Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/ac69d2-9299-49b0-91c8-0233b7b26d5d/1/u6ybK3GET5sdqIEPBV2bO5oBSBY.roa
File: u6ybK3GET5sdqIEPBV2bO5oBSBY.roa (raw, json)
Hash identifier: y/1ZzzxvHEJNf3PcdTUmMIf1BCbavgQQuUxplZ5fTWE=
Subject key identifier: BB:AC:9B:2B:71:84:4F:9B:1D:A8:81:0F:05:5D:9B:3B:9A:01:48:16
Certificate issuer: /CN=40d4e33be71d339f3bc0cc6dae65e8792ff4d5dc
Certificate serial: 0185704B9F88F9FAA030C86B22E2F75B4F26
Authority key identifier: 40:D4:E3:3B:E7:1D:33:9F:3B:C0:CC:6D:AE:65:E8:79:2F:F4:D5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNTjO-cdM587wMxtrmXoeS_01dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/ac69d2-9299-49b0-91c8-0233b7b26d5d/1/u6ybK3GET5sdqIEPBV2bO5oBSBY.roa
Signing time: Mon 02 Jan 2023 02:24:42 +0000
ROA not before: Mon 02 Jan 2023 02:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196621
IP address blocks: 193.5.68.0/23 maxlen: 23
2001:67c:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:9f:88:f9:fa:a0:30:c8:6b:22:e2:f7:5b:4f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d4e33be71d339f3bc0cc6dae65e8792ff4d5dc
Validity
Not Before: Jan 2 02:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbac9b2b71844f9b1da8810f055d9b3b9a014816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:23:58:d7:72:c1:1c:b6:c3:a1:ec:19:9f:2a:
4f:c2:fb:63:d8:25:3c:31:a3:de:10:bf:d1:e8:86:
77:64:56:1a:4e:27:18:fa:bb:dc:2d:7a:d6:ac:67:
91:d8:2c:67:8b:87:f4:ad:54:1a:2c:f6:fa:7a:ef:
d0:bb:68:38:91:51:23:33:b0:a7:62:1d:2c:c3:d4:
13:e1:9b:61:9f:7b:eb:87:34:7a:89:bc:22:ac:2f:
56:5a:e0:43:e4:ed:f2:64:bd:2a:51:b5:fa:56:f1:
64:a6:b9:90:2b:09:d1:af:cb:f5:74:cf:98:dc:35:
15:d3:1b:d1:a0:42:de:8f:8f:9f:cf:7b:33:64:35:
35:e0:36:75:ed:b6:43:ca:3d:db:5f:12:64:b6:a9:
50:d5:24:4c:13:74:7f:82:ae:4d:55:cb:eb:dd:45:
1d:2e:57:57:ed:b5:5f:10:bc:7d:29:e3:0a:0a:60:
ee:43:d7:81:f2:a8:58:2a:c2:4b:4d:17:f1:26:58:
74:f8:cd:ad:d4:d4:5c:00:09:4e:82:1e:a9:59:70:
b0:33:60:eb:48:1f:61:6a:c4:0d:02:17:73:53:55:
6e:f0:fa:d6:76:db:3f:db:18:e2:c2:5d:b1:f1:26:
94:c0:60:28:b4:55:e1:f2:65:95:af:56:c4:4a:77:
b1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AC:9B:2B:71:84:4F:9B:1D:A8:81:0F:05:5D:9B:3B:9A:01:48:16
X509v3 Authority Key Identifier:
keyid:40:D4:E3:3B:E7:1D:33:9F:3B:C0:CC:6D:AE:65:E8:79:2F:F4:D5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNTjO-cdM587wMxtrmXoeS_01dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ac69d2-9299-49b0-91c8-0233b7b26d5d/1/u6ybK3GET5sdqIEPBV2bO5oBSBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ac69d2-9299-49b0-91c8-0233b7b26d5d/1/QNTjO-cdM587wMxtrmXoeS_01dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.68.0/23
IPv6:
2001:67c:8::/48
Signature Algorithm: sha256WithRSAEncryption
0f:43:b8:8e:0f:b4:e0:52:14:ec:e7:9f:d7:fc:fb:0e:71:17:
58:75:22:1f:0f:93:28:49:2d:0b:bc:69:2e:ea:96:b2:5c:40:
89:72:e6:0d:2c:cf:b9:64:39:27:15:81:40:d0:2d:de:bf:d0:
ed:fb:ca:9d:aa:8c:78:1a:a5:72:a2:d1:78:4a:f4:13:09:c2:
f9:dc:cd:83:cb:52:74:8e:20:f5:07:a4:84:99:1f:ae:10:d3:
38:38:04:d5:fc:cc:32:3a:1d:44:f2:7e:89:2d:0b:5e:a0:3e:
4a:6d:5d:63:2b:4b:64:2d:f2:16:3b:f0:34:ce:3a:0c:d2:8f:
4b:ae:9c:56:e5:be:0d:71:c5:50:47:7b:6d:80:ba:5b:65:36:
0c:c2:c8:95:7a:79:fb:d3:ba:e0:34:28:ae:0a:39:3f:3d:6d:
21:5d:27:55:d7:f6:22:91:98:10:3f:db:71:3e:97:86:56:36:
32:ae:15:a2:60:8e:cf:bd:bd:20:f1:83:4f:74:67:53:5d:f3:
81:55:93:c1:a1:13:35:59:0d:20:55:ec:15:2c:e7:da:6d:5b:
fc:7e:af:c7:22:7c:b3:0e:c4:9c:dc:0e:e8:a4:5f:23:ee:bf:
ce:ed:cf:99:2d:4f:f0:e7:40:66:17:0f:4d:d9:f2:cb:73:a5:
08:1d:eb:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwS5+I+fqgMMhrIuL3W08mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDRlMzNiZTcxZDMzOWYzYmMwY2M2ZGFlNjVlODc5MmZm
NGQ1ZGMwHhcNMjMwMTAyMDIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmFjOWIyYjcxODQ0ZjliMWRhODgxMGYwNTVkOWIzYjlhMDE0ODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiNY13LBHLbDoewZnypPwvtj2CU8
MaPeEL/R6IZ3ZFYaTicY+rvcLXrWrGeR2Cxni4f0rVQaLPb6eu/Qu2g4kVEjM7Cn
Yh0sw9QT4Zthn3vrhzR6ibwirC9WWuBD5O3yZL0qUbX6VvFkprmQKwnRr8v1dM+Y
3DUV0xvRoELej4+fz3szZDU14DZ17bZDyj3bXxJktqlQ1SRME3R/gq5NVcvr3UUd
LldX7bVfELx9KeMKCmDuQ9eB8qhYKsJLTRfxJlh0+M2t1NRcAAlOgh6pWXCwM2Dr
SB9hasQNAhdzU1Vu8PrWdts/2xjiwl2x8SaUwGAotFXh8mWVr1bESnexlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLusmytxhE+bHaiBDwVdmzuaAUgWMB8GA1UdIwQY
MBaAFEDU4zvnHTOfO8DMba5l6Hkv9NXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5Uak8tY2RNNTg3d014dHJtWG9lU18wMWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hYzY5ZDItOTI5OS00OWIwLTkxYzgt
MDIzM2I3YjI2ZDVkLzEvdTZ5YkszR0VUNXNkcUlFUEJWMmJPNW9CU0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hYzY5ZDItOTI5OS00OWIwLTkxYzgtMDIzM2I3YjI2ZDVk
LzEvUU5Uak8tY2RNNTg3d014dHJtWG9lU18wMWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwQVEMA8E
AgACMAkDBwAgAQZ8AAgwDQYJKoZIhvcNAQELBQADggEBAA9DuI4PtOBSFOznn9f8
+w5xF1h1Ih8PkyhJLQu8aS7qlrJcQIly5g0sz7lkOScVgUDQLd6/0O37yp2qjHga
pXKi0XhK9BMJwvnczYPLUnSOIPUHpISZH64Q0zg4BNX8zDI6HUTyfoktC16gPkpt
XWMrS2Qt8hY78DTOOgzSj0uunFblvg1xxVBHe22AultlNgzCyJV6efvTuuA0KK4K
OT89bSFdJ1XX9iKRmBA/23E+l4ZWNjKuFaJgjs+9vSDxg090Z1Nd84FVk8GhEzVZ
DSBV7BUs59ptW/x+r8cifLMOxJzcDuikXyPuv87tz5ktT/DnQGYXD03Z8stzpQgd
6wo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:32 2024 by rpki-client on console-ams.rpki-client.org