Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Tk2hyfUp3hNCSJWMeVEkW3HOVf4.roa
File: Tk2hyfUp3hNCSJWMeVEkW3HOVf4.roa (raw, json)
Hash identifier: ooh2wQnYtG9JUMX4y36eFxPyUB/U0Bgx2znTgqkxWcA=
Subject key identifier: 4E:4D:A1:C9:F5:29:DE:13:42:48:95:8C:79:51:24:5B:71:CE:55:FE
Certificate issuer: /CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Certificate serial: 01856F54B5692C284F9A46A24E18A1168BE6
Authority key identifier: 7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Tk2hyfUp3hNCSJWMeVEkW3HOVf4.roa
Signing time: Sun 01 Jan 2023 21:55:00 +0000
ROA not before: Sun 01 Jan 2023 21:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56598
IP address blocks: 193.168.206.0/23 maxlen: 32
193.168.204.0/23 maxlen: 32
2a09:6980::/29 maxlen: 48
2a0e:9900::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:b5:69:2c:28:4f:9a:46:a2:4e:18:a1:16:8b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Validity
Not Before: Jan 1 21:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e4da1c9f529de134248958c7951245b71ce55fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6e:52:96:21:97:a2:9d:c6:89:dc:1e:d1:39:
a6:99:68:17:5c:fc:6c:ec:9d:a8:37:cc:a0:7d:f9:
e8:fe:93:05:af:dd:71:1d:64:6f:27:7e:49:f8:f0:
20:e0:d5:7b:39:1f:ad:8a:f9:20:99:51:a2:92:68:
7d:6d:d8:e4:5f:bb:f8:bf:d3:63:88:6b:09:70:c5:
22:62:4a:ec:72:aa:bd:d1:fd:fb:b5:34:89:67:0a:
34:d5:17:27:4a:7c:43:ea:82:55:dd:fa:82:a5:3d:
53:e1:46:a9:d0:06:37:d1:a5:b1:03:65:e6:df:a9:
5c:d6:26:7f:3d:c7:3e:02:4f:5c:ef:41:74:b0:48:
78:8a:17:0c:b2:3c:0d:6e:c3:22:8c:e8:ff:dc:a1:
3d:40:6f:df:0c:36:16:9a:11:88:86:76:72:e5:91:
f7:b5:4c:f9:a1:8b:be:58:e7:19:65:2d:f3:78:0d:
f0:87:31:b9:ba:47:73:76:77:08:ce:f2:e4:d3:7b:
37:11:19:88:d2:52:29:83:21:cf:67:b1:b7:72:90:
8c:5f:f0:c5:71:7e:1a:cf:c0:70:5e:3b:01:58:07:
36:5c:a3:fd:80:cb:41:eb:55:1f:44:dc:bc:a4:2a:
88:d1:8d:44:c6:2f:83:5a:42:b0:a1:c8:79:01:8a:
85:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4D:A1:C9:F5:29:DE:13:42:48:95:8C:79:51:24:5B:71:CE:55:FE
X509v3 Authority Key Identifier:
keyid:7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Tk2hyfUp3hNCSJWMeVEkW3HOVf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.204.0/22
IPv6:
2a09:6980::/29
2a0e:9900::/29
Signature Algorithm: sha256WithRSAEncryption
a7:5c:56:f3:16:7c:c5:05:05:9e:6c:15:04:4a:28:07:20:a4:
6c:6d:1b:b5:43:be:ae:e6:4d:c0:0b:3f:74:8a:53:8c:cd:c6:
91:7e:ec:16:b1:b4:d5:50:d8:86:08:25:11:78:26:07:df:73:
e0:8c:bf:cf:e7:79:69:67:3e:1c:41:89:43:53:ab:39:d9:64:
cd:1e:68:33:eb:99:1c:6f:54:48:e6:dd:ca:29:0e:c7:a2:66:
c2:cd:96:a6:18:6b:5a:8d:fc:51:81:4b:b8:4b:4a:e0:de:14:
be:f6:e9:5d:94:de:5d:8c:fb:c1:7a:57:ca:50:a3:00:57:17:
ca:96:e3:df:b5:f3:d3:d3:58:20:d6:9e:06:89:f2:cf:fa:18:
5e:f0:28:51:ca:53:45:8e:67:9c:76:ef:18:0d:9c:1c:51:70:
d3:6c:16:5e:d2:1f:e8:22:9a:77:b9:6a:0c:2d:02:cf:01:5c:
3b:07:5c:7f:bf:62:9d:7c:f4:96:4d:f7:d4:87:16:11:02:16:
fd:d8:68:8f:d2:0b:9f:ba:fa:fb:a2:0c:1b:fe:0c:2e:8e:a5:
07:f0:3a:61:1c:02:f3:0a:c7:0e:7f:9d:07:94:16:99:b3:3c:
04:7e:7c:43:8b:97:83:2f:e9:99:e8:4f:83:ce:6d:32:db:9f:
d3:f9:3e:a6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVvVLVpLChPmkaiThihFovmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTY5NTc4NmY4NDUwZDEwNDFkYzg4YWQ4OTJjYmI1NzBk
NTk3MmIwHhcNMjMwMTAxMjE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTRkYTFjOWY1MjlkZTEzNDI0ODk1OGM3OTUxMjQ1YjcxY2U1NWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW5SliGXop3Gidwe0TmmmWgXXPxs
7J2oN8ygffno/pMFr91xHWRvJ35J+PAg4NV7OR+tivkgmVGikmh9bdjkX7v4v9Nj
iGsJcMUiYkrscqq90f37tTSJZwo01RcnSnxD6oJV3fqCpT1T4Uap0AY30aWxA2Xm
36lc1iZ/Pcc+Ak9c70F0sEh4ihcMsjwNbsMijOj/3KE9QG/fDDYWmhGIhnZy5ZH3
tUz5oYu+WOcZZS3zeA3whzG5ukdzdncIzvLk03s3ERmI0lIpgyHPZ7G3cpCMX/DF
cX4az8BwXjsBWAc2XKP9gMtB61UfRNy8pCqI0Y1Exi+DWkKwoch5AYqFPwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFE5Nocn1Kd4TQkiVjHlRJFtxzlX+MB8GA1UdIwQY
MBaAFH1WlXhvhFDRBB3IitiSy7Vw1ZcrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDIt
NjNiMzM4MDhhNmE4LzEvVGsyaHlmVXAzaE5DU0pXTWVWRWtXM0hPVmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDItNjNiMzM4MDhhNmE4
LzEvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCwajMMBQE
AgACMA4DBQMqCWmAAwUDKg6ZADANBgkqhkiG9w0BAQsFAAOCAQEAp1xW8xZ8xQUF
nmwVBEooByCkbG0btUO+ruZNwAs/dIpTjM3GkX7sFrG01VDYhgglEXgmB99z4Iy/
z+d5aWc+HEGJQ1OrOdlkzR5oM+uZHG9USObdyikOx6Jmws2WphhrWo38UYFLuEtK
4N4UvvbpXZTeXYz7wXpXylCjAFcXypbj37Xz09NYINaeBonyz/oYXvAoUcpTRY5n
nHbvGA2cHFFw02wWXtIf6CKad7lqDC0CzwFcOwdcf79inXz0lk331IcWEQIW/dho
j9ILn7r6+6IMG/4MLo6lB/A6YRwC8wrHDn+dB5QWmbM8BH58Q4uXgy/pmehPg85t
Mtuf0/k+pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:42 2024 by rpki-client on console-ams.rpki-client.org