Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lQzYtmNl9ze4qqhqKDG3dvGXpKw.roa
File: lQzYtmNl9ze4qqhqKDG3dvGXpKw.roa (raw, json)
Hash identifier: wrdgOyP2Iq7G4NUg2Z05OxCq+r9dv6XVBnDoMZL+bck=
Subject key identifier: 95:0C:D8:B6:63:65:F7:37:B8:AA:A8:6A:28:31:B7:76:F1:97:A4:AC
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A7E85CCD5E365DBB90C64466E627E77FC
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lQzYtmNl9ze4qqhqKDG3dvGXpKw.roa
Signing time: Sun 10 Sep 2023 09:56:52 +0000
ROA not before: Sun 10 Sep 2023 09:56:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49217
IP address blocks: 193.30.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Oct 2023 15:05:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7e:85:cc:d5:e3:65:db:b9:0c:64:46:6e:62:7e:77:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 10 09:56:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=950cd8b66365f737b8aaa86a2831b776f197a4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0f:7e:e9:bc:54:d4:b6:d9:7e:23:03:50:1c:
5a:86:eb:63:5c:12:d4:6e:e3:65:d4:0e:40:8a:1f:
fe:e9:2a:7c:8f:6b:fc:95:c1:9e:e2:dc:77:48:b9:
20:9c:69:a4:dc:86:a2:78:f6:69:51:9b:1f:f9:ed:
65:9a:e0:88:f2:a7:11:33:da:e5:56:fc:73:45:e4:
08:e0:da:5a:67:ff:81:b9:54:b5:28:1b:71:70:b4:
29:17:ac:b2:40:3a:e4:c4:e3:bd:d1:24:20:12:41:
1d:88:85:28:59:11:56:6a:94:ce:a0:19:86:7a:7f:
4c:03:e8:df:df:16:e9:b1:71:5f:20:0b:c4:d2:4e:
35:a7:88:02:8b:dc:96:be:b3:8c:a5:88:d2:5a:9d:
dc:da:38:2f:f8:15:0b:51:57:b8:2a:f9:68:c9:5c:
1b:8b:cc:8c:47:da:6a:ef:38:6f:09:6c:a1:a6:aa:
d4:61:6c:09:1c:e0:fd:62:b6:d1:27:f4:22:c1:5e:
c5:47:d0:5f:56:6e:69:22:35:52:75:aa:09:68:7b:
bc:d4:c2:1b:e8:2a:7a:0f:a1:ac:3d:db:a8:df:a7:
23:6c:94:55:16:41:d6:6a:38:ad:d3:c2:b4:66:6f:
a2:f2:ea:40:c4:ac:68:e4:8b:de:c1:af:0e:48:8e:
c3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0C:D8:B6:63:65:F7:37:B8:AA:A8:6A:28:31:B7:76:F1:97:A4:AC
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lQzYtmNl9ze4qqhqKDG3dvGXpKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.241.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:5d:2b:28:a7:32:04:02:9a:50:05:e2:46:42:1e:99:d0:86:
d4:7c:97:21:69:98:12:54:f4:1f:15:b7:3d:4e:ef:a6:e4:3c:
99:bc:7f:70:17:77:f5:58:cd:5f:01:6e:59:01:1a:e4:30:86:
85:f6:84:a9:2e:b0:03:a0:89:71:65:70:c7:12:e1:85:ac:cf:
d8:7d:f5:ef:17:b0:72:23:05:c8:bd:da:ba:7b:7b:6a:ed:c4:
03:55:38:56:5c:77:51:95:76:f7:52:37:ce:2f:f4:97:82:8d:
af:ce:1f:fd:f4:01:92:b3:b4:f1:13:f4:d6:c0:75:34:b6:7d:
fa:2b:6d:55:13:e6:45:e2:83:4f:c1:69:db:f4:db:6b:24:da:
f8:51:de:95:90:67:e5:b6:e5:57:d4:a7:6e:c7:15:72:21:5c:
b1:da:25:0f:7f:fb:7d:71:11:e3:75:41:3a:79:c9:a1:6a:51:
9e:c1:bd:1d:be:56:c2:52:c0:2e:7e:58:df:30:8c:94:5a:1a:
c5:a7:5d:10:70:6f:e9:34:27:78:24:67:09:04:40:cc:77:da:
74:f1:7b:80:14:f2:43:ee:a5:a3:d6:f2:f8:f6:a6:2a:fb:60:
59:67:f4:6c:31:11:29:1b:0d:6b:fb:8a:87:4d:b7:a3:89:eb:
5a:0c:f2:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYp+hczV42XbuQxkRm5ifnf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTEwMDk1NjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBjZDhiNjYzNjVmNzM3YjhhYWE4NmEyODMxYjc3NmYxOTdhNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw9+6bxU1LbZfiMDUBxahutjXBLU
buNl1A5Aih/+6Sp8j2v8lcGe4tx3SLkgnGmk3IaiePZpUZsf+e1lmuCI8qcRM9rl
VvxzReQI4NpaZ/+BuVS1KBtxcLQpF6yyQDrkxOO90SQgEkEdiIUoWRFWapTOoBmG
en9MA+jf3xbpsXFfIAvE0k41p4gCi9yWvrOMpYjSWp3c2jgv+BULUVe4KvloyVwb
i8yMR9pq7zhvCWyhpqrUYWwJHOD9YrbRJ/QiwV7FR9BfVm5pIjVSdaoJaHu81MIb
6Cp6D6GsPduo36cjbJRVFkHWajit08K0Zm+i8upAxKxo5Ivewa8OSI7DCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUM2LZjZfc3uKqoaigxt3bxl6SsMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbFF6WXRtTmw5emU0cXFocUtERzNkdkdYcEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR7xMA0G
CSqGSIb3DQEBCwUAA4IBAQA9XSsopzIEAppQBeJGQh6Z0IbUfJchaZgSVPQfFbc9
Tu+m5DyZvH9wF3f1WM1fAW5ZARrkMIaF9oSpLrADoIlxZXDHEuGFrM/YffXvF7By
IwXIvdq6e3tq7cQDVThWXHdRlXb3UjfOL/SXgo2vzh/99AGSs7TxE/TWwHU0tn36
K21VE+ZF4oNPwWnb9NtrJNr4Ud6VkGfltuVX1KduxxVyIVyx2iUPf/t9cRHjdUE6
ecmhalGewb0dvlbCUsAufljfMIyUWhrFp10QcG/pNCd4JGcJBEDMd9p08XuAFPJD
7qWj1vL49qYq+2BZZ/RsMREpGw1r+4qHTbejietaDPJz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org