Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/9LkCaobO6jC8Qn9zgGl8_2VA9H8.roa
File: 9LkCaobO6jC8Qn9zgGl8_2VA9H8.roa (raw, json)
Hash identifier: bxZRwWpQTls7D3/xBHP3IvIcpN95hjxK4QEMjiJdbiA=
Subject key identifier: F4:B9:02:6A:86:CE:EA:30:BC:42:7F:73:80:69:7C:FF:65:40:F4:7F
Certificate issuer: /CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Certificate serial: 01856D81B57FE320D5BC741133BE80A80689
Authority key identifier: E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/9LkCaobO6jC8Qn9zgGl8_2VA9H8.roa
Signing time: Sun 01 Jan 2023 13:24:55 +0000
ROA not before: Sun 01 Jan 2023 13:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.30.161.0/24 maxlen: 24
193.17.68.0/24 maxlen: 24
193.200.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:b5:7f:e3:20:d5:bc:74:11:33:be:80:a8:06:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Validity
Not Before: Jan 1 13:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4b9026a86ceea30bc427f7380697cff6540f47f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1a:ce:ba:87:d7:49:be:a2:3f:be:b4:1f:9c:
d2:94:3d:b2:3e:ca:1a:0a:86:af:aa:7e:4a:4e:8a:
d0:fa:93:76:b4:8e:db:0c:70:c1:d3:34:61:22:c4:
21:bf:1f:a5:3b:03:6f:66:bb:62:02:63:19:de:f2:
70:8d:b5:be:a7:36:06:3d:c5:b7:c8:01:4b:1e:90:
75:96:23:2d:9e:d1:22:61:97:5b:2d:3d:2c:3f:2f:
2f:2b:1c:63:35:3a:bf:8c:88:c2:e9:b6:92:6c:d2:
bf:c8:71:a1:5e:b6:3a:e4:a5:c2:11:57:cd:16:6a:
52:5c:95:e5:a2:e1:30:2e:ae:f5:bb:f9:21:64:b7:
43:70:12:6e:85:23:50:3f:f6:41:a6:31:89:6e:75:
f3:1a:0a:ff:b7:76:a2:1b:55:ec:9b:73:91:b0:ec:
f6:f5:40:0e:0e:3c:89:b6:ad:93:77:00:24:4e:84:
2f:01:54:0c:f6:da:5b:63:11:2e:f4:2d:cb:0c:48:
b9:a3:4b:1c:84:d5:96:98:96:9c:8d:4d:b7:59:f1:
b6:41:d8:4e:03:cf:30:40:59:e9:f4:e7:70:b4:71:
91:72:e5:35:4b:06:e3:83:58:7f:80:ba:28:c5:3e:
82:59:21:6d:2a:f7:27:41:66:0f:24:34:56:9c:2f:
b7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B9:02:6A:86:CE:EA:30:BC:42:7F:73:80:69:7C:FF:65:40:F4:7F
X509v3 Authority Key Identifier:
keyid:E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/9LkCaobO6jC8Qn9zgGl8_2VA9H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/5KcU_8WYsVZHu6_ixkYKh-r7z5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.68.0/24
193.30.161.0/24
193.200.30.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:ec:5c:4d:4d:cc:e0:e8:7c:7f:f5:ff:54:bd:61:e7:c4:29:
e9:cd:bc:11:b3:b6:20:67:64:0a:3a:de:8c:60:f4:75:9b:20:
74:53:10:f1:0a:3b:05:19:d6:90:c6:00:ef:d1:6a:4e:fb:9a:
29:af:6d:6c:ec:fd:fe:9a:3f:e5:45:c1:eb:5e:9c:6f:7c:f2:
b4:f0:d2:a6:3d:4b:fb:e4:02:f5:09:aa:b3:15:b0:c1:a3:98:
39:5e:ca:f4:ec:30:65:62:af:51:b4:91:10:58:36:d7:c6:4a:
6f:e1:cd:f5:70:e3:7c:49:c2:44:cb:59:c3:17:25:85:79:00:
19:72:48:d7:12:3c:13:2b:8e:28:d3:1d:2d:d7:26:0b:05:d3:
f8:cc:54:11:45:0d:86:ff:bb:56:8e:9b:5d:79:65:6d:85:72:
01:f6:39:11:aa:52:6e:3c:e3:40:c8:b5:97:8a:90:80:2a:c2:
3d:ca:31:95:a0:03:97:27:f0:3c:52:19:22:fc:ea:cf:d8:b2:
9e:4b:70:8b:14:58:49:03:3b:cb:c6:42:83:49:58:35:0b:07:
a3:a8:20:4b:23:f7:1f:f5:43:de:27:d9:22:a4:0d:c1:84:53:
1e:5e:91:a9:d8:32:e9:99:08:ac:e0:d0:d6:49:1d:e4:e4:2c:
f4:53:b3:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtgbV/4yDVvHQRM76AqAaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTcxNGZmYzU5OGIxNTY0N2JiYWZlMmM2NDYwYTg3ZWFm
YmNmOTcwHhcNMjMwMTAxMTMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGI5MDI2YTg2Y2VlYTMwYmM0MjdmNzM4MDY5N2NmZjY1NDBmNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRrOuofXSb6iP760H5zSlD2yPsoa
Coavqn5KTorQ+pN2tI7bDHDB0zRhIsQhvx+lOwNvZrtiAmMZ3vJwjbW+pzYGPcW3
yAFLHpB1liMtntEiYZdbLT0sPy8vKxxjNTq/jIjC6baSbNK/yHGhXrY65KXCEVfN
FmpSXJXlouEwLq71u/khZLdDcBJuhSNQP/ZBpjGJbnXzGgr/t3aiG1Xsm3ORsOz2
9UAODjyJtq2TdwAkToQvAVQM9tpbYxEu9C3LDEi5o0schNWWmJacjU23WfG2QdhO
A88wQFnp9OdwtHGRcuU1Swbjg1h/gLooxT6CWSFtKvcnQWYPJDRWnC+3uwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPS5AmqGzuowvEJ/c4BpfP9lQPR/MB8GA1UdIwQY
MBaAFOSnFP/FmLFWR7uv4sZGCofq+8+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTkt
N2NiMzQ1ZTg1NDFhLzEvOUxrQ2FvYk82akM4UW45emdHbDhfMlZBOUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTktN2NiMzQ1ZTg1NDFh
LzEvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRFEAwQA
wR6hAwQAwcgeMA0GCSqGSIb3DQEBCwUAA4IBAQDM7FxNTczg6Hx/9f9UvWHnxCnp
zbwRs7YgZ2QKOt6MYPR1myB0UxDxCjsFGdaQxgDv0WpO+5opr21s7P3+mj/lRcHr
XpxvfPK08NKmPUv75AL1CaqzFbDBo5g5Xsr07DBlYq9RtJEQWDbXxkpv4c31cON8
ScJEy1nDFyWFeQAZckjXEjwTK44o0x0t1yYLBdP4zFQRRQ2G/7tWjptdeWVthXIB
9jkRqlJuPONAyLWXipCAKsI9yjGVoAOXJ/A8Uhki/OrP2LKeS3CLFFhJAzvLxkKD
SVg1CwejqCBLI/cf9UPeJ9kipA3BhFMeXpGp2DLpmQis4NDWSR3k5Cz0U7N/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org