Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I4jdl8Y6GDjhdg1CZ9o3Tbau-W8.roa
File: I4jdl8Y6GDjhdg1CZ9o3Tbau-W8.roa (raw, json)
Hash identifier: t4SjDVSfAiD+W0HumMM/AePVE5ezAT4KXR5cIirQpas=
Subject key identifier: 23:88:DD:97:C6:3A:18:38:E1:76:0D:42:67:DA:37:4D:B6:AE:F9:6F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187987735B0064C5F501D1C960FA477242B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I4jdl8Y6GDjhdg1CZ9o3Tbau-W8.roa
Signing time: Wed 19 Apr 2023 07:42:42 +0000
ROA not before: Wed 19 Apr 2023 07:42:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399587
IP address blocks: 193.8.184.0/24 maxlen: 24
193.8.185.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Apr 2023 08:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:77:35:b0:06:4c:5f:50:1d:1c:96:0f:a4:77:24:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 19 07:42:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2388dd97c63a1838e1760d4267da374db6aef96f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5a:f3:fe:89:ce:d9:20:52:2f:d6:da:65:7e:
59:3e:da:b0:66:29:e1:84:94:30:76:de:b6:41:97:
18:b4:5e:32:c0:05:ab:91:7d:ad:e3:4b:0a:56:b7:
b8:0a:85:06:6e:9b:af:30:e9:cd:79:46:5a:6f:13:
14:52:14:86:42:b9:f9:c3:e4:78:f7:76:b2:3b:2c:
ee:a4:49:53:d8:48:68:80:41:ee:f8:49:87:0e:3f:
05:6a:16:77:c1:98:a8:0e:52:17:d9:b1:d7:e0:16:
c9:dc:0f:c7:e4:19:ac:a0:4d:68:b3:54:56:bb:cd:
89:4c:2c:5d:28:95:a1:a0:a9:52:c8:f2:d3:77:16:
a3:be:35:b7:2f:23:cf:90:cf:c2:25:09:5a:c6:66:
b4:16:12:e7:24:47:20:ad:07:5c:48:e5:3c:2a:46:
7a:59:f8:5a:59:57:81:56:c6:14:d7:d8:3f:ab:cb:
5b:42:d1:a6:d9:46:82:bc:07:87:9e:5b:fc:3c:4a:
8a:bd:79:d7:28:cb:9b:97:ec:62:1c:62:5a:a6:b1:
46:63:b2:5b:e2:40:08:3a:83:fa:a7:be:2e:b7:fb:
bc:e6:45:85:83:a7:d6:ff:16:77:46:d5:79:35:11:
48:f9:f3:50:91:1e:28:56:77:8a:45:91:7e:b2:1e:
4d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:88:DD:97:C6:3A:18:38:E1:76:0D:42:67:DA:37:4D:B6:AE:F9:6F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I4jdl8Y6GDjhdg1CZ9o3Tbau-W8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.184.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:d8:d9:be:27:f9:4c:f0:40:24:a6:5e:33:28:c2:6d:22:04:
72:36:a6:fc:fe:74:8c:ed:5d:af:33:56:91:1f:9b:bb:f5:c9:
37:7b:48:7d:24:be:9d:9b:e5:cf:4c:76:58:ce:5b:96:6d:e0:
0f:52:bf:a3:5f:85:40:56:7b:20:51:89:c9:7a:24:3e:15:2f:
3e:d8:9d:fe:7a:48:7a:d6:d2:a5:e8:c2:9f:34:ff:18:59:78:
47:ea:a2:34:0b:f7:52:ad:3e:cb:d3:76:f8:62:6d:e0:f3:45:
84:d0:31:f1:30:6d:94:3d:3e:c9:d0:88:86:a0:19:0f:2a:71:
f8:a7:86:bd:4f:27:8f:50:81:72:1b:61:a9:1b:37:b2:9e:6c:
a3:04:c8:c0:d1:2f:30:4c:c0:1e:c2:5e:a6:23:3a:aa:77:bc:
59:a2:b8:5a:dd:c6:10:f9:ae:d0:3b:fe:78:be:37:b4:47:27:
6e:6c:a6:4c:e5:13:e9:72:3f:d6:87:a0:5b:8f:0d:49:bf:5a:
25:97:11:d5:18:a5:3c:63:7f:d0:83:3e:81:0c:38:df:16:90:
e7:42:aa:01:e4:8d:02:27:a8:1e:32:69:63:6f:71:01:c6:f9:
c2:ab:49:3e:eb:0d:43:b8:8b:f2:0c:89:58:a2:d4:46:28:9b:
26:78:85:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeYdzWwBkxfUB0clg+kdyQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE5MDc0MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzg4ZGQ5N2M2M2ExODM4ZTE3NjBkNDI2N2RhMzc0ZGI2YWVmOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlrz/onO2SBSL9baZX5ZPtqwZinh
hJQwdt62QZcYtF4ywAWrkX2t40sKVre4CoUGbpuvMOnNeUZabxMUUhSGQrn5w+R4
93ayOyzupElT2EhogEHu+EmHDj8FahZ3wZioDlIX2bHX4BbJ3A/H5BmsoE1os1RW
u82JTCxdKJWhoKlSyPLTdxajvjW3LyPPkM/CJQlaxma0FhLnJEcgrQdcSOU8KkZ6
WfhaWVeBVsYU19g/q8tbQtGm2UaCvAeHnlv8PEqKvXnXKMubl+xiHGJaprFGY7Jb
4kAIOoP6p74ut/u85kWFg6fW/xZ3RtV5NRFI+fNQkR4oVneKRZF+sh5NBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOI3ZfGOhg44XYNQmfaN022rvlvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTRqZGw4WTZHRGpoZGcxQ1o5bzNUYmF1LVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwQi4MA0G
CSqGSIb3DQEBCwUAA4IBAQBq2Nm+J/lM8EAkpl4zKMJtIgRyNqb8/nSM7V2vM1aR
H5u79ck3e0h9JL6dm+XPTHZYzluWbeAPUr+jX4VAVnsgUYnJeiQ+FS8+2J3+ekh6
1tKl6MKfNP8YWXhH6qI0C/dSrT7L03b4Ym3g80WE0DHxMG2UPT7J0IiGoBkPKnH4
p4a9TyePUIFyG2GpGzeynmyjBMjA0S8wTMAewl6mIzqqd7xZorha3cYQ+a7QO/54
vje0RydubKZM5RPpcj/Wh6Bbjw1Jv1ollxHVGKU8Y3/Qgz6BDDjfFpDnQqoB5I0C
J6geMmljb3EBxvnCq0k+6w1DuIvyDIlYotRGKJsmeIWD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:29 2024 by rpki-client on console-ams.rpki-client.org