Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/e9f313-cd68-4fb5-bb8d-7396d8b640ad/1/9RCv8vNKQx-U6Nj4dgoT89XRAV8.roa
File: 9RCv8vNKQx-U6Nj4dgoT89XRAV8.roa (raw, json)
Hash identifier: 3inz+m5RXfEig0JoLHKizUzlnxhPOGTyHKPkltGonbM=
Subject key identifier: F5:10:AF:F2:F3:4A:43:1F:94:E8:D8:F8:76:0A:13:F3:D5:D1:01:5F
Certificate issuer: /CN=a00b42604b3f8e9e5b72f2329389af18ffbd20b8
Certificate serial: 01856DDD4592878DDB7F1D9F103DF3CEE2E8
Authority key identifier: A0:0B:42:60:4B:3F:8E:9E:5B:72:F2:32:93:89:AF:18:FF:BD:20:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oAtCYEs_jp5bcvIyk4mvGP-9ILg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/e9f313-cd68-4fb5-bb8d-7396d8b640ad/1/9RCv8vNKQx-U6Nj4dgoT89XRAV8.roa
Signing time: Sun 01 Jan 2023 15:04:55 +0000
ROA not before: Sun 01 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198060
IP address blocks: 193.56.211.0/24 maxlen: 24
193.56.209.0/24 maxlen: 24
193.56.231.0/24 maxlen: 24
2001:67c:1108::/47 maxlen: 47
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:45:92:87:8d:db:7f:1d:9f:10:3d:f3:ce:e2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a00b42604b3f8e9e5b72f2329389af18ffbd20b8
Validity
Not Before: Jan 1 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f510aff2f34a431f94e8d8f8760a13f3d5d1015f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4d:ac:c8:01:a8:54:c1:84:a6:6a:37:72:c3:
84:2a:ab:e2:e2:99:26:d4:68:0b:cc:f6:48:65:40:
9b:1d:58:9f:0f:8b:97:3a:8e:0b:3f:c3:46:dc:72:
aa:ce:bf:26:82:60:14:d7:f7:5a:77:d8:58:ea:b0:
94:6a:72:ca:42:55:6f:84:54:1a:2e:21:6c:fc:55:
02:3a:04:bd:af:77:7d:32:cd:fc:f8:ce:bb:9d:37:
5f:fb:0f:39:be:0a:71:89:18:db:ec:0e:ac:2c:41:
2b:26:f2:25:63:05:b8:00:cb:dd:a3:c7:2c:22:c3:
c4:4a:2a:92:3b:bd:35:d3:e5:26:c1:01:33:7b:78:
6a:0e:5a:3b:21:57:b5:e9:db:44:ec:e0:af:04:e7:
bd:87:83:e9:bc:a8:4d:a2:76:45:24:3d:53:93:4b:
4c:5d:08:1c:7d:cf:3a:98:1e:3c:37:4e:4a:fb:e3:
55:0c:bc:cb:bf:66:ae:4b:fb:60:89:49:e1:be:ee:
9d:b8:47:5c:06:71:f4:27:99:33:94:c7:c4:45:d7:
06:3a:7b:f2:bb:c2:b8:0e:fe:d3:00:7d:a5:d3:51:
18:dd:9a:f2:54:07:6b:52:af:1e:5a:85:47:ac:63:
ae:a0:10:21:b2:14:6e:ef:e7:f4:3a:54:6b:e4:0b:
db:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:10:AF:F2:F3:4A:43:1F:94:E8:D8:F8:76:0A:13:F3:D5:D1:01:5F
X509v3 Authority Key Identifier:
keyid:A0:0B:42:60:4B:3F:8E:9E:5B:72:F2:32:93:89:AF:18:FF:BD:20:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oAtCYEs_jp5bcvIyk4mvGP-9ILg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e9f313-cd68-4fb5-bb8d-7396d8b640ad/1/9RCv8vNKQx-U6Nj4dgoT89XRAV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e9f313-cd68-4fb5-bb8d-7396d8b640ad/1/oAtCYEs_jp5bcvIyk4mvGP-9ILg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.209.0/24
193.56.211.0/24
193.56.231.0/24
IPv6:
2001:67c:1108::/47
Signature Algorithm: sha256WithRSAEncryption
39:67:1f:5e:52:f5:46:13:43:3f:fd:d8:47:bf:99:55:a2:fb:
fc:15:33:0a:33:62:9e:9f:1b:1d:39:47:22:83:aa:7c:a1:f8:
81:46:65:2d:04:0b:d4:2c:82:f1:d9:a6:dd:b7:dc:d6:ec:fb:
c3:7d:61:22:e2:aa:7c:3c:e0:8f:09:3b:c1:45:06:a1:04:df:
16:98:fe:8f:7b:40:26:87:b5:cd:1c:95:80:04:63:84:6a:44:
0b:db:2f:3f:65:09:b4:9d:ef:25:88:f3:7c:da:2c:2b:0b:36:
86:4a:c4:7b:5f:b9:0c:32:be:0c:a7:56:7e:23:da:71:dc:01:
49:f5:20:e9:c5:a0:5b:0b:90:d9:ec:f6:78:36:31:d9:f5:9c:
0c:99:dd:8c:90:68:f8:26:9e:a1:a8:6a:f7:e4:47:07:23:08:
99:ee:ad:55:1a:0d:46:7d:11:9d:fa:3e:33:05:8b:40:11:8d:
23:9e:f9:c0:91:84:bd:03:23:bf:f8:54:8a:3b:fc:9d:5a:95:
ee:90:e5:56:e2:94:50:21:ea:32:cd:ea:11:d7:bd:5e:ef:d8:
e2:a3:f2:ac:05:01:87:0a:e0:09:3e:28:f5:2b:df:43:b1:8e:
c1:86:63:56:93:f1:21:9a:50:7c:c3:ba:23:f4:74:ce:18:2c:
5f:2e:1c:89
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVt3UWSh43bfx2fED3zzuLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMGI0MjYwNGIzZjhlOWU1YjcyZjIzMjkzODlhZjE4ZmZi
ZDIwYjgwHhcNMjMwMTAxMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTEwYWZmMmYzNGE0MzFmOTRlOGQ4Zjg3NjBhMTNmM2Q1ZDEwMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE2syAGoVMGEpmo3csOEKqvi4pkm
1GgLzPZIZUCbHVifD4uXOo4LP8NG3HKqzr8mgmAU1/dad9hY6rCUanLKQlVvhFQa
LiFs/FUCOgS9r3d9Ms38+M67nTdf+w85vgpxiRjb7A6sLEErJvIlYwW4AMvdo8cs
IsPESiqSO7010+UmwQEze3hqDlo7IVe16dtE7OCvBOe9h4PpvKhNonZFJD1Tk0tM
XQgcfc86mB48N05K++NVDLzLv2auS/tgiUnhvu6duEdcBnH0J5kzlMfERdcGOnvy
u8K4Dv7TAH2l01EY3ZryVAdrUq8eWoVHrGOuoBAhshRu7+f0OlRr5AvboQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPUQr/LzSkMflOjY+HYKE/PV0QFfMB8GA1UdIwQY
MBaAFKALQmBLP46eW3LyMpOJrxj/vSC4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0F0Q1lFc19qcDViY3ZJeWs0bXZHUC05SUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lOWYzMTMtY2Q2OC00ZmI1LWJiOGQt
NzM5NmQ4YjY0MGFkLzEvOVJDdjh2TktReC1VNk5qNGRnb1Q4OVhSQVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lOWYzMTMtY2Q2OC00ZmI1LWJiOGQtNzM5NmQ4YjY0MGFk
LzEvb0F0Q1lFc19qcDViY3ZJeWs0bXZHUC05SUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwTjRAwQA
wTjTAwQAwTjnMA8EAgACMAkDBwEgAQZ8EQgwDQYJKoZIhvcNAQELBQADggEBADln
H15S9UYTQz/92Ee/mVWi+/wVMwozYp6fGx05RyKDqnyh+IFGZS0EC9QsgvHZpt23
3Nbs+8N9YSLiqnw84I8JO8FFBqEE3xaY/o97QCaHtc0clYAEY4RqRAvbLz9lCbSd
7yWI83zaLCsLNoZKxHtfuQwyvgynVn4j2nHcAUn1IOnFoFsLkNns9ng2Mdn1nAyZ
3YyQaPgmnqGoavfkRwcjCJnurVUaDUZ9EZ36PjMFi0ARjSOe+cCRhL0DI7/4VIo7
/J1ale6Q5VbilFAh6jLN6hHXvV7v2OKj8qwFAYcK4Ak+KPUr30OxjsGGY1aT8SGa
UHzDuiP0dM4YLF8uHIk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:29 2024 by rpki-client on console-fra.rpki-client.org