Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/K5IoIO6HmfOpOTQV5I3jukOMxgA.roa
File: K5IoIO6HmfOpOTQV5I3jukOMxgA.roa (raw, json)
Hash identifier: qjQo4dPsjgvRvsk6d+3/rQLxR+DIijKbmdQG8xJgVhE=
Subject key identifier: 2B:92:28:20:EE:87:99:F3:A9:39:34:15:E4:8D:E3:BA:43:8C:C6:00
Certificate issuer: /CN=41fb6b1708335006b0a6aac650bfaff3fc8d292c
Certificate serial: 01856E6FC87FEC7424F7DE644BE156EAD5EF
Authority key identifier: 41:FB:6B:17:08:33:50:06:B0:A6:AA:C6:50:BF:AF:F3:FC:8D:29:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/K5IoIO6HmfOpOTQV5I3jukOMxgA.roa
Signing time: Sun 01 Jan 2023 17:44:57 +0000
ROA not before: Sun 01 Jan 2023 17:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59489
IP address blocks: 193.32.57.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:c8:7f:ec:74:24:f7:de:64:4b:e1:56:ea:d5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41fb6b1708335006b0a6aac650bfaff3fc8d292c
Validity
Not Before: Jan 1 17:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b922820ee8799f3a9393415e48de3ba438cc600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:98:44:db:15:72:c0:48:fb:65:b2:ca:8e:14:
70:af:50:09:82:0f:2b:5d:18:c3:ee:49:31:3a:f6:
b6:96:ca:f2:29:d5:d2:73:41:3d:33:74:86:df:a3:
7a:71:01:89:91:a4:2f:d6:4c:17:39:55:9f:ba:23:
ee:af:24:79:61:52:40:02:c5:ef:ae:61:85:ab:84:
60:aa:8f:0c:70:dd:aa:53:39:36:ae:24:f3:16:0f:
17:3e:b7:78:df:71:24:11:b2:da:eb:bb:c4:1a:14:
d7:98:26:e2:46:4d:36:75:7f:32:87:1b:c4:06:45:
ee:e7:09:0e:6f:eb:cd:a7:46:8d:5d:2e:9d:f6:bc:
c7:e2:b4:c4:3c:e5:98:a8:26:17:7e:1a:0c:b5:7c:
db:12:85:ad:70:c2:df:9d:ab:16:a8:b8:7b:07:f1:
d4:14:c3:f7:dd:63:d2:df:34:69:88:77:ef:ab:82:
71:c6:d6:b2:f7:b9:96:c3:dd:10:22:9f:2f:95:77:
1c:87:fd:b1:fc:31:a1:11:86:d3:ea:d9:02:a8:77:
b1:b7:29:53:09:13:b5:96:3f:a6:86:b8:8b:9a:b8:
77:d4:5a:3a:ab:81:e9:fb:ac:9a:44:0b:f1:b2:a4:
b6:50:fa:05:a9:62:df:80:67:04:41:a6:ce:a1:50:
d5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:92:28:20:EE:87:99:F3:A9:39:34:15:E4:8D:E3:BA:43:8C:C6:00
X509v3 Authority Key Identifier:
keyid:41:FB:6B:17:08:33:50:06:B0:A6:AA:C6:50:BF:AF:F3:FC:8D:29:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/K5IoIO6HmfOpOTQV5I3jukOMxgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/QftrFwgzUAawpqrGUL-v8_yNKSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.57.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:4f:d6:6a:bc:5c:e0:67:0b:a5:15:c6:8e:76:c1:f4:20:d7:
90:6b:00:02:00:b9:ee:d8:f0:57:4d:27:5c:f9:cc:54:fa:02:
f0:36:f3:61:25:9e:ea:0a:a3:43:5e:a9:0a:48:f8:85:1b:6f:
b2:a8:e4:a6:73:8b:92:91:9c:e2:8b:86:8f:ac:b4:1d:7c:58:
8c:ce:5c:01:a9:0c:76:5d:12:3d:f9:66:78:fb:7f:d2:9d:c7:
d0:09:67:60:18:3b:bd:6e:f4:b7:f1:d1:e1:69:68:ad:90:b5:
34:c1:11:ed:f1:83:a1:45:41:7c:43:89:88:c6:c8:30:03:8d:
ae:0a:6e:63:8f:ea:f9:6f:d3:eb:67:05:f9:52:bf:c0:ef:ea:
ed:11:b4:7c:7c:65:b1:e5:ed:91:e3:ea:de:a1:38:6a:f2:97:
5e:71:05:8b:da:54:dc:cb:84:be:e0:d2:b9:51:f6:4b:c6:9a:
1c:4a:a2:6e:c2:bf:4f:31:ce:0f:1e:1e:bb:79:d0:8f:8a:f9:
fb:43:98:fa:9f:4b:b8:0a:a3:91:84:fe:9a:5c:e4:bb:a6:27:
cb:db:30:18:17:ef:64:15:ac:93:04:ab:aa:db:de:e3:f7:fb:
58:e3:76:b4:8a:6a:db:0e:2e:f3:10:ac:f4:76:78:d8:2a:40:
9a:ef:c5:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub8h/7HQk995kS+FW6tXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZmI2YjE3MDgzMzUwMDZiMGE2YWFjNjUwYmZhZmYzZmM4
ZDI5MmMwHhcNMjMwMTAxMTc0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjkyMjgyMGVlODc5OWYzYTkzOTM0MTVlNDhkZTNiYTQzOGNjNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlphE2xVywEj7ZbLKjhRwr1AJgg8r
XRjD7kkxOva2lsryKdXSc0E9M3SG36N6cQGJkaQv1kwXOVWfuiPuryR5YVJAAsXv
rmGFq4Rgqo8McN2qUzk2riTzFg8XPrd433EkEbLa67vEGhTXmCbiRk02dX8yhxvE
BkXu5wkOb+vNp0aNXS6d9rzH4rTEPOWYqCYXfhoMtXzbEoWtcMLfnasWqLh7B/HU
FMP33WPS3zRpiHfvq4Jxxtay97mWw90QIp8vlXcch/2x/DGhEYbT6tkCqHextylT
CRO1lj+mhriLmrh31Fo6q4Hp+6yaRAvxsqS2UPoFqWLfgGcEQabOoVDVCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCuSKCDuh5nzqTk0FeSN47pDjMYAMB8GA1UdIwQY
MBaAFEH7axcIM1AGsKaqxlC/r/P8jSksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZ0ckZ3Z3pVQWF3cHFyR1VMLXY4X3lOS1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jNzcxYzMtY2E5MC00ZmQyLTk5YWMt
MDRjODJlZDZlZDRjLzEvSzVJb0lPNkhtZk9wT1RRVjVJM2p1a09NeGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jNzcxYzMtY2E5MC00ZmQyLTk5YWMtMDRjODJlZDZlZDRj
LzEvUWZ0ckZ3Z3pVQWF3cHFyR1VMLXY4X3lOS1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSA5MA0G
CSqGSIb3DQEBCwUAA4IBAQCgT9ZqvFzgZwulFcaOdsH0INeQawACALnu2PBXTSdc
+cxU+gLwNvNhJZ7qCqNDXqkKSPiFG2+yqOSmc4uSkZzii4aPrLQdfFiMzlwBqQx2
XRI9+WZ4+3/SncfQCWdgGDu9bvS38dHhaWitkLU0wRHt8YOhRUF8Q4mIxsgwA42u
Cm5jj+r5b9PrZwX5Ur/A7+rtEbR8fGWx5e2R4+reoThq8pdecQWL2lTcy4S+4NK5
UfZLxpocSqJuwr9PMc4PHh67edCPivn7Q5j6n0u4CqORhP6aXOS7pifL2zAYF+9k
FayTBKuq297j9/tY43a0imrbDi7zEKz0dnjYKkCa78Vj
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:55 2024 by rpki-client on console-ams.rpki-client.org