Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1BFYEZUAqnT_rOy0dTwCBpazUWg.roa
File: 1BFYEZUAqnT_rOy0dTwCBpazUWg.roa (raw, json)
Hash identifier: E+FGeW480miotTeJdSAV41cgPT+ZGDuMWAKH+gWvoq0=
Subject key identifier: D4:11:58:11:95:00:AA:74:FF:AC:EC:B4:75:3C:02:06:96:B3:51:68
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012A0783BE1EECBBB667DF72E91B54
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1BFYEZUAqnT_rOy0dTwCBpazUWg.roa
Signing time: Tue 02 Jan 2024 02:29:28 +0000
ROA not before: Tue 02 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42849
IP address blocks: 193.200.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 12:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2a:07:83:be:1e:ec:bb:b6:67:df:72:e9:1b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d41158119500aa74ffacecb4753c020696b35168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:f0:c4:e5:2d:09:8c:d0:20:67:8c:31:f0:
a3:b3:a0:55:b6:74:7c:ce:b7:9a:d6:52:bb:c4:45:
a5:1d:c5:d3:3a:6e:c8:b1:cf:a7:37:48:38:f8:6d:
17:63:28:26:bd:10:47:28:cd:88:78:9d:cf:25:0d:
8c:4c:89:2f:42:08:f0:87:59:38:ba:65:11:0f:71:
14:4e:4f:4e:4f:17:e2:9a:ff:1a:3e:2d:1d:60:f2:
a9:41:05:42:1d:c5:c8:b4:10:90:64:9e:da:05:28:
5f:17:ea:ec:0f:1c:28:f1:bd:8f:ff:e9:1b:eb:4c:
cf:c7:6f:48:cc:f5:55:65:18:c8:22:81:99:33:ab:
34:2e:96:7b:ef:93:91:5e:86:c0:5a:03:03:bd:ab:
31:e4:9f:23:28:98:40:cb:87:8e:e4:bc:6f:aa:e1:
0a:03:4c:57:57:56:13:4c:ae:68:9b:9e:c9:04:8a:
04:1a:39:b1:c0:db:05:69:73:13:02:a4:59:ad:18:
84:ad:e2:1d:01:51:e0:26:01:5e:af:b3:f9:66:b7:
4d:b8:9b:a0:5a:88:36:fd:51:2e:f6:26:9d:aa:a5:
98:38:68:77:8a:b1:32:ba:15:a9:63:1c:d4:a6:18:
3d:d7:e8:8a:75:e4:7f:da:2c:8b:24:fb:e3:89:24:
1c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:11:58:11:95:00:AA:74:FF:AC:EC:B4:75:3C:02:06:96:B3:51:68
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1BFYEZUAqnT_rOy0dTwCBpazUWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.131.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:7b:0b:ef:08:1c:d0:f8:79:28:7a:fa:6a:ae:14:8c:d7:a0:
3e:02:6c:45:aa:24:0e:54:3c:4e:5b:03:78:a7:0c:1e:31:f4:
ea:85:28:30:52:f5:30:26:d4:36:e2:22:4a:c2:19:1a:ce:a0:
32:c6:f9:0b:80:78:63:fb:01:a7:65:0d:cc:f1:ac:2b:8c:da:
15:23:fc:ea:a6:00:23:8d:8e:5a:4d:6b:00:0b:c9:1a:7b:e1:
eb:38:cc:9d:d5:e5:a7:1e:43:47:a4:ab:23:fa:74:3f:56:ff:
2a:25:e9:91:a3:09:51:eb:ab:c9:88:a0:26:75:7c:f0:16:61:
05:1b:03:a1:75:e3:24:3f:d8:a5:79:28:7f:97:6e:d3:0a:b5:
f5:d0:e3:fd:1d:4b:bd:30:ba:c2:15:a0:6d:dd:4a:40:0d:92:
81:62:e6:ae:fb:3c:c1:56:c0:1f:de:cc:6a:50:39:08:f8:45:
b2:97:45:00:be:dd:09:bc:e2:f0:9a:03:54:2d:4e:d0:a4:4e:
07:47:91:e0:fe:eb:19:09:95:12:dd:cb:56:ec:e7:6d:80:f6:
f6:fc:4c:26:92:1c:87:db:c3:49:75:d1:9b:42:0c:1d:d9:f1:
18:eb:91:73:f0:ba:f6:fb:ba:2f:7e:1c:45:25:e4:f3:10:9c:
67:d2:ff:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIASoHg74e7Lu2Z99y6RtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDExNTgxMTk1MDBhYTc0ZmZhY2VjYjQ3NTNjMDIwNjk2YjM1MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoPwxOUtCYzQIGeMMfCjs6BVtnR8
zrea1lK7xEWlHcXTOm7Isc+nN0g4+G0XYygmvRBHKM2IeJ3PJQ2MTIkvQgjwh1k4
umURD3EUTk9OTxfimv8aPi0dYPKpQQVCHcXItBCQZJ7aBShfF+rsDxwo8b2P/+kb
60zPx29IzPVVZRjIIoGZM6s0LpZ775ORXobAWgMDvasx5J8jKJhAy4eO5LxvquEK
A0xXV1YTTK5om57JBIoEGjmxwNsFaXMTAqRZrRiEreIdAVHgJgFer7P5ZrdNuJug
Wog2/VEu9iadqqWYOGh3irEyuhWpYxzUphg91+iKdeR/2iyLJPvjiSQc+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQRWBGVAKp0/6zstHU8AgaWs1FoMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMUJGWUVaVUFxblRfck95MGRUd0NCcGF6VVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwciDMA0G
CSqGSIb3DQEBCwUAA4IBAQDCewvvCBzQ+HkoevpqrhSM16A+AmxFqiQOVDxOWwN4
pwweMfTqhSgwUvUwJtQ24iJKwhkazqAyxvkLgHhj+wGnZQ3M8awrjNoVI/zqpgAj
jY5aTWsAC8kae+HrOMyd1eWnHkNHpKsj+nQ/Vv8qJemRowlR66vJiKAmdXzwFmEF
GwOhdeMkP9ileSh/l27TCrX10OP9HUu9MLrCFaBt3UpADZKBYuau+zzBVsAf3sxq
UDkI+EWyl0UAvt0JvOLwmgNULU7QpE4HR5Hg/usZCZUS3ctW7OdtgPb2/EwmkhyH
28NJddGbQgwd2fEY65Fz8Lr2+7ovfhxFJeTzEJxn0v8U
-----END CERTIFICATE-----
Generated at Fri Jan 26 15:52:01 2024 by rpki-client on console-ams.rpki-client.org