Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/U1WvCCEiacCjE0QmLmTHToyTlFE.roa
File: U1WvCCEiacCjE0QmLmTHToyTlFE.roa (raw, json)
Hash identifier: pLAeoZOHu+TlGZKvB7dAsWZ9ACSwipQBpkQLpdDiMxQ=
Subject key identifier: 53:55:AF:08:21:22:69:C0:A3:13:44:26:2E:64:C7:4E:8C:93:94:51
Certificate issuer: /CN=8c05b364fcf319ccf53c5f2e8c634290ac0eb129
Certificate serial: 01856CB866F227C12D1BD98D075E4B1A3A1D
Authority key identifier: 8C:05:B3:64:FC:F3:19:CC:F5:3C:5F:2E:8C:63:42:90:AC:0E:B1:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/U1WvCCEiacCjE0QmLmTHToyTlFE.roa
Signing time: Sun 01 Jan 2023 09:45:02 +0000
ROA not before: Sun 01 Jan 2023 09:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13237
IP address blocks: 192.109.198.0/24 maxlen: 24
193.29.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Apr 2023 04:59:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:66:f2:27:c1:2d:1b:d9:8d:07:5e:4b:1a:3a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c05b364fcf319ccf53c5f2e8c634290ac0eb129
Validity
Not Before: Jan 1 09:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5355af08212269c0a31344262e64c74e8c939451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:45:fd:bd:6a:6a:4f:73:6a:54:d5:9f:66:02:
a8:81:22:29:19:d6:dd:d6:af:02:6b:d5:ff:48:8b:
c6:fe:ad:52:b9:0c:b8:b2:d8:68:e1:64:f6:87:b8:
d2:07:f1:82:d4:21:5c:8c:3c:d3:d7:f9:84:3b:69:
d9:f2:8a:0b:21:84:17:7f:cc:f0:9f:b9:1e:b6:ea:
b3:65:eb:58:32:d7:3c:46:37:93:dc:23:29:87:b9:
10:81:6a:2c:ed:fb:2b:c3:a1:be:d3:f4:25:bf:f0:
37:6c:e9:80:7e:77:44:c6:5e:5a:a2:16:ed:2b:4b:
8f:05:46:5d:02:e1:59:f4:69:e5:5d:e5:59:d9:89:
0a:63:2e:da:07:e4:bf:44:c1:15:a1:ae:39:e4:8b:
25:96:89:61:f0:07:9b:3b:a6:c5:c7:b9:65:f4:ce:
04:25:43:0d:65:6a:cb:e4:dc:f5:bc:f7:c2:75:56:
c2:2b:a9:0b:74:cd:3c:40:bc:69:2c:18:0d:8a:9c:
e5:c8:54:47:73:ab:c5:3a:75:7c:b8:15:0a:86:12:
6b:1c:61:64:b0:b3:ed:66:ce:3c:48:c8:1f:66:fe:
bf:1c:86:a9:da:34:ca:fb:0f:78:32:e9:11:60:f9:
df:ab:c9:92:00:ee:69:50:a0:52:73:0e:46:c7:46:
62:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:55:AF:08:21:22:69:C0:A3:13:44:26:2E:64:C7:4E:8C:93:94:51
X509v3 Authority Key Identifier:
keyid:8C:05:B3:64:FC:F3:19:CC:F5:3C:5F:2E:8C:63:42:90:AC:0E:B1:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/U1WvCCEiacCjE0QmLmTHToyTlFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/jAWzZPzzGcz1PF8ujGNCkKwOsSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.198.0/24
193.29.3.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:d7:ee:cb:15:a7:ee:cc:b4:f9:70:18:90:d3:ab:49:43:0c:
01:bd:3d:c5:cf:6d:a0:d1:5b:6d:5b:09:44:1b:68:74:02:22:
87:8d:c2:13:0d:a4:9b:67:c2:75:93:11:1c:3a:0e:5f:ae:e4:
3c:06:25:d4:b9:84:e0:45:d9:98:5f:2c:48:20:ef:be:d1:7b:
d3:23:fe:a2:00:e5:e9:37:34:08:3a:b3:46:da:59:9f:fd:4e:
6a:04:21:42:5d:28:1e:f9:b7:2f:90:af:de:f6:1a:5a:88:c7:
b1:a1:4e:0b:b7:f3:be:c1:03:6b:3d:fe:77:76:b0:6d:9f:20:
7b:46:60:f8:4f:8d:b5:b0:03:50:6a:e7:ad:17:33:f7:54:b4:
ba:bc:13:e5:d0:7f:cc:1b:e5:66:80:1a:0f:a4:c0:cc:a7:c8:
0f:ca:89:94:15:02:9e:aa:86:b3:fb:3b:71:80:26:5f:91:14:
f1:30:95:8e:ca:94:71:a0:50:ff:d0:ee:8c:ad:bb:bc:b1:d7:
75:a3:19:fb:94:3b:b7:31:a6:dc:e9:a7:69:0c:8e:dc:02:84:
b1:2d:ab:c9:23:a1:88:7c:a9:53:1c:f2:41:84:72:3f:78:22:
b0:bf:5e:b1:ba:45:70:c4:65:eb:7b:63:01:f9:0c:45:62:a0:
af:67:58:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsuGbyJ8EtG9mNB15LGjodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMDViMzY0ZmNmMzE5Y2NmNTNjNWYyZThjNjM0MjkwYWMw
ZWIxMjkwHhcNMjMwMTAxMDk0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzU1YWYwODIxMjI2OWMwYTMxMzQ0MjYyZTY0Yzc0ZThjOTM5NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0X9vWpqT3NqVNWfZgKogSIpGdbd
1q8Ca9X/SIvG/q1SuQy4stho4WT2h7jSB/GC1CFcjDzT1/mEO2nZ8ooLIYQXf8zw
n7ketuqzZetYMtc8RjeT3CMph7kQgWos7fsrw6G+0/Qlv/A3bOmAfndExl5aohbt
K0uPBUZdAuFZ9GnlXeVZ2YkKYy7aB+S/RMEVoa455Isllolh8AebO6bFx7ll9M4E
JUMNZWrL5Nz1vPfCdVbCK6kLdM08QLxpLBgNipzlyFRHc6vFOnV8uBUKhhJrHGFk
sLPtZs48SMgfZv6/HIap2jTK+w94MukRYPnfq8mSAO5pUKBScw5Gx0ZihwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNVrwghImnAoxNEJi5kx06Mk5RRMB8GA1UdIwQY
MBaAFIwFs2T88xnM9TxfLoxjQpCsDrEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakFXelpQenpHY3oxUEY4dWpHTkNrS3dPc1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yZDM0NmItODgyNS00NjgxLTk0ZTMt
OTg0NDE2MDdiMjI4LzEvVTFXdkNDRWlhY0NqRTBRbUxtVEhUb3lUbEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yZDM0NmItODgyNS00NjgxLTk0ZTMtOTg0NDE2MDdiMjI4
LzEvakFXelpQenpHY3oxUEY4dWpHTkNrS3dPc1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwG3GAwQA
wR0DMA0GCSqGSIb3DQEBCwUAA4IBAQDG1+7LFafuzLT5cBiQ06tJQwwBvT3Fz22g
0VttWwlEG2h0AiKHjcITDaSbZ8J1kxEcOg5fruQ8BiXUuYTgRdmYXyxIIO++0XvT
I/6iAOXpNzQIOrNG2lmf/U5qBCFCXSge+bcvkK/e9hpaiMexoU4Lt/O+wQNrPf53
drBtnyB7RmD4T421sANQauetFzP3VLS6vBPl0H/MG+VmgBoPpMDMp8gPyomUFQKe
qoaz+ztxgCZfkRTxMJWOypRxoFD/0O6Mrbu8sdd1oxn7lDu3Mabc6adpDI7cAoSx
LavJI6GIfKlTHPJBhHI/eCKwv16xukVwxGXre2MB+QxFYqCvZ1hW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:04 2024 by rpki-client on console-fra.rpki-client.org