Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a6ec71-16e5-4163-a042-317db4232f3b/1/tBSRtjIvFhDnhN2RYd8j9FEAJ9s.roa
File: tBSRtjIvFhDnhN2RYd8j9FEAJ9s.roa (raw, json)
Hash identifier: Q1nS35dKyHXgWruP1VkdkGSvpgtUHL2C6q6veUrbd6w=
Subject key identifier: B4:14:91:B6:32:2F:16:10:E7:84:DD:91:61:DF:23:F4:51:00:27:DB
Certificate issuer: /CN=c172e7b96252eea8732633d3ba51a9b05583a7b3
Certificate serial: 01856DC1B8D67E1DB865BCC0859006E25875
Authority key identifier: C1:72:E7:B9:62:52:EE:A8:73:26:33:D3:BA:51:A9:B0:55:83:A7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wXLnuWJS7qhzJjPTulGpsFWDp7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a6ec71-16e5-4163-a042-317db4232f3b/1/tBSRtjIvFhDnhN2RYd8j9FEAJ9s.roa
Signing time: Sun 01 Jan 2023 14:34:50 +0000
ROA not before: Sun 01 Jan 2023 14:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31420
IP address blocks: 193.151.80.0/24 maxlen: 24
193.151.83.0/24 maxlen: 24
193.151.81.0/24 maxlen: 24
193.151.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:b8:d6:7e:1d:b8:65:bc:c0:85:90:06:e2:58:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c172e7b96252eea8732633d3ba51a9b05583a7b3
Validity
Not Before: Jan 1 14:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b41491b6322f1610e784dd9161df23f4510027db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:78:f9:4a:66:62:ef:82:85:78:97:97:ba:05:
e9:99:4e:cd:e1:e7:c9:2c:33:47:44:5f:48:f9:13:
21:fc:56:40:ff:3a:2a:dc:ad:1c:6f:c0:85:6f:36:
c4:37:d4:a3:c0:25:ea:8a:01:57:0a:6a:ec:f2:e7:
cf:fc:eb:45:22:82:37:46:03:6d:18:b8:e1:53:4b:
a6:95:70:20:ce:e9:ac:1d:56:9d:3e:15:63:3b:e3:
39:bf:ec:92:28:9a:37:91:5d:9a:40:40:99:8f:c2:
91:24:e0:75:2c:c6:92:dd:61:de:bc:e4:e6:2b:98:
50:32:ab:3e:1c:a3:76:00:97:22:b7:05:c6:f9:c9:
a5:68:fa:e5:cb:c0:d4:f4:c1:f5:5d:e8:2f:b3:ae:
3d:d4:e9:59:63:e9:19:6d:38:a5:b4:4f:3c:1a:ac:
c8:de:34:84:54:15:e8:78:06:78:53:49:27:89:c8:
21:9b:51:c9:1c:cf:00:c9:f6:9b:68:8c:c7:03:04:
d7:f7:84:03:d6:27:ae:7b:2d:c7:75:95:49:bd:3e:
53:7a:47:d1:30:20:2e:e4:55:94:87:56:4f:d1:f6:
e5:13:25:46:59:c7:4c:15:22:79:b2:2e:d4:77:85:
7d:0b:a7:aa:05:cf:c0:aa:e2:e4:fb:77:20:47:4a:
fb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:14:91:B6:32:2F:16:10:E7:84:DD:91:61:DF:23:F4:51:00:27:DB
X509v3 Authority Key Identifier:
keyid:C1:72:E7:B9:62:52:EE:A8:73:26:33:D3:BA:51:A9:B0:55:83:A7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wXLnuWJS7qhzJjPTulGpsFWDp7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a6ec71-16e5-4163-a042-317db4232f3b/1/tBSRtjIvFhDnhN2RYd8j9FEAJ9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a6ec71-16e5-4163-a042-317db4232f3b/1/wXLnuWJS7qhzJjPTulGpsFWDp7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.80.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:d3:94:3a:66:bb:13:7a:5b:70:68:4d:3f:87:ab:6b:85:62:
1c:6b:33:63:b9:34:90:ea:1e:ee:2b:ff:34:f4:0d:4e:39:57:
c7:59:4b:46:1a:0f:25:36:83:84:80:27:c5:26:3c:0f:85:43:
6d:1a:c1:1a:9f:85:8d:6d:51:dd:a3:e0:0e:01:8a:97:8c:76:
0b:73:70:98:a4:dd:e3:a1:a2:ab:80:56:e0:d9:f7:85:f1:b8:
06:cd:f0:52:c0:b4:ee:e9:8b:d3:74:a0:51:9c:d2:c0:c6:07:
0e:ca:5c:69:cb:4d:6b:ad:2c:fc:56:b7:d6:84:e3:1a:dd:2e:
b5:4f:b1:9d:03:85:bf:16:28:a6:03:0a:73:85:67:a2:76:69:
c4:a4:60:e4:d3:76:01:4e:7d:fa:be:89:60:ad:0f:d4:c4:e9:
6c:53:94:ef:97:5a:06:85:0b:ca:31:ad:79:d9:da:c4:a5:d1:
05:f3:9d:25:4b:4a:c0:2d:69:bf:9d:14:01:98:22:14:0b:25:
82:56:9e:7d:93:e4:54:5d:28:d8:05:8d:84:78:e2:bc:1c:b9:
91:bc:2a:99:61:e3:d1:9a:2e:de:a6:3e:ae:43:58:d9:6f:a5:
2d:6a:9e:1c:a2:13:b2:59:56:d0:db:25:c4:9c:8f:d0:43:ae:
85:17:51:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwbjWfh24ZbzAhZAG4lh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxNzJlN2I5NjI1MmVlYTg3MzI2MzNkM2JhNTFhOWIwNTU4
M2E3YjMwHhcNMjMwMTAxMTQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDE0OTFiNjMyMmYxNjEwZTc4NGRkOTE2MWRmMjNmNDUxMDAyN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHj5SmZi74KFeJeXugXpmU7N4efJ
LDNHRF9I+RMh/FZA/zoq3K0cb8CFbzbEN9SjwCXqigFXCmrs8ufP/OtFIoI3RgNt
GLjhU0umlXAgzumsHVadPhVjO+M5v+ySKJo3kV2aQECZj8KRJOB1LMaS3WHevOTm
K5hQMqs+HKN2AJcitwXG+cmlaPrly8DU9MH1Xegvs6491OlZY+kZbTiltE88GqzI
3jSEVBXoeAZ4U0knicghm1HJHM8AyfabaIzHAwTX94QD1ieuey3HdZVJvT5TekfR
MCAu5FWUh1ZP0fblEyVGWcdMFSJ5si7Ud4V9C6eqBc/AquLk+3cgR0r7cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQUkbYyLxYQ54TdkWHfI/RRACfbMB8GA1UdIwQY
MBaAFMFy57liUu6ocyYz07pRqbBVg6ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1hMbnVXSlM3cWh6SmpQVHVsR3BzRldEcDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNmVjNzEtMTZlNS00MTYzLWEwNDIt
MzE3ZGI0MjMyZjNiLzEvdEJTUnRqSXZGaERuaE4yUllkOGo5RkVBSjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNmVjNzEtMTZlNS00MTYzLWEwNDItMzE3ZGI0MjMyZjNi
LzEvd1hMbnVXSlM3cWh6SmpQVHVsR3BzRldEcDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwZdQMA0G
CSqGSIb3DQEBCwUAA4IBAQBN05Q6ZrsTeltwaE0/h6trhWIcazNjuTSQ6h7uK/80
9A1OOVfHWUtGGg8lNoOEgCfFJjwPhUNtGsEan4WNbVHdo+AOAYqXjHYLc3CYpN3j
oaKrgFbg2feF8bgGzfBSwLTu6YvTdKBRnNLAxgcOylxpy01rrSz8VrfWhOMa3S61
T7GdA4W/FiimAwpzhWeidmnEpGDk03YBTn36volgrQ/UxOlsU5Tvl1oGhQvKMa15
2drEpdEF850lS0rALWm/nRQBmCIUCyWCVp59k+RUXSjYBY2EeOK8HLmRvCqZYePR
mi7epj6uQ1jZb6Utap4cohOyWVbQ2yXEnI/QQ66FF1F0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:19 2024 by rpki-client on console-ams.rpki-client.org