b0:60:3d:e8:00:
a3:79:1d:58:be:58:13:8a:c5:87:19:95:e2:25:1d:67:3b:0a:
e1:94:c1:f6:ea:e2:44:82:d9:f4:74:d7:7f:6c:bf:72:01:ac:
f5:0c:7b:e3:31:a5:ca:af:6e:54:06:77:d6:3c:06:f6:a2:9c:
a2:e6:9f:ed
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSTI6ZVYxBHXG/TX3dpNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDIyMTY4ZWRhODQyMzA1NGQ4MmViMDE4YzM4M2UyZGJl
OGFmZGYwHhcNMjQwMTAxMDQzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVkOTdiZDU2ZDA4YmJlM2M3NWE0MTdhYWQzMjlkNTgxZmMzODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhc21hUBs31ut5EAi2uSu56Zi1MIj
ZyFowiuNpkYQ5Whby4Yn1Ih9NglMxeybR038+xSxnLca+4865O3tbfywVTPyI7kZ
rh02s/bJwgtIXF9lN7mNkmI0BLIzIztzkUX5RsZaDcjSAtbZU8+hI9O6VcIt2xA4
3Ev69UOai1AUKoA4i2VA6joytjBpZ2Xv4+CL+6CvgoxsFyupOZtRTGVbHBv8tYgR
Ec+cNu1DEyXQAX51DLz5T+UBmzSOZzKcAJQcXiRuaVHdoZ/6IQ51fTjLD8sYBtCY
3wnd6vuakQNMLyNjqPac2zlgwKXE1TNRuRdsMj7aamTKKEXFbmjO3GD+KQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHbtl71W0Iu+PHWkF6rTKdWB/DiPMB8GA1UdIwQY
MBaAFAhCIWjtqEIwVNgusBjDg+Lb6K/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEt
NmUxOWY2NzlhNjIzLzEvZHUyWHZWYlFpNzQ4ZGFRWHF0TXAxWUg4T0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEtNmUxOWY2NzlhNjIz
LzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwbLcAwQB
wbLmMA0EAgACMAcDBQMqBElAMA0GCSqGSIb3DQEBCwUAA4IBAQArFmcyd37hMWu9
NWV309yUox6l9t6xXX61younNBiwfb+Au8POuXY0+M4cjVh54cQbHDhQHGfDBB1I
5HaU2Ovg/4Wj2d9w07Kw7a4lfV1S8BzxkJmMZP6wXR3bCEfQcVBDERYOPJwUUfMc
Bs+c5LYyTEtQ9J9z8pLAk/gRLKtmAaQbTlsAL668usEuSRYTBsM1g/QkNzX86Cwg
CMMDnBx4SEhvcHaCt6O+qW0i0IAn+lZt7oLDF0aux6bbz1wAvlklsGA96ACjeR1Y
vlgTisWHGZXiJR1nOwrhlMH26uJEgtn0dNd/bL9yAaz1DHvjMaXKr25UBnfWPAb2
opyi5p/t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:59 2024 by rpki-client on console-ams.rpki-client.org