Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/9E4lLtOf9wimaNd1LQFN9Hg_uV0.roa
File: 9E4lLtOf9wimaNd1LQFN9Hg_uV0.roa (raw, json)
Hash identifier: EivjVvi/xAIJDhq0xMm8DRbpHO49WSVvN8ZhroIyA0Q=
Subject key identifier: F4:4E:25:2E:D3:9F:F7:08:A6:68:D7:75:2D:01:4D:F4:78:3F:B9:5D
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 018ADAED9F72AAEE5EE8C46C11B09EB1C32C
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/9E4lLtOf9wimaNd1LQFN9Hg_uV0.roa
Signing time: Thu 28 Sep 2023 08:35:20 +0000
ROA not before: Thu 28 Sep 2023 08:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 193.32.176.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:ed:9f:72:aa:ee:5e:e8:c4:6c:11:b0:9e:b1:c3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Sep 28 08:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f44e252ed39ff708a668d7752d014df4783fb95d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e2:b9:99:ba:99:81:25:e0:a0:fe:10:1c:73:
4e:90:b7:d0:15:49:f2:0e:b5:fb:a9:f7:ec:7a:5d:
4a:4a:be:66:76:01:3f:00:22:ae:f3:b5:e3:b2:d1:
01:74:55:54:f2:3b:e6:bc:c1:dd:3c:1c:9f:39:af:
b7:80:89:51:34:9e:be:59:92:65:e9:62:09:e3:d2:
94:b9:fc:1a:4c:c3:25:7a:6b:b6:13:ef:8c:99:77:
f6:9b:7f:c8:33:be:83:da:b6:91:49:2f:1b:3b:c1:
e7:9c:91:16:e4:30:2c:9c:84:95:c3:db:35:23:bb:
64:c2:ff:12:f4:ad:25:a2:12:2f:8b:df:e8:f7:a9:
77:99:50:e5:91:db:e4:ad:2c:ed:ee:8e:5b:b7:0e:
45:ed:c0:2c:9e:1e:58:37:89:b4:40:bf:e5:12:68:
47:c7:1b:7c:35:ad:0b:8f:41:6b:1d:ad:d6:fa:0f:
c2:cf:00:8d:db:7a:a0:62:a3:62:ab:a6:32:36:10:
25:46:9c:d9:e3:51:e3:9f:98:fe:87:9d:09:f1:80:
3e:9e:e3:6c:35:7f:ea:db:1d:dc:2d:67:da:06:1f:
73:d8:96:9a:91:8a:0e:2e:2a:ed:a1:f1:1e:b0:d5:
95:7d:85:92:77:a8:d4:0d:49:49:3c:5b:07:d7:88:
2a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:4E:25:2E:D3:9F:F7:08:A6:68:D7:75:2D:01:4D:F4:78:3F:B9:5D
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/9E4lLtOf9wimaNd1LQFN9Hg_uV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.176.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:4f:a6:42:da:83:f3:87:20:63:8a:72:76:35:eb:3d:3e:2c:
40:05:2a:3a:86:87:33:a1:7a:e0:d1:51:21:a6:6a:eb:c7:30:
e6:67:42:88:a9:43:db:ee:de:ad:fe:04:d8:e9:a4:81:eb:48:
6e:2f:e6:31:bf:a6:83:2f:89:9a:4d:c6:bd:c1:80:06:a4:ff:
61:b9:9f:ba:b1:26:d2:80:18:64:3a:ae:b8:50:f7:11:47:dc:
94:cb:cd:38:91:b3:87:56:46:7c:39:79:f4:43:14:96:a0:2e:
1b:c3:67:b5:28:8c:20:7f:9f:eb:48:a8:44:bf:3c:68:81:a4:
54:ba:7e:2a:e1:a4:c0:34:ab:9c:9d:3b:dc:06:b3:55:92:04:
01:7d:28:99:7b:de:de:66:78:76:da:c5:d9:73:e3:4f:06:73:
09:c7:bd:ef:4e:ac:4d:82:de:cc:f0:5e:6f:22:4a:7d:dc:94:
ec:ca:d8:96:3f:da:3e:78:45:46:b1:36:ec:2e:9c:b2:21:21:
5b:80:0c:bf:9e:d9:d8:74:f7:27:62:d6:5c:73:9e:3a:77:6f:
bd:75:78:41:34:10:99:3b:79:0e:3e:4c:a0:f1:da:96:e3:59:
d9:0f:f7:0c:53:82:d6:28:89:24:76:12:4b:7b:c2:b4:9e:40:
52:4b:1b:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYra7Z9yqu5e6MRsEbCescMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjMwOTI4MDgzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDRlMjUyZWQzOWZmNzA4YTY2OGQ3NzUyZDAxNGRmNDc4M2ZiOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OK5mbqZgSXgoP4QHHNOkLfQFUny
DrX7qffsel1KSr5mdgE/ACKu87XjstEBdFVU8jvmvMHdPByfOa+3gIlRNJ6+WZJl
6WIJ49KUufwaTMMlemu2E++MmXf2m3/IM76D2raRSS8bO8HnnJEW5DAsnISVw9s1
I7tkwv8S9K0lohIvi9/o96l3mVDlkdvkrSzt7o5btw5F7cAsnh5YN4m0QL/lEmhH
xxt8Na0Lj0FrHa3W+g/CzwCN23qgYqNiq6YyNhAlRpzZ41Hjn5j+h50J8YA+nuNs
NX/q2x3cLWfaBh9z2JaakYoOLirtofEesNWVfYWSd6jUDUlJPFsH14gqfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPROJS7Tn/cIpmjXdS0BTfR4P7ldMB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvOUU0bEx0T2Y5d2ltYU5kMUxRRk45SGdfdVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUtOTgxZmJiMzQ0MmRk
LzEvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSCwMA0G
CSqGSIb3DQEBCwUAA4IBAQA6T6ZC2oPzhyBjinJ2Nes9PixABSo6hoczoXrg0VEh
pmrrxzDmZ0KIqUPb7t6t/gTY6aSB60huL+Yxv6aDL4maTca9wYAGpP9huZ+6sSbS
gBhkOq64UPcRR9yUy804kbOHVkZ8OXn0QxSWoC4bw2e1KIwgf5/rSKhEvzxogaRU
un4q4aTANKucnTvcBrNVkgQBfSiZe97eZnh22sXZc+NPBnMJx73vTqxNgt7M8F5v
Ikp93JTsytiWP9o+eEVGsTbsLpyyISFbgAy/ntnYdPcnYtZcc546d2+9dXhBNBCZ
O3kOPkyg8dqW41nZD/cMU4LWKIkkdhJLe8K0nkBSSxuQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:00 2024 by rpki-client on console-fra.rpki-client.org