Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/duTnmXoulY024KUnXq7XiHCEg28.roa
File: duTnmXoulY024KUnXq7XiHCEg28.roa (raw, json)
Hash identifier: 0KgUng7TY32dFfKEmsDsHnwdJD0hq6WMryIY5B2sukQ=
Subject key identifier: 76:E4:E7:99:7A:2E:95:8D:36:E0:A5:27:5E:AE:D7:88:70:84:83:6F
Certificate issuer: /CN=6f57eb49196dd2e0606d5977c2b74b101b79bc0b
Certificate serial: 0187FFA5812F10B53AB9AD9B01392DAEE433
Authority key identifier: 6F:57:EB:49:19:6D:D2:E0:60:6D:59:77:C2:B7:4B:10:1B:79:BC:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1frSRlt0uBgbVl3wrdLEBt5vAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/duTnmXoulY024KUnXq7XiHCEg28.roa
Signing time: Tue 09 May 2023 08:34:09 +0000
ROA not before: Tue 09 May 2023 08:34:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201967
IP address blocks: 193.104.143.0/24 maxlen: 24
2a0c:2380::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:a5:81:2f:10:b5:3a:b9:ad:9b:01:39:2d:ae:e4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f57eb49196dd2e0606d5977c2b74b101b79bc0b
Validity
Not Before: May 9 08:34:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76e4e7997a2e958d36e0a5275eaed7887084836f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cf:50:cd:e4:e7:50:5b:b7:b5:d6:c6:5e:8f:
26:f1:53:55:a9:07:35:8f:f1:c2:22:fa:c3:b7:73:
ab:ed:5c:37:d1:ac:3e:ee:25:3e:f0:b5:18:3f:a7:
d9:08:8a:fd:e5:7f:9f:7a:4b:2b:d3:9a:58:56:24:
d1:8e:24:01:4e:d7:6b:33:9c:ff:8e:1d:44:89:74:
34:e2:47:73:97:c0:cc:d2:77:4d:d0:a5:df:bf:e8:
86:7b:a7:0c:b9:84:0e:38:c6:7a:aa:1e:0e:a1:8a:
43:6e:fa:48:c9:aa:05:29:ab:4a:b7:32:30:6d:52:
c1:25:87:b2:f6:52:20:90:d3:f4:e3:33:83:71:c2:
80:53:42:ce:d4:75:ab:26:2b:09:af:15:b2:bb:23:
1d:a3:c1:8b:ad:db:f6:d8:b7:e0:a5:d7:94:e0:c5:
d6:ec:8d:48:35:cd:bd:84:a0:c7:09:27:5d:56:e0:
75:94:83:e6:43:12:78:1a:0b:62:42:90:80:f4:4d:
5b:14:8b:38:e6:6d:76:00:6a:dd:01:0a:e3:d7:88:
d9:65:6b:5f:36:93:ef:a1:db:c8:04:ff:62:2d:be:
51:07:c0:c0:9b:00:b3:9b:8f:d7:b0:ec:ef:ad:1a:
fa:72:ae:5d:dd:23:0f:4c:6b:66:63:ef:ee:96:bb:
ea:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E4:E7:99:7A:2E:95:8D:36:E0:A5:27:5E:AE:D7:88:70:84:83:6F
X509v3 Authority Key Identifier:
keyid:6F:57:EB:49:19:6D:D2:E0:60:6D:59:77:C2:B7:4B:10:1B:79:BC:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1frSRlt0uBgbVl3wrdLEBt5vAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/duTnmXoulY024KUnXq7XiHCEg28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/b1frSRlt0uBgbVl3wrdLEBt5vAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.143.0/24
IPv6:
2a0c:2380::/29
Signature Algorithm: sha256WithRSAEncryption
a2:36:cf:1b:6d:b4:5c:67:61:c1:ba:f0:17:a4:ea:f9:35:fa:
5e:41:88:6c:0a:d3:f2:43:b1:cc:21:56:1f:46:d2:96:cd:9f:
50:5d:37:fe:85:d9:39:59:e2:76:f4:bf:d4:65:90:05:bf:02:
e8:6b:d5:56:95:69:ba:58:f0:f3:c8:4e:11:01:04:0a:82:80:
90:68:60:4d:6d:4b:1b:80:bd:02:e8:a1:1b:ac:ec:4f:e5:83:
f9:ea:ab:42:cd:ce:15:77:de:a7:b9:44:f6:1f:c7:ab:53:26:
90:d0:ca:57:00:73:d3:36:3b:ec:f0:1e:76:2d:9f:c0:9c:d1:
3f:31:ea:45:65:eb:86:0f:ab:09:9e:6d:e7:ad:89:97:86:cf:
dc:d6:10:91:4a:7b:ab:8d:7a:61:4c:7c:d9:72:4d:f8:e7:c6:
49:99:bb:7d:d7:ad:17:ef:bb:f9:10:92:c1:82:80:cc:b7:3e:
18:e8:ac:d1:e2:48:75:bf:4f:1b:27:b7:2c:de:57:df:17:fd:
2e:6d:bb:10:60:d7:8f:31:29:2e:8e:cc:55:5c:44:ec:f7:8f:
49:fe:e1:83:cc:1c:31:98:f3:15:b8:05:2a:69:49:a6:6f:9b:
f8:a9:42:7b:77:15:17:4a:43:f1:c4:24:d1:4f:24:cf:19:be:
96:db:ef:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYf/pYEvELU6ua2bATktruQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNTdlYjQ5MTk2ZGQyZTA2MDZkNTk3N2MyYjc0YjEwMWI3
OWJjMGIwHhcNMjMwNTA5MDgzNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU0ZTc5OTdhMmU5NThkMzZlMGE1Mjc1ZWFlZDc4ODcwODQ4MzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM9QzeTnUFu3tdbGXo8m8VNVqQc1
j/HCIvrDt3Or7Vw30aw+7iU+8LUYP6fZCIr95X+feksr05pYViTRjiQBTtdrM5z/
jh1EiXQ04kdzl8DM0ndN0KXfv+iGe6cMuYQOOMZ6qh4OoYpDbvpIyaoFKatKtzIw
bVLBJYey9lIgkNP04zODccKAU0LO1HWrJisJrxWyuyMdo8GLrdv22LfgpdeU4MXW
7I1INc29hKDHCSddVuB1lIPmQxJ4GgtiQpCA9E1bFIs45m12AGrdAQrj14jZZWtf
NpPvodvIBP9iLb5RB8DAmwCzm4/XsOzvrRr6cq5d3SMPTGtmY+/ulrvqswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHbk55l6LpWNNuClJ16u14hwhINvMB8GA1UdIwQY
MBaAFG9X60kZbdLgYG1Zd8K3SxAbebwLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjFmclNSbHQwdUJnYlZsM3dyZExFQnQ1dkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jN2JmNGEtZGE5Ny00YjViLTg3MTkt
MzdiM2UyNDRjMDYzLzEvZHVUbm1Yb3VsWTAyNEtVblhxN1hpSENFZzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jN2JmNGEtZGE5Ny00YjViLTg3MTktMzdiM2UyNDRjMDYz
LzEvYjFmclNSbHQwdUJnYlZsM3dyZExFQnQ1dkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWiPMA0E
AgACMAcDBQMqDCOAMA0GCSqGSIb3DQEBCwUAA4IBAQCiNs8bbbRcZ2HBuvAXpOr5
NfpeQYhsCtPyQ7HMIVYfRtKWzZ9QXTf+hdk5WeJ29L/UZZAFvwLoa9VWlWm6WPDz
yE4RAQQKgoCQaGBNbUsbgL0C6KEbrOxP5YP56qtCzc4Vd96nuUT2H8erUyaQ0MpX
AHPTNjvs8B52LZ/AnNE/MepFZeuGD6sJnm3nrYmXhs/c1hCRSnurjXphTHzZck34
58ZJmbt9160X77v5EJLBgoDMtz4Y6KzR4kh1v08bJ7cs3lffF/0ubbsQYNePMSku
jsxVXETs949J/uGDzBwxmPMVuAUqaUmmb5v4qUJ7dxUXSkPxxCTRTyTPGb6W2+9l
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:44 2024 by rpki-client on console-ams.rpki-client.org