Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDYw65UPye3JfEfNQx_rApMMYck.roa
File: XDYw65UPye3JfEfNQx_rApMMYck.roa (raw, json)
Hash identifier: //AxII0W3aClca1XtsepmxR+YFg1dJvndbFyZyfAO90=
Subject key identifier: 5C:36:30:EB:95:0F:C9:ED:C9:7C:47:CD:43:1F:EB:02:93:0C:61:C9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81FA072F4FA2EDC9BEAC749A3631BF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDYw65UPye3JfEfNQx_rApMMYck.roa
Signing time: Sun 01 Jan 2023 13:25:12 +0000
ROA not before: Sun 01 Jan 2023 13:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132969
IP address blocks: 193.35.16.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:fa:07:2f:4f:a2:ed:c9:be:ac:74:9a:36:31:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c3630eb950fc9edc97c47cd431feb02930c61c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:65:a2:85:f2:ed:ba:a1:e2:a3:ea:40:26:d1:
3f:f9:17:c7:6e:88:e8:ec:37:b9:ab:74:fc:d5:3a:
a3:9f:09:8d:90:9f:08:63:26:9d:7f:1d:54:56:5b:
38:a8:e2:35:42:3f:a0:75:f9:a7:9f:ed:60:50:af:
27:81:9c:35:9c:77:c2:ca:53:02:b6:10:01:dd:6b:
56:ae:63:cb:9d:dc:50:67:84:d0:9a:ee:d8:7c:be:
ae:c3:0c:a6:b1:a6:13:9d:11:24:86:a1:ba:58:13:
20:e6:99:60:3d:6d:7d:65:fc:43:d9:5f:94:00:fe:
67:e2:0e:89:34:97:a5:0c:d0:1f:47:81:eb:30:2f:
b9:83:e1:7a:db:e3:8e:25:3d:3a:01:39:b8:94:f8:
c3:f2:40:82:d7:ea:4a:51:87:d2:7a:92:44:4e:f6:
6c:b2:cc:8d:00:d9:c0:21:3f:30:75:91:1b:82:7c:
1a:f8:3f:da:cb:c2:3f:30:dd:f6:21:57:33:46:f5:
32:ff:06:ef:46:59:56:48:b2:c6:da:9e:a7:a8:85:
37:a3:e1:6c:41:d1:6d:e1:2a:f4:ba:b4:93:5e:89:
34:22:c3:36:41:d2:c6:47:98:f1:b2:a2:21:92:d2:
da:d3:b4:96:50:46:10:07:30:fe:ea:3a:cb:06:5e:
d4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:36:30:EB:95:0F:C9:ED:C9:7C:47:CD:43:1F:EB:02:93:0C:61:C9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDYw65UPye3JfEfNQx_rApMMYck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.16.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ec:00:ff:1a:73:ff:a7:69:fc:af:67:1c:05:e2:ee:f0:71:
aa:a3:52:e2:6a:fa:c4:1f:8e:58:be:2c:e6:55:a9:bc:fd:a1:
23:01:33:76:07:d6:d0:66:6c:66:2e:0a:bd:40:df:ae:92:47:
4c:b8:83:d0:34:69:f6:89:22:4e:30:35:cb:f1:4f:c4:59:fa:
7b:b4:6b:40:bc:61:f5:49:71:f1:3b:d5:b1:67:c2:d1:ea:5c:
b0:3f:f3:33:98:84:c0:19:03:db:fe:10:25:f5:64:da:24:f7:
18:bd:c1:c9:65:f7:63:96:f5:ba:90:ea:74:e2:24:bf:15:11:
76:a0:58:72:78:c2:e5:d5:d8:66:4a:0c:28:e2:73:cf:45:7e:
d1:a1:1c:29:38:47:52:17:71:94:c9:f4:6c:16:41:54:30:b6:
c1:d9:ce:75:32:78:83:9e:f7:b1:45:8f:f4:65:69:8d:ab:e3:
74:36:23:df:f4:79:6b:32:66:ed:e4:8c:78:cf:9b:51:f0:ae:
8a:74:c0:1c:ed:61:3e:d8:27:b1:c2:ab:bd:9c:16:a7:98:fe:
da:65:8a:17:a2:f7:99:2f:54:d9:9c:4f:90:84:6d:56:66:e6:
9e:bf:5d:97:e8:13:88:b5:cb:26:84:ce:1d:bc:fb:7b:1f:23:
62:67:1e:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgfoHL0+i7cm+rHSaNjG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM2MzBlYjk1MGZjOWVkYzk3YzQ3Y2Q0MzFmZWIwMjkzMGM2MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGWihfLtuqHio+pAJtE/+RfHbojo
7De5q3T81TqjnwmNkJ8IYyadfx1UVls4qOI1Qj+gdfmnn+1gUK8ngZw1nHfCylMC
thAB3WtWrmPLndxQZ4TQmu7YfL6uwwymsaYTnREkhqG6WBMg5plgPW19ZfxD2V+U
AP5n4g6JNJelDNAfR4HrMC+5g+F62+OOJT06ATm4lPjD8kCC1+pKUYfSepJETvZs
ssyNANnAIT8wdZEbgnwa+D/ay8I/MN32IVczRvUy/wbvRllWSLLG2p6nqIU3o+Fs
QdFt4Sr0urSTXok0IsM2QdLGR5jxsqIhktLa07SWUEYQBzD+6jrLBl7UQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFw2MOuVD8ntyXxHzUMf6wKTDGHJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWERZdzY1VVB5ZTNKZkVmTlF4X3JBcE1NWWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSMQMA0G
CSqGSIb3DQEBCwUAA4IBAQCN7AD/GnP/p2n8r2ccBeLu8HGqo1LiavrEH45Yvizm
Vam8/aEjATN2B9bQZmxmLgq9QN+ukkdMuIPQNGn2iSJOMDXL8U/EWfp7tGtAvGH1
SXHxO9WxZ8LR6lywP/MzmITAGQPb/hAl9WTaJPcYvcHJZfdjlvW6kOp04iS/FRF2
oFhyeMLl1dhmSgwo4nPPRX7RoRwpOEdSF3GUyfRsFkFUMLbB2c51MniDnvexRY/0
ZWmNq+N0NiPf9HlrMmbt5Ix4z5tR8K6KdMAc7WE+2Cexwqu9nBanmP7aZYoXoveZ
L1TZnE+QhG1WZuaev12X6BOItcsmhM4dvPt7HyNiZx5i
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:11 2024 by rpki-client on console-ams.rpki-client.org