Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/aC9we08v0ZTkGLAJXI6s9MKOcQI.roa
File: aC9we08v0ZTkGLAJXI6s9MKOcQI.roa (raw, json)
Hash identifier: ZuF/T3FaRYzouk24vc+08RcqPl3SEx3co72JBqHsayA=
Subject key identifier: 68:2F:70:7B:4F:2F:D1:94:E4:18:B0:09:5C:8E:AC:F4:C2:8E:71:02
Certificate issuer: /CN=231e28359c180ea6c488a98ca3af77b5bb793dee
Certificate serial: 01856E01B04352465453997A1B6F10043831
Authority key identifier: 23:1E:28:35:9C:18:0E:A6:C4:88:A9:8C:A3:AF:77:B5:BB:79:3D:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ix4oNZwYDqbEiKmMo693tbt5Pe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/aC9we08v0ZTkGLAJXI6s9MKOcQI.roa
Signing time: Sun 01 Jan 2023 15:44:42 +0000
ROA not before: Sun 01 Jan 2023 15:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59455
IP address blocks: 185.79.108.0/23 maxlen: 23
193.111.33.0/24 maxlen: 24
193.33.116.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:b0:43:52:46:54:53:99:7a:1b:6f:10:04:38:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=231e28359c180ea6c488a98ca3af77b5bb793dee
Validity
Not Before: Jan 1 15:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=682f707b4f2fd194e418b0095c8eacf4c28e7102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d4:02:91:6b:0f:d5:b1:02:98:d0:de:93:d2:
9f:da:df:0c:62:cf:48:13:60:71:a3:e1:de:1b:f9:
28:ad:23:9b:a1:71:81:bd:6e:c1:40:85:84:e8:f3:
24:3a:0c:28:20:6f:7c:30:b3:20:4e:24:52:c0:e2:
f4:f0:35:f1:e5:bf:6a:f8:91:d1:98:5a:a1:ac:16:
c4:0b:78:8b:11:68:7c:ad:cf:e1:52:ee:68:71:24:
f7:01:d2:f2:04:c5:fe:fe:b3:6b:82:c2:a2:5f:ff:
bc:62:c1:e0:89:98:d2:9d:67:70:56:a2:3e:41:99:
d0:36:ef:cf:87:ce:5c:92:96:90:26:b9:28:c9:aa:
6b:c1:e6:44:dc:d9:8d:04:38:b8:d8:c1:02:11:2f:
45:e0:b9:05:5e:a4:0b:d2:41:a7:74:57:89:19:03:
6b:14:98:76:c6:90:73:39:4b:21:ba:31:b1:df:07:
0a:0b:2a:1d:72:5d:eb:e8:f4:81:27:cf:74:25:0f:
eb:1f:ad:3f:aa:0d:35:98:6f:49:89:28:4b:f0:e0:
1b:a7:ba:38:d4:8b:95:8e:cc:3d:79:c1:36:63:b3:
08:70:36:36:e2:4f:aa:c4:94:6f:6c:e2:25:1c:7f:
de:f1:b2:7b:fa:1e:23:19:4a:84:e6:54:c1:3c:b4:
13:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2F:70:7B:4F:2F:D1:94:E4:18:B0:09:5C:8E:AC:F4:C2:8E:71:02
X509v3 Authority Key Identifier:
keyid:23:1E:28:35:9C:18:0E:A6:C4:88:A9:8C:A3:AF:77:B5:BB:79:3D:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ix4oNZwYDqbEiKmMo693tbt5Pe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/aC9we08v0ZTkGLAJXI6s9MKOcQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/Ix4oNZwYDqbEiKmMo693tbt5Pe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.108.0/23
193.33.116.0/23
193.111.33.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c4:2e:f4:b0:90:18:a2:f5:36:0b:4a:24:ba:c6:a5:39:c4:
06:94:19:ed:84:91:f2:5f:a2:92:35:bb:03:ae:8c:0b:a3:96:
66:43:f5:b8:5f:e0:92:ee:ee:f4:72:e9:a3:5b:79:df:e5:4f:
ff:56:98:21:ae:43:04:0f:55:d5:d0:d9:92:9b:07:0d:2c:92:
5c:41:c1:58:e3:f5:28:92:09:8f:40:b4:9b:59:c1:b3:13:03:
9d:eb:31:59:2f:15:6c:ad:14:a3:42:ae:4b:04:e7:29:6c:eb:
aa:b2:fc:3d:3c:09:8d:e9:53:cb:b7:27:f7:b3:b6:81:91:9c:
ad:5b:d6:1c:51:e0:5e:2b:ab:41:fc:c4:0d:92:fe:32:bf:56:
5f:b1:a7:0a:b5:bd:b5:8c:97:a3:fb:d3:9f:da:46:87:88:26:
76:34:f1:2e:ce:18:65:cf:16:5a:9f:48:15:51:5d:4c:72:90:
9e:c2:cd:25:f1:27:1f:a3:22:90:bf:6f:6c:2e:03:b0:70:97:
bc:bd:84:b3:03:27:7f:22:8d:7b:5a:98:3b:c4:bb:0a:ef:36:
fe:d9:d2:e2:fb:48:b4:cc:f4:de:40:e9:16:8c:52:c1:18:13:
c7:65:72:f9:a3:3f:7b:25:c5:a6:5f:0d:a7:33:42:0e:9f:e9:
9b:68:53:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuAbBDUkZUU5l6G28QBDgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMWUyODM1OWMxODBlYTZjNDg4YTk4Y2EzYWY3N2I1YmI3
OTNkZWUwHhcNMjMwMTAxMTU0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJmNzA3YjRmMmZkMTk0ZTQxOGIwMDk1YzhlYWNmNGMyOGU3MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39QCkWsP1bECmNDek9Kf2t8MYs9I
E2Bxo+HeG/korSOboXGBvW7BQIWE6PMkOgwoIG98MLMgTiRSwOL08DXx5b9q+JHR
mFqhrBbEC3iLEWh8rc/hUu5ocST3AdLyBMX+/rNrgsKiX/+8YsHgiZjSnWdwVqI+
QZnQNu/Ph85ckpaQJrkoyaprweZE3NmNBDi42MECES9F4LkFXqQL0kGndFeJGQNr
FJh2xpBzOUshujGx3wcKCyodcl3r6PSBJ890JQ/rH60/qg01mG9JiShL8OAbp7o4
1IuVjsw9ecE2Y7MIcDY24k+qxJRvbOIlHH/e8bJ7+h4jGUqE5lTBPLQTjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGgvcHtPL9GU5BiwCVyOrPTCjnECMB8GA1UdIwQY
MBaAFCMeKDWcGA6mxIipjKOvd7W7eT3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXg0b05ad1lEcWJFaUttTW82OTN0YnQ1UGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MjQ2Y2ItZDQ2Yi00MDYyLTk4N2It
NWIzNGJjMzc4NDM2LzEvYUM5d2UwOHYwWlRrR0xBSlhJNnM5TUtPY1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MjQ2Y2ItZDQ2Yi00MDYyLTk4N2ItNWIzNGJjMzc4NDM2
LzEvSXg0b05ad1lEcWJFaUttTW82OTN0YnQ1UGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuU9sAwQB
wSF0AwQAwW8hMA0GCSqGSIb3DQEBCwUAA4IBAQBNxC70sJAYovU2C0okusalOcQG
lBnthJHyX6KSNbsDrowLo5ZmQ/W4X+CS7u70cumjW3nf5U//VpghrkMED1XV0NmS
mwcNLJJcQcFY4/UokgmPQLSbWcGzEwOd6zFZLxVsrRSjQq5LBOcpbOuqsvw9PAmN
6VPLtyf3s7aBkZytW9YcUeBeK6tB/MQNkv4yv1ZfsacKtb21jJej+9Of2kaHiCZ2
NPEuzhhlzxZan0gVUV1McpCews0l8ScfoyKQv29sLgOwcJe8vYSzAyd/Io17Wpg7
xLsK7zb+2dLi+0i0zPTeQOkWjFLBGBPHZXL5oz97JcWmXw2nM0IOn+mbaFN/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:47 2024 by rpki-client on console-fra.rpki-client.org