Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/T6o5Oj_u5w78vlvxeF-eHkrjTjI.roa
File: T6o5Oj_u5w78vlvxeF-eHkrjTjI.roa (raw, json)
Hash identifier: 09h5ug53KvD99JJA9890RDTgPiwP8KOlJ3QZTPQ2dDU=
Subject key identifier: 4F:AA:39:3A:3F:EE:E7:0E:FC:BE:5B:F1:78:5F:9E:1E:4A:E3:4E:32
Certificate issuer: /CN=dfc2603437ef74117fa12272ec42c2527da800c7
Certificate serial: 018572836EB5DCBCCCD064C3B489FB832629
Authority key identifier: DF:C2:60:34:37:EF:74:11:7F:A1:22:72:EC:42:C2:52:7D:A8:00:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38JgNDfvdBF_oSJy7ELCUn2oAMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/T6o5Oj_u5w78vlvxeF-eHkrjTjI.roa
Signing time: Mon 02 Jan 2023 12:44:54 +0000
ROA not before: Mon 02 Jan 2023 12:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51907
IP address blocks: 193.134.16.0/20 maxlen: 24
2a10:8244::/30 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:6e:b5:dc:bc:cc:d0:64:c3:b4:89:fb:83:26:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc2603437ef74117fa12272ec42c2527da800c7
Validity
Not Before: Jan 2 12:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4faa393a3feee70efcbe5bf1785f9e1e4ae34e32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:7a:e3:1f:49:0c:82:91:2a:de:8f:c5:24:
e8:f8:17:55:06:38:dc:0b:c3:16:bb:ab:ed:b1:50:
b6:b9:33:1a:26:e7:67:82:42:40:5d:9d:5b:42:68:
8f:56:6a:88:94:8f:7d:ee:8d:2d:a4:30:dd:b6:83:
68:64:75:85:e2:3d:57:7a:bb:9d:bc:45:ab:0a:35:
8e:a2:1d:52:10:92:17:33:c4:23:38:56:2c:e9:d0:
20:34:b0:81:a4:fa:cd:5a:27:f9:f8:23:ad:05:c5:
0b:cf:56:f1:6d:a1:f6:26:99:dc:0e:36:0b:39:b0:
3e:c1:e8:32:16:43:7f:40:f7:d8:15:1d:e0:8c:a1:
e9:2f:48:e2:c2:d7:c2:ae:86:bf:f7:48:43:16:db:
7f:27:09:0a:7c:f9:d4:3d:be:ef:e1:93:0e:eb:dd:
08:b7:d2:17:6f:9f:e2:f2:40:57:34:05:83:63:20:
eb:c2:db:5a:6b:78:1a:e3:8c:3d:ac:22:6c:1d:3b:
33:93:cd:29:8b:58:6e:a6:5b:ae:78:fd:19:34:55:
7d:1c:2b:16:dd:e3:97:d7:a1:a1:ae:1e:8b:ad:50:
66:03:b6:96:1d:ef:2a:11:52:a3:15:76:ef:71:8c:
a3:fb:28:75:8e:72:0b:5e:6c:d0:10:0d:45:9d:9d:
0d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:AA:39:3A:3F:EE:E7:0E:FC:BE:5B:F1:78:5F:9E:1E:4A:E3:4E:32
X509v3 Authority Key Identifier:
keyid:DF:C2:60:34:37:EF:74:11:7F:A1:22:72:EC:42:C2:52:7D:A8:00:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38JgNDfvdBF_oSJy7ELCUn2oAMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/T6o5Oj_u5w78vlvxeF-eHkrjTjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b55e40-d8be-48d9-bd55-c83007327449/1/38JgNDfvdBF_oSJy7ELCUn2oAMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.16.0/20
IPv6:
2a10:8244::/30
Signature Algorithm: sha256WithRSAEncryption
62:ac:ed:ab:2e:83:64:7f:08:2e:cd:8f:ce:3e:1d:12:78:5c:
fd:29:2e:73:bd:4d:00:c9:5d:33:3f:4a:33:3c:f5:36:88:83:
d1:17:9b:3c:3d:7d:17:d5:25:a4:10:71:b2:be:fd:f8:af:25:
5a:30:28:79:ae:6f:8b:53:c4:4f:0d:d7:60:0c:29:19:bb:23:
58:78:76:5e:1f:26:24:9f:bb:da:25:4c:4f:c9:b8:ff:41:c0:
e3:55:e2:72:a5:62:4a:6f:48:50:c1:a8:7a:eb:4d:13:d6:99:
76:ea:97:08:d4:a6:cb:e4:0d:e3:01:e5:33:09:88:83:38:24:
98:a0:49:36:fd:72:f6:1b:ad:f1:2a:df:3e:e0:cd:22:be:bc:
c0:63:26:0d:98:58:b6:63:a0:62:9a:fa:af:18:71:8f:ec:fa:
f8:57:db:00:1b:d6:1d:63:b0:18:f7:13:3c:61:98:03:ee:ff:
5f:f7:ab:61:04:9e:b3:76:78:58:62:b3:9a:56:a0:0e:fc:09:
d5:14:24:b4:17:dd:e5:d9:9b:0b:ea:50:ed:ff:17:0f:dc:f8:
95:6c:6b:11:ad:4d:e7:5c:92:20:ce:db:e7:3c:d8:7c:2b:b9:
5e:cc:b0:56:69:67:fd:eb:d1:51:31:51:45:7e:91:30:b1:6e:
6c:cf:55:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyg2613LzM0GTDtIn7gyYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYzI2MDM0MzdlZjc0MTE3ZmExMjI3MmVjNDJjMjUyN2Rh
ODAwYzcwHhcNMjMwMTAyMTI0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmFhMzkzYTNmZWVlNzBlZmNiZTViZjE3ODVmOWUxZTRhZTM0ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbV64x9JDIKRKt6PxSTo+BdVBjjc
C8MWu6vtsVC2uTMaJudngkJAXZ1bQmiPVmqIlI997o0tpDDdtoNoZHWF4j1Xerud
vEWrCjWOoh1SEJIXM8QjOFYs6dAgNLCBpPrNWif5+COtBcULz1bxbaH2JpncDjYL
ObA+wegyFkN/QPfYFR3gjKHpL0jiwtfCroa/90hDFtt/JwkKfPnUPb7v4ZMO690I
t9IXb5/i8kBXNAWDYyDrwttaa3ga44w9rCJsHTszk80pi1hupluueP0ZNFV9HCsW
3eOX16Ghrh6LrVBmA7aWHe8qEVKjFXbvcYyj+yh1jnILXmzQEA1FnZ0NcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE+qOTo/7ucO/L5b8Xhfnh5K404yMB8GA1UdIwQY
MBaAFN/CYDQ373QRf6EicuxCwlJ9qADHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzhKZ05EZnZkQkZfb1NKeTdFTENVbjJvQU1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iNTVlNDAtZDhiZS00OGQ5LWJkNTUt
YzgzMDA3MzI3NDQ5LzEvVDZvNU9qX3U1dzc4dmx2eGVGLWVIa3JqVGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iNTVlNDAtZDhiZS00OGQ5LWJkNTUtYzgzMDA3MzI3NDQ5
LzEvMzhKZ05EZnZkQkZfb1NKeTdFTENVbjJvQU1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEwYYQMA0E
AgACMAcDBQIqEIJEMA0GCSqGSIb3DQEBCwUAA4IBAQBirO2rLoNkfwguzY/OPh0S
eFz9KS5zvU0AyV0zP0ozPPU2iIPRF5s8PX0X1SWkEHGyvv34ryVaMCh5rm+LU8RP
DddgDCkZuyNYeHZeHyYkn7vaJUxPybj/QcDjVeJypWJKb0hQwah6600T1pl26pcI
1KbL5A3jAeUzCYiDOCSYoEk2/XL2G63xKt8+4M0ivrzAYyYNmFi2Y6BimvqvGHGP
7Pr4V9sAG9YdY7AY9xM8YZgD7v9f96thBJ6zdnhYYrOaVqAO/AnVFCS0F93l2ZsL
6lDt/xcP3PiVbGsRrU3nXJIgztvnPNh8K7lezLBWaWf969FRMVFFfpEwsW5sz1WE
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:42 2024 by rpki-client on console-fra.rpki-client.org