Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/HD8AcdF1Nwb5vbU4fkuoZDDhM8Q.roa
File: HD8AcdF1Nwb5vbU4fkuoZDDhM8Q.roa (raw, json)
Hash identifier: WBKOp5KGWT6PZg74WrZEFtnWIQkDj7SAYvD9GfliEmo=
Subject key identifier: 1C:3F:00:71:D1:75:37:06:F9:BD:B5:38:7E:4B:A8:64:30:E1:33:C4
Certificate issuer: /CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Certificate serial: 01856D81B34443529A3BC385FA71B5406668
Authority key identifier: E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/HD8AcdF1Nwb5vbU4fkuoZDDhM8Q.roa
Signing time: Sun 01 Jan 2023 13:24:54 +0000
ROA not before: Sun 01 Jan 2023 13:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 193.30.161.0/24 maxlen: 24
193.17.68.0/24 maxlen: 24
193.200.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:b3:44:43:52:9a:3b:c3:85:fa:71:b5:40:66:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Validity
Not Before: Jan 1 13:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c3f0071d1753706f9bdb5387e4ba86430e133c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a2:81:d8:69:ac:85:b7:ec:76:5c:44:81:d9:
f8:47:02:b9:99:3b:d0:c6:cf:a8:cc:94:54:2b:9b:
ea:1b:88:80:de:7d:45:d1:35:79:05:57:2d:fa:d4:
29:73:e5:19:7d:84:40:44:e4:73:51:d8:0a:ce:10:
79:06:49:9a:49:1e:27:a4:87:68:1c:11:89:0f:96:
ef:18:d3:5c:95:dc:ab:e6:c4:68:ac:8a:06:b0:b9:
8d:0d:50:41:68:0e:46:c3:ff:71:77:cb:17:08:58:
2e:1d:33:e5:7c:c4:3b:46:ba:d0:94:d3:de:6a:c4:
19:e4:e3:68:09:05:6a:62:70:64:36:cc:d4:dd:32:
67:00:f1:0a:67:70:03:2c:ea:a8:0c:0a:0e:16:74:
b4:6c:cc:d3:d2:0f:88:8c:24:0f:b8:6d:8b:a7:72:
ee:54:cb:3d:fe:ae:d8:70:ba:6e:8b:ca:72:75:be:
c7:0b:89:16:91:7b:26:24:dc:55:7b:b3:92:0d:3d:
30:a6:7b:c0:10:e0:c0:01:0c:9a:6b:d3:3e:9e:1f:
b9:74:00:97:3c:7f:82:47:94:9a:ad:23:8c:13:c1:
8f:19:2d:f5:dc:4a:e5:8d:81:d6:06:56:d6:d1:e1:
b5:b3:9b:c3:5e:f1:63:93:39:11:77:f4:c5:34:67:
40:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3F:00:71:D1:75:37:06:F9:BD:B5:38:7E:4B:A8:64:30:E1:33:C4
X509v3 Authority Key Identifier:
keyid:E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/HD8AcdF1Nwb5vbU4fkuoZDDhM8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/5KcU_8WYsVZHu6_ixkYKh-r7z5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.68.0/24
193.30.161.0/24
193.200.30.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:8a:b1:b7:c7:03:b3:43:7e:10:01:d7:b9:45:0d:18:dd:14:
c1:5c:8e:41:90:ad:af:ea:df:26:bb:e2:26:7b:bc:73:34:4d:
d9:66:a7:c3:1f:78:f6:ec:13:ea:70:2f:46:3a:80:ff:54:17:
8f:6f:90:bc:f2:63:26:9a:76:80:8f:52:c2:93:b7:3c:cd:77:
1b:5c:a0:84:56:44:c3:bb:43:d3:87:d6:77:37:15:ef:aa:64:
5e:3a:13:3d:1c:c3:27:47:2a:db:bb:76:51:9a:31:3b:67:4b:
04:d8:97:f2:56:da:09:78:ab:ae:42:4d:fa:0f:35:e4:78:fd:
63:a8:72:34:94:20:f4:b4:24:b4:fe:67:94:46:c4:45:71:a2:
7c:fc:4f:23:2d:f2:ad:f4:7c:4a:40:6e:06:15:97:85:1e:3e:
73:8a:e5:63:07:c5:f2:62:a1:42:bc:35:5f:70:3a:39:8a:13:
64:5d:eb:8e:a0:f4:35:be:a1:f7:d0:ca:8d:92:b6:c7:75:95:
82:e4:33:11:27:d3:cf:54:ee:4a:07:2f:de:e2:f7:9b:2d:fe:
99:cd:61:64:b3:d2:b7:f7:ef:a9:21:7b:3a:aa:70:ca:46:a6:
6c:cc:ff:c1:6c:7a:f4:6c:43:a8:6f:aa:cf:84:a0:78:6b:07:
77:61:ba:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtgbNEQ1KaO8OF+nG1QGZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTcxNGZmYzU5OGIxNTY0N2JiYWZlMmM2NDYwYTg3ZWFm
YmNmOTcwHhcNMjMwMTAxMTMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzNmMDA3MWQxNzUzNzA2ZjliZGI1Mzg3ZTRiYTg2NDMwZTEzM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaKB2GmshbfsdlxEgdn4RwK5mTvQ
xs+ozJRUK5vqG4iA3n1F0TV5BVct+tQpc+UZfYRARORzUdgKzhB5BkmaSR4npIdo
HBGJD5bvGNNcldyr5sRorIoGsLmNDVBBaA5Gw/9xd8sXCFguHTPlfMQ7RrrQlNPe
asQZ5ONoCQVqYnBkNszU3TJnAPEKZ3ADLOqoDAoOFnS0bMzT0g+IjCQPuG2Lp3Lu
VMs9/q7YcLpui8pydb7HC4kWkXsmJNxVe7OSDT0wpnvAEODAAQyaa9M+nh+5dACX
PH+CR5SarSOME8GPGS313ErljYHWBlbW0eG1s5vDXvFjkzkRd/TFNGdAdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBw/AHHRdTcG+b21OH5LqGQw4TPEMB8GA1UdIwQY
MBaAFOSnFP/FmLFWR7uv4sZGCofq+8+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTkt
N2NiMzQ1ZTg1NDFhLzEvSEQ4QWNkRjFOd2I1dmJVNGZrdW9aRERoTThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTktN2NiMzQ1ZTg1NDFh
LzEvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRFEAwQA
wR6hAwQAwcgeMA0GCSqGSIb3DQEBCwUAA4IBAQCjirG3xwOzQ34QAde5RQ0Y3RTB
XI5BkK2v6t8mu+Ime7xzNE3ZZqfDH3j27BPqcC9GOoD/VBePb5C88mMmmnaAj1LC
k7c8zXcbXKCEVkTDu0PTh9Z3NxXvqmReOhM9HMMnRyrbu3ZRmjE7Z0sE2JfyVtoJ
eKuuQk36DzXkeP1jqHI0lCD0tCS0/meURsRFcaJ8/E8jLfKt9HxKQG4GFZeFHj5z
iuVjB8XyYqFCvDVfcDo5ihNkXeuOoPQ1vqH30MqNkrbHdZWC5DMRJ9PPVO5KBy/e
4vebLf6ZzWFks9K39++pIXs6qnDKRqZszP/BbHr0bEOob6rPhKB4awd3Ybrb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:48 2024 by rpki-client on console-fra.rpki-client.org