Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/61f7c3-4134-4c02-b7dd-e4d024cdae0c/1/KdaZX6LYwik46RNMny5cAOUMfVU.roa
File: KdaZX6LYwik46RNMny5cAOUMfVU.roa (raw, json)
Hash identifier: Mc5awPzqdFC9uEGdCAogfBjc0/cVv7Nd50UKDuxNZG0=
Subject key identifier: 29:D6:99:5F:A2:D8:C2:29:38:E9:13:4C:9F:2E:5C:00:E5:0C:7D:55
Certificate issuer: /CN=123ba3802f9c9bf6756daabd324e5326ede419aa
Certificate serial: 01856E78EEA5B6C59BF9C8E97607E4917D94
Authority key identifier: 12:3B:A3:80:2F:9C:9B:F6:75:6D:AA:BD:32:4E:53:26:ED:E4:19:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjujgC-cm_Z1baq9Mk5TJu3kGao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/61f7c3-4134-4c02-b7dd-e4d024cdae0c/1/KdaZX6LYwik46RNMny5cAOUMfVU.roa
Signing time: Sun 01 Jan 2023 17:54:57 +0000
ROA not before: Sun 01 Jan 2023 17:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49121
IP address blocks: 193.200.243.0/24 maxlen: 24
2a06:18c0:1::/48 maxlen: 48
2a06:18c0:2::/48 maxlen: 48
2a06:18c0:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ee:a5:b6:c5:9b:f9:c8:e9:76:07:e4:91:7d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123ba3802f9c9bf6756daabd324e5326ede419aa
Validity
Not Before: Jan 1 17:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29d6995fa2d8c22938e9134c9f2e5c00e50c7d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b8:94:71:9f:63:61:40:74:a1:d4:2b:30:1a:
ab:e9:f5:1f:00:0e:c4:94:87:d9:9b:a9:aa:f6:6f:
eb:2d:ab:0d:ba:56:1a:39:be:d3:63:86:dd:eb:08:
19:d1:cf:22:83:d3:c3:76:52:35:bf:6f:19:6b:04:
0d:48:a4:eb:80:75:a0:4e:fe:98:90:14:54:55:7d:
4c:12:45:fc:40:5a:e6:09:fc:b2:3b:dc:4e:be:d7:
e8:e9:2d:da:4b:78:6c:d9:d3:98:38:a5:7e:95:76:
8d:64:7c:98:d7:97:ed:56:ad:66:9b:fc:c9:b8:54:
35:00:88:95:7b:3e:8c:7f:7b:ff:78:93:f3:4e:6f:
6e:2a:2f:09:ae:35:c6:f3:35:aa:04:e9:88:f2:48:
b6:23:d5:7d:43:c8:2b:75:cd:61:5b:12:fe:d0:c6:
0e:27:54:ab:75:54:7a:e4:de:b3:36:c6:65:26:a6:
8e:b5:d7:53:21:22:65:0c:ba:17:4c:14:9e:b8:b4:
f4:4f:3c:36:ae:30:3c:bb:f6:0c:ae:7d:1f:ac:63:
8d:f0:c3:39:4e:9b:0d:27:63:36:10:f5:7c:2d:15:
ce:b9:24:56:f9:3f:c4:a5:b2:45:0b:05:d0:37:25:
6d:f4:38:7d:6c:e5:60:80:90:ae:93:8b:d9:04:02:
80:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D6:99:5F:A2:D8:C2:29:38:E9:13:4C:9F:2E:5C:00:E5:0C:7D:55
X509v3 Authority Key Identifier:
keyid:12:3B:A3:80:2F:9C:9B:F6:75:6D:AA:BD:32:4E:53:26:ED:E4:19:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjujgC-cm_Z1baq9Mk5TJu3kGao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/61f7c3-4134-4c02-b7dd-e4d024cdae0c/1/KdaZX6LYwik46RNMny5cAOUMfVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/61f7c3-4134-4c02-b7dd-e4d024cdae0c/1/EjujgC-cm_Z1baq9Mk5TJu3kGao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.243.0/24
IPv6:
2a06:18c0:1::-2a06:18c0:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3d:aa:e8:d2:ea:f6:cc:0e:b9:af:01:4c:45:1c:14:dc:2b:43:
b5:74:1f:2c:8b:59:30:c5:49:6e:99:a1:34:fa:64:36:b6:c6:
b9:e7:3c:6d:c3:0e:07:3f:ec:81:ec:b6:81:cb:55:d6:49:06:
79:3d:5a:dc:7b:1f:3d:a7:49:22:6d:90:f2:03:43:ee:76:05:
88:94:44:a1:b0:ca:8a:e1:88:bf:03:e4:1f:c6:f2:b8:52:28:
3b:61:a3:f8:20:bc:a8:fe:5f:81:64:2d:e4:d0:af:50:4c:4f:
9a:36:f9:62:b0:e2:01:43:ed:5d:1b:90:3e:43:ca:e3:2a:2c:
49:7e:b5:6a:e3:40:22:6a:5b:49:cc:55:f9:d5:ef:0d:26:07:
9a:29:a2:ad:0b:4b:df:a8:cf:e5:69:bf:1f:07:30:88:bc:1a:
85:ff:d0:59:71:bc:ff:67:c2:eb:db:8c:f9:0d:2b:93:ae:cd:
0f:91:29:ef:5f:a3:2d:b4:0a:9e:e0:ec:76:14:d5:03:f6:9f:
56:0a:13:7d:93:bd:7b:5e:6b:6e:f8:0d:62:75:27:52:75:c1:
43:f0:39:09:a5:eb:8b:a5:01:05:ae:5a:d1:f3:a5:ac:b1:9f:
c9:ef:50:43:a2:e5:39:b2:24:5c:76:cd:b8:a2:c6:e1:7e:25:
82:14:c2:1a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVueO6ltsWb+cjpdgfkkX2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2JhMzgwMmY5YzliZjY3NTZkYWFiZDMyNGU1MzI2ZWRl
NDE5YWEwHhcNMjMwMTAxMTc1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ2OTk1ZmEyZDhjMjI5MzhlOTEzNGM5ZjJlNWMwMGU1MGM3ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLiUcZ9jYUB0odQrMBqr6fUfAA7E
lIfZm6mq9m/rLasNulYaOb7TY4bd6wgZ0c8ig9PDdlI1v28ZawQNSKTrgHWgTv6Y
kBRUVX1MEkX8QFrmCfyyO9xOvtfo6S3aS3hs2dOYOKV+lXaNZHyY15ftVq1mm/zJ
uFQ1AIiVez6Mf3v/eJPzTm9uKi8JrjXG8zWqBOmI8ki2I9V9Q8grdc1hWxL+0MYO
J1SrdVR65N6zNsZlJqaOtddTISJlDLoXTBSeuLT0Tzw2rjA8u/YMrn0frGON8MM5
TpsNJ2M2EPV8LRXOuSRW+T/EpbJFCwXQNyVt9Dh9bOVggJCuk4vZBAKAUwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCnWmV+i2MIpOOkTTJ8uXADlDH1VMB8GA1UdIwQY
MBaAFBI7o4AvnJv2dW2qvTJOUybt5BmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp1amdDLWNtX1oxYmFxOU1rNVRKdTNrR2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82MWY3YzMtNDEzNC00YzAyLWI3ZGQt
ZTRkMDI0Y2RhZTBjLzEvS2RhWlg2TFl3aWs0NlJOTW55NWNBT1VNZlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi82MWY3YzMtNDEzNC00YzAyLWI3ZGQtZTRkMDI0Y2RhZTBj
LzEvRWp1amdDLWNtX1oxYmFxOU1rNVRKdTNrR2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAwcjzMBoE
AgACMBQwEgMHACoGGMAAAQMHAioGGMAAADANBgkqhkiG9w0BAQsFAAOCAQEAParo
0ur2zA65rwFMRRwU3CtDtXQfLItZMMVJbpmhNPpkNrbGuec8bcMOBz/sgey2gctV
1kkGeT1a3HsfPadJIm2Q8gND7nYFiJREobDKiuGIvwPkH8byuFIoO2Gj+CC8qP5f
gWQt5NCvUExPmjb5YrDiAUPtXRuQPkPK4yosSX61auNAImpbScxV+dXvDSYHmimi
rQtL36jP5Wm/HwcwiLwahf/QWXG8/2fC69uM+Q0rk67ND5Ep71+jLbQKnuDsdhTV
A/afVgoTfZO9e15rbvgNYnUnUnXBQ/A5CaXri6UBBa5a0fOlrLGfye9QQ6LlObIk
XHbNuKLG4X4lghTCGg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:38 2024 by rpki-client on console-fra.rpki-client.org