Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/hDFQuGEQj26aAC-v1csIka9TDcA.roa
File: hDFQuGEQj26aAC-v1csIka9TDcA.roa (raw, json)
Hash identifier: IiZ4800xdP8uSCk+aWO02fKUR3QyBk9FmNQJ2fkui/I=
Subject key identifier: 84:31:50:B8:61:10:8F:6E:9A:00:2F:AF:D5:CB:08:91:AF:53:0D:C0
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 01856EB911A6EEF9EF40840FB35FBEF1B40B
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/hDFQuGEQj26aAC-v1csIka9TDcA.roa
Signing time: Sun 01 Jan 2023 19:05:00 +0000
ROA not before: Sun 01 Jan 2023 19:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 193.0.181.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:11:a6:ee:f9:ef:40:84:0f:b3:5f:be:f1:b4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 19:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=843150b861108f6e9a002fafd5cb0891af530dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d1:d6:2e:a3:83:67:fe:1d:77:12:df:c2:6a:
12:02:bb:41:f0:2d:d3:77:6e:f3:9d:7a:4a:ea:2c:
4a:f0:f0:5c:8c:a7:3e:93:a0:7e:ba:5e:51:c9:ca:
c1:5e:cf:92:d0:72:d7:c7:05:29:eb:fe:b5:37:03:
c3:c1:e2:db:e2:8b:cb:c4:90:dd:1f:e1:fc:84:5a:
27:15:79:e0:db:37:0f:51:43:e1:da:0e:b1:32:50:
04:7e:59:48:a4:79:94:cd:c2:1c:25:90:19:e0:3e:
ad:c0:96:a1:10:aa:6f:1a:fe:75:17:7c:03:21:01:
1a:12:17:1a:61:4f:3d:a2:8a:0d:86:48:02:dc:a7:
2f:8e:1f:63:ea:4b:0c:dd:f3:31:25:9a:58:2d:1a:
cf:bb:f1:ff:0b:e3:63:c2:bb:23:28:bb:42:12:ae:
70:d6:0e:14:d9:9d:ad:80:2c:19:76:de:0b:ef:1c:
2c:a7:f0:d7:fd:43:89:37:08:22:6c:d1:7f:fc:dc:
f3:00:7a:3f:24:f5:31:83:fd:65:80:80:92:c0:c3:
a4:aa:87:c5:74:96:7b:58:d4:c3:42:60:22:51:2a:
7d:d8:04:b1:f4:f3:66:a3:fa:0d:15:bb:3b:62:ea:
fc:52:7c:fa:6e:7e:64:25:c4:50:0a:5f:9c:19:b8:
33:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:31:50:B8:61:10:8F:6E:9A:00:2F:AF:D5:CB:08:91:AF:53:0D:C0
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/hDFQuGEQj26aAC-v1csIka9TDcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.181.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:93:14:7c:9f:f2:ab:5b:63:d9:5b:38:88:0c:71:41:5f:f2:
73:2b:39:03:19:0a:8c:3e:5b:96:ff:53:a9:0c:ba:9b:4f:68:
8e:41:92:35:2f:1d:03:a9:e3:c0:e3:a7:c6:6c:34:09:a2:b5:
05:06:ec:77:72:de:10:00:ef:b3:71:ea:c9:0a:43:d3:8a:74:
7b:50:ea:77:b0:53:ed:99:e1:73:d1:3b:21:40:c7:4f:71:fa:
35:5b:68:ac:d3:3b:3b:3d:33:87:a5:d8:dd:56:fa:5a:0c:3a:
80:5d:bf:3d:a7:1d:51:79:2a:1c:45:c6:3f:6a:8f:dd:46:9c:
cf:23:1c:10:fb:55:4d:4d:7e:1e:2f:3b:2d:5b:2b:c2:70:2e:
b2:8c:2d:d3:c3:f6:fa:af:6d:6b:b5:1d:95:4e:88:2e:10:90:
7a:36:e2:f0:72:88:07:56:d0:a6:36:47:30:75:f4:90:2e:a2:
af:d7:82:b6:88:0a:be:4c:0d:0c:90:7d:db:60:a3:b6:98:d8:
36:69:71:b6:a2:ee:32:d9:23:e3:35:77:f7:59:79:ac:30:b2:
38:e8:75:a4:ec:5f:96:97:76:fa:05:ce:ab:f3:e6:f5:aa:6a:
40:d4:ab:04:af:93:44:69:6e:06:a2:e5:56:0a:7a:76:27:70:
20:1c:e5:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuRGm7vnvQIQPs1++8bQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjMwMTAxMTkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDMxNTBiODYxMTA4ZjZlOWEwMDJmYWZkNWNiMDg5MWFmNTMwZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNHWLqODZ/4ddxLfwmoSArtB8C3T
d27znXpK6ixK8PBcjKc+k6B+ul5RycrBXs+S0HLXxwUp6/61NwPDweLb4ovLxJDd
H+H8hFonFXng2zcPUUPh2g6xMlAEfllIpHmUzcIcJZAZ4D6twJahEKpvGv51F3wD
IQEaEhcaYU89oooNhkgC3Kcvjh9j6ksM3fMxJZpYLRrPu/H/C+NjwrsjKLtCEq5w
1g4U2Z2tgCwZdt4L7xwsp/DX/UOJNwgibNF//NzzAHo/JPUxg/1lgICSwMOkqofF
dJZ7WNTDQmAiUSp92ASx9PNmo/oNFbs7Yur8Unz6bn5kJcRQCl+cGbgzWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQxULhhEI9umgAvr9XLCJGvUw3AMB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvaERGUXVHRVFqMjZhQUMtdjFjc0lrYTlURGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQC1MA0G
CSqGSIb3DQEBCwUAA4IBAQCnkxR8n/KrW2PZWziIDHFBX/JzKzkDGQqMPluW/1Op
DLqbT2iOQZI1Lx0DqePA46fGbDQJorUFBux3ct4QAO+zcerJCkPTinR7UOp3sFPt
meFz0TshQMdPcfo1W2is0zs7PTOHpdjdVvpaDDqAXb89px1ReSocRcY/ao/dRpzP
IxwQ+1VNTX4eLzstWyvCcC6yjC3Tw/b6r21rtR2VToguEJB6NuLwcogHVtCmNkcw
dfSQLqKv14K2iAq+TA0MkH3bYKO2mNg2aXG2ou4y2SPjNXf3WXmsMLI46HWk7F+W
l3b6Bc6r8+b1qmpA1KsEr5NEaW4GouVWCnp2J3AgHOUb
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:21 2024 by rpki-client on console-fra.rpki-client.org