Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/s9iM-wcS4xq9EuPwNP3WB3Ga98E.roa
File: s9iM-wcS4xq9EuPwNP3WB3Ga98E.roa (raw, json)
Hash identifier: wgmXXrEHq/pXYN3QAsXmEXtK9gYSSbcszZFauEmv/do=
Subject key identifier: B3:D8:8C:FB:07:12:E3:1A:BD:12:E3:F0:34:FD:D6:07:71:9A:F7:C1
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01863A2BB4D4AD93B569ED5E371B25E5D05D
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/s9iM-wcS4xq9EuPwNP3WB3Ga98E.roa
Signing time: Fri 10 Feb 2023 07:13:08 +0000
ROA not before: Fri 10 Feb 2023 07:13:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204679
IP address blocks: 194.181.179.0/24 maxlen: 24
195.164.128.0/17 maxlen: 24
193.59.78.0/23 maxlen: 24
2001:a17::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:2b:b4:d4:ad:93:b5:69:ed:5e:37:1b:25:e5:d0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Feb 10 07:13:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3d88cfb0712e31abd12e3f034fdd607719af7c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:25:68:64:23:38:a2:e4:00:9a:8b:d0:5e:09:
6e:a1:9b:9c:e5:e8:21:57:7c:ab:48:b5:b2:60:25:
1e:6c:c9:0e:c7:4d:94:ad:54:a4:8e:62:5c:06:f2:
e3:e2:16:aa:d0:f0:db:6e:a7:97:88:3b:cb:92:12:
4b:eb:e5:ad:e3:9c:49:21:ca:bc:af:04:2d:1d:0e:
6e:6e:0e:4e:bc:08:6a:81:ba:99:b4:5f:b1:f5:d7:
65:a0:7d:65:e7:b3:97:dd:e7:1b:4d:60:b8:2c:d6:
2b:d3:3f:48:5d:dc:a7:a4:60:a7:1d:66:e1:ba:4e:
1e:38:94:25:7f:18:ac:9c:e1:5f:0f:dc:5b:4c:54:
81:d4:2c:b2:17:31:bf:6d:55:fe:f4:d6:cc:df:ed:
03:5c:bd:ad:fd:8d:82:25:47:80:10:9f:38:53:eb:
f0:58:2a:1c:dc:8c:45:40:b1:96:3c:1b:87:1d:d2:
ce:71:65:b6:fc:f3:14:f3:e8:5e:e4:34:5b:ea:6a:
c3:42:68:3c:e7:dc:79:a1:91:85:e1:b0:34:0b:bc:
5f:27:42:5e:aa:fd:77:90:2e:94:22:42:78:20:f3:
1c:6b:bd:2d:7c:dd:12:b6:27:c5:35:0b:6f:fc:53:
50:b5:40:f1:44:ab:0f:4d:bc:9c:36:70:b3:92:3d:
51:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D8:8C:FB:07:12:E3:1A:BD:12:E3:F0:34:FD:D6:07:71:9A:F7:C1
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/s9iM-wcS4xq9EuPwNP3WB3Ga98E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.78.0/23
194.181.179.0/24
195.164.128.0/17
IPv6:
2001:a17::/32
Signature Algorithm: sha256WithRSAEncryption
25:51:b2:fe:71:1b:58:eb:15:23:83:27:0e:61:10:65:8a:c0:
fc:4a:30:b3:e3:61:71:e9:5b:65:a1:7b:34:32:64:c3:0b:63:
fa:af:ba:4f:81:79:37:2f:c9:51:7b:da:06:2f:ba:9d:44:a5:
f8:d4:eb:a9:54:4b:73:b7:be:17:d0:47:2a:df:05:c0:dc:99:
af:e8:aa:e9:c8:db:c4:42:52:93:28:47:45:46:cb:fa:39:77:
5b:16:32:aa:ad:f6:4e:9e:ed:76:1e:16:f2:06:80:6f:28:52:
0f:d3:90:09:b6:6e:cb:f6:82:e8:90:5b:9f:40:20:3e:ca:b4:
4e:f0:4e:7c:25:65:a6:83:53:97:d9:ff:51:c2:e3:f7:fb:5e:
b5:19:1d:93:a1:b8:0d:82:4c:d9:9c:a8:87:67:26:81:fb:82:
7e:c4:d0:c7:8c:18:f7:8c:08:e2:4d:6c:18:a2:dd:90:94:fd:
c7:37:30:12:d9:bb:3b:b6:96:c7:97:6d:db:99:4d:2d:8c:84:
ce:2f:3a:d6:cf:63:bb:39:1d:b3:e8:e6:d7:67:fa:27:89:de:
ca:2d:b9:d7:c7:03:4b:30:06:6b:ec:e5:2b:b5:df:cb:fa:0f:
29:b3:67:49:11:5b:02:a9:eb:16:01:3c:0d:39:fe:35:ed:09:
0a:e8:ef:78
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYY6K7TUrZO1ae1eNxsl5dBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjMwMjEwMDcxMzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Q4OGNmYjA3MTJlMzFhYmQxMmUzZjAzNGZkZDYwNzcxOWFmN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiVoZCM4ouQAmovQXgluoZuc5egh
V3yrSLWyYCUebMkOx02UrVSkjmJcBvLj4haq0PDbbqeXiDvLkhJL6+Wt45xJIcq8
rwQtHQ5ubg5OvAhqgbqZtF+x9ddloH1l57OX3ecbTWC4LNYr0z9IXdynpGCnHWbh
uk4eOJQlfxisnOFfD9xbTFSB1CyyFzG/bVX+9NbM3+0DXL2t/Y2CJUeAEJ84U+vw
WCoc3IxFQLGWPBuHHdLOcWW2/PMU8+he5DRb6mrDQmg859x5oZGF4bA0C7xfJ0Je
qv13kC6UIkJ4IPMca70tfN0StifFNQtv/FNQtUDxRKsPTbycNnCzkj1RaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLPYjPsHEuMavRLj8DT91gdxmvfBMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvczlpTS13Y1M0eHE5RXVQd05QM1dCM0dhOThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwTtOAwQA
wrWzAwQHw6SAMA0EAgACMAcDBQAgAQoXMA0GCSqGSIb3DQEBCwUAA4IBAQAlUbL+
cRtY6xUjgycOYRBlisD8SjCz42Fx6VtloXs0MmTDC2P6r7pPgXk3L8lRe9oGL7qd
RKX41OupVEtzt74X0Ecq3wXA3Jmv6KrpyNvEQlKTKEdFRsv6OXdbFjKqrfZOnu12
HhbyBoBvKFIP05AJtm7L9oLokFufQCA+yrRO8E58JWWmg1OX2f9RwuP3+161GR2T
obgNgkzZnKiHZyaB+4J+xNDHjBj3jAjiTWwYot2QlP3HNzAS2bs7tpbHl23bmU0t
jITOLzrWz2O7OR2z6ObXZ/onid7KLbnXxwNLMAZr7OUrtd/L+g8ps2dJEVsCqesW
ATwNOf417QkK6O94
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:40 2024 by rpki-client on console-fra.rpki-client.org