Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/f7a560-8873-40ee-a7c5-2aadc5c3c57d/1/0uZglyPA1uaNYVXk3DM3ZI683m0.roa
File: 0uZglyPA1uaNYVXk3DM3ZI683m0.roa (raw, json)
Hash identifier: vkHp9m6KRTmg8CgLyC98QSfDTTDerEK164MVY1iYwrs=
Subject key identifier: D2:E6:60:97:23:C0:D6:E6:8D:61:55:E4:DC:33:37:64:8E:BC:DE:6D
Certificate issuer: /CN=b1859f3d2cd283e7db90f02fe1b0d4f615605947
Certificate serial: 018704B5F8DCBA1EC87CD6AC919495AC4908
Authority key identifier: B1:85:9F:3D:2C:D2:83:E7:DB:90:F0:2F:E1:B0:D4:F6:15:60:59:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sYWfPSzSg-fbkPAv4bDU9hVgWUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/f7a560-8873-40ee-a7c5-2aadc5c3c57d/1/0uZglyPA1uaNYVXk3DM3ZI683m0.roa
Signing time: Tue 21 Mar 2023 15:07:27 +0000
ROA not before: Tue 21 Mar 2023 15:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39330
IP address blocks: 195.238.70.0/23 maxlen: 23
193.228.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:04:b5:f8:dc:ba:1e:c8:7c:d6:ac:91:94:95:ac:49:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1859f3d2cd283e7db90f02fe1b0d4f615605947
Validity
Not Before: Mar 21 15:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2e6609723c0d6e68d6155e4dc3337648ebcde6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:68:3c:20:6a:d8:21:44:03:57:b9:13:8a:fe:
28:e7:ed:8f:3e:16:ae:03:6a:66:1a:94:9f:7d:d1:
72:08:de:c9:86:a1:ca:4e:6d:2b:51:bc:4f:b1:e3:
0f:6e:a2:41:29:a6:12:de:2f:5f:9c:15:89:26:4a:
71:6a:be:a7:65:c4:1a:c7:50:82:3b:ec:d2:06:6c:
4f:10:b2:15:4b:b5:42:e1:c6:ce:45:f2:98:8c:6d:
77:eb:2e:fd:c6:fb:12:4f:58:f2:a6:7f:8e:5b:96:
cd:38:2a:92:79:9d:0e:a6:8f:4a:28:55:29:7c:af:
67:5d:51:c1:1a:bf:8d:2b:90:87:fe:9a:38:da:3a:
50:37:27:55:9c:94:a2:ba:32:2f:ef:ea:0b:46:30:
5f:cf:b5:98:0b:97:d0:f9:f4:46:ba:db:92:52:7c:
a0:f2:2b:ee:84:f5:6e:9f:35:52:eb:aa:99:68:30:
82:73:6d:10:8c:d3:5d:eb:27:e3:c0:53:14:a8:36:
a1:48:3a:02:bb:63:f7:53:8a:65:6e:54:6d:aa:b6:
6c:b3:7d:55:5f:27:44:f8:47:32:0f:76:5b:54:e4:
5f:39:1c:2c:f9:f0:17:00:e7:10:8e:74:72:3c:9e:
d9:fd:ac:0c:f2:55:e2:d8:e6:57:7e:7b:c5:fd:b4:
ee:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E6:60:97:23:C0:D6:E6:8D:61:55:E4:DC:33:37:64:8E:BC:DE:6D
X509v3 Authority Key Identifier:
keyid:B1:85:9F:3D:2C:D2:83:E7:DB:90:F0:2F:E1:B0:D4:F6:15:60:59:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sYWfPSzSg-fbkPAv4bDU9hVgWUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/f7a560-8873-40ee-a7c5-2aadc5c3c57d/1/0uZglyPA1uaNYVXk3DM3ZI683m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/f7a560-8873-40ee-a7c5-2aadc5c3c57d/1/sYWfPSzSg-fbkPAv4bDU9hVgWUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.174.0/24
195.238.70.0/23
Signature Algorithm: sha256WithRSAEncryption
15:e1:9a:2a:6b:46:a7:31:09:be:ce:24:e0:f2:04:55:75:42:
39:82:4b:08:7e:4f:ba:27:3c:f5:12:35:42:ca:8c:dc:62:28:
1d:ee:60:f0:3e:b0:2d:60:e6:77:d0:6c:31:2c:97:5e:67:76:
6c:b1:fe:85:d6:90:07:88:9b:e4:33:a2:aa:27:af:d6:cb:c6:
4e:6d:39:56:ff:58:ec:42:cf:d9:fa:e2:fa:38:1f:c3:c2:08:
b0:2c:cf:35:a7:69:10:d8:a1:e6:e4:7f:0e:df:6e:db:0d:e8:
04:77:e8:1b:7b:69:08:20:94:fc:26:6d:90:97:06:2e:64:30:
34:14:1c:66:38:d6:16:b3:05:10:fa:59:2a:20:10:f7:2d:f5:
54:fa:74:a5:18:9b:1d:39:c7:5b:43:2e:fb:45:b5:a6:58:e1:
a5:f8:37:12:c7:e5:ce:36:d6:3b:6a:f2:0c:6d:1a:24:35:8a:
fb:c8:2f:71:9e:0d:9a:64:e9:c7:08:e8:00:12:96:58:ef:a7:
b2:c2:32:cb:22:44:09:de:59:0c:c4:c7:9f:30:b3:ae:a6:f1:
cf:4e:03:18:6b:95:3e:d3:cd:2d:c3:e1:4e:05:bb:75:ed:8d:
31:2e:a0:57:44:73:d4:43:5e:d1:cc:52:61:b2:50:eb:01:b4:
41:fd:6a:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcEtfjcuh7IfNaskZSVrEkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxODU5ZjNkMmNkMjgzZTdkYjkwZjAyZmUxYjBkNGY2MTU2
MDU5NDcwHhcNMjMwMzIxMTUwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmU2NjA5NzIzYzBkNmU2OGQ2MTU1ZTRkYzMzMzc2NDhlYmNkZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGg8IGrYIUQDV7kTiv4o5+2PPhau
A2pmGpSffdFyCN7JhqHKTm0rUbxPseMPbqJBKaYS3i9fnBWJJkpxar6nZcQax1CC
O+zSBmxPELIVS7VC4cbORfKYjG136y79xvsST1jypn+OW5bNOCqSeZ0Opo9KKFUp
fK9nXVHBGr+NK5CH/po42jpQNydVnJSiujIv7+oLRjBfz7WYC5fQ+fRGutuSUnyg
8ivuhPVunzVS66qZaDCCc20QjNNd6yfjwFMUqDahSDoCu2P3U4plblRtqrZss31V
XydE+EcyD3ZbVORfORws+fAXAOcQjnRyPJ7Z/awM8lXi2OZXfnvF/bTucQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNLmYJcjwNbmjWFV5NwzN2SOvN5tMB8GA1UdIwQY
MBaAFLGFnz0s0oPn25DwL+Gw1PYVYFlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1lXZlBTelNnLWZia1BBdjRiRFU5aFZnV1VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9mN2E1NjAtODg3My00MGVlLWE3YzUt
MmFhZGM1YzNjNTdkLzEvMHVaZ2x5UEExdWFOWVZYazNETTNaSTY4M20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9mN2E1NjAtODg3My00MGVlLWE3YzUtMmFhZGM1YzNjNTdk
LzEvc1lXZlBTelNnLWZia1BBdjRiRFU5aFZnV1VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAweSuAwQB
w+5GMA0GCSqGSIb3DQEBCwUAA4IBAQAV4Zoqa0anMQm+ziTg8gRVdUI5gksIfk+6
Jzz1EjVCyozcYigd7mDwPrAtYOZ30GwxLJdeZ3Zssf6F1pAHiJvkM6KqJ6/Wy8ZO
bTlW/1jsQs/Z+uL6OB/DwgiwLM81p2kQ2KHm5H8O327bDegEd+gbe2kIIJT8Jm2Q
lwYuZDA0FBxmONYWswUQ+lkqIBD3LfVU+nSlGJsdOcdbQy77RbWmWOGl+DcSx+XO
NtY7avIMbRokNYr7yC9xng2aZOnHCOgAEpZY76eywjLLIkQJ3lkMxMefMLOupvHP
TgMYa5U+080tw+FOBbt17Y0xLqBXRHPUQ17RzFJhslDrAbRB/Wpd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:36 2024 by rpki-client on console-ams.rpki-client.org