Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/kT4qHzuH0nKXtiiodywXPpoH9yU.roa
File: kT4qHzuH0nKXtiiodywXPpoH9yU.roa (raw, json)
Hash identifier: YtGPkRZjr4PsbR/FRrW6Qib+bBjlbXjhAS+YZkcH8jU=
Subject key identifier: 91:3E:2A:1F:3B:87:D2:72:97:B6:28:A8:77:2C:17:3E:9A:07:F7:25
Certificate issuer: /CN=22fd1b59d5caaf7506bc0d5c34f30c2159b04398
Certificate serial: 0185729F02B99AEA57FCC17A78551C6FDE45
Authority key identifier: 22:FD:1B:59:D5:CA:AF:75:06:BC:0D:5C:34:F3:0C:21:59:B0:43:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/kT4qHzuH0nKXtiiodywXPpoH9yU.roa
Signing time: Mon 02 Jan 2023 13:15:01 +0000
ROA not before: Mon 02 Jan 2023 13:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33946
IP address blocks: 193.26.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9f:02:b9:9a:ea:57:fc:c1:7a:78:55:1c:6f:de:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22fd1b59d5caaf7506bc0d5c34f30c2159b04398
Validity
Not Before: Jan 2 13:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=913e2a1f3b87d27297b628a8772c173e9a07f725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8f:b2:94:e6:70:eb:2c:ab:06:ed:e1:cb:48:
cf:eb:6c:a6:81:40:d0:7e:6b:5d:27:c7:fa:3f:79:
ff:5e:db:f1:b6:db:58:f3:ee:8b:69:98:6f:5b:e8:
9e:a1:cc:bd:59:0e:cd:1a:75:a3:c9:d1:68:ac:a6:
c3:05:2d:9e:e7:fb:53:09:82:79:80:e4:63:0d:e6:
80:82:f3:59:58:1b:17:cb:20:00:13:3d:63:80:6e:
af:c7:90:26:69:2a:e0:0e:3c:41:c8:3a:8c:c5:b3:
94:4b:34:04:51:85:31:3c:7b:0a:47:5d:11:23:b9:
e6:85:77:1a:c1:7e:88:c5:e5:ed:92:ae:62:d3:88:
81:51:b8:c9:c7:1a:bf:02:8c:e1:fa:49:4d:04:72:
b3:36:f4:0c:c8:7d:ad:60:59:23:29:cb:5a:3c:67:
b3:f5:e1:bc:eb:fa:47:07:0d:0c:2f:fa:d5:e6:73:
07:cd:7f:31:29:16:d4:55:d9:e8:0e:a5:95:27:2f:
8a:c8:96:60:2d:97:d9:c1:a4:91:e3:9c:d4:2f:e6:
d4:e2:ee:63:d9:83:53:59:86:8e:c5:f7:62:ce:6b:
94:97:00:35:f7:08:3e:4c:c8:81:3c:17:03:5f:3d:
17:8c:6f:16:ac:85:65:0d:74:df:6f:6b:a8:a2:be:
7e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3E:2A:1F:3B:87:D2:72:97:B6:28:A8:77:2C:17:3E:9A:07:F7:25
X509v3 Authority Key Identifier:
keyid:22:FD:1B:59:D5:CA:AF:75:06:BC:0D:5C:34:F3:0C:21:59:B0:43:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/kT4qHzuH0nKXtiiodywXPpoH9yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.7.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:2c:55:f6:98:54:16:a9:26:b8:66:e1:73:22:e4:20:cb:ee:
5c:49:18:0a:b9:35:49:f1:98:33:e1:20:f7:59:a8:72:67:8d:
51:58:a8:60:a9:9c:92:0b:6d:2d:48:df:01:3e:f1:00:65:09:
59:58:79:34:12:dc:a5:e2:67:a1:0a:97:34:68:8f:31:c6:d8:
5f:f4:5c:c6:c6:ba:dc:37:0c:47:b8:5c:c2:0d:5e:8a:92:22:
4e:d0:20:d2:f5:65:26:df:12:ef:68:52:41:cb:e5:e6:be:f0:
a1:97:52:25:b2:6f:fd:e9:1e:3f:bc:56:14:ce:4f:55:d7:34:
ba:2e:61:36:79:ef:d6:3f:c5:5f:1c:a8:e9:ed:c5:1a:c0:36:
a6:4c:24:ae:1c:17:fe:de:ef:47:d1:dc:53:b4:63:0f:7d:4c:
b4:e5:93:31:c1:d0:62:94:a7:1f:eb:50:a9:25:42:b6:ef:8d:
77:46:d8:61:1b:1e:a2:70:f4:86:48:45:3b:c1:5f:63:06:d5:
bc:7b:c9:31:85:09:17:94:4d:31:56:3a:80:b7:e9:db:66:a5:
4d:77:34:bb:37:13:f3:a7:85:2f:bd:5a:97:c5:d3:cb:90:ca:
7e:55:79:7e:a9:57:16:19:66:6b:33:d7:01:09:40:36:9c:e6:
aa:d8:43:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynwK5mupX/MF6eFUcb95FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmQxYjU5ZDVjYWFmNzUwNmJjMGQ1YzM0ZjMwYzIxNTli
MDQzOTgwHhcNMjMwMTAyMTMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNlMmExZjNiODdkMjcyOTdiNjI4YTg3NzJjMTczZTlhMDdmNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI+ylOZw6yyrBu3hy0jP62ymgUDQ
fmtdJ8f6P3n/XtvxtttY8+6LaZhvW+ieocy9WQ7NGnWjydForKbDBS2e5/tTCYJ5
gORjDeaAgvNZWBsXyyAAEz1jgG6vx5AmaSrgDjxByDqMxbOUSzQEUYUxPHsKR10R
I7nmhXcawX6IxeXtkq5i04iBUbjJxxq/Aozh+klNBHKzNvQMyH2tYFkjKctaPGez
9eG86/pHBw0ML/rV5nMHzX8xKRbUVdnoDqWVJy+KyJZgLZfZwaSR45zUL+bU4u5j
2YNTWYaOxfdizmuUlwA19wg+TMiBPBcDXz0XjG8WrIVlDXTfb2uoor5+wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJE+Kh87h9Jyl7YoqHcsFz6aB/clMB8GA1UdIwQY
MBaAFCL9G1nVyq91BrwNXDTzDCFZsEOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84NTBlOTYtMTkxZi00ZGNiLTllZGIt
Y2Q1OGZhMjAxNGRkLzEva1Q0cUh6dUgwbktYdGlpb2R5d1hQcG9IOXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84NTBlOTYtMTkxZi00ZGNiLTllZGItY2Q1OGZhMjAxNGRk
LzEvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRoHMA0G
CSqGSIb3DQEBCwUAA4IBAQAvLFX2mFQWqSa4ZuFzIuQgy+5cSRgKuTVJ8Zgz4SD3
WahyZ41RWKhgqZySC20tSN8BPvEAZQlZWHk0Etyl4mehCpc0aI8xxthf9FzGxrrc
NwxHuFzCDV6KkiJO0CDS9WUm3xLvaFJBy+XmvvChl1Ilsm/96R4/vFYUzk9V1zS6
LmE2ee/WP8VfHKjp7cUawDamTCSuHBf+3u9H0dxTtGMPfUy05ZMxwdBilKcf61Cp
JUK27413RthhGx6icPSGSEU7wV9jBtW8e8kxhQkXlE0xVjqAt+nbZqVNdzS7NxPz
p4UvvVqXxdPLkMp+VXl+qVcWGWZrM9cBCUA2nOaq2EMR
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:55 2024 by rpki-client on console-ams.rpki-client.org