Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/DHaXxIPMcajsEQAp2Nk-IC56aPA.roa
File: DHaXxIPMcajsEQAp2Nk-IC56aPA.roa (raw, json)
Hash identifier: i83FArg6ViM1z+i+RFhrVfV8ydqTvWQvttn/ZX+YirE=
Subject key identifier: 0C:76:97:C4:83:CC:71:A8:EC:11:00:29:D8:D9:3E:20:2E:7A:68:F0
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 01856BEEB948C938383FC7AF576170CE0C08
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/DHaXxIPMcajsEQAp2Nk-IC56aPA.roa
Signing time: Sun 01 Jan 2023 06:04:44 +0000
ROA not before: Sun 01 Jan 2023 06:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41097
IP address blocks: 193.192.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:b9:48:c9:38:38:3f:c7:af:57:61:70:ce:0c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 06:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c7697c483cc71a8ec110029d8d93e202e7a68f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d9:e6:c0:9f:a7:88:9c:f3:a4:47:5e:a9:67:
88:0f:9b:23:84:8b:03:5a:cd:96:eb:c1:07:42:76:
e6:bb:91:27:36:be:c3:3f:5f:25:a6:35:9b:c6:69:
bc:c1:cd:86:d0:ee:0e:42:d6:d9:5d:4b:34:e9:cf:
50:1f:d4:90:2b:a5:ea:ac:ce:f9:e1:8e:61:3f:1e:
cd:ec:9a:c3:a6:37:11:94:45:46:d8:ef:b5:01:4a:
7c:55:2f:9a:3d:a0:ad:bf:96:24:29:98:b0:d0:b1:
75:4c:29:1e:5a:97:eb:6e:cd:dd:df:c9:25:7d:57:
a2:d2:5c:dd:6c:3a:93:e5:9d:fc:ac:12:28:f9:3e:
cc:56:dc:40:67:9f:46:59:28:a6:3c:96:3e:28:0a:
d4:38:2d:c3:c9:6c:4b:84:4f:73:fc:38:36:06:81:
cc:56:7f:ef:44:38:eb:55:f8:76:92:c6:0f:fb:5f:
37:20:45:80:75:f9:d6:df:da:1d:75:c2:61:81:18:
f8:0b:5d:4f:04:8e:bf:4e:cd:8c:e9:36:aa:0a:e1:
f3:3d:79:4b:97:e5:69:1c:7c:d6:f3:03:31:06:98:
b3:38:c2:fc:7e:f3:51:88:e9:7b:6e:1a:4f:1d:a2:
48:c2:1c:67:5a:1a:c4:1e:e6:a4:2e:c5:a3:05:c7:
e5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:76:97:C4:83:CC:71:A8:EC:11:00:29:D8:D9:3E:20:2E:7A:68:F0
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/DHaXxIPMcajsEQAp2Nk-IC56aPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.192.191.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:6a:9e:c3:fe:58:45:5e:b4:cf:ad:92:62:62:df:e1:c8:50:
40:fb:45:22:c0:68:6c:7d:cb:d0:13:01:b4:62:e1:97:4c:9d:
16:8a:a6:22:77:6f:08:1f:c1:3e:f5:ab:30:f0:d9:bb:a4:d2:
1b:6d:9c:0c:1c:f2:52:01:a0:13:89:25:62:84:f4:94:fc:70:
9d:80:43:ad:92:1c:5a:25:8e:8b:ee:d3:c9:7a:ff:64:c7:c6:
4d:fd:a6:b1:70:20:b5:03:f6:c1:66:3f:56:90:94:28:ce:1d:
cc:fd:75:20:c9:fc:d4:e7:19:bd:ee:91:3a:f2:0c:78:67:54:
4b:d5:49:43:67:34:06:7e:cb:6a:d8:d7:25:3d:6b:d5:99:21:
01:f8:0c:96:3a:d8:04:96:25:0c:a3:7d:0b:eb:ba:a6:2c:3b:
9c:6e:01:3d:48:02:10:17:db:19:89:6c:80:77:d4:e8:1c:96:
9a:63:c0:77:8a:95:44:07:b6:55:7d:2a:b9:a2:a2:b5:92:31:
48:8a:36:6e:b6:6b:23:50:ab:50:64:cf:90:5e:b0:73:2a:21:
99:6e:c6:1e:89:d9:10:fc:cb:17:c7:d1:97:d2:e7:47:39:50:
3f:05:e6:01:4b:4f:5e:60:94:0e:01:38:b9:76:ea:c8:94:b8:
6a:94:db:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7rlIyTg4P8evV2FwzgwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzc2OTdjNDgzY2M3MWE4ZWMxMTAwMjlkOGQ5M2UyMDJlN2E2OGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtnmwJ+niJzzpEdeqWeID5sjhIsD
Ws2W68EHQnbmu5EnNr7DP18lpjWbxmm8wc2G0O4OQtbZXUs06c9QH9SQK6XqrM75
4Y5hPx7N7JrDpjcRlEVG2O+1AUp8VS+aPaCtv5YkKZiw0LF1TCkeWpfrbs3d38kl
fVei0lzdbDqT5Z38rBIo+T7MVtxAZ59GWSimPJY+KArUOC3DyWxLhE9z/Dg2BoHM
Vn/vRDjrVfh2ksYP+183IEWAdfnW39oddcJhgRj4C11PBI6/Ts2M6TaqCuHzPXlL
l+VpHHzW8wMxBpizOML8fvNRiOl7bhpPHaJIwhxnWhrEHuakLsWjBcfl/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAx2l8SDzHGo7BEAKdjZPiAuemjwMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvREhhWHhJUE1jYWpzRVFBcDJOay1JQzU2YVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcC/MA0G
CSqGSIb3DQEBCwUAA4IBAQAvap7D/lhFXrTPrZJiYt/hyFBA+0UiwGhsfcvQEwG0
YuGXTJ0WiqYid28IH8E+9asw8Nm7pNIbbZwMHPJSAaATiSVihPSU/HCdgEOtkhxa
JY6L7tPJev9kx8ZN/aaxcCC1A/bBZj9WkJQozh3M/XUgyfzU5xm97pE68gx4Z1RL
1UlDZzQGfstq2NclPWvVmSEB+AyWOtgEliUMo30L67qmLDucbgE9SAIQF9sZiWyA
d9ToHJaaY8B3ipVEB7ZVfSq5oqK1kjFIijZutmsjUKtQZM+QXrBzKiGZbsYeidkQ
/MsXx9GX0udHOVA/BeYBS09eYJQOATi5durIlLhqlNvl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org