Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/N4zkWk6irQ8Klb7XxneHCpX6nIw.roa
File: N4zkWk6irQ8Klb7XxneHCpX6nIw.roa (raw, json)
Hash identifier: Pcw3h0wRMes3PmrrBvjHKLfGIWol0fv0x4vwflYfGyM=
Subject key identifier: 37:8C:E4:5A:4E:A2:AD:0F:0A:95:BE:D7:C6:77:87:0A:95:FA:9C:8C
Certificate issuer: /CN=a640c751ebfb4807d84622e806cb3d0b9dd81069
Certificate serial: 01856F94A3D9BC86D3FFEBFA3A428B9B671D
Authority key identifier: A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/N4zkWk6irQ8Klb7XxneHCpX6nIw.roa
Signing time: Sun 01 Jan 2023 23:04:50 +0000
ROA not before: Sun 01 Jan 2023 23:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212801
IP address blocks: 193.108.164.0/24 maxlen: 24
2001:67c:58c::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:a3:d9:bc:86:d3:ff:eb:fa:3a:42:8b:9b:67:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a640c751ebfb4807d84622e806cb3d0b9dd81069
Validity
Not Before: Jan 1 23:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=378ce45a4ea2ad0f0a95bed7c677870a95fa9c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7b:46:a3:8e:81:6f:6f:ec:0e:e7:db:7e:bb:
8f:15:33:60:3a:ff:16:65:7f:90:d8:89:82:01:33:
a4:39:12:ca:35:35:65:ef:38:8c:a3:87:8f:fa:e6:
6c:b4:95:c3:6d:ee:89:21:0b:a5:92:f4:91:fa:fb:
05:e1:e2:16:81:53:77:83:d8:08:16:90:93:c7:7f:
ed:69:38:41:3f:d2:bf:e1:0c:ab:17:6e:c3:ae:ba:
0a:e0:04:6d:13:b3:32:57:63:62:c1:35:49:39:89:
11:43:58:a1:c2:76:8d:ac:71:70:d2:04:9b:01:27:
f9:ef:d4:55:8a:23:62:6c:72:58:77:2e:ff:a5:11:
1e:cc:de:5c:4f:b6:b7:e1:0a:7a:25:6b:df:dc:80:
b8:db:94:77:ab:a4:eb:06:f5:e6:97:e3:75:e0:f0:
6c:a9:96:fc:54:34:74:da:4b:ab:fa:41:37:7a:4a:
c0:95:a4:c9:60:19:9c:7a:c0:99:46:42:56:32:00:
4f:f7:2a:a9:b5:d9:76:94:59:80:d6:20:ea:40:81:
92:e6:bf:bd:04:f2:84:eb:fe:7c:31:b9:d3:19:f8:
3a:f3:94:e8:1c:00:d0:66:67:38:80:80:54:08:97:
87:04:1c:bc:3e:12:9e:1d:63:cf:dc:07:5e:5a:82:
66:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:8C:E4:5A:4E:A2:AD:0F:0A:95:BE:D7:C6:77:87:0A:95:FA:9C:8C
X509v3 Authority Key Identifier:
keyid:A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/N4zkWk6irQ8Klb7XxneHCpX6nIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.164.0/24
IPv6:
2001:67c:58c::/48
Signature Algorithm: sha256WithRSAEncryption
86:9a:83:d8:69:b2:c0:a8:0c:f5:bc:4f:8e:a0:3a:85:58:85:
0e:8e:f5:5d:c0:f7:49:52:42:81:67:3c:ac:2c:26:ee:25:38:
8c:a7:57:6d:04:15:40:0b:43:96:77:bf:05:bf:c8:e2:41:f2:
58:8a:f9:c9:2f:fb:5f:cc:fe:af:eb:0a:24:70:21:83:be:67:
d0:bb:f9:fc:a4:80:15:66:3a:1a:07:c5:9f:4e:31:35:15:0d:
f9:37:1b:cf:b0:47:98:6f:57:dc:92:1e:d8:bb:96:66:70:d9:
1f:6a:3e:47:52:8d:01:3d:4d:ff:9b:83:f3:a0:f0:26:31:94:
ae:7c:e9:7d:bd:05:30:94:87:7d:2b:01:bb:f2:59:d1:5b:84:
be:3e:0d:6c:04:5c:4e:f6:de:96:b5:ea:3f:2b:e4:be:7f:5b:
ca:49:8d:44:61:80:82:58:e9:7a:92:35:43:91:d6:81:e4:e1:
b3:23:bd:0d:88:f0:90:3b:85:95:e5:8b:b2:2b:cd:f9:e2:6b:
5e:44:d8:1f:12:17:68:41:df:6b:65:9c:f8:1b:da:70:80:fa:
a6:a0:76:54:cb:d7:1f:73:01:d0:fe:26:04:2c:6f:1a:e1:ce:
a5:f2:54:a7:f2:8c:1f:58:80:5d:cb:4e:02:c3:67:e1:6d:94:
0c:6b:4e:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvlKPZvIbT/+v6OkKLm2cdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDBjNzUxZWJmYjQ4MDdkODQ2MjJlODA2Y2IzZDBiOWRk
ODEwNjkwHhcNMjMwMTAxMjMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzhjZTQ1YTRlYTJhZDBmMGE5NWJlZDdjNjc3ODcwYTk1ZmE5YzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhntGo46Bb2/sDufbfruPFTNgOv8W
ZX+Q2ImCATOkORLKNTVl7ziMo4eP+uZstJXDbe6JIQulkvSR+vsF4eIWgVN3g9gI
FpCTx3/taThBP9K/4QyrF27DrroK4ARtE7MyV2NiwTVJOYkRQ1ihwnaNrHFw0gSb
ASf579RViiNibHJYdy7/pREezN5cT7a34Qp6JWvf3IC425R3q6TrBvXml+N14PBs
qZb8VDR02kur+kE3ekrAlaTJYBmcesCZRkJWMgBP9yqptdl2lFmA1iDqQIGS5r+9
BPKE6/58MbnTGfg685ToHADQZmc4gIBUCJeHBBy8PhKeHWPP3AdeWoJm0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDeM5FpOoq0PCpW+18Z3hwqV+pyMMB8GA1UdIwQY
MBaAFKZAx1Hr+0gH2EYi6AbLPQud2BBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMt
MDI2YjhjZjY5MWJhLzEvTjR6a1drNmlyUThLbGI3WHhuZUhDcFg2bkl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMtMDI2YjhjZjY5MWJh
LzEvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwWykMA8E
AgACMAkDBwAgAQZ8BYwwDQYJKoZIhvcNAQELBQADggEBAIaag9hpssCoDPW8T46g
OoVYhQ6O9V3A90lSQoFnPKwsJu4lOIynV20EFUALQ5Z3vwW/yOJB8liK+ckv+1/M
/q/rCiRwIYO+Z9C7+fykgBVmOhoHxZ9OMTUVDfk3G8+wR5hvV9ySHti7lmZw2R9q
PkdSjQE9Tf+bg/Og8CYxlK586X29BTCUh30rAbvyWdFbhL4+DWwEXE723pa16j8r
5L5/W8pJjURhgIJY6XqSNUOR1oHk4bMjvQ2I8JA7hZXli7Irzfnia15E2B8SF2hB
32tlnPgb2nCA+qagdlTL1x9zAdD+JgQsbxrhzqXyVKfyjB9YgF3LTgLDZ+FtlAxr
Tjw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:47 2024 by rpki-client on console-fra.rpki-client.org