Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/U6yTq9V9MM1pEIbh3C72Osyeeac.roa
File: U6yTq9V9MM1pEIbh3C72Osyeeac.roa (raw, json)
Hash identifier: 9547+vUQC3ZC/SUghVMhHfaYg8gAMnOC52RI1OTAeoA=
Subject key identifier: 53:AC:93:AB:D5:7D:30:CD:69:10:86:E1:DC:2E:F6:3A:CC:9E:79:A7
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01856E14241C870B9099527C52260C235FB2
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/U6yTq9V9MM1pEIbh3C72Osyeeac.roa
Signing time: Sun 01 Jan 2023 16:04:51 +0000
ROA not before: Sun 01 Jan 2023 16:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209737
IP address blocks: 193.111.76.0/24 maxlen: 24
193.17.7.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 16:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:24:1c:87:0b:90:99:52:7c:52:26:0c:23:5f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 16:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53ac93abd57d30cd691086e1dc2ef63acc9e79a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:56:26:9c:19:ed:90:4a:24:39:ea:63:78:4a:
a7:d1:c7:6a:ce:7a:61:da:bd:c7:3d:63:9e:9d:89:
9a:1c:b4:80:0f:92:e2:92:fa:5a:8f:ed:d2:bc:ec:
64:61:a4:3d:59:8e:a6:8c:30:8d:72:b0:4a:58:3d:
3c:a8:68:50:39:97:a5:22:07:9e:fb:97:2c:c4:d6:
43:b3:1f:44:e7:c2:ad:b8:2e:fd:7e:11:33:d0:d5:
aa:74:2d:fc:e9:14:8b:10:8d:8b:2b:32:7b:04:9f:
3f:17:5d:1c:d6:5b:ad:5e:ec:ed:91:86:9d:19:89:
be:c6:45:38:48:5c:62:d1:d8:97:14:16:07:7d:76:
be:02:fd:9a:66:f4:8a:b1:32:b6:73:ce:34:b5:93:
ff:23:54:a6:27:e1:0d:51:31:d8:c7:b3:74:06:ca:
bb:a1:0f:45:f9:d6:a5:46:55:d7:58:aa:88:ce:46:
c9:12:a5:7d:f7:87:d3:bd:4b:0d:73:15:67:9f:0f:
26:2d:1b:3e:75:22:6f:91:32:7b:45:c7:3a:89:7b:
48:cd:00:1f:50:e6:f1:1b:60:c1:ba:6d:30:78:40:
fc:d1:fc:b1:8a:7a:b9:a8:f4:32:82:7e:98:09:0e:
a3:b3:50:13:95:86:24:9e:b0:a1:45:b7:1f:5c:96:
53:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AC:93:AB:D5:7D:30:CD:69:10:86:E1:DC:2E:F6:3A:CC:9E:79:A7
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/U6yTq9V9MM1pEIbh3C72Osyeeac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.5.0/24
193.17.7.0/24
193.111.76.0/24
Signature Algorithm: sha256WithRSAEncryption
11:58:fb:17:af:44:b4:51:84:23:55:59:00:8d:84:c3:fe:70:
c2:ca:50:7a:da:af:18:13:bb:cc:6f:3c:d1:a3:1d:7d:08:63:
34:f6:12:4b:db:ba:f5:78:98:97:7e:ce:63:4a:cb:1a:8e:10:
d4:ef:ec:49:05:10:e4:55:e2:5e:2a:ff:f1:a0:c4:16:a2:0d:
98:40:f3:c8:4f:4f:91:1f:c7:2c:6d:4f:fd:81:02:13:c1:50:
c8:63:48:8c:65:20:8f:31:a2:05:d8:46:53:0a:96:9e:7a:3a:
dd:d9:dd:b3:d2:64:6f:31:fb:7b:e0:e4:ac:0f:44:78:b5:21:
21:83:88:ac:97:2c:c2:1f:51:39:c2:65:b4:d9:04:29:81:b2:
49:34:1e:f8:4b:a3:3c:3f:7a:10:5a:ae:70:d1:b1:f5:1e:45:
0e:5c:5e:17:7e:ca:40:30:e2:09:4b:7f:2f:58:08:d8:20:1e:
b9:7c:8e:e9:c9:9c:98:d9:5e:96:a1:eb:a7:cb:5a:6d:ba:ca:
37:06:0f:f9:32:6e:95:a5:e4:cf:c5:65:c5:ed:14:43:a7:48:
63:99:ca:b6:61:f4:68:94:34:b5:3b:f5:05:ca:85:6d:7c:70:
e8:08:37:2f:6b:70:dd:f6:fb:91:10:4d:95:68:70:e4:f8:d4:
83:f4:42:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuFCQchwuQmVJ8UiYMI1+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMTAxMTYwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2FjOTNhYmQ1N2QzMGNkNjkxMDg2ZTFkYzJlZjYzYWNjOWU3OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFYmnBntkEokOepjeEqn0cdqznph
2r3HPWOenYmaHLSAD5Likvpaj+3SvOxkYaQ9WY6mjDCNcrBKWD08qGhQOZelIgee
+5csxNZDsx9E58KtuC79fhEz0NWqdC386RSLEI2LKzJ7BJ8/F10c1lutXuztkYad
GYm+xkU4SFxi0diXFBYHfXa+Av2aZvSKsTK2c840tZP/I1SmJ+ENUTHYx7N0Bsq7
oQ9F+dalRlXXWKqIzkbJEqV994fTvUsNcxVnnw8mLRs+dSJvkTJ7Rcc6iXtIzQAf
UObxG2DBum0weED80fyxinq5qPQygn6YCQ6js1ATlYYknrChRbcfXJZTzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFOsk6vVfTDNaRCG4dwu9jrMnnmnMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvVTZ5VHE5VjlNTTFwRUliaDNDNzJPc3llZWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwREFAwQA
wREHAwQAwW9MMA0GCSqGSIb3DQEBCwUAA4IBAQARWPsXr0S0UYQjVVkAjYTD/nDC
ylB62q8YE7vMbzzRox19CGM09hJL27r1eJiXfs5jSssajhDU7+xJBRDkVeJeKv/x
oMQWog2YQPPIT0+RH8csbU/9gQITwVDIY0iMZSCPMaIF2EZTCpaeejrd2d2z0mRv
Mft74OSsD0R4tSEhg4islyzCH1E5wmW02QQpgbJJNB74S6M8P3oQWq5w0bH1HkUO
XF4XfspAMOIJS38vWAjYIB65fI7pyZyY2V6Woeuny1ptuso3Bg/5Mm6VpeTPxWXF
7RRDp0hjmcq2YfRolDS1O/UFyoVtfHDoCDcva3Dd9vuREE2VaHDk+NSD9ELr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org