Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/l3yVLF43Fp8iQ6WceJK6HO1WuiE.roa
File: l3yVLF43Fp8iQ6WceJK6HO1WuiE.roa (raw, json)
Hash identifier: D3kYFM4rJ5/GH2W0ErxGfjy7D6zVsrNWZjQcuH9zBbg=
Subject key identifier: 97:7C:95:2C:5E:37:16:9F:22:43:A5:9C:78:92:BA:1C:ED:56:BA:21
Certificate issuer: /CN=ef477ca3b449bbc41247e8c921e4c8dabfc1afae
Certificate serial: 01856EC2092AB258F41884B8C26DD2BDC7A0
Authority key identifier: EF:47:7C:A3:B4:49:BB:C4:12:47:E8:C9:21:E4:C8:DA:BF:C1:AF:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70d8o7RJu8QSR-jJIeTI2r_Br64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/l3yVLF43Fp8iQ6WceJK6HO1WuiE.roa
Signing time: Sun 01 Jan 2023 19:14:48 +0000
ROA not before: Sun 01 Jan 2023 19:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209242
IP address blocks: 193.17.206.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:09:2a:b2:58:f4:18:84:b8:c2:6d:d2:bd:c7:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef477ca3b449bbc41247e8c921e4c8dabfc1afae
Validity
Not Before: Jan 1 19:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=977c952c5e37169f2243a59c7892ba1ced56ba21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d2:d4:cf:a1:5f:7b:18:3e:5a:50:f0:2e:80:
6f:62:95:30:d7:d0:22:88:00:2f:aa:dd:86:35:71:
e8:54:e7:a0:d2:9f:43:1a:53:49:5a:ec:8b:bc:34:
86:a6:b0:12:de:04:79:f0:d4:d3:be:7f:8a:4d:93:
3a:f9:8c:9a:75:d5:51:15:e4:b5:4c:b5:22:03:94:
ec:d3:1e:4d:09:0f:c5:aa:ec:7f:e8:b7:60:a5:a1:
c2:2c:7e:2e:b4:04:9e:22:84:28:e4:99:1b:7c:a3:
99:13:62:67:ae:88:e6:ab:f2:4d:68:e1:9e:15:8a:
e1:2b:61:1a:d3:5b:bb:a5:bd:35:aa:66:ac:e8:ce:
87:11:6b:46:79:4f:20:22:c5:dc:13:7f:30:29:f1:
8f:ca:22:3e:6b:90:10:e6:58:aa:65:62:48:5a:d3:
1a:41:8a:48:62:fa:66:6a:4f:c8:87:83:14:7e:09:
a0:da:23:8f:84:95:98:a5:42:15:11:82:6f:7f:b6:
fc:42:35:ed:eb:73:90:9e:56:58:40:82:78:d4:66:
94:c0:72:e0:42:70:79:6f:69:27:b0:5a:13:c0:b4:
e5:58:d2:7b:72:6c:19:3e:4d:9c:94:b8:02:dc:96:
fe:e6:9e:da:e0:d7:24:b0:01:58:90:0d:78:35:49:
b6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:7C:95:2C:5E:37:16:9F:22:43:A5:9C:78:92:BA:1C:ED:56:BA:21
X509v3 Authority Key Identifier:
keyid:EF:47:7C:A3:B4:49:BB:C4:12:47:E8:C9:21:E4:C8:DA:BF:C1:AF:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70d8o7RJu8QSR-jJIeTI2r_Br64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/l3yVLF43Fp8iQ6WceJK6HO1WuiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/70d8o7RJu8QSR-jJIeTI2r_Br64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.206.0/24
Signature Algorithm: sha256WithRSAEncryption
07:34:97:2a:c2:b9:14:cd:43:d2:5f:53:16:48:bb:f3:eb:77:
e6:92:0e:56:16:bf:87:5b:3e:ae:2f:93:0d:d9:14:7a:0f:e9:
1e:69:9a:23:da:b7:2d:18:40:ac:3e:00:c2:6d:fc:40:da:e9:
22:6e:53:40:ee:8e:04:d7:cd:63:56:c1:bc:3f:74:a8:40:30:
64:87:0d:5b:06:c0:b7:da:54:c7:58:f4:88:c4:4b:ba:8d:90:
85:7b:d8:84:49:4c:a2:73:9b:40:f6:ac:61:80:83:ee:0c:d2:
0e:da:77:41:c9:c2:e3:58:cb:09:35:09:1d:2d:22:4c:69:04:
a6:d2:db:b8:38:8e:8c:e3:93:cc:a6:ce:f7:67:29:a9:69:db:
fc:83:d3:d2:7f:28:de:15:4c:8c:11:2f:a3:d9:f2:30:4c:62:
29:49:1c:a0:21:40:a1:07:64:8e:31:bc:1a:71:75:16:cd:02:
d6:5a:ba:64:ea:4e:ed:b8:3d:d4:70:8d:0d:3d:80:6f:db:1d:
59:f6:cd:c6:38:3b:f6:22:2d:60:53:b2:d6:ce:13:8b:2a:38:
25:32:51:a8:8c:d7:c9:52:4a:77:99:43:94:89:7a:f6:fb:9c:
8a:e4:0a:87:94:04:4c:41:3d:18:61:74:f1:63:41:ac:4a:5d:
c9:31:93:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwgkqslj0GIS4wm3SvcegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDc3Y2EzYjQ0OWJiYzQxMjQ3ZThjOTIxZTRjOGRhYmZj
MWFmYWUwHhcNMjMwMTAxMTkxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzdjOTUyYzVlMzcxNjlmMjI0M2E1OWM3ODkyYmExY2VkNTZiYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNLUz6Ffexg+WlDwLoBvYpUw19Ai
iAAvqt2GNXHoVOeg0p9DGlNJWuyLvDSGprAS3gR58NTTvn+KTZM6+YyaddVRFeS1
TLUiA5Ts0x5NCQ/Fqux/6LdgpaHCLH4utASeIoQo5JkbfKOZE2Jnrojmq/JNaOGe
FYrhK2Ea01u7pb01qmas6M6HEWtGeU8gIsXcE38wKfGPyiI+a5AQ5liqZWJIWtMa
QYpIYvpmak/Ih4MUfgmg2iOPhJWYpUIVEYJvf7b8QjXt63OQnlZYQIJ41GaUwHLg
QnB5b2knsFoTwLTlWNJ7cmwZPk2clLgC3Jb+5p7a4NcksAFYkA14NUm2SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJd8lSxeNxafIkOlnHiSuhztVrohMB8GA1UdIwQY
MBaAFO9HfKO0SbvEEkfoySHkyNq/wa+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBkOG83Ukp1OFFTUi1qSkllVEkycl9CcjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVlYTItOTU4Mi00YTY1LWI1YmUt
NjAzYWExZjIwOWQ4LzEvbDN5VkxGNDNGcDhpUTZXY2VKSzZITzFXdWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVlYTItOTU4Mi00YTY1LWI1YmUtNjAzYWExZjIwOWQ4
LzEvNzBkOG83Ukp1OFFTUi1qSkllVEkycl9CcjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRHOMA0G
CSqGSIb3DQEBCwUAA4IBAQAHNJcqwrkUzUPSX1MWSLvz63fmkg5WFr+HWz6uL5MN
2RR6D+keaZoj2rctGECsPgDCbfxA2ukiblNA7o4E181jVsG8P3SoQDBkhw1bBsC3
2lTHWPSIxEu6jZCFe9iESUyic5tA9qxhgIPuDNIO2ndBycLjWMsJNQkdLSJMaQSm
0tu4OI6M45PMps73Zympadv8g9PSfyjeFUyMES+j2fIwTGIpSRygIUChB2SOMbwa
cXUWzQLWWrpk6k7tuD3UcI0NPYBv2x1Z9s3GODv2Ii1gU7LWzhOLKjglMlGojNfJ
Ukp3mUOUiXr2+5yK5AqHlARMQT0YYXTxY0GsSl3JMZNs
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:22 2024 by rpki-client on console-fra.rpki-client.org