Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/hcQJRYs8DJtAK0yMb1tR3d8_iQQ.roa
File: hcQJRYs8DJtAK0yMb1tR3d8_iQQ.roa (raw, json)
Hash identifier: PKoC79trFs7Gjp/yhe9yr9Yperz+yy7OXmVGAMM9DzE=
Subject key identifier: 85:C4:09:45:8B:3C:0C:9B:40:2B:4C:8C:6F:5B:51:DD:DF:3F:89:04
Certificate issuer: /CN=7ef532ebb07ea8506b653430c046ec8d402f968b
Certificate serial: 018AD78D76ED7CF1F585388932FD0923A7C9
Authority key identifier: 7E:F5:32:EB:B0:7E:A8:50:6B:65:34:30:C0:46:EC:8D:40:2F:96:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fvUy67B-qFBrZTQwwEbsjUAvlos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/hcQJRYs8DJtAK0yMb1tR3d8_iQQ.roa
Signing time: Wed 27 Sep 2023 16:51:27 +0000
ROA not before: Wed 27 Sep 2023 16:51:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202050
IP address blocks: 193.108.215.0/24 maxlen: 24
193.108.219.0/24 maxlen: 24
193.109.94.0/24 maxlen: 24
193.109.92.0/24 maxlen: 24
2a0f:f840::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Sep 2023 17:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:8d:76:ed:7c:f1:f5:85:38:89:32:fd:09:23:a7:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ef532ebb07ea8506b653430c046ec8d402f968b
Validity
Not Before: Sep 27 16:51:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85c409458b3c0c9b402b4c8c6f5b51dddf3f8904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:44:6b:58:eb:25:18:b7:6c:e8:95:df:e9:0d:
71:38:e0:41:42:d5:50:a9:9e:5b:f6:0f:92:b3:8f:
dd:bb:e4:53:91:0b:16:fb:a9:73:22:33:08:f2:98:
c7:dc:17:29:95:c4:e1:e7:bd:fd:43:ee:a6:a5:11:
4b:63:f7:e1:b8:6a:52:77:db:e2:d7:02:4e:c2:27:
9a:03:42:48:02:9e:af:c0:25:e5:ca:3b:55:cd:21:
69:e4:11:30:04:cf:ff:98:16:3e:dc:f4:62:8c:c8:
83:7c:52:01:dd:cf:12:24:d0:3f:7d:d4:ce:56:bf:
a8:b1:32:35:51:15:9c:6d:d4:78:50:2a:fb:03:55:
3c:dc:1d:59:cf:8c:5b:d7:2e:93:ca:59:a0:5d:62:
54:3e:00:33:7f:cc:10:a1:4d:2a:59:9a:43:1c:da:
be:e3:e0:cb:05:40:04:5c:23:83:f2:f1:e9:d0:44:
74:c3:62:ad:da:aa:42:9b:b1:f6:98:fc:fb:b0:7d:
72:af:d3:61:d8:eb:c4:58:0f:51:d9:cd:e1:d4:56:
28:1d:f8:42:49:6f:c7:9c:db:50:bc:2c:2c:14:b1:
06:dd:eb:5e:83:6c:51:f1:5e:c7:25:bd:e4:f3:3f:
94:da:8e:ac:4b:bf:a1:2e:5a:ff:15:1a:12:01:46:
10:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C4:09:45:8B:3C:0C:9B:40:2B:4C:8C:6F:5B:51:DD:DF:3F:89:04
X509v3 Authority Key Identifier:
keyid:7E:F5:32:EB:B0:7E:A8:50:6B:65:34:30:C0:46:EC:8D:40:2F:96:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fvUy67B-qFBrZTQwwEbsjUAvlos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/hcQJRYs8DJtAK0yMb1tR3d8_iQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/fvUy67B-qFBrZTQwwEbsjUAvlos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.215.0/24
193.108.219.0/24
193.109.92.0/24
193.109.94.0/24
IPv6:
2a0f:f840::/48
Signature Algorithm: sha256WithRSAEncryption
87:04:e2:f2:a6:8b:d8:46:25:4e:34:d5:18:5e:f5:b6:61:b0:
eb:d9:5c:a9:b2:63:4a:2c:cb:a5:b9:92:cb:a7:4d:8a:bf:01:
23:1f:60:bd:50:53:70:e5:54:85:5f:cd:8f:72:fb:a4:46:72:
f9:ae:d4:0c:64:a8:f5:53:b1:f7:c6:95:cf:50:79:6c:97:ab:
4c:6f:60:69:51:80:4a:6d:cf:9b:1e:19:21:e3:a8:8d:8e:bf:
46:6c:fc:e4:03:ed:a9:51:be:55:f0:16:e3:14:04:05:00:a1:
4a:2f:bd:4b:cf:76:f5:b2:2e:01:02:3a:2d:68:a0:76:98:ba:
82:91:e1:c6:a3:d5:b5:83:2d:5a:f7:95:14:72:4f:c5:86:62:
2b:58:20:d4:fb:91:45:6e:e2:1d:b4:cb:f1:54:64:cd:bf:93:
50:c0:e1:9a:b0:62:7a:ee:57:d0:04:50:8e:38:57:fa:51:a5:
cd:61:31:49:76:4c:3f:27:04:84:ad:65:97:54:19:37:40:f7:
88:ce:ee:fb:b9:b7:4a:8f:b0:a7:d7:dd:fc:75:9c:b5:b9:42:
02:73:36:61:06:21:5c:73:26:75:b6:68:4e:c7:b3:9a:c6:eb:
0a:d0:ea:49:6c:3c:a7:9e:f6:d6:e7:5e:63:3c:0f:8c:58:2c:
e6:70:38:fa
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYrXjXbtfPH1hTiJMv0JI6fJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZjUzMmViYjA3ZWE4NTA2YjY1MzQzMGMwNDZlYzhkNDAy
Zjk2OGIwHhcNMjMwOTI3MTY1MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWM0MDk0NThiM2MwYzliNDAyYjRjOGM2ZjViNTFkZGRmM2Y4OTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0RrWOslGLds6JXf6Q1xOOBBQtVQ
qZ5b9g+Ss4/du+RTkQsW+6lzIjMI8pjH3BcplcTh5739Q+6mpRFLY/fhuGpSd9vi
1wJOwieaA0JIAp6vwCXlyjtVzSFp5BEwBM//mBY+3PRijMiDfFIB3c8SJNA/fdTO
Vr+osTI1URWcbdR4UCr7A1U83B1Zz4xb1y6TylmgXWJUPgAzf8wQoU0qWZpDHNq+
4+DLBUAEXCOD8vHp0ER0w2Kt2qpCm7H2mPz7sH1yr9Nh2OvEWA9R2c3h1FYoHfhC
SW/HnNtQvCwsFLEG3eteg2xR8V7HJb3k8z+U2o6sS7+hLlr/FRoSAUYQeQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFIXECUWLPAybQCtMjG9bUd3fP4kEMB8GA1UdIwQY
MBaAFH71MuuwfqhQa2U0MMBG7I1AL5aLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnZVeTY3Qi1xRkJyWlRRd3dFYnNqVUF2bG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85Mjc1ZmYtYmE5ZS00OGUwLTkwYTEt
NDc3MjcwNjYxMTYzLzEvaGNRSlJZczhESnRBSzB5TWIxdFIzZDhfaVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85Mjc1ZmYtYmE5ZS00OGUwLTkwYTEtNDc3MjcwNjYxMTYz
LzEvZnZVeTY3Qi1xRkJyWlRRd3dFYnNqVUF2bG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAwWzXAwQA
wWzbAwQAwW1cAwQAwW1eMA8EAgACMAkDBwAqD/hAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAIcE4vKmi9hGJU401Rhe9bZhsOvZXKmyY0osy6W5ksunTYq/ASMfYL1QU3Dl
VIVfzY9y+6RGcvmu1AxkqPVTsffGlc9QeWyXq0xvYGlRgEptz5seGSHjqI2Ov0Zs
/OQD7alRvlXwFuMUBAUAoUovvUvPdvWyLgECOi1ooHaYuoKR4caj1bWDLVr3lRRy
T8WGYitYINT7kUVu4h20y/FUZM2/k1DA4ZqwYnruV9AEUI44V/pRpc1hMUl2TD8n
BIStZZdUGTdA94jO7vu5t0qPsKfX3fx1nLW5QgJzNmEGIVxzJnW2aE7Hs5rG6wrQ
6klsPKee9tbnXmM8D4xYLOZwOPo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:02 2024 by rpki-client on console-ams.rpki-client.org