Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/3b65ab-a0e2-4684-b981-a86a7af368da/1/OvHgbqfGzFqKokWk8TR6vCN8oIo.roa
File: OvHgbqfGzFqKokWk8TR6vCN8oIo.roa (raw, json)
Hash identifier: gVu+QxXPvIGpdCXXZe9EYw8pyPQibRZ3WvmIlDIac58=
Subject key identifier: 3A:F1:E0:6E:A7:C6:CC:5A:8A:A2:45:A4:F1:34:7A:BC:23:7C:A0:8A
Certificate issuer: /CN=f6451af11120d8fa898cb6212cea8ca61dc59b92
Certificate serial: 018572F138EDFB62BB5B7E56EEBD425585B7
Authority key identifier: F6:45:1A:F1:11:20:D8:FA:89:8C:B6:21:2C:EA:8C:A6:1D:C5:9B:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9kUa8REg2PqJjLYhLOqMph3Fm5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/3b65ab-a0e2-4684-b981-a86a7af368da/1/OvHgbqfGzFqKokWk8TR6vCN8oIo.roa
Signing time: Mon 02 Jan 2023 14:44:49 +0000
ROA not before: Mon 02 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35503
IP address blocks: 193.192.57.0/24 maxlen: 24
193.192.56.0/24 maxlen: 24
193.192.56.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:f1:38:ed:fb:62:bb:5b:7e:56:ee:bd:42:55:85:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6451af11120d8fa898cb6212cea8ca61dc59b92
Validity
Not Before: Jan 2 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3af1e06ea7c6cc5a8aa245a4f1347abc237ca08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fd:b8:bb:b6:db:60:95:f0:c5:38:c7:7c:25:
35:2b:68:b8:ce:bc:3e:3c:cf:ad:32:a6:c1:65:12:
b8:34:ae:aa:eb:c8:28:73:85:ec:a2:01:b3:e4:cb:
34:bd:18:a5:60:fc:10:c0:c5:3f:91:c6:f1:4a:36:
10:b0:7b:fe:0a:12:41:04:79:ba:e9:38:bd:5e:4f:
20:e0:4f:da:4c:55:9c:53:94:a6:87:29:5a:fc:55:
b1:8d:c2:dc:da:2f:9c:a6:be:0b:0f:64:e7:29:f3:
72:49:a1:17:43:84:10:e4:73:da:90:08:1b:f1:ee:
68:95:b3:21:81:d6:2e:0a:27:75:40:c7:27:14:1a:
b4:18:c7:86:c3:da:44:62:af:30:f6:2f:73:12:72:
c8:e0:0b:ee:07:46:37:e0:f5:cc:39:b7:cd:b7:1f:
db:a9:92:dd:2c:be:e9:6d:1c:07:7d:f6:88:0e:99:
49:42:86:1c:dc:c5:87:89:ea:0d:57:a0:97:98:1f:
29:e6:ae:45:05:e8:73:d0:c5:f2:89:f5:4c:e1:d1:
95:9a:0d:af:d3:6f:8c:9e:a2:7f:b7:b3:82:42:ce:
5a:49:9b:a7:41:57:b3:4e:a5:df:9c:a4:d3:c8:43:
c0:57:af:eb:bf:83:95:09:03:1e:09:da:3a:ca:b6:
d6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F1:E0:6E:A7:C6:CC:5A:8A:A2:45:A4:F1:34:7A:BC:23:7C:A0:8A
X509v3 Authority Key Identifier:
keyid:F6:45:1A:F1:11:20:D8:FA:89:8C:B6:21:2C:EA:8C:A6:1D:C5:9B:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kUa8REg2PqJjLYhLOqMph3Fm5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/3b65ab-a0e2-4684-b981-a86a7af368da/1/OvHgbqfGzFqKokWk8TR6vCN8oIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/3b65ab-a0e2-4684-b981-a86a7af368da/1/9kUa8REg2PqJjLYhLOqMph3Fm5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.192.56.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:f7:d0:38:5d:75:cc:ce:87:36:d6:f3:2f:db:41:ac:3b:58:
c5:bb:46:b4:1f:b1:be:6b:31:8c:96:12:4b:1b:43:ec:c8:b5:
8e:cc:f2:06:0d:c0:5d:72:e0:9c:a7:3b:38:c0:f8:c2:be:50:
3e:bd:aa:81:0b:39:18:2b:2c:4e:ad:fb:2a:87:fe:85:c2:63:
cd:f1:b6:84:35:d1:6a:83:04:a3:2c:98:42:87:35:15:59:10:
16:1d:63:fd:1f:d3:47:72:a7:e6:39:d5:fc:06:51:6c:9f:ab:
50:66:ab:8c:bd:1f:66:db:12:4e:2f:a8:df:31:6b:d7:3d:aa:
9d:41:4d:d4:ac:87:ef:bc:48:0a:74:0d:b0:b2:6d:88:03:2f:
71:fa:49:76:48:23:19:07:06:38:e2:93:8a:32:6d:10:7f:7d:
51:af:45:20:b5:18:73:cc:fc:fd:ae:e6:62:81:3d:c1:18:2b:
bb:1a:50:3c:00:e3:c7:05:66:bc:d2:05:64:be:4c:8e:57:8f:
15:00:da:4f:b2:20:a1:4f:45:bd:7f:8c:21:60:d8:52:f6:07:
61:67:11:6e:05:5b:17:07:bb:20:bc:32:30:67:e7:f7:0b:b1:
b3:c1:58:7b:be:ed:e2:29:50:97:48:0b:7b:6d:97:08:81:0a:
b0:93:2a:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy8Tjt+2K7W35W7r1CVYW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDUxYWYxMTEyMGQ4ZmE4OThjYjYyMTJjZWE4Y2E2MWRj
NTliOTIwHhcNMjMwMTAyMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWYxZTA2ZWE3YzZjYzVhOGFhMjQ1YTRmMTM0N2FiYzIzN2NhMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv24u7bbYJXwxTjHfCU1K2i4zrw+
PM+tMqbBZRK4NK6q68goc4XsogGz5Ms0vRilYPwQwMU/kcbxSjYQsHv+ChJBBHm6
6Ti9Xk8g4E/aTFWcU5Smhyla/FWxjcLc2i+cpr4LD2TnKfNySaEXQ4QQ5HPakAgb
8e5olbMhgdYuCid1QMcnFBq0GMeGw9pEYq8w9i9zEnLI4AvuB0Y34PXMObfNtx/b
qZLdLL7pbRwHffaIDplJQoYc3MWHieoNV6CXmB8p5q5FBehz0MXyifVM4dGVmg2v
02+MnqJ/t7OCQs5aSZunQVezTqXfnKTTyEPAV6/rv4OVCQMeCdo6yrbW/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrx4G6nxsxaiqJFpPE0erwjfKCKMB8GA1UdIwQY
MBaAFPZFGvERINj6iYy2ISzqjKYdxZuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtVYThSRWcyUHFKakxZaExPcU1waDNGbTVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8zYjY1YWItYTBlMi00Njg0LWI5ODEt
YTg2YTdhZjM2OGRhLzEvT3ZIZ2JxZkd6RnFLb2tXazhUUjZ2Q044b0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8zYjY1YWItYTBlMi00Njg0LWI5ODEtYTg2YTdhZjM2OGRh
LzEvOWtVYThSRWcyUHFKakxZaExPcU1waDNGbTVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwcA4MA0G
CSqGSIb3DQEBCwUAA4IBAQB899A4XXXMzoc21vMv20GsO1jFu0a0H7G+azGMlhJL
G0PsyLWOzPIGDcBdcuCcpzs4wPjCvlA+vaqBCzkYKyxOrfsqh/6FwmPN8baENdFq
gwSjLJhChzUVWRAWHWP9H9NHcqfmOdX8BlFsn6tQZquMvR9m2xJOL6jfMWvXPaqd
QU3UrIfvvEgKdA2wsm2IAy9x+kl2SCMZBwY44pOKMm0Qf31Rr0UgtRhzzPz9ruZi
gT3BGCu7GlA8AOPHBWa80gVkvkyOV48VANpPsiChT0W9f4whYNhS9gdhZxFuBVsX
B7sgvDIwZ+f3C7GzwVh7vu3iKVCXSAt7bZcIgQqwkyru
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:01 2024 by rpki-client on console-fra.rpki-client.org