Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/1-tTSc0S7ZsBw7e-T6vz1MOjRHmc.roa
File: 1-tTSc0S7ZsBw7e-T6vz1MOjRHmc.roa (raw, json)
Hash identifier: 7KdaB/vqErjpkLaXedt/ypg2GfA+DE7tqhz5fpZaYtM=
Subject key identifier: FA:D4:D2:73:44:BB:66:C0:70:ED:EF:93:EA:FC:F5:30:E8:D1:1E:67
Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial: 01911DAEDD298D7A1E1E26F0DA2DDD21E870
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/1-tTSc0S7ZsBw7e-T6vz1MOjRHmc.roa
Signing time: Sun 04 Aug 2024 13:58:04 +0000
ROA not before: Sun 04 Aug 2024 13:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42574
IP address blocks: 193.33.100.0/24 maxlen: 24
193.33.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Aug 2024 16:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1d:ae:dd:29:8d:7a:1e:1e:26:f0:da:2d:dd:21:e8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Validity
Not Before: Aug 4 13:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fad4d27344bb66c070edef93eafcf530e8d11e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:67:6f:e6:34:bb:a5:32:98:07:1b:89:b7:16:
2e:d2:8b:5b:16:db:64:c5:bd:36:08:74:a9:f1:59:
51:ac:e5:4b:28:bc:99:e1:1a:4b:99:2a:f6:7b:0f:
d0:c4:39:e5:70:a2:46:f0:b3:68:a9:3a:ed:23:e4:
06:80:b9:53:04:f5:72:95:b3:e2:8d:06:8c:b3:e9:
f2:bb:bf:8c:6c:2c:d8:f2:b9:85:90:2d:f6:bc:1c:
c1:0f:bb:0b:3e:56:dc:69:cc:3b:31:a2:95:b9:0a:
02:c4:c7:1a:b7:80:13:b4:9d:89:19:7f:53:96:39:
31:2d:06:1a:f9:aa:7d:ee:c9:41:ed:e1:35:48:95:
b9:bc:cf:3a:e0:53:62:97:b6:d1:c3:bf:21:04:34:
27:e9:3f:72:9d:2c:6d:e2:c3:27:b3:64:00:7c:4f:
5f:e9:90:64:e5:ac:0b:d8:7b:00:00:da:04:45:88:
41:b3:17:aa:69:b0:86:fb:a1:c7:27:16:52:de:cc:
04:c5:4e:ad:8b:7a:66:36:72:8d:8c:01:2c:14:ef:
2a:30:95:4b:98:48:b1:46:f0:7a:29:71:f3:3e:5d:
51:95:0e:80:a4:be:0e:dc:cb:ed:31:02:22:ea:cc:
82:25:a4:6e:1f:3f:21:aa:6a:bd:b0:47:c5:6f:78:
be:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D4:D2:73:44:BB:66:C0:70:ED:EF:93:EA:FC:F5:30:E8:D1:1E:67
X509v3 Authority Key Identifier:
keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/1-tTSc0S7ZsBw7e-T6vz1MOjRHmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.100.0/23
Signature Algorithm: sha256WithRSAEncryption
24:4a:8c:63:ad:99:6b:a6:45:d6:9b:6c:eb:35:73:59:6f:cb:
c1:d2:3d:6b:d7:ea:8a:07:cd:d5:6d:ad:98:a3:0f:4b:75:23:
a3:6a:e2:49:2b:7a:3b:56:52:1d:b7:b5:74:ec:22:57:69:b3:
5a:7f:2c:3d:97:40:fa:77:51:5c:c3:b3:70:3d:97:a3:8c:90:
56:8f:ab:5c:15:21:58:d1:d4:9b:cf:ac:e4:b9:ca:17:0a:bd:
1a:29:56:0e:81:c8:3a:79:f3:39:33:f9:c5:72:c6:e9:2a:ef:
fb:90:9d:0f:fa:7b:03:96:a6:fe:e0:4b:48:8f:0a:94:03:e0:
82:17:51:64:b6:dd:32:5e:73:18:a0:2b:75:e8:3f:d8:88:57:
2f:23:67:8b:22:b5:09:4a:38:0a:fa:01:8a:b8:3d:78:d4:ac:
8f:14:91:2a:e6:21:3f:89:a2:dd:2d:0b:1f:14:ab:50:30:45:
cd:2d:07:1d:f9:9f:8a:3f:26:ba:98:e2:1c:1b:0e:d0:67:b9:
df:02:7d:7d:9a:bd:a2:33:d6:b0:35:f7:64:f8:ff:0d:ed:2e:
6a:00:4a:c8:26:73:3b:b3:ee:3e:30:06:15:48:f3:a5:91:1d:
c6:83:ed:b6:d3:72:cb:be:08:70:84:89:89:1e:86:7a:25:17:
26:2a:37:ab
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZEdrt0pjXoeHibw2i3dIehwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjQwODA0MTM1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ0ZDI3MzQ0YmI2NmMwNzBlZGVmOTNlYWZjZjUzMGU4ZDExZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGdv5jS7pTKYBxuJtxYu0otbFttk
xb02CHSp8VlRrOVLKLyZ4RpLmSr2ew/QxDnlcKJG8LNoqTrtI+QGgLlTBPVylbPi
jQaMs+nyu7+MbCzY8rmFkC32vBzBD7sLPlbcacw7MaKVuQoCxMcat4ATtJ2JGX9T
ljkxLQYa+ap97slB7eE1SJW5vM864FNil7bRw78hBDQn6T9ynSxt4sMns2QAfE9f
6ZBk5awL2HsAANoERYhBsxeqabCG+6HHJxZS3swExU6ti3pmNnKNjAEsFO8qMJVL
mEixRvB6KXHzPl1RlQ6ApL4O3MvtMQIi6syCJaRuHz8hqmq9sEfFb3i+rQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrU0nNEu2bAcO3vk+r89TDo0R5nMB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvMS10VFNjMFM3WnNCdzdlLVQ2dnoxTU9qUkhtYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvNDlmNTI4LWU3MmYtNGRhNy05MDJlLTY5NzVjYWRiMjI2
Mi8xLzBuQXFPeWZPbTlCTjNLS01JZG5ROWY4eXFRay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcEhZDAN
BgkqhkiG9w0BAQsFAAOCAQEAJEqMY62Za6ZF1pts6zVzWW/LwdI9a9fqigfN1W2t
mKMPS3Ujo2riSSt6O1ZSHbe1dOwiV2mzWn8sPZdA+ndRXMOzcD2Xo4yQVo+rXBUh
WNHUm8+s5LnKFwq9GilWDoHIOnnzOTP5xXLG6Srv+5CdD/p7A5am/uBLSI8KlAPg
ghdRZLbdMl5zGKArdeg/2IhXLyNniyK1CUo4CvoBirg9eNSsjxSRKuYhP4mi3S0L
HxSrUDBFzS0HHfmfij8mupjiHBsO0Ge53wJ9fZq9ojPWsDX3ZPj/De0uagBKyCZz
O7PuPjAGFUjzpZEdxoPtttNyy74IcISJiR6GeiUXJio3qw==
-----END CERTIFICATE-----
Generated at Sun Aug 4 17:43:49 2024 by rpki-client on console-ams.rpki-client.org