Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/98aca3-0c7c-4f05-8d03-35c78e70199e/1/2Dl0f1bdlb3OuKrzUuOkx8FWSgo.roa
File: 2Dl0f1bdlb3OuKrzUuOkx8FWSgo.roa (raw, json)
Hash identifier: i6IfYvXhKRm/gmck0phsYNKWNovvkfmLctU2i6lDg2o=
Subject key identifier: D8:39:74:7F:56:DD:95:BD:CE:B8:AA:F3:52:E3:A4:C7:C1:56:4A:0A
Certificate issuer: /CN=96c56c5ea5478f4d37b30f3682e43b7e2ef90d98
Certificate serial: 018570305ECCA0C2AF4D8D35A3AA268BD7ED
Authority key identifier: 96:C5:6C:5E:A5:47:8F:4D:37:B3:0F:36:82:E4:3B:7E:2E:F9:0D:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsVsXqVHj003sw82guQ7fi75DZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/98aca3-0c7c-4f05-8d03-35c78e70199e/1/2Dl0f1bdlb3OuKrzUuOkx8FWSgo.roa
Signing time: Mon 02 Jan 2023 01:54:56 +0000
ROA not before: Mon 02 Jan 2023 01:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31534
IP address blocks: 193.16.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5e:cc:a0:c2:af:4d:8d:35:a3:aa:26:8b:d7:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96c56c5ea5478f4d37b30f3682e43b7e2ef90d98
Validity
Not Before: Jan 2 01:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d839747f56dd95bdceb8aaf352e3a4c7c1564a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:63:c0:2d:64:8d:d7:86:22:80:c0:7a:87:00:
59:8b:38:ef:a5:ba:9c:59:f6:23:1b:ff:61:06:63:
34:56:f4:da:ae:42:33:fc:d4:d0:19:2c:73:f0:74:
f9:9c:c5:03:ab:cb:41:f7:d7:09:1f:2a:56:92:98:
57:e3:37:b6:d1:ee:83:87:22:f0:43:3b:95:fb:0d:
07:6b:d6:d5:2d:be:dc:d0:0a:38:fb:48:d0:f0:f1:
c1:32:53:d9:85:96:a3:d6:bf:26:0d:8a:39:c1:fc:
a5:04:0d:4e:5a:27:db:75:bc:cc:54:8c:44:bb:87:
7a:34:93:9a:73:d4:f4:66:c3:07:2d:67:48:12:38:
0e:fe:89:aa:05:f1:bf:28:3a:93:b2:4d:be:6e:6b:
7d:d6:53:47:b2:f8:c5:24:84:5f:b6:33:72:4e:1b:
b6:e2:24:4a:f8:bd:a6:a9:fe:b1:12:40:6e:06:83:
2a:70:a9:d0:8f:ff:b9:bc:e4:74:5f:0e:e2:55:f6:
1f:32:e9:5c:ac:52:12:11:0a:66:b2:c7:ee:dc:ad:
9d:c8:11:a5:f6:8e:d2:a3:a9:01:e3:36:53:5c:59:
de:ba:d4:90:c7:dd:d0:c4:1e:96:2b:39:bc:41:2d:
fb:bd:ee:78:14:3a:d8:86:8b:c1:7b:2d:a9:46:d2:
a6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:39:74:7F:56:DD:95:BD:CE:B8:AA:F3:52:E3:A4:C7:C1:56:4A:0A
X509v3 Authority Key Identifier:
keyid:96:C5:6C:5E:A5:47:8F:4D:37:B3:0F:36:82:E4:3B:7E:2E:F9:0D:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsVsXqVHj003sw82guQ7fi75DZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/98aca3-0c7c-4f05-8d03-35c78e70199e/1/2Dl0f1bdlb3OuKrzUuOkx8FWSgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/98aca3-0c7c-4f05-8d03-35c78e70199e/1/lsVsXqVHj003sw82guQ7fi75DZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.102.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:4f:71:6b:98:01:32:7e:0e:e8:e1:55:c5:db:7b:35:93:6b:
89:5d:9d:56:ea:94:08:4c:4b:fe:eb:3e:6f:31:36:24:f7:d4:
94:c5:6f:3c:84:a6:68:0b:39:fb:06:43:e6:18:77:c8:5a:56:
0f:75:dd:18:20:89:f0:12:8e:09:a9:0c:7f:f8:b6:3f:cb:14:
d1:bf:1f:76:4a:10:be:e2:a3:08:bb:dc:7e:f9:a4:14:79:43:
cf:86:dc:8c:5b:85:d1:37:56:63:da:65:ea:c3:42:9b:4c:40:
c7:36:d1:d5:84:6f:70:21:c4:fe:57:d5:b4:4e:03:0d:55:8b:
15:33:bc:5c:5b:03:75:0f:54:02:d6:07:60:13:8e:74:0d:90:
fc:5d:d2:ca:f4:95:1a:ba:4e:94:68:53:23:37:f2:20:63:09:
90:60:8c:98:de:e9:e0:74:e6:91:a7:64:05:63:7a:2b:b9:05:
40:fc:b5:16:a2:f7:49:d9:b2:2f:b7:f0:52:3f:61:2c:30:0a:
51:26:cd:89:2e:53:c6:14:c0:c2:0d:6d:8a:40:a7:56:82:3d:
6e:c7:1f:7f:17:d5:9e:fe:86:27:8a:fe:46:64:47:63:c8:62:
08:13:ff:dc:1a:2f:71:c9:ae:32:4e:8f:e0:2d:37:5f:c4:40:
76:4e:cc:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMF7MoMKvTY01o6omi9ftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YzU2YzVlYTU0NzhmNGQzN2IzMGYzNjgyZTQzYjdlMmVm
OTBkOTgwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODM5NzQ3ZjU2ZGQ5NWJkY2ViOGFhZjM1MmUzYTRjN2MxNTY0YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mPALWSN14YigMB6hwBZizjvpbqc
WfYjG/9hBmM0VvTarkIz/NTQGSxz8HT5nMUDq8tB99cJHypWkphX4ze20e6DhyLw
QzuV+w0Ha9bVLb7c0Ao4+0jQ8PHBMlPZhZaj1r8mDYo5wfylBA1OWifbdbzMVIxE
u4d6NJOac9T0ZsMHLWdIEjgO/omqBfG/KDqTsk2+bmt91lNHsvjFJIRftjNyThu2
4iRK+L2mqf6xEkBuBoMqcKnQj/+5vOR0Xw7iVfYfMulcrFISEQpmssfu3K2dyBGl
9o7So6kB4zZTXFneutSQx93QxB6WKzm8QS37ve54FDrYhovBey2pRtKmnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNg5dH9W3ZW9zriq81LjpMfBVkoKMB8GA1UdIwQY
MBaAFJbFbF6lR49NN7MPNoLkO34u+Q2YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHNWc1hxVkhqMDAzc3c4Mmd1UTdmaTc1RFpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS85OGFjYTMtMGM3Yy00ZjA1LThkMDMt
MzVjNzhlNzAxOTllLzEvMkRsMGYxYmRsYjNPdUtyelV1T2t4OEZXU2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS85OGFjYTMtMGM3Yy00ZjA1LThkMDMtMzVjNzhlNzAxOTll
LzEvbHNWc1hxVkhqMDAzc3c4Mmd1UTdmaTc1RFpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRBmMA0G
CSqGSIb3DQEBCwUAA4IBAQBPT3FrmAEyfg7o4VXF23s1k2uJXZ1W6pQITEv+6z5v
MTYk99SUxW88hKZoCzn7BkPmGHfIWlYPdd0YIInwEo4JqQx/+LY/yxTRvx92ShC+
4qMIu9x++aQUeUPPhtyMW4XRN1Zj2mXqw0KbTEDHNtHVhG9wIcT+V9W0TgMNVYsV
M7xcWwN1D1QC1gdgE450DZD8XdLK9JUauk6UaFMjN/IgYwmQYIyY3ungdOaRp2QF
Y3oruQVA/LUWovdJ2bIvt/BSP2EsMApRJs2JLlPGFMDCDW2KQKdWgj1uxx9/F9We
/oYniv5GZEdjyGIIE//cGi9xya4yTo/gLTdfxEB2Tswg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:31 2024 by rpki-client on console-fra.rpki-client.org