Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xPuSGB2sG69Cy6vtPby4Nm_YdFE.roa
File: xPuSGB2sG69Cy6vtPby4Nm_YdFE.roa (raw, json)
Hash identifier: KVpavDwQcgv8q/TfINklIGR1uz6abGLUtI+XGYdZcj8=
Subject key identifier: C4:FB:92:18:1D:AC:1B:AF:42:CB:AB:ED:3D:BC:B8:36:6F:D8:74:51
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AAD70928041D1C339D13E789948B0AE82
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xPuSGB2sG69Cy6vtPby4Nm_YdFE.roa
Signing time: Tue 19 Sep 2023 12:35:50 +0000
ROA not before: Tue 19 Sep 2023 12:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:70:92:80:41:d1:c3:39:d1:3e:78:99:48:b0:ae:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 19 12:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4fb92181dac1baf42cbabed3dbcb8366fd87451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2c:c0:8b:03:15:56:4f:34:e0:1e:80:58:3a:
10:48:61:8d:f4:00:42:b2:51:e7:83:db:58:d5:e3:
7a:03:a2:09:7d:90:58:d8:af:2e:b7:15:36:cc:b7:
ae:e5:15:6c:31:5f:bd:cd:99:fc:eb:c6:d3:5d:73:
b2:1a:0b:17:fb:76:64:e3:88:57:b0:98:48:b3:b7:
42:12:0d:1b:87:3f:8f:19:c7:1d:cf:94:81:4a:e5:
29:a4:d5:2d:ac:cb:8e:95:a7:2f:ad:77:f0:32:a9:
45:ed:8e:7d:0c:ba:8f:09:12:21:a4:37:db:77:b4:
05:a1:6d:6b:68:af:84:c5:08:ab:ae:9e:3e:91:5c:
65:95:a0:c3:43:cf:79:f2:8d:48:04:41:7e:b7:0a:
ec:ba:e2:b1:e1:db:01:67:44:64:12:44:5d:01:88:
e0:ad:2a:c1:cb:ed:b9:aa:bc:24:7d:9f:0e:2c:06:
b9:09:77:a9:6d:24:23:b6:1a:1e:7a:27:f6:12:f0:
c1:13:66:7c:a2:e1:6a:05:a6:d2:44:a2:f7:97:11:
33:f8:16:fa:80:92:07:82:ed:18:ce:95:f9:9f:f4:
d9:e3:87:a3:d3:1b:ca:f7:d8:ef:c2:ae:2e:fe:3e:
25:85:bc:be:f6:fd:66:71:9a:91:f0:f1:18:3a:77:
43:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FB:92:18:1D:AC:1B:AF:42:CB:AB:ED:3D:BC:B8:36:6F:D8:74:51
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xPuSGB2sG69Cy6vtPby4Nm_YdFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:0d:b2:22:df:a3:a7:8f:93:1e:35:c2:6e:af:39:cc:a0:31:
17:5b:10:42:a2:15:07:ee:a0:e9:64:6d:24:df:f5:78:a5:bc:
7a:82:29:d5:02:94:93:f5:bf:6b:67:41:d7:89:ef:c5:59:fd:
29:c3:8a:56:52:06:39:27:98:8c:3a:50:e6:f2:cc:9a:63:3e:
2f:3d:a4:7c:7f:d8:55:3c:c2:32:fd:e2:ea:a6:38:d9:6e:57:
87:41:d0:bc:09:b5:4c:e7:98:07:1a:1c:52:fa:b5:19:58:fe:
2f:01:53:4c:9f:0d:56:fe:54:fc:10:40:49:3d:eb:51:68:03:
da:45:91:25:2f:41:fb:43:b7:5d:4d:93:21:60:5d:a8:26:dc:
69:03:81:54:95:7d:c0:d1:9b:65:0b:f1:37:04:5d:29:9d:38:
14:14:47:0c:36:03:f4:d7:b5:b7:15:e1:df:f0:bc:1b:1e:8f:
b8:3e:fb:ea:29:b1:58:f6:0a:a7:15:42:f0:1e:b7:52:21:26:
ea:90:36:5c:b5:38:ee:ca:48:a6:49:ee:b0:40:1a:ec:b3:fa:
6d:17:c5:7b:90:42:e4:5d:9c:06:c5:15:ea:ba:e2:67:5b:8e:
04:63:db:c6:91:5f:53:2d:ed:cd:a7:eb:ef:e7:6f:a7:37:87:
a5:1d:b7:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqtcJKAQdHDOdE+eJlIsK6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTE5MTIzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZiOTIxODFkYWMxYmFmNDJjYmFiZWQzZGJjYjgzNjZmZDg3NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSzAiwMVVk804B6AWDoQSGGN9ABC
slHng9tY1eN6A6IJfZBY2K8utxU2zLeu5RVsMV+9zZn868bTXXOyGgsX+3Zk44hX
sJhIs7dCEg0bhz+PGccdz5SBSuUppNUtrMuOlacvrXfwMqlF7Y59DLqPCRIhpDfb
d7QFoW1raK+ExQirrp4+kVxllaDDQ8958o1IBEF+twrsuuKx4dsBZ0RkEkRdAYjg
rSrBy+25qrwkfZ8OLAa5CXepbSQjthoeeif2EvDBE2Z8ouFqBabSRKL3lxEz+Bb6
gJIHgu0YzpX5n/TZ44ej0xvK99jvwq4u/j4lhby+9v1mcZqR8PEYOndD2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMT7khgdrBuvQsur7T28uDZv2HRRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveFB1U0dCMnNHNjlDeTZ2dFBieTRObV9ZZEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwZUcMA0G
CSqGSIb3DQEBCwUAA4IBAQClDbIi36Onj5MeNcJurznMoDEXWxBCohUH7qDpZG0k
3/V4pbx6ginVApST9b9rZ0HXie/FWf0pw4pWUgY5J5iMOlDm8syaYz4vPaR8f9hV
PMIy/eLqpjjZbleHQdC8CbVM55gHGhxS+rUZWP4vAVNMnw1W/lT8EEBJPetRaAPa
RZElL0H7Q7ddTZMhYF2oJtxpA4FUlX3A0ZtlC/E3BF0pnTgUFEcMNgP017W3FeHf
8LwbHo+4PvvqKbFY9gqnFULwHrdSISbqkDZctTjuykimSe6wQBrss/ptF8V7kELk
XZwGxRXquuJnW44EY9vGkV9TLe3Np+vv52+nN4elHbdQ
-----END CERTIFICATE-----
Generated at Wed Sep 20 13:32:11 2023 by rpki-client on console-ams.rpki-client.org