Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/a5baa2-2a35-4c76-a940-5990cd4de88b/1/r91IpUIuKbKoxgZlp91-37zOg3M.roa
File: r91IpUIuKbKoxgZlp91-37zOg3M.roa (raw, json)
Hash identifier: 30dvkgu2TLFw45OiHr02MEzgKH4nJ2gHp+09zsBreFY=
Subject key identifier: AF:DD:48:A5:42:2E:29:B2:A8:C6:06:65:A7:DD:7E:DF:BC:CE:83:73
Certificate issuer: /CN=d79d856aaa9ead12f75cb68cdae96a0d2c8dde1e
Certificate serial: 01856D417FD8C5916A5797EB971DD5A782A5
Authority key identifier: D7:9D:85:6A:AA:9E:AD:12:F7:5C:B6:8C:DA:E9:6A:0D:2C:8D:DE:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152FaqqerRL3XLaM2ulqDSyN3h4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/a5baa2-2a35-4c76-a940-5990cd4de88b/1/r91IpUIuKbKoxgZlp91-37zOg3M.roa
Signing time: Sun 01 Jan 2023 12:14:47 +0000
ROA not before: Sun 01 Jan 2023 12:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5416
IP address blocks: 193.188.13.0/24 maxlen: 24
193.188.12.0/23 maxlen: 23
193.188.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:7f:d8:c5:91:6a:57:97:eb:97:1d:d5:a7:82:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79d856aaa9ead12f75cb68cdae96a0d2c8dde1e
Validity
Not Before: Jan 1 12:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afdd48a5422e29b2a8c60665a7dd7edfbcce8373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:05:7a:c7:92:ba:ed:9d:2b:6f:d7:6d:3a:
56:03:c8:ee:e2:94:59:e1:32:dc:04:4e:53:66:c6:
c8:cb:d8:67:f5:e8:ab:58:c7:19:25:d2:c1:67:5c:
3a:23:59:98:01:1c:71:1e:81:3d:ae:77:e7:5c:10:
c5:ed:8a:2c:62:dd:3c:c3:ab:f7:e7:71:0a:20:e3:
79:f5:a3:bd:07:28:b4:6c:ac:45:be:65:7c:9e:70:
df:f1:53:52:84:2f:93:72:fd:a2:32:a2:3f:06:e6:
34:af:85:48:f5:a5:8e:9c:d1:8a:5d:f1:10:ab:59:
27:75:94:56:ac:b2:1c:e2:ac:f3:16:c8:dd:15:b2:
fb:ce:7d:5b:cc:06:61:d2:01:a5:59:8e:b2:41:13:
eb:ed:61:4b:89:47:22:58:14:c7:77:64:d8:a1:b5:
d6:4f:b7:e4:98:f3:56:08:3b:fe:6f:78:e7:8e:0a:
18:f7:28:cf:b4:4e:c4:1f:a1:cc:0a:74:24:87:c5:
68:0a:2d:03:76:64:5c:85:38:39:61:85:3c:d0:95:
f1:a9:24:a9:30:ba:34:02:da:0c:42:57:7d:ea:07:
1f:2c:87:21:ab:c6:dd:c8:b2:40:46:26:33:7d:d5:
73:73:c9:92:8c:fe:46:56:af:46:be:85:ca:58:c2:
78:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DD:48:A5:42:2E:29:B2:A8:C6:06:65:A7:DD:7E:DF:BC:CE:83:73
X509v3 Authority Key Identifier:
keyid:D7:9D:85:6A:AA:9E:AD:12:F7:5C:B6:8C:DA:E9:6A:0D:2C:8D:DE:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152FaqqerRL3XLaM2ulqDSyN3h4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a5baa2-2a35-4c76-a940-5990cd4de88b/1/r91IpUIuKbKoxgZlp91-37zOg3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a5baa2-2a35-4c76-a940-5990cd4de88b/1/152FaqqerRL3XLaM2ulqDSyN3h4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.12.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:5c:a4:55:51:9b:83:3b:93:9f:e3:40:26:f5:4d:38:14:03:
ef:c3:70:93:06:29:39:21:75:61:82:c3:39:6e:69:2c:65:9e:
92:06:6a:1b:d4:b4:ab:be:e6:c4:c6:58:ef:99:b1:50:da:a1:
37:a7:ef:7c:24:7a:75:e4:20:fd:ab:91:b5:52:0f:56:ba:3b:
e3:4f:a7:de:28:d6:c7:d4:fd:71:ed:e4:1b:57:69:17:aa:ec:
46:cb:aa:99:a6:d8:c5:00:62:ae:b4:d3:a5:dc:b0:83:07:b0:
64:d6:bd:a4:2c:4a:62:bf:20:f9:64:00:2f:7d:35:19:42:fb:
5f:4a:e5:18:01:3c:89:7d:77:3f:7f:37:a4:4d:5b:ae:ad:37:
41:f0:32:b6:1d:7b:52:3f:6e:ab:e4:28:ab:0b:4c:5e:3c:86:
2c:51:d9:b6:d0:ee:dd:09:83:21:37:6b:6a:32:b7:d7:ae:9d:
73:ee:8b:d5:6a:34:d6:6f:b1:57:95:f4:06:c1:ee:62:a9:a9:
cf:50:93:eb:1c:0b:a4:3f:35:f0:fd:46:6b:6a:38:62:4b:d7:
f9:d1:6e:a2:4c:71:a1:f9:08:b1:85:b2:b1:ea:45:fc:4d:60:
40:63:2f:a9:e6:9c:88:0f:fb:aa:25:d6:a7:3c:3d:2c:af:e5:
21:d4:7b:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQX/YxZFqV5frlx3Vp4KlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWQ4NTZhYWE5ZWFkMTJmNzVjYjY4Y2RhZTk2YTBkMmM4
ZGRlMWUwHhcNMjMwMTAxMTIxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmRkNDhhNTQyMmUyOWIyYThjNjA2NjVhN2RkN2VkZmJjY2U4MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3UFeseSuu2dK2/XbTpWA8ju4pRZ
4TLcBE5TZsbIy9hn9eirWMcZJdLBZ1w6I1mYARxxHoE9rnfnXBDF7YosYt08w6v3
53EKION59aO9Byi0bKxFvmV8nnDf8VNShC+Tcv2iMqI/BuY0r4VI9aWOnNGKXfEQ
q1kndZRWrLIc4qzzFsjdFbL7zn1bzAZh0gGlWY6yQRPr7WFLiUciWBTHd2TYobXW
T7fkmPNWCDv+b3jnjgoY9yjPtE7EH6HMCnQkh8VoCi0DdmRchTg5YYU80JXxqSSp
MLo0AtoMQld96gcfLIchq8bdyLJARiYzfdVzc8mSjP5GVq9GvoXKWMJ4XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/dSKVCLimyqMYGZafdft+8zoNzMB8GA1UdIwQY
MBaAFNedhWqqnq0S91y2jNrpag0sjd4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUyRmFxcWVyUkwzWExhTTJ1bHFEU3lOM2g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hNWJhYTItMmEzNS00Yzc2LWE5NDAt
NTk5MGNkNGRlODhiLzEvcjkxSXBVSXVLYktveGdabHA5MS0zN3pPZzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hNWJhYTItMmEzNS00Yzc2LWE5NDAtNTk5MGNkNGRlODhi
LzEvMTUyRmFxcWVyUkwzWExhTTJ1bHFEU3lOM2g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwbwMMA0G
CSqGSIb3DQEBCwUAA4IBAQBfXKRVUZuDO5Of40Am9U04FAPvw3CTBik5IXVhgsM5
bmksZZ6SBmob1LSrvubExljvmbFQ2qE3p+98JHp15CD9q5G1Ug9WujvjT6feKNbH
1P1x7eQbV2kXquxGy6qZptjFAGKutNOl3LCDB7Bk1r2kLEpivyD5ZAAvfTUZQvtf
SuUYATyJfXc/fzekTVuurTdB8DK2HXtSP26r5CirC0xePIYsUdm20O7dCYMhN2tq
MrfXrp1z7ovVajTWb7FXlfQGwe5iqanPUJPrHAukPzXw/UZrajhiS9f50W6iTHGh
+QixhbKx6kX8TWBAYy+p5pyID/uqJdanPD0sr+Uh1Hth
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:06 2024 by rpki-client on console-fra.rpki-client.org