Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/Dl1K--1sQOO7XnpLW4JzrwS3I2o.roa
File: Dl1K--1sQOO7XnpLW4JzrwS3I2o.roa (raw, json)
Hash identifier: wfYnqcaY8rjdESvTq4WkOwI0Z32f7DvPFebGRP+3tMc=
Subject key identifier: 0E:5D:4A:FB:ED:6C:40:E3:BB:5E:7A:4B:5B:82:73:AF:04:B7:23:6A
Certificate issuer: /CN=3478c08a063ac2d34a1b191e2436389bbeed5e97
Certificate serial: 01857295D84165723CE0DFE0BD1887584FBE
Authority key identifier: 34:78:C0:8A:06:3A:C2:D3:4A:1B:19:1E:24:36:38:9B:BE:ED:5E:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHjAigY6wtNKGxkeJDY4m77tXpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/Dl1K--1sQOO7XnpLW4JzrwS3I2o.roa
Signing time: Mon 02 Jan 2023 13:05:00 +0000
ROA not before: Mon 02 Jan 2023 13:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50774
IP address blocks: 193.108.143.0/24 maxlen: 24
193.108.142.0/24 maxlen: 24
193.108.142.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:d8:41:65:72:3c:e0:df:e0:bd:18:87:58:4f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3478c08a063ac2d34a1b191e2436389bbeed5e97
Validity
Not Before: Jan 2 13:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e5d4afbed6c40e3bb5e7a4b5b8273af04b7236a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7d:4a:99:e0:7e:f8:79:e0:cc:76:87:01:81:
54:fa:be:98:e8:f1:e3:b1:9d:e5:11:93:7a:34:c8:
cd:ec:fd:3b:68:44:e1:3f:42:84:b1:85:62:ca:18:
33:5f:89:3c:88:3b:8b:de:a3:58:80:d8:ff:19:30:
4f:b7:72:90:0a:75:05:01:26:ac:10:c8:ab:40:c2:
26:a5:22:71:b4:b9:44:8b:dd:03:1a:e1:82:ad:24:
7c:e2:52:0a:88:92:3a:ac:6f:d2:24:cc:3e:28:ac:
bc:31:8c:bd:b9:40:25:13:92:ac:ed:4f:5c:7f:c2:
cd:af:c8:65:3e:0d:fd:a0:b2:30:69:79:fa:53:ca:
6a:f5:46:70:08:e6:4f:2e:1e:3a:d1:42:17:ad:50:
41:29:26:77:30:68:2f:cb:7b:50:42:46:b3:cb:db:
f9:3e:2c:a3:9c:8e:f2:1c:9e:5b:fe:8f:da:9a:a4:
74:df:68:d5:ae:f6:4f:2c:8f:ad:69:e3:1d:30:91:
42:37:50:59:84:29:6b:35:c1:c7:96:6d:aa:a9:7b:
6f:72:79:73:c3:6f:fe:3b:35:a1:cc:bf:d7:8b:fc:
98:5e:21:5d:52:81:f8:4f:ba:a5:f9:65:a7:7b:41:
66:53:c6:2a:80:0b:26:41:44:20:87:63:0e:d9:1f:
08:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:5D:4A:FB:ED:6C:40:E3:BB:5E:7A:4B:5B:82:73:AF:04:B7:23:6A
X509v3 Authority Key Identifier:
keyid:34:78:C0:8A:06:3A:C2:D3:4A:1B:19:1E:24:36:38:9B:BE:ED:5E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHjAigY6wtNKGxkeJDY4m77tXpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/Dl1K--1sQOO7XnpLW4JzrwS3I2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/1f10c2-02e2-438a-90a2-917c3577f34f/1/NHjAigY6wtNKGxkeJDY4m77tXpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.142.0/23
Signature Algorithm: sha256WithRSAEncryption
01:80:d4:85:8a:e1:50:20:21:bc:c1:22:e0:af:18:4a:c6:93:
16:2f:21:7e:f6:97:4f:05:23:3b:2f:f8:2a:89:8b:a1:60:ee:
b8:9f:db:29:d2:73:4d:e5:91:c8:62:1e:d0:5d:b3:34:0c:0c:
c8:5d:24:df:5a:de:ee:16:43:ac:5e:0a:c2:04:6f:4a:69:84:
73:ae:7c:66:e7:ad:10:4a:ee:fd:5e:95:97:40:48:d9:4b:8f:
43:ba:a3:7d:5e:b6:24:34:8a:8e:a4:60:2e:80:24:b4:b4:1f:
ba:ee:44:60:3a:1b:63:52:43:c0:de:6b:49:89:e2:73:43:15:
4c:f3:47:1a:68:bb:62:03:01:c7:44:b1:7c:b5:c5:56:3f:66:
16:84:72:f6:e7:c1:64:c2:3f:71:62:21:db:96:44:2f:17:c5:
8d:59:92:d5:01:4d:1d:ca:d8:7b:39:be:24:77:53:dc:5a:88:
07:00:05:02:54:ee:6c:5c:ee:81:3d:10:70:8a:e5:25:8e:f0:
16:d5:ef:0f:67:11:89:65:e6:8e:dc:3d:35:b6:a5:c1:55:d4:
a5:64:60:ee:a0:70:e8:02:8c:21:45:a9:c0:ed:88:1f:1b:8a:
07:ba:d3:78:87:17:3a:21:0f:21:ce:63:77:8c:c3:85:0d:49:
d8:61:69:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyldhBZXI84N/gvRiHWE++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzhjMDhhMDYzYWMyZDM0YTFiMTkxZTI0MzYzODliYmVl
ZDVlOTcwHhcNMjMwMTAyMTMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTVkNGFmYmVkNmM0MGUzYmI1ZTdhNGI1YjgyNzNhZjA0YjcyMzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX1KmeB++HngzHaHAYFU+r6Y6PHj
sZ3lEZN6NMjN7P07aEThP0KEsYViyhgzX4k8iDuL3qNYgNj/GTBPt3KQCnUFASas
EMirQMImpSJxtLlEi90DGuGCrSR84lIKiJI6rG/SJMw+KKy8MYy9uUAlE5Ks7U9c
f8LNr8hlPg39oLIwaXn6U8pq9UZwCOZPLh460UIXrVBBKSZ3MGgvy3tQQkazy9v5
PiyjnI7yHJ5b/o/amqR032jVrvZPLI+taeMdMJFCN1BZhClrNcHHlm2qqXtvcnlz
w2/+OzWhzL/Xi/yYXiFdUoH4T7ql+WWne0FmU8YqgAsmQUQgh2MO2R8IJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5dSvvtbEDju156S1uCc68EtyNqMB8GA1UdIwQY
MBaAFDR4wIoGOsLTShsZHiQ2OJu+7V6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhqQWlnWTZ3dE5LR3hrZUpEWTRtNzd0WHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xZjEwYzItMDJlMi00MzhhLTkwYTIt
OTE3YzM1NzdmMzRmLzEvRGwxSy0tMXNRT083WG5wTFc0Snpyd1MzSTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xZjEwYzItMDJlMi00MzhhLTkwYTItOTE3YzM1NzdmMzRm
LzEvTkhqQWlnWTZ3dE5LR3hrZUpEWTRtNzd0WHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWyOMA0G
CSqGSIb3DQEBCwUAA4IBAQABgNSFiuFQICG8wSLgrxhKxpMWLyF+9pdPBSM7L/gq
iYuhYO64n9sp0nNN5ZHIYh7QXbM0DAzIXSTfWt7uFkOsXgrCBG9KaYRzrnxm560Q
Su79XpWXQEjZS49DuqN9XrYkNIqOpGAugCS0tB+67kRgOhtjUkPA3mtJieJzQxVM
80caaLtiAwHHRLF8tcVWP2YWhHL258Fkwj9xYiHblkQvF8WNWZLVAU0dyth7Ob4k
d1PcWogHAAUCVO5sXO6BPRBwiuUljvAW1e8PZxGJZeaO3D01tqXBVdSlZGDuoHDo
AowhRanA7YgfG4oHutN4hxc6IQ8hzmN3jMOFDUnYYWmQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:56 2024 by rpki-client on console-fra.rpki-client.org