Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/0c4b16-6b94-4080-9165-b853567da0ea/1/CLXXl6OkbCt4xLgVXq0jBqPSnic.roa
File: CLXXl6OkbCt4xLgVXq0jBqPSnic.roa (raw, json)
Hash identifier: Hd83Tt6akGYMgjVZIS8Rhd/fytZ2qmZ9uTKBqxwQTKA=
Subject key identifier: 08:B5:D7:97:A3:A4:6C:2B:78:C4:B8:15:5E:AD:23:06:A3:D2:9E:27
Certificate issuer: /CN=838ec3942813d3f3536c127e1a821bfbef6db2a4
Certificate serial: 01856EEFE4B43A7975C965184E3E15C593B9
Authority key identifier: 83:8E:C3:94:28:13:D3:F3:53:6C:12:7E:1A:82:1B:FB:EF:6D:B2:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g47DlCgT0_NTbBJ-GoIb--9tsqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/0c4b16-6b94-4080-9165-b853567da0ea/1/CLXXl6OkbCt4xLgVXq0jBqPSnic.roa
Signing time: Sun 01 Jan 2023 20:04:53 +0000
ROA not before: Sun 01 Jan 2023 20:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211416
IP address blocks: 193.56.134.0/24 maxlen: 24
2a10:e840::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 May 2023 10:05:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e4:b4:3a:79:75:c9:65:18:4e:3e:15:c5:93:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=838ec3942813d3f3536c127e1a821bfbef6db2a4
Validity
Not Before: Jan 1 20:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08b5d797a3a46c2b78c4b8155ead2306a3d29e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:70:d3:01:94:61:ee:79:82:12:48:d7:1c:a3:
a8:68:d3:a6:50:f8:38:59:7e:0f:90:6a:f5:d3:b0:
62:6d:74:ae:63:dc:c3:46:03:bd:c2:e7:69:ed:49:
33:9f:18:f7:58:0a:99:1e:00:ef:81:61:9f:29:fd:
b1:23:31:44:b5:bf:c8:fa:96:e8:ec:cb:fd:fa:37:
5f:3c:df:97:97:8a:d3:8e:bd:8a:dd:55:da:28:46:
e0:73:27:62:8d:f9:07:d3:53:1e:f4:98:38:3f:d6:
10:6c:25:5c:cd:44:94:e9:9a:fd:08:38:60:e0:12:
be:92:51:69:d1:eb:6d:bb:d5:bc:fd:57:28:9a:5e:
26:d2:1e:5f:9b:d3:68:39:76:8e:81:39:c0:b6:3c:
7a:bf:88:99:b6:68:e3:09:59:99:bb:06:40:0a:f3:
3f:34:47:c6:c1:56:7a:16:dd:5b:32:39:81:82:6c:
91:13:37:12:90:6a:2c:2c:d7:54:e6:1d:5a:e5:23:
88:21:0c:63:89:45:40:87:3d:97:87:28:3d:8f:93:
b7:5a:8e:d1:fd:17:56:21:3f:6e:ff:6a:96:f2:c6:
78:a4:ef:77:ce:fd:e0:71:24:b3:3f:6c:8b:40:bd:
6f:0c:34:f7:5c:3c:d1:67:88:89:33:51:ed:41:4e:
20:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B5:D7:97:A3:A4:6C:2B:78:C4:B8:15:5E:AD:23:06:A3:D2:9E:27
X509v3 Authority Key Identifier:
keyid:83:8E:C3:94:28:13:D3:F3:53:6C:12:7E:1A:82:1B:FB:EF:6D:B2:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g47DlCgT0_NTbBJ-GoIb--9tsqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0c4b16-6b94-4080-9165-b853567da0ea/1/CLXXl6OkbCt4xLgVXq0jBqPSnic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0c4b16-6b94-4080-9165-b853567da0ea/1/g47DlCgT0_NTbBJ-GoIb--9tsqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.134.0/24
IPv6:
2a10:e840::/32
Signature Algorithm: sha256WithRSAEncryption
04:99:8b:6d:53:72:85:78:3b:3f:bc:9e:99:51:4d:72:74:5a:
2b:56:bb:91:c4:dd:13:8c:79:f8:a9:40:15:6a:e3:bc:51:cb:
06:05:0d:8f:97:c7:3d:1b:b1:31:fa:6f:59:43:c5:4c:38:28:
02:bc:e6:6f:de:95:a0:94:36:b9:c6:a1:06:1f:e1:e4:4a:38:
00:fc:b4:53:27:ba:e1:f5:a8:af:20:04:f4:54:b4:cd:29:ab:
fc:41:dc:78:88:b6:08:1f:18:8d:ca:b3:25:a9:68:5d:1e:88:
22:4a:d7:12:b5:68:1d:0f:03:45:2f:5e:73:64:81:b3:e8:96:
96:66:b0:e8:3f:62:35:7f:b4:d0:8f:11:d8:e8:4a:8a:af:6e:
87:ef:68:4e:52:1a:a4:e0:62:41:e2:8a:69:04:0d:8a:0e:8a:
62:c2:76:a4:93:23:3c:98:bd:fe:41:8a:be:73:79:f5:ae:79:
a2:1a:26:25:0b:18:b7:10:45:b5:63:c9:2a:b9:76:c2:b0:c4:
f6:c4:d0:dd:1f:5d:b4:ca:2d:a0:25:26:d3:50:b4:02:e0:b3:
f5:45:04:5c:3e:3e:e7:45:4e:81:82:4e:b5:e8:90:09:e8:d4:
c6:f2:df:84:06:8b:ae:6b:ce:b3:2a:58:11:35:1e:12:2f:40:
d6:73:b8:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu7+S0Onl1yWUYTj4VxZO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOGVjMzk0MjgxM2QzZjM1MzZjMTI3ZTFhODIxYmZiZWY2
ZGIyYTQwHhcNMjMwMTAxMjAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGI1ZDc5N2EzYTQ2YzJiNzhjNGI4MTU1ZWFkMjMwNmEzZDI5ZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9XDTAZRh7nmCEkjXHKOoaNOmUPg4
WX4PkGr107BibXSuY9zDRgO9wudp7Ukznxj3WAqZHgDvgWGfKf2xIzFEtb/I+pbo
7Mv9+jdfPN+Xl4rTjr2K3VXaKEbgcydijfkH01Me9Jg4P9YQbCVczUSU6Zr9CDhg
4BK+klFp0ettu9W8/Vcoml4m0h5fm9NoOXaOgTnAtjx6v4iZtmjjCVmZuwZACvM/
NEfGwVZ6Ft1bMjmBgmyREzcSkGosLNdU5h1a5SOIIQxjiUVAhz2Xhyg9j5O3Wo7R
/RdWIT9u/2qW8sZ4pO93zv3gcSSzP2yLQL1vDDT3XDzRZ4iJM1HtQU4g0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAi115ejpGwreMS4FV6tIwaj0p4nMB8GA1UdIwQY
MBaAFIOOw5QoE9PzU2wSfhqCG/vvbbKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzQ3RGxDZ1QwX05UYkJKLUdvSWItLTl0c3FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wYzRiMTYtNmI5NC00MDgwLTkxNjUt
Yjg1MzU2N2RhMGVhLzEvQ0xYWGw2T2tiQ3Q0eExnVlhxMGpCcVBTbmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wYzRiMTYtNmI5NC00MDgwLTkxNjUtYjg1MzU2N2RhMGVh
LzEvZzQ3RGxDZ1QwX05UYkJKLUdvSWItLTl0c3FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTiGMA0E
AgACMAcDBQAqEOhAMA0GCSqGSIb3DQEBCwUAA4IBAQAEmYttU3KFeDs/vJ6ZUU1y
dForVruRxN0TjHn4qUAVauO8UcsGBQ2Pl8c9G7Ex+m9ZQ8VMOCgCvOZv3pWglDa5
xqEGH+HkSjgA/LRTJ7rh9aivIAT0VLTNKav8Qdx4iLYIHxiNyrMlqWhdHogiStcS
tWgdDwNFL15zZIGz6JaWZrDoP2I1f7TQjxHY6EqKr26H72hOUhqk4GJB4oppBA2K
DopiwnakkyM8mL3+QYq+c3n1rnmiGiYlCxi3EEW1Y8kquXbCsMT2xNDdH120yi2g
JSbTULQC4LP1RQRcPj7nRU6Bgk616JAJ6NTG8t+EBouua86zKlgRNR4SL0DWc7ju
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:21 2024 by rpki-client on console-fra.rpki-client.org