Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/8c5bc7-55fa-4044-88da-68185fdb9003/1/3czIXASbXLc40RK-Ac1l5uFBWag.roa
File: 3czIXASbXLc40RK-Ac1l5uFBWag.roa (raw, json)
Hash identifier: iH3/67+UrAfz/BWqdK/2/KdAVkeg5m0Ligrla5l1DPU=
Subject key identifier: DD:CC:C8:5C:04:9B:5C:B7:38:D1:12:BE:01:CD:65:E6:E1:41:59:A8
Certificate issuer: /CN=6fa48e96197426e4c5eeb423e0fd9c2e952c4177
Certificate serial: 018571DE93BC2EAE4040250165A7B1D546FB
Authority key identifier: 6F:A4:8E:96:19:74:26:E4:C5:EE:B4:23:E0:FD:9C:2E:95:2C:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6SOlhl0JuTF7rQj4P2cLpUsQXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/8c5bc7-55fa-4044-88da-68185fdb9003/1/3czIXASbXLc40RK-Ac1l5uFBWag.roa
Signing time: Mon 02 Jan 2023 09:44:50 +0000
ROA not before: Mon 02 Jan 2023 09:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39642
IP address blocks: 193.163.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:93:bc:2e:ae:40:40:25:01:65:a7:b1:d5:46:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa48e96197426e4c5eeb423e0fd9c2e952c4177
Validity
Not Before: Jan 2 09:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddccc85c049b5cb738d112be01cd65e6e14159a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fc:39:10:15:a2:0b:11:8d:44:3e:a3:ba:81:
e4:a6:05:e5:f4:71:72:47:ce:a4:13:a2:63:14:7b:
25:b6:92:f1:9c:d9:63:cd:03:27:43:e7:fb:6a:e3:
87:18:e8:53:84:9d:ce:16:98:64:8c:15:ce:77:69:
e2:f3:e5:2e:c2:c6:b2:f6:2f:ba:cc:26:b8:0c:ff:
7f:51:c8:c6:7b:36:48:4b:13:70:fd:49:38:bd:05:
a9:c9:2b:e0:a2:7b:a2:77:64:7d:ca:5e:94:0a:20:
d8:6e:e9:7f:f3:55:56:cc:00:6f:6e:bc:c9:04:99:
a7:70:03:01:85:ea:3f:89:08:3b:c5:8b:02:01:6d:
db:44:40:77:2f:8a:d6:fd:25:76:08:6d:7c:db:f4:
cf:14:e3:47:8b:d1:1d:ad:e5:e3:2c:68:a0:e7:ec:
e9:65:8d:d7:32:ef:7d:04:5c:f0:ce:68:96:06:6a:
91:65:a3:d4:c2:0c:f8:c0:6e:22:32:08:dd:6c:c1:
b0:22:60:08:aa:d0:0d:f4:9f:c2:62:80:5a:e9:a5:
34:0a:57:a1:4c:a6:78:e4:1f:4b:69:0d:17:16:a6:
4c:f7:fa:35:2f:c7:ec:b3:db:0f:a9:4d:46:94:08:
9d:ae:6c:41:00:42:ba:07:8b:12:2d:84:42:ee:5b:
06:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CC:C8:5C:04:9B:5C:B7:38:D1:12:BE:01:CD:65:E6:E1:41:59:A8
X509v3 Authority Key Identifier:
keyid:6F:A4:8E:96:19:74:26:E4:C5:EE:B4:23:E0:FD:9C:2E:95:2C:41:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6SOlhl0JuTF7rQj4P2cLpUsQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8c5bc7-55fa-4044-88da-68185fdb9003/1/3czIXASbXLc40RK-Ac1l5uFBWag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8c5bc7-55fa-4044-88da-68185fdb9003/1/b6SOlhl0JuTF7rQj4P2cLpUsQXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.220.0/24
Signature Algorithm: sha256WithRSAEncryption
59:c5:0a:7e:5f:4c:02:5e:5b:c8:2a:45:05:27:ab:18:67:90:
06:a1:b2:87:1f:21:9b:3c:ba:70:e0:99:7a:78:40:1d:7d:0d:
3a:1c:58:b3:15:51:2c:86:38:ec:42:c7:0e:09:17:0e:fb:4b:
ad:6b:7a:50:78:0d:90:db:17:98:f9:e0:72:1f:68:dd:cb:70:
d4:63:57:cf:38:84:06:ee:b7:28:66:24:8d:22:0d:e0:76:c8:
85:fb:64:fb:af:33:41:5e:a7:4b:cc:a6:bf:de:e9:af:a9:62:
57:26:bb:d2:ce:f2:c3:2c:c7:a2:28:b2:5a:c6:dd:12:a1:6e:
8a:3b:16:0b:5a:04:75:ff:3f:05:c1:35:a4:6e:9b:7e:5c:d4:
a7:30:16:3d:e5:e9:23:bd:14:52:f6:dd:5e:95:90:aa:48:12:
86:b6:e0:db:c2:cd:9f:a3:fc:b1:d0:2a:d9:a0:73:87:cb:3d:
ea:54:18:cb:77:80:3a:3b:b0:04:f4:66:4c:8e:8b:d9:08:3c:
1b:c4:d1:48:ae:d2:cc:ba:dd:58:b5:c5:ee:2b:51:f2:32:89:
88:4a:d9:4d:cc:d6:e0:eb:c4:69:2e:e1:91:49:89:b5:fd:d6:
30:24:89:3b:ac:34:0f:28:c8:8d:f7:f8:78:1f:d0:8d:21:30:
0f:25:bd:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3pO8Lq5AQCUBZaex1Ub7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTQ4ZTk2MTk3NDI2ZTRjNWVlYjQyM2UwZmQ5YzJlOTUy
YzQxNzcwHhcNMjMwMTAyMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGNjYzg1YzA0OWI1Y2I3MzhkMTEyYmUwMWNkNjVlNmUxNDE1OWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifw5EBWiCxGNRD6juoHkpgXl9HFy
R86kE6JjFHsltpLxnNljzQMnQ+f7auOHGOhThJ3OFphkjBXOd2ni8+Uuwsay9i+6
zCa4DP9/UcjGezZISxNw/Uk4vQWpySvgonuid2R9yl6UCiDYbul/81VWzABvbrzJ
BJmncAMBheo/iQg7xYsCAW3bREB3L4rW/SV2CG182/TPFONHi9EdreXjLGig5+zp
ZY3XMu99BFzwzmiWBmqRZaPUwgz4wG4iMgjdbMGwImAIqtAN9J/CYoBa6aU0Cleh
TKZ45B9LaQ0XFqZM9/o1L8fss9sPqU1GlAidrmxBAEK6B4sSLYRC7lsGywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3MyFwEm1y3ONESvgHNZebhQVmoMB8GA1UdIwQY
MBaAFG+kjpYZdCbkxe60I+D9nC6VLEF3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZTT2xobDBKdVRGN3JRajRQMmNMcFVzUVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC84YzViYzctNTVmYS00MDQ0LTg4ZGEt
NjgxODVmZGI5MDAzLzEvM2N6SVhBU2JYTGM0MFJLLUFjMWw1dUZCV2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC84YzViYzctNTVmYS00MDQ0LTg4ZGEtNjgxODVmZGI5MDAz
LzEvYjZTT2xobDBKdVRGN3JRajRQMmNMcFVzUVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBZxQp+X0wCXlvIKkUFJ6sYZ5AGobKHHyGbPLpw4Jl6
eEAdfQ06HFizFVEshjjsQscOCRcO+0uta3pQeA2Q2xeY+eByH2jdy3DUY1fPOIQG
7rcoZiSNIg3gdsiF+2T7rzNBXqdLzKa/3umvqWJXJrvSzvLDLMeiKLJaxt0SoW6K
OxYLWgR1/z8FwTWkbpt+XNSnMBY95ekjvRRS9t1elZCqSBKGtuDbws2fo/yx0CrZ
oHOHyz3qVBjLd4A6O7AE9GZMjovZCDwbxNFIrtLMut1YtcXuK1HyMomIStlNzNbg
68RpLuGRSYm1/dYwJIk7rDQPKMiN9/h4H9CNITAPJb1p
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:26 2024 by rpki-client on console-ams.rpki-client.org