Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/xSmOpIon4Fa3fjwWrEjKzqPFFfU.roa
File: xSmOpIon4Fa3fjwWrEjKzqPFFfU.roa (raw, json)
Hash identifier: KMokhRnTfUIhdmqoiSU9fcGyh9UcHqYfk2IEwXZyjtY=
Subject key identifier: C5:29:8E:A4:8A:27:E0:56:B7:7E:3C:16:AC:48:CA:CE:A3:C5:15:F5
Certificate issuer: /CN=b93a74405ebf7b251ccfbba7c2b20ec15f9d8e48
Certificate serial: 01856E268CC29DFB676400617DCA45B849E3
Authority key identifier: B9:3A:74:40:5E:BF:7B:25:1C:CF:BB:A7:C2:B2:0E:C1:5F:9D:8E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTp0QF6_eyUcz7unwrIOwV-djkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/xSmOpIon4Fa3fjwWrEjKzqPFFfU.roa
Signing time: Sun 01 Jan 2023 16:24:58 +0000
ROA not before: Sun 01 Jan 2023 16:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34516
IP address blocks: 193.239.214.0/23 maxlen: 23
2001:678:3c8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:8c:c2:9d:fb:67:64:00:61:7d:ca:45:b8:49:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93a74405ebf7b251ccfbba7c2b20ec15f9d8e48
Validity
Not Before: Jan 1 16:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5298ea48a27e056b77e3c16ac48cacea3c515f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:72:db:cc:df:37:14:47:db:af:30:83:06:a7:
07:ff:42:99:91:78:ed:59:ae:06:72:56:1b:c4:87:
ee:d3:66:76:08:ab:2b:04:cf:b8:df:a8:d3:73:b8:
01:41:22:9c:3a:9f:89:73:45:fa:5d:ec:a5:2b:36:
0c:76:b8:d6:51:0e:e1:9f:0a:03:dc:ae:92:df:24:
87:fc:44:04:4e:e5:f7:06:8f:ba:02:4e:74:6c:a2:
5d:7c:43:00:90:61:7e:7c:1e:09:a0:e4:22:8a:d7:
3d:ab:e7:c2:2e:59:dc:31:b5:12:79:c4:3a:2a:bf:
95:f5:23:bd:8a:af:68:fd:7c:73:5a:44:0f:df:89:
bb:2e:6b:00:65:98:e6:bf:d1:29:e9:63:61:d4:a8:
43:81:c7:02:76:15:24:f9:89:c3:fb:9c:c0:76:05:
f5:0b:32:16:c6:56:38:bf:58:ae:6b:90:c3:61:cc:
5d:aa:59:32:ea:80:eb:1c:7e:0d:6f:d4:f2:2a:87:
7d:6c:9a:7b:2f:ad:71:2d:1d:6a:89:c9:da:86:aa:
6d:1e:81:68:3f:f0:93:61:d1:5e:61:32:04:fc:f7:
f2:3c:17:2b:fd:0e:78:62:00:15:2d:43:10:3d:95:
a4:a3:53:b4:c0:1a:8c:fa:27:c6:c9:d0:97:be:60:
20:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:29:8E:A4:8A:27:E0:56:B7:7E:3C:16:AC:48:CA:CE:A3:C5:15:F5
X509v3 Authority Key Identifier:
keyid:B9:3A:74:40:5E:BF:7B:25:1C:CF:BB:A7:C2:B2:0E:C1:5F:9D:8E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTp0QF6_eyUcz7unwrIOwV-djkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/xSmOpIon4Fa3fjwWrEjKzqPFFfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/uTp0QF6_eyUcz7unwrIOwV-djkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.214.0/23
IPv6:
2001:678:3c8::/48
Signature Algorithm: sha256WithRSAEncryption
0a:52:d5:10:4b:eb:5a:cd:d5:e4:13:2c:b2:c9:ac:85:17:3c:
1a:aa:a1:f8:d0:39:11:7c:bb:e6:63:f0:cd:cd:fa:9f:30:47:
ff:6b:eb:7b:bf:c8:c1:b1:38:93:69:b2:f9:65:85:cb:b1:59:
e2:cd:4a:47:3b:e4:dd:d1:1c:27:79:d1:b2:c1:62:6c:95:4e:
49:8c:38:27:92:3c:b3:50:4c:a5:7d:5b:11:5f:81:a9:6e:58:
d5:78:08:64:fc:a6:7a:28:d5:18:a6:0d:0e:55:5e:5f:e5:3c:
21:14:1b:37:4f:ea:49:35:47:b2:57:22:39:14:14:ef:fa:6e:
1a:78:d5:8d:b8:99:f6:82:4b:6a:01:a1:23:7d:0e:42:26:79:
94:b3:8c:8e:c9:7f:6a:2f:53:3b:33:ac:12:7d:46:32:89:be:
af:15:76:57:8f:7d:ee:0b:9d:1b:fe:97:bd:dd:d6:2e:12:49:
3f:56:ef:d6:93:31:15:2d:b0:1c:49:6d:73:36:e7:7a:1c:6b:
5a:e4:d6:c6:74:38:c5:ff:08:e0:6d:f0:32:1e:bb:ce:fb:65:
af:13:83:e9:8d:9d:95:81:a5:88:56:d3:79:f2:09:44:05:ba:
e0:e9:e9:20:31:79:bc:f0:68:4c:ec:2a:71:51:c7:ce:38:99:
1b:54:4f:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuJozCnftnZABhfcpFuEnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2E3NDQwNWViZjdiMjUxY2NmYmJhN2MyYjIwZWMxNWY5
ZDhlNDgwHhcNMjMwMTAxMTYyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI5OGVhNDhhMjdlMDU2Yjc3ZTNjMTZhYzQ4Y2FjZWEzYzUxNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3LbzN83FEfbrzCDBqcH/0KZkXjt
Wa4GclYbxIfu02Z2CKsrBM+436jTc7gBQSKcOp+Jc0X6XeylKzYMdrjWUQ7hnwoD
3K6S3ySH/EQETuX3Bo+6Ak50bKJdfEMAkGF+fB4JoOQiitc9q+fCLlncMbUSecQ6
Kr+V9SO9iq9o/XxzWkQP34m7LmsAZZjmv9Ep6WNh1KhDgccCdhUk+YnD+5zAdgX1
CzIWxlY4v1iua5DDYcxdqlky6oDrHH4Nb9TyKod9bJp7L61xLR1qicnahqptHoFo
P/CTYdFeYTIE/PfyPBcr/Q54YgAVLUMQPZWko1O0wBqM+ifGydCXvmAgeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMUpjqSKJ+BWt348FqxIys6jxRX1MB8GA1UdIwQY
MBaAFLk6dEBev3slHM+7p8KyDsFfnY5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRwMFFGNl9leVVjejd1bndySU93Vi1kamtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82ODJkYTAtZDNlZi00OWYwLWJlYTQt
MGExMzRiNjUzNWM0LzEveFNtT3BJb240RmEzZmp3V3JFakt6cVBGRmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82ODJkYTAtZDNlZi00OWYwLWJlYTQtMGExMzRiNjUzNWM0
LzEvdVRwMFFGNl9leVVjejd1bndySU93Vi1kamtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwe/WMA8E
AgACMAkDBwAgAQZ4A8gwDQYJKoZIhvcNAQELBQADggEBAApS1RBL61rN1eQTLLLJ
rIUXPBqqofjQORF8u+Zj8M3N+p8wR/9r63u/yMGxOJNpsvllhcuxWeLNSkc75N3R
HCd50bLBYmyVTkmMOCeSPLNQTKV9WxFfgaluWNV4CGT8pnoo1RimDQ5VXl/lPCEU
GzdP6kk1R7JXIjkUFO/6bhp41Y24mfaCS2oBoSN9DkImeZSzjI7Jf2ovUzszrBJ9
RjKJvq8VdlePfe4LnRv+l73d1i4SST9W79aTMRUtsBxJbXM253oca1rk1sZ0OMX/
COBt8DIeu877Za8Tg+mNnZWBpYhW03nyCUQFuuDp6SAxebzwaEzsKnFRx844mRtU
T00=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:29 2024 by rpki-client on console-ams.rpki-client.org