Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/iyBEG4O7AD7vt4dSBlTGZYYAcPE.roa
File: iyBEG4O7AD7vt4dSBlTGZYYAcPE.roa (raw, json)
Hash identifier: wIWARkNbfyO3TD+/GUFJ+uYFtDg/EdO7ql7UlvIh3+8=
Subject key identifier: 8B:20:44:1B:83:BB:00:3E:EF:B7:87:52:06:54:C6:65:86:00:70:F1
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 01856F1DB889F08C661B996FC00695E1D281
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/iyBEG4O7AD7vt4dSBlTGZYYAcPE.roa
Signing time: Sun 01 Jan 2023 20:54:56 +0000
ROA not before: Sun 01 Jan 2023 20:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200590
IP address blocks: 193.106.98.0/24 maxlen: 24
91.231.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 04:59:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b8:89:f0:8c:66:1b:99:6f:c0:06:95:e1:d2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jan 1 20:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b20441b83bb003eefb787520654c665860070f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:69:0c:7b:7e:af:db:07:ab:f3:f2:74:00:d8:
5e:59:4f:b9:11:6b:4e:6f:c0:03:3c:0d:78:34:62:
44:a8:90:08:34:d5:9c:3f:c5:ea:0e:a8:32:8b:f6:
a6:5d:24:6c:b0:ee:8c:0f:5d:f2:16:d8:bb:39:d8:
89:53:5c:07:6a:2e:aa:cb:21:55:cc:ee:53:52:30:
61:78:6b:de:12:03:85:2d:87:82:75:42:46:cf:52:
d5:6e:af:30:b4:27:08:3c:e8:f1:52:73:33:3b:b7:
ea:9f:eb:9f:2f:35:b9:af:5b:ab:c8:27:76:33:0d:
89:4a:b1:e3:68:00:09:6b:9c:a0:53:0a:87:30:3a:
de:cf:bf:95:72:34:f5:44:dd:04:50:24:c0:37:e3:
2a:1f:bf:94:7e:7e:67:bf:fb:65:9d:f5:1f:25:b3:
0d:4d:ed:87:5c:48:bc:a6:77:2d:99:9a:47:dd:ef:
ba:ff:db:70:a2:7b:9f:94:c9:ca:c2:92:f7:8a:b1:
7e:b2:64:12:56:4e:27:30:c2:7a:75:b6:d3:73:cc:
fd:ba:2f:92:eb:24:4d:d1:90:8b:87:21:96:c0:56:
45:a1:05:03:bc:f9:ae:94:85:0b:1f:32:6b:66:3f:
06:d8:8b:0a:04:bb:ce:51:21:45:6b:cf:cb:f6:96:
83:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:20:44:1B:83:BB:00:3E:EF:B7:87:52:06:54:C6:65:86:00:70:F1
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/iyBEG4O7AD7vt4dSBlTGZYYAcPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.67.0/24
193.106.98.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0d:1a:8e:9a:5c:ef:91:f6:a9:ca:4a:99:62:a3:c6:87:a3:
e8:38:21:3d:fe:af:b1:e4:0f:36:52:f8:88:e1:6c:cc:25:23:
61:22:23:32:93:ff:3a:a3:da:ad:0e:33:30:92:15:95:da:e5:
21:18:d3:15:5d:c9:7c:74:81:13:9f:11:40:c5:64:d7:b6:0a:
98:8c:d3:5f:41:42:23:13:92:5b:d3:6d:91:9d:cd:92:80:17:
42:70:bb:a3:91:86:b7:2b:f2:c3:b0:da:b1:4c:02:42:a7:bb:
3c:55:93:55:da:23:28:1d:4f:2c:61:55:f3:09:02:f7:ef:d1:
81:fa:99:3b:e9:c4:c7:fd:80:4a:5e:f0:f6:df:54:ee:0a:97:
35:bf:2f:b1:15:7a:2e:d3:72:b1:79:84:fd:1c:f7:d7:64:f9:
be:f5:a1:51:13:75:8e:43:0a:04:14:95:a6:16:a2:69:5b:af:
c1:e1:52:5b:6d:d7:e8:5a:a7:69:a9:89:4b:0c:d3:2c:e8:7a:
4c:c8:a1:b8:1c:ba:21:15:99:29:d2:64:45:e0:12:e1:6d:e8:
77:d5:99:50:75:f5:65:12:8a:89:8a:a6:d3:1d:2a:f5:24:1c:
ab:b0:27:dd:ba:e7:6f:49:0c:cb:31:92:44:80:c7:1f:65:df:
9f:49:e8:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHbiJ8IxmG5lvwAaV4dKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMwMTAxMjA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjIwNDQxYjgzYmIwMDNlZWZiNzg3NTIwNjU0YzY2NTg2MDA3MGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmkMe36v2wer8/J0ANheWU+5EWtO
b8ADPA14NGJEqJAINNWcP8XqDqgyi/amXSRssO6MD13yFti7OdiJU1wHai6qyyFV
zO5TUjBheGveEgOFLYeCdUJGz1LVbq8wtCcIPOjxUnMzO7fqn+ufLzW5r1uryCd2
Mw2JSrHjaAAJa5ygUwqHMDrez7+VcjT1RN0EUCTAN+MqH7+Ufn5nv/tlnfUfJbMN
Te2HXEi8pnctmZpH3e+6/9twonuflMnKwpL3irF+smQSVk4nMMJ6dbbTc8z9ui+S
6yRN0ZCLhyGWwFZFoQUDvPmulIULHzJrZj8G2IsKBLvOUSFFa8/L9paDgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIsgRBuDuwA+77eHUgZUxmWGAHDxMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvaXlCRUc0TzdBRDd2dDRkU0JsVEdaWVlBY1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+dDAwQA
wWpiMA0GCSqGSIb3DQEBCwUAA4IBAQBEDRqOmlzvkfapykqZYqPGh6PoOCE9/q+x
5A82UviI4WzMJSNhIiMyk/86o9qtDjMwkhWV2uUhGNMVXcl8dIETnxFAxWTXtgqY
jNNfQUIjE5Jb022Rnc2SgBdCcLujkYa3K/LDsNqxTAJCp7s8VZNV2iMoHU8sYVXz
CQL379GB+pk76cTH/YBKXvD231TuCpc1vy+xFXou03KxeYT9HPfXZPm+9aFRE3WO
QwoEFJWmFqJpW6/B4VJbbdfoWqdpqYlLDNMs6HpMyKG4HLohFZkp0mRF4BLhbeh3
1ZlQdfVlEoqJiqbTHSr1JByrsCfduudvSQzLMZJEgMcfZd+fSegO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org