Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/61f7c3-4134-4c02-b7dd-e4d024cdae0c/1/8ZHi7Ss1iePAkUeQ5bg5ypnp1IM.roa
File: 8ZHi7Ss1iePAkUeQ5bg5ypnp1IM.roa (raw, json)
Hash identifier: yQP2xbV7F78rBqqkI7XV5lv0qUo0yCMBrtIWm5T+8pU=
Subject key identifier: F1:91:E2:ED:2B:35:89:E3:C0:91:47:90:E5:B8:39:CA:99:E9:D4:83
Certificate issuer: /CN=123ba3802f9c9bf6756daabd324e5326ede419aa
Certificate serial: 01884FA0979EA048E75BC6D98BB1DDE21C82
Authority key identifier: 12:3B:A3:80:2F:9C:9B:F6:75:6D:AA:BD:32:4E:53:26:ED:E4:19:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjujgC-cm_Z1baq9Mk5TJu3kGao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/61f7c3-4134-4c02-b7dd-e4d024cdae0c/1/8ZHi7Ss1iePAkUeQ5bg5ypnp1IM.roa
Signing time: Wed 24 May 2023 21:18:24 +0000
ROA not before: Wed 24 May 2023 21:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60584
IP address blocks: 193.200.243.0/24 maxlen: 24
2a06:18c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4f:a0:97:9e:a0:48:e7:5b:c6:d9:8b:b1:dd:e2:1c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123ba3802f9c9bf6756daabd324e5326ede419aa
Validity
Not Before: May 24 21:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f191e2ed2b3589e3c0914790e5b839ca99e9d483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e3:16:63:cf:9d:9d:8b:7d:62:d7:79:bb:ce:
fc:7a:28:8c:15:05:69:0d:c9:c0:4b:06:1a:b2:1b:
ee:2c:65:55:cb:69:8b:83:56:e4:66:e0:63:fa:2f:
ea:ad:45:d0:94:06:3c:33:69:42:70:72:e1:df:0f:
e2:92:c1:f1:b9:0a:bb:2e:88:77:0c:cd:27:04:72:
72:6a:52:d0:1c:5b:0e:bf:f1:1a:6f:95:f8:8a:85:
18:e7:86:c2:df:dc:c0:e7:a9:3b:34:13:8e:ca:b8:
d6:ed:d2:31:be:0b:24:90:70:5f:bb:1c:3d:21:3e:
53:3e:56:ce:73:00:ef:67:23:c8:cd:49:12:bb:13:
a1:b2:16:99:67:15:5d:c8:7a:6c:14:7f:66:0f:50:
19:97:cf:f9:0b:3c:6b:ba:0d:71:c5:ec:64:29:77:
1d:d1:fb:0e:51:f1:a7:6a:96:b3:d3:bf:5f:97:b3:
53:0e:f7:44:80:81:82:3f:98:21:bf:be:fc:54:23:
60:73:42:84:79:bb:b1:2a:06:e1:8d:42:42:01:f3:
f5:6c:9c:d1:2f:f2:0b:da:01:1e:a1:db:26:d9:61:
10:61:72:9f:ed:0f:92:db:8a:8c:51:6f:3c:2b:dd:
cc:ff:70:81:3a:7b:60:ff:35:a6:11:1c:20:a6:8f:
29:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:91:E2:ED:2B:35:89:E3:C0:91:47:90:E5:B8:39:CA:99:E9:D4:83
X509v3 Authority Key Identifier:
keyid:12:3B:A3:80:2F:9C:9B:F6:75:6D:AA:BD:32:4E:53:26:ED:E4:19:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjujgC-cm_Z1baq9Mk5TJu3kGao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/61f7c3-4134-4c02-b7dd-e4d024cdae0c/1/8ZHi7Ss1iePAkUeQ5bg5ypnp1IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/61f7c3-4134-4c02-b7dd-e4d024cdae0c/1/EjujgC-cm_Z1baq9Mk5TJu3kGao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.243.0/24
IPv6:
2a06:18c0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:f7:c4:c5:26:55:b5:bc:01:c4:2e:5b:1b:c9:a1:cc:72:c2:
37:3a:03:92:50:09:16:d2:6c:56:f3:16:69:d4:6a:b9:58:4c:
3f:7a:7e:0f:c3:a1:ec:30:d0:7a:9e:69:ee:e8:ac:ab:ca:11:
e9:68:a6:67:bb:14:12:f2:e0:fe:cd:fd:6b:6e:d8:59:b9:1b:
83:7d:55:1a:f9:05:d2:b4:52:01:cd:69:ab:b0:be:f5:d6:32:
30:c9:60:69:c4:4c:43:02:97:e7:2f:c4:c0:5a:b9:53:13:92:
cc:e5:a7:61:3d:6f:da:3d:e2:8b:32:5a:cc:2f:34:05:04:ae:
71:0a:3a:a5:f3:ad:d3:23:c6:f5:9e:50:50:51:8c:63:0d:8d:
ce:03:46:9f:81:84:f6:de:77:c6:10:fc:e8:53:59:6e:b8:02:
f2:11:a6:98:12:e3:85:b2:34:05:58:fc:2e:b4:08:e3:34:73:
30:b4:bd:19:eb:1f:ee:69:91:b9:72:fc:1b:99:93:76:e1:b9:
45:29:90:c0:f5:40:a4:07:3d:fe:ea:86:51:7c:2c:26:7a:4a:
a2:36:8a:d7:93:eb:96:56:5f:a6:e8:df:86:26:f9:79:cd:b5:
d5:8c:fb:83:db:6c:5b:bc:4e:86:33:7c:49:a3:d5:c1:8f:fc:
6c:13:1d:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhPoJeeoEjnW8bZi7Hd4hyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2JhMzgwMmY5YzliZjY3NTZkYWFiZDMyNGU1MzI2ZWRl
NDE5YWEwHhcNMjMwNTI0MjExODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTkxZTJlZDJiMzU4OWUzYzA5MTQ3OTBlNWI4MzljYTk5ZTlkNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+MWY8+dnYt9Ytd5u878eiiMFQVp
DcnASwYashvuLGVVy2mLg1bkZuBj+i/qrUXQlAY8M2lCcHLh3w/iksHxuQq7Loh3
DM0nBHJyalLQHFsOv/Eab5X4ioUY54bC39zA56k7NBOOyrjW7dIxvgskkHBfuxw9
IT5TPlbOcwDvZyPIzUkSuxOhshaZZxVdyHpsFH9mD1AZl8/5Czxrug1xxexkKXcd
0fsOUfGnapaz079fl7NTDvdEgIGCP5ghv778VCNgc0KEebuxKgbhjUJCAfP1bJzR
L/IL2gEeodsm2WEQYXKf7Q+S24qMUW88K93M/3CBOntg/zWmERwgpo8pUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPGR4u0rNYnjwJFHkOW4OcqZ6dSDMB8GA1UdIwQY
MBaAFBI7o4AvnJv2dW2qvTJOUybt5BmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp1amdDLWNtX1oxYmFxOU1rNVRKdTNrR2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82MWY3YzMtNDEzNC00YzAyLWI3ZGQt
ZTRkMDI0Y2RhZTBjLzEvOFpIaTdTczFpZVBBa1VlUTViZzV5cG5wMUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi82MWY3YzMtNDEzNC00YzAyLWI3ZGQtZTRkMDI0Y2RhZTBj
LzEvRWp1amdDLWNtX1oxYmFxOU1rNVRKdTNrR2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwcjzMA0E
AgACMAcDBQMqBhjAMA0GCSqGSIb3DQEBCwUAA4IBAQCr98TFJlW1vAHELlsbyaHM
csI3OgOSUAkW0mxW8xZp1Gq5WEw/en4Pw6HsMNB6nmnu6KyryhHpaKZnuxQS8uD+
zf1rbthZuRuDfVUa+QXStFIBzWmrsL711jIwyWBpxExDApfnL8TAWrlTE5LM5adh
PW/aPeKLMlrMLzQFBK5xCjql863TI8b1nlBQUYxjDY3OA0afgYT23nfGEPzoU1lu
uALyEaaYEuOFsjQFWPwutAjjNHMwtL0Z6x/uaZG5cvwbmZN24blFKZDA9UCkBz3+
6oZRfCwmekqiNorXk+uWVl+m6N+GJvl5zbXVjPuD22xbvE6GM3xJo9XBj/xsEx0J
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:38 2024 by rpki-client on console-fra.rpki-client.org