Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kC2jRs3OzqH3CsZGauoFmjyGqSw.roa
File: kC2jRs3OzqH3CsZGauoFmjyGqSw.roa (raw, json)
Hash identifier: L1n8OypKBnzlH3NNtgwDlREFxRuQHvbboBMsnWSlfAI=
Subject key identifier: 90:2D:A3:46:CD:CE:CE:A1:F7:0A:C6:46:6A:EA:05:9A:3C:86:A9:2C
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0186316A7EE56F8D878F7ACFBC0E13225567
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kC2jRs3OzqH3CsZGauoFmjyGqSw.roa
Signing time: Wed 08 Feb 2023 14:25:08 +0000
ROA not before: Wed 08 Feb 2023 14:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31798
IP address blocks: 193.34.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:6a:7e:e5:6f:8d:87:8f:7a:cf:bc:0e:13:22:55:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Feb 8 14:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=902da346cdcecea1f70ac6466aea059a3c86a92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f9:45:af:21:1b:4d:33:69:f2:d2:e3:b6:2f:
94:77:56:c8:65:2b:4f:a3:d6:05:48:b9:e6:81:72:
dc:3c:9c:58:a0:ad:c8:42:7b:25:c8:82:21:ed:aa:
8c:57:78:fd:0c:b1:a5:54:02:e0:88:b6:02:01:3e:
ce:4e:ed:4d:20:94:c5:f6:27:53:df:90:06:28:68:
94:c4:7e:73:7d:10:4b:19:20:34:ad:99:90:02:c5:
50:cc:92:46:5d:d7:11:45:b6:96:ac:47:90:d2:7c:
2f:14:75:06:71:e9:50:75:54:9b:fb:5d:a1:92:35:
d1:2b:be:ec:0a:f8:d0:b9:a7:b5:e4:9f:d3:33:3d:
cd:e5:a4:1c:c8:30:f2:8e:89:82:bd:9e:26:0a:b8:
71:f1:08:c5:d2:80:5f:b0:a7:e4:12:7c:3f:8d:5c:
c2:36:48:96:18:95:bb:56:62:0c:aa:83:26:9c:fd:
e0:13:a2:b2:43:50:55:15:0d:eb:95:20:29:86:95:
42:33:8e:73:e0:02:6c:b0:13:27:f6:52:56:b5:7c:
f3:ce:e6:9f:51:a0:9d:6d:19:26:67:a3:54:69:b1:
be:19:27:e3:e0:02:3d:15:24:90:fb:ec:94:0a:f3:
a8:df:50:dd:83:2d:77:41:5a:de:99:5e:4d:92:d3:
68:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2D:A3:46:CD:CE:CE:A1:F7:0A:C6:46:6A:EA:05:9A:3C:86:A9:2C
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kC2jRs3OzqH3CsZGauoFmjyGqSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.76.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:54:ed:10:2b:08:ac:c3:7c:93:02:5d:f0:0b:91:07:21:5a:
17:82:7f:21:9e:97:0e:fb:43:40:c3:87:30:7a:fa:d3:b0:0c:
05:f3:a9:75:b7:fb:86:16:81:f2:7d:03:62:41:2c:b9:9c:6f:
80:bb:bc:ca:dd:31:76:c0:4a:11:39:2e:c8:c9:bf:47:70:94:
f3:78:cb:a2:0e:70:3e:2f:91:30:bc:df:46:43:f3:ba:54:2a:
f8:61:8b:93:f1:6c:fc:0c:80:1f:90:08:97:a4:2c:03:3f:68:
ab:b1:40:98:f6:b3:b4:bf:63:39:6e:1a:61:f3:d6:ff:90:9a:
a3:02:76:74:00:c5:64:72:ea:0c:8f:14:df:83:16:89:9b:57:
0f:d9:ec:28:40:64:7d:a3:be:22:60:be:40:67:fa:c6:3c:c7:
00:2c:90:ab:da:d1:af:02:b8:32:fe:a8:f0:50:34:5a:e1:8f:
35:d3:68:72:e8:a4:19:89:13:27:fb:35:1e:d2:4d:fb:52:0a:
ff:46:5d:d3:36:90:d5:89:17:11:b4:39:7c:fb:8b:bb:66:08:
19:e1:b3:aa:1f:5d:89:57:0f:23:11:09:29:b1:02:73:74:c3:
e1:ce:3a:3e:2e:33:75:72:91:a8:97:4f:e7:5a:6f:f7:0c:ce:
10:69:80:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYxan7lb42Hj3rPvA4TIlVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMjA4MTQyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDJkYTM0NmNkY2VjZWExZjcwYWM2NDY2YWVhMDU5YTNjODZhOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmflFryEbTTNp8tLjti+Ud1bIZStP
o9YFSLnmgXLcPJxYoK3IQnslyIIh7aqMV3j9DLGlVALgiLYCAT7OTu1NIJTF9idT
35AGKGiUxH5zfRBLGSA0rZmQAsVQzJJGXdcRRbaWrEeQ0nwvFHUGcelQdVSb+12h
kjXRK77sCvjQuae15J/TMz3N5aQcyDDyjomCvZ4mCrhx8QjF0oBfsKfkEnw/jVzC
NkiWGJW7VmIMqoMmnP3gE6KyQ1BVFQ3rlSAphpVCM45z4AJssBMn9lJWtXzzzuaf
UaCdbRkmZ6NUabG+GSfj4AI9FSSQ++yUCvOo31Ddgy13QVremV5NktNoQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAto0bNzs6h9wrGRmrqBZo8hqksMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEva0MyalJzM096cUgzQ3NaR2F1b0ZtanlHcVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSJMMA0G
CSqGSIb3DQEBCwUAA4IBAQDTVO0QKwisw3yTAl3wC5EHIVoXgn8hnpcO+0NAw4cw
evrTsAwF86l1t/uGFoHyfQNiQSy5nG+Au7zK3TF2wEoROS7Iyb9HcJTzeMuiDnA+
L5EwvN9GQ/O6VCr4YYuT8Wz8DIAfkAiXpCwDP2irsUCY9rO0v2M5bhph89b/kJqj
AnZ0AMVkcuoMjxTfgxaJm1cP2ewoQGR9o74iYL5AZ/rGPMcALJCr2tGvArgy/qjw
UDRa4Y8102hy6KQZiRMn+zUe0k37Ugr/Rl3TNpDViRcRtDl8+4u7ZggZ4bOqH12J
Vw8jEQkpsQJzdMPhzjo+LjN1cpGol0/nWm/3DM4QaYDs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org