Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/T_J_011fV7IBFK_MU6Nt8pVv13w.roa
File: T_J_011fV7IBFK_MU6Nt8pVv13w.roa (raw, json)
Hash identifier: 8Pq+sE5QdLyEV+CInry6j67xQembln7sZOZr7Mc5peM=
Subject key identifier: 4F:F2:7F:D3:5D:5F:57:B2:01:14:AF:CC:53:A3:6D:F2:95:6F:D7:7C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E896430CBD0C64D796550DE9226600
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/T_J_011fV7IBFK_MU6Nt8pVv13w.roa
Signing time: Mon 02 Jan 2023 09:55:46 +0000
ROA not before: Mon 02 Jan 2023 09:55:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 267784
IP address blocks: 193.57.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:96:43:0c:bd:0c:64:d7:96:55:0d:e9:22:66:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ff27fd35d5f57b20114afcc53a36df2956fd77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:de:26:cc:36:b5:24:06:13:d7:be:e0:28:09:
d5:f3:f4:94:cd:11:c7:82:f2:3d:20:73:2b:33:e4:
28:54:af:0d:30:b7:93:cb:5b:cb:2e:36:c7:fc:c1:
98:2b:00:72:f5:e1:01:90:a3:3f:c9:0b:b1:07:9e:
8d:3e:17:b7:0b:af:c2:09:fb:73:24:67:4e:ca:f6:
30:cf:b8:76:c4:df:3c:56:95:a3:45:f3:68:7e:6a:
f9:e5:35:36:d7:f6:1f:9d:33:b4:0d:d6:24:aa:e3:
7f:3f:88:7d:c9:47:67:f7:d9:91:05:b6:e4:e8:4f:
2c:08:cc:67:cb:1c:03:68:54:35:77:40:48:3a:e5:
37:b4:2a:83:c4:18:d4:fa:65:bd:85:74:61:09:69:
fe:93:9a:17:9d:81:4f:96:e9:12:b6:5c:87:7c:75:
f1:83:a0:dd:69:1b:b2:45:f3:3c:32:c6:82:4f:0c:
9a:1a:b5:86:46:a3:11:60:be:f9:60:c3:db:30:35:
49:08:5e:f5:79:4b:46:56:eb:43:1e:ae:bc:15:8a:
06:8a:eb:61:43:05:8d:d4:3b:77:62:dd:25:1b:42:
83:5e:46:a6:ab:41:e9:3e:57:00:74:75:9b:81:16:
92:5c:d6:c5:08:7b:2c:0d:db:00:87:f2:5f:3e:c8:
28:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F2:7F:D3:5D:5F:57:B2:01:14:AF:CC:53:A3:6D:F2:95:6F:D7:7C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/T_J_011fV7IBFK_MU6Nt8pVv13w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.40.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:6e:59:cf:c4:c8:a2:c3:eb:6c:da:48:85:9f:4a:30:0f:0d:
ce:ab:b1:b0:67:2e:1a:5a:87:bd:6b:d2:72:65:c5:ee:11:d8:
cb:26:ad:4b:7e:cf:37:85:fc:9f:d1:08:ef:8f:89:ce:c7:8b:
3f:b5:63:b6:64:1a:b3:01:68:85:1e:ba:22:eb:5e:da:76:da:
6e:2d:3c:bf:ac:32:b4:05:00:cd:ae:89:8d:58:dd:4e:d3:54:
ae:2a:d2:5f:03:03:86:85:d4:f3:97:a8:ff:29:29:10:c7:6a:
5c:92:21:67:a2:c6:2a:fb:b1:ce:77:8c:d2:6b:3c:12:64:20:
4a:9d:bc:71:2b:06:69:1b:ba:6f:e9:80:93:4d:21:c6:c7:cd:
aa:15:cf:36:82:fc:22:21:42:d6:a6:cd:04:d0:f1:0a:29:11:
e8:65:8c:c4:d7:26:9b:23:e4:67:f2:b4:9f:b9:16:f7:57:2b:
74:fe:8e:64:7a:a6:4a:f1:61:cc:4c:c9:5b:40:0f:17:61:20:
cf:40:c5:89:4d:cb:0f:29:9e:13:8e:c2:0e:8c:2d:26:8b:a2:
33:7e:26:c9:af:1b:81:14:cc:60:83:32:dc:a3:d9:ec:06:e4:
9e:27:ab:ae:3f:17:35:49:04:00:f1:a5:b5:e4:72:bc:4f:2e:
63:1d:37:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx6JZDDL0MZNeWVQ3pImYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmYyN2ZkMzVkNWY1N2IyMDExNGFmY2M1M2EzNmRmMjk1NmZkNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0d4mzDa1JAYT177gKAnV8/SUzRHH
gvI9IHMrM+QoVK8NMLeTy1vLLjbH/MGYKwBy9eEBkKM/yQuxB56NPhe3C6/CCftz
JGdOyvYwz7h2xN88VpWjRfNofmr55TU21/YfnTO0DdYkquN/P4h9yUdn99mRBbbk
6E8sCMxnyxwDaFQ1d0BIOuU3tCqDxBjU+mW9hXRhCWn+k5oXnYFPlukStlyHfHXx
g6DdaRuyRfM8MsaCTwyaGrWGRqMRYL75YMPbMDVJCF71eUtGVutDHq68FYoGiuth
QwWN1Dt3Yt0lG0KDXkamq0HpPlcAdHWbgRaSXNbFCHssDdsAh/JfPsgoIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/yf9NdX1eyARSvzFOjbfKVb9d8MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVF9KXzAxMWZWN0lCRktfTVU2TnQ4cFZ2MTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTkoMA0G
CSqGSIb3DQEBCwUAA4IBAQBLblnPxMiiw+ts2kiFn0owDw3Oq7GwZy4aWoe9a9Jy
ZcXuEdjLJq1Lfs83hfyf0Qjvj4nOx4s/tWO2ZBqzAWiFHroi617adtpuLTy/rDK0
BQDNromNWN1O01SuKtJfAwOGhdTzl6j/KSkQx2pckiFnosYq+7HOd4zSazwSZCBK
nbxxKwZpG7pv6YCTTSHGx82qFc82gvwiIULWps0E0PEKKRHoZYzE1yabI+Rn8rSf
uRb3Vyt0/o5keqZK8WHMTMlbQA8XYSDPQMWJTcsPKZ4TjsIOjC0mi6IzfibJrxuB
FMxggzLco9nsBuSeJ6uuPxc1SQQA8aW15HK8Ty5jHTfm
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:45 2024 by rpki-client on console-fra.rpki-client.org