Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/RSxxdQxx6huFYeSPamWeEAahERc.roa
File: RSxxdQxx6huFYeSPamWeEAahERc.roa (raw, json)
Hash identifier: qzssGO0CFU9KRGJFNbjx6OR+ba2Crk9N7SY1PPkmsYg=
Subject key identifier: 45:2C:71:75:0C:71:EA:1B:85:61:E4:8F:6A:65:9E:10:06:A1:11:17
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 018697C29F7B89B37780BA34B874BC4D3CD6
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/RSxxdQxx6huFYeSPamWeEAahERc.roa
Signing time: Tue 28 Feb 2023 11:22:39 +0000
ROA not before: Tue 28 Feb 2023 11:22:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1921
IP address blocks: 193.46.135.0/24 maxlen: 24
193.46.133.0/24 maxlen: 24
193.46.134.0/24 maxlen: 24
194.0.24.0/24 maxlen: 24
194.0.25.0/24 maxlen: 24
194.0.26.0/24 maxlen: 24
193.46.132.0/24 maxlen: 24
193.46.128.0/24 maxlen: 24
193.46.129.0/24 maxlen: 24
193.46.130.0/24 maxlen: 24
193.46.131.0/24 maxlen: 24
2001:678:20::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2001:678:24::/48 maxlen: 48
2a02:850:ffe4::/48 maxlen: 48
2a02:850:ffe2::/48 maxlen: 48
2a02:850:ffe3::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe1::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:c2:9f:7b:89:b3:77:80:ba:34:b8:74:bc:4d:3c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 28 11:22:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=452c71750c71ea1b8561e48f6a659e1006a11117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:df:28:af:75:c8:50:38:ce:25:7d:b9:40:8c:
42:4f:c6:77:73:33:d0:77:49:63:fd:8f:a7:a3:9f:
7e:f0:97:73:e4:3a:e7:c5:9d:03:f7:55:69:5b:69:
61:cf:0d:e6:ff:39:1e:80:07:ea:c3:7d:aa:30:84:
eb:cb:b9:db:3b:10:23:ed:da:68:72:96:bc:2e:6d:
f4:31:98:c0:9a:c1:dc:fe:8e:29:54:de:9f:f3:97:
46:91:e9:ac:c8:2a:43:8f:f6:0e:b8:2b:ab:5e:4d:
97:be:db:c5:66:cd:34:85:40:5c:f3:37:50:35:24:
83:77:34:45:09:7d:72:f6:32:a8:e2:55:19:24:c7:
f2:11:1a:e7:31:f2:e3:c5:0b:0e:b0:68:22:6a:4f:
c8:00:6e:ec:4f:fa:66:4d:d4:ca:e4:20:b1:1c:c3:
16:1d:21:22:04:e5:eb:65:96:f0:79:ea:8b:97:a2:
06:fd:c8:04:4d:dc:f6:45:dc:db:98:09:8b:b6:b7:
16:a7:13:b4:f3:f5:e4:50:7c:f2:51:0c:ea:40:c0:
41:2c:bf:4d:77:60:f8:b0:57:bd:4c:2e:00:80:97:
7b:4d:95:9d:6f:b2:ac:1f:b5:ae:0c:f0:d6:c3:9c:
7b:84:17:13:80:e9:d7:fa:3c:46:cd:f1:db:95:d2:
b1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2C:71:75:0C:71:EA:1B:85:61:E4:8F:6A:65:9E:10:06:A1:11:17
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/RSxxdQxx6huFYeSPamWeEAahERc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.128.0/21
194.0.24.0-194.0.26.255
IPv6:
2001:678:20::/48
2001:678:24::/48
2001:67c:1bc::/48
2a02:850:ffe0::/45
Signature Algorithm: sha256WithRSAEncryption
09:75:45:2a:32:08:75:c0:e4:a2:4a:66:b9:5f:97:b2:f1:e6:
c0:36:d8:54:8f:a8:85:a5:77:d8:7b:f3:87:4e:42:de:54:a1:
92:d3:22:4d:54:55:40:11:50:0a:51:a1:20:73:0f:a9:19:0d:
41:ca:cc:58:93:db:49:e6:3a:0e:fe:7d:10:6c:ca:41:37:e0:
71:1e:a2:fa:c2:7b:33:b1:18:c0:ab:22:cb:cf:63:a2:25:d6:
de:bd:57:a3:9e:ab:d9:7e:83:61:28:98:bd:f1:15:00:1c:ea:
de:34:88:e7:d7:59:c5:af:15:7c:68:1e:4b:71:78:ec:47:b9:
85:52:1d:7c:4b:7b:f5:0a:80:e2:0a:47:cd:7a:fc:d2:90:d8:
c4:13:bd:67:a4:b8:ad:0a:64:94:9c:4c:46:1e:26:75:79:bf:
3e:da:66:f4:c9:f8:cf:61:47:4e:f4:36:33:a8:39:0d:d3:ec:
3f:b0:e6:2d:14:a8:4c:fc:23:52:97:99:f5:74:95:02:76:78:
80:45:51:d8:bc:f4:c3:4a:c7:4b:89:66:d8:59:89:68:f1:bd:
bd:94:98:cb:2a:c0:7a:04:07:26:89:69:c2:5a:3e:50:f6:27:
da:6e:2d:c0:f4:01:36:ce:71:03:f8:8b:30:4d:16:38:ea:d4:
7b:8f:94:33
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYaXwp97ibN3gLo0uHS8TTzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjI4MTEyMjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJjNzE3NTBjNzFlYTFiODU2MWU0OGY2YTY1OWUxMDA2YTExMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot8or3XIUDjOJX25QIxCT8Z3czPQ
d0lj/Y+no59+8Jdz5DrnxZ0D91VpW2lhzw3m/zkegAfqw32qMITry7nbOxAj7dpo
cpa8Lm30MZjAmsHc/o4pVN6f85dGkemsyCpDj/YOuCurXk2XvtvFZs00hUBc8zdQ
NSSDdzRFCX1y9jKo4lUZJMfyERrnMfLjxQsOsGgiak/IAG7sT/pmTdTK5CCxHMMW
HSEiBOXrZZbweeqLl6IG/cgETdz2RdzbmAmLtrcWpxO08/XkUHzyUQzqQMBBLL9N
d2D4sFe9TC4AgJd7TZWdb7KsH7WuDPDWw5x7hBcTgOnX+jxGzfHbldKxwQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFEUscXUMceobhWHkj2plnhAGoREXMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvUlN4eGRReHg2aHVGWWVTUGFtV2VFQWFoRVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAaBAIAATAUAwQDwS6AMAwD
BAPCABgDBADCABowKgQCAAIwJAMHACABBngAIAMHACABBngAJAMHACABBnwBvAMH
AyoCCFD/4DANBgkqhkiG9w0BAQsFAAOCAQEACXVFKjIIdcDkokpmuV+XsvHmwDbY
VI+ohaV32Hvzh05C3lShktMiTVRVQBFQClGhIHMPqRkNQcrMWJPbSeY6Dv59EGzK
QTfgcR6i+sJ7M7EYwKsiy89joiXW3r1Xo56r2X6DYSiYvfEVABzq3jSI59dZxa8V
fGgeS3F47Ee5hVIdfEt79QqA4gpHzXr80pDYxBO9Z6S4rQpklJxMRh4mdXm/Ptpm
9Mn4z2FHTvQ2M6g5DdPsP7DmLRSoTPwjUpeZ9XSVAnZ4gEVR2Lz0w0rHS4lm2FmJ
aPG9vZSYyyrAegQHJolpwlo+UPYn2m4twPQBNs5xA/iLME0WOOrUe4+UMw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org