Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/9ejM7HU3PKr0A1IjQvBJVHbqm-w.roa
File: 9ejM7HU3PKr0A1IjQvBJVHbqm-w.roa (raw, json)
Hash identifier: y2aZDiaGAoeSmUSEU7Ga6ftycy3MZh71VEStsSYtlUE=
Subject key identifier: F5:E8:CC:EC:75:37:3C:AA:F4:03:52:23:42:F0:49:54:76:EA:9B:EC
Certificate issuer: /CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Certificate serial: 01879DCD2A2EAB4C01CE4A8310D97C3B96D3
Authority key identifier: 9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/9ejM7HU3PKr0A1IjQvBJVHbqm-w.roa
Signing time: Thu 20 Apr 2023 08:34:41 +0000
ROA not before: Thu 20 Apr 2023 08:34:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 193.29.144.0/20 maxlen: 20
194.99.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:cd:2a:2e:ab:4c:01:ce:4a:83:10:d9:7c:3b:96:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Validity
Not Before: Apr 20 08:34:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5e8ccec75373caaf403522342f0495476ea9bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0c:c9:5f:5e:0b:e5:3a:27:fa:e6:91:2c:42:
38:c9:b7:95:25:9e:d5:60:f7:1a:3f:54:99:e6:b1:
2f:fb:4e:45:ec:be:e4:c4:b7:b6:61:f5:53:9c:ec:
6d:d6:58:c6:ac:55:99:cc:26:18:7f:2e:4a:d3:23:
98:63:16:52:8b:e3:7d:32:26:7e:f0:7c:70:6e:5c:
1f:82:1b:3f:9f:c4:91:5d:d4:da:ca:93:e7:21:ea:
d5:93:56:ad:bd:ef:32:b7:f0:14:63:9b:b1:a4:b0:
e3:11:c8:61:f9:f0:b9:4f:52:19:7d:bc:27:f8:dc:
86:4b:32:af:c9:0e:59:ae:f1:41:09:27:50:ca:4e:
d8:d5:49:46:72:fb:90:e9:0b:65:63:8b:fc:bd:f1:
d0:5e:b4:44:d7:87:13:b3:c1:bf:6d:02:63:15:2e:
3d:49:00:fd:42:6a:4d:e1:d8:aa:28:28:d1:cf:4e:
97:06:e0:69:57:08:85:a2:3f:49:9d:b0:8a:97:f1:
91:91:df:ad:0a:e3:33:aa:70:3c:a1:b6:67:89:04:
76:21:09:4f:02:a4:2b:1e:ac:ec:e1:10:76:84:36:
ab:36:9f:48:ce:d7:79:81:8a:3e:5f:eb:fa:b9:e4:
6c:d2:86:3a:f8:2f:fb:7c:6a:a7:af:bf:48:87:85:
62:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E8:CC:EC:75:37:3C:AA:F4:03:52:23:42:F0:49:54:76:EA:9B:EC
X509v3 Authority Key Identifier:
keyid:9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/9ejM7HU3PKr0A1IjQvBJVHbqm-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/nLls5ZxZVXUw8OqkTGZFA9nEAe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.144.0/20
194.99.120.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:ac:48:6b:85:65:d4:ce:9d:9a:d5:b5:3d:a9:d5:48:24:0f:
99:f9:15:bf:43:b3:95:3a:6b:29:71:e4:8e:80:21:49:b1:34:
60:25:68:2e:7b:47:22:22:61:bb:3e:3b:19:ba:5b:29:10:87:
5a:b8:7a:42:57:d2:71:04:db:f9:b7:3a:5d:fa:42:3d:82:36:
30:6c:db:a4:27:f8:6c:15:f4:a5:ce:db:14:56:ef:5e:09:d4:
16:9d:aa:69:b8:cf:fe:06:d5:30:71:4d:68:9e:43:3f:01:94:
fb:ec:c0:c9:84:d6:15:c4:59:88:71:49:35:d1:7b:27:0c:3f:
08:57:e5:58:ba:c8:df:20:2f:a6:fd:7c:ea:6f:79:81:3a:de:
76:a5:fa:9d:b4:11:1f:0a:a7:f6:c1:a2:3a:82:a2:23:ff:80:
a4:30:cd:8a:cf:9f:42:74:35:2e:4e:e8:f3:75:9b:f5:d0:4c:
87:1d:69:cb:8f:11:bd:b3:e8:db:dc:f1:a7:48:e0:a2:b6:85:
3c:bd:47:27:1d:98:0e:4f:d5:a8:9d:69:5f:07:90:be:b1:50:
08:09:1b:1f:f6:06:66:19:43:c9:bc:33:8d:f1:17:1e:bc:5c:
9d:cf:53:9a:7b:fb:77:a4:83:ed:29:c2:0e:6c:a8:53:ec:b1:
ec:b6:8f:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYedzSouq0wBzkqDENl8O5bTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjk2Y2U1OWM1OTU1NzUzMGYwZWFhNDRjNjY0NTAzZDlj
NDAxZWQwHhcNMjMwNDIwMDgzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWU4Y2NlYzc1MzczY2FhZjQwMzUyMjM0MmYwNDk1NDc2ZWE5YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgzJX14L5Ton+uaRLEI4ybeVJZ7V
YPcaP1SZ5rEv+05F7L7kxLe2YfVTnOxt1ljGrFWZzCYYfy5K0yOYYxZSi+N9MiZ+
8Hxwblwfghs/n8SRXdTaypPnIerVk1atve8yt/AUY5uxpLDjEchh+fC5T1IZfbwn
+NyGSzKvyQ5ZrvFBCSdQyk7Y1UlGcvuQ6QtlY4v8vfHQXrRE14cTs8G/bQJjFS49
SQD9QmpN4diqKCjRz06XBuBpVwiFoj9JnbCKl/GRkd+tCuMzqnA8obZniQR2IQlP
AqQrHqzs4RB2hDarNp9Iztd5gYo+X+v6ueRs0oY6+C/7fGqnr79Ih4VisQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPXozOx1Nzyq9ANSI0LwSVR26pvsMB8GA1UdIwQY
MBaAFJy5bOWcWVV1MPDqpExmRQPZxAHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQt
ZGRiMGIxNDhlNDZiLzEvOWVqTTdIVTNQS3IwQTFJalF2QkpWSGJxbS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQtZGRiMGIxNDhlNDZi
LzEvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEwR2QAwQD
wmN4MA0GCSqGSIb3DQEBCwUAA4IBAQAvrEhrhWXUzp2a1bU9qdVIJA+Z+RW/Q7OV
OmspceSOgCFJsTRgJWgue0ciImG7PjsZulspEIdauHpCV9JxBNv5tzpd+kI9gjYw
bNukJ/hsFfSlztsUVu9eCdQWnappuM/+BtUwcU1onkM/AZT77MDJhNYVxFmIcUk1
0XsnDD8IV+VYusjfIC+m/Xzqb3mBOt52pfqdtBEfCqf2waI6gqIj/4CkMM2Kz59C
dDUuTujzdZv10EyHHWnLjxG9s+jb3PGnSOCitoU8vUcnHZgOT9WonWlfB5C+sVAI
CRsf9gZmGUPJvDON8RcevFydz1Oae/t3pIPtKcIObKhT7LHsto+1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:02 2024 by rpki-client on console-fra.rpki-client.org