Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/1Eqpsqt3mwv9cXbp_rYHD0TDne8.roa
File: 1Eqpsqt3mwv9cXbp_rYHD0TDne8.roa (raw, json)
Hash identifier: 6Y2kTUv9yr+h7/5Z/1YVRZs9AAyCUpv8Lk8vaBLe4mw=
Subject key identifier: D4:4A:A9:B2:AB:77:9B:0B:FD:71:76:E9:FE:B6:07:0F:44:C3:9D:EF
Certificate issuer: /CN=49bd4d28c52c2f12e46a1efbe113241be00ca58f
Certificate serial: 018571BA1AE231986DC8D5E9C868112913AA
Authority key identifier: 49:BD:4D:28:C5:2C:2F:12:E4:6A:1E:FB:E1:13:24:1B:E0:0C:A5:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sb1NKMUsLxLkah774RMkG-AMpY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/1Eqpsqt3mwv9cXbp_rYHD0TDne8.roa
Signing time: Mon 02 Jan 2023 09:04:59 +0000
ROA not before: Mon 02 Jan 2023 09:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20676
IP address blocks: 193.56.174.0/23 maxlen: 24
193.56.194.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:1a:e2:31:98:6d:c8:d5:e9:c8:68:11:29:13:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49bd4d28c52c2f12e46a1efbe113241be00ca58f
Validity
Not Before: Jan 2 09:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d44aa9b2ab779b0bfd7176e9feb6070f44c39def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:58:b5:53:fd:05:04:15:8b:4f:68:43:50:
27:17:d5:58:ff:ea:86:ac:41:d5:d7:ce:b4:87:ef:
fb:bf:7d:f4:83:a5:45:99:66:03:2e:87:1b:e8:06:
5f:9e:7b:1f:a1:63:be:5c:3f:8c:09:76:33:11:a2:
e0:0a:b8:6c:c5:af:3f:0f:b7:36:f4:e8:60:83:17:
ba:c3:8c:67:43:7e:9d:5b:2e:80:c9:dd:e6:71:96:
5f:94:d5:5c:4a:4f:c9:91:fe:79:89:f0:a2:e9:db:
a1:35:cb:0d:ac:f2:de:27:59:67:44:f0:3e:96:1b:
0c:be:1f:e6:cb:d4:1b:69:22:b3:71:5b:6f:0c:6d:
25:59:aa:ba:14:4c:c2:54:21:f7:97:5a:e9:dc:e4:
e4:ff:ee:d4:25:5d:0f:86:9b:bb:34:cb:bf:06:80:
ee:bd:67:e7:7e:c4:56:e8:f2:17:3a:2a:84:54:bf:
48:bf:74:59:db:d5:2c:72:5e:38:c4:7b:bc:8f:2e:
ae:af:e2:43:75:1f:3f:3c:61:a5:88:c0:40:eb:5a:
57:b8:75:6f:ef:18:c3:28:57:d8:2c:04:af:0c:06:
6e:73:66:b4:d6:2b:2c:75:f2:6d:e9:c0:78:db:db:
68:e8:1b:5d:93:fb:bf:ae:d0:9b:4c:a0:2e:a3:b3:
49:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:4A:A9:B2:AB:77:9B:0B:FD:71:76:E9:FE:B6:07:0F:44:C3:9D:EF
X509v3 Authority Key Identifier:
keyid:49:BD:4D:28:C5:2C:2F:12:E4:6A:1E:FB:E1:13:24:1B:E0:0C:A5:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sb1NKMUsLxLkah774RMkG-AMpY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/1Eqpsqt3mwv9cXbp_rYHD0TDne8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/Sb1NKMUsLxLkah774RMkG-AMpY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.174.0/23
193.56.194.0/23
Signature Algorithm: sha256WithRSAEncryption
62:fd:a2:09:0b:07:63:bc:2f:27:20:b9:32:65:5d:7c:96:7e:
55:54:dc:c3:eb:11:51:87:f7:24:89:bc:b9:7b:a6:46:dd:27:
ca:ac:10:65:28:07:bf:52:19:f5:ff:6b:62:5a:88:49:77:6f:
4f:67:2c:37:65:df:f1:82:24:10:09:05:ba:e8:2e:66:61:d9:
07:4c:0a:18:33:f9:52:94:01:9e:a4:e9:15:ca:20:70:af:d6:
cd:90:10:45:9c:c8:42:d8:21:49:e7:de:b6:6c:0d:a2:c5:9e:
51:96:c3:cd:29:e1:33:21:28:2b:5b:09:d5:19:f7:89:3e:3a:
68:02:2c:e5:a0:49:8f:4d:fa:de:cf:e6:63:37:2d:05:f0:82:
a8:b3:46:ff:f0:63:c2:24:46:43:f6:de:5b:00:0d:91:a7:65:
f1:46:72:72:d2:0f:c0:72:66:f4:52:79:d5:b9:29:a2:8b:9a:
4f:a4:ac:00:dd:57:65:dc:73:b5:48:49:94:93:95:ab:cb:c0:
1c:8a:67:9e:48:45:f0:0c:03:f2:3f:01:a4:2b:09:3d:57:b8:
57:5b:a7:ef:f6:a1:2b:c0:3b:28:52:e1:81:2e:04:13:61:47:
05:3a:5c:d6:f8:d8:55:50:63:90:65:05:71:14:d3:a2:13:83:
d7:da:3e:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxuhriMZhtyNXpyGgRKROqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YmQ0ZDI4YzUyYzJmMTJlNDZhMWVmYmUxMTMyNDFiZTAw
Y2E1OGYwHhcNMjMwMTAyMDkwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDRhYTliMmFiNzc5YjBiZmQ3MTc2ZTlmZWI2MDcwZjQ0YzM5ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqdYtVP9BQQVi09oQ1AnF9VY/+qG
rEHV1860h+/7v330g6VFmWYDLocb6AZfnnsfoWO+XD+MCXYzEaLgCrhsxa8/D7c2
9Ohggxe6w4xnQ36dWy6Ayd3mcZZflNVcSk/Jkf55ifCi6duhNcsNrPLeJ1lnRPA+
lhsMvh/my9QbaSKzcVtvDG0lWaq6FEzCVCH3l1rp3OTk/+7UJV0Phpu7NMu/BoDu
vWfnfsRW6PIXOiqEVL9Iv3RZ29Uscl44xHu8jy6ur+JDdR8/PGGliMBA61pXuHVv
7xjDKFfYLASvDAZuc2a01issdfJt6cB429to6Btdk/u/rtCbTKAuo7NJQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNRKqbKrd5sL/XF26f62Bw9Ew53vMB8GA1UdIwQY
MBaAFEm9TSjFLC8S5Goe++ETJBvgDKWPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2IxTktNVXNMeExrYWg3NzRSTWtHLUFNcFk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iNWFmNDctOTQ1Mi00YzU1LWJjMmYt
NTc0NjAwN2NiMmEzLzEvMUVxcHNxdDNtd3Y5Y1hicF9yWUhEMFREbmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iNWFmNDctOTQ1Mi00YzU1LWJjMmYtNTc0NjAwN2NiMmEz
LzEvU2IxTktNVXNMeExrYWg3NzRSTWtHLUFNcFk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwTiuAwQB
wTjCMA0GCSqGSIb3DQEBCwUAA4IBAQBi/aIJCwdjvC8nILkyZV18ln5VVNzD6xFR
h/ckiby5e6ZG3SfKrBBlKAe/Uhn1/2tiWohJd29PZyw3Zd/xgiQQCQW66C5mYdkH
TAoYM/lSlAGepOkVyiBwr9bNkBBFnMhC2CFJ5962bA2ixZ5RlsPNKeEzISgrWwnV
GfeJPjpoAizloEmPTfrez+ZjNy0F8IKos0b/8GPCJEZD9t5bAA2Rp2XxRnJy0g/A
cmb0UnnVuSmii5pPpKwA3Vdl3HO1SEmUk5Wry8AcimeeSEXwDAPyPwGkKwk9V7hX
W6fv9qErwDsoUuGBLgQTYUcFOlzW+NhVUGOQZQVxFNOiE4PX2j7e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:24 2024 by rpki-client on console-ams.rpki-client.org