Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/9OO4KEdwIU_ImzGtAoQb9aRq5Qk.roa
File: 9OO4KEdwIU_ImzGtAoQb9aRq5Qk.roa (raw, json)
Hash identifier: Grcss3Epczae/4PRYH0RwTuWHgkjvPyPYcOJ63KMfqI=
Subject key identifier: F4:E3:B8:28:47:70:21:4F:C8:9B:31:AD:02:84:1B:F5:A4:6A:E5:09
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0189E5094BBE3D7CE335B8A10F5DD8AB2A96
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/9OO4KEdwIU_ImzGtAoQb9aRq5Qk.roa
Signing time: Fri 11 Aug 2023 14:38:58 +0000
ROA not before: Fri 11 Aug 2023 14:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209883
IP address blocks: 193.203.127.0/24 maxlen: 24
2a0e:f8c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e5:09:4b:be:3d:7c:e3:35:b8:a1:0f:5d:d8:ab:2a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 11 14:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4e3b8284770214fc89b31ad02841bf5a46ae509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4f:92:5a:0b:87:64:ba:20:03:60:41:62:4a:
f6:27:c0:96:e9:5b:ee:d7:b6:de:a5:37:c2:17:09:
d4:26:d3:ac:98:11:4d:ac:1c:91:e3:3c:3d:b9:22:
8a:a6:e7:f4:f8:02:f2:a1:4e:cd:b5:69:98:6a:59:
4c:57:e3:ee:ce:29:27:7f:a0:79:4d:e9:56:7f:a0:
8a:a4:99:10:3b:00:5b:de:23:f9:f2:3e:3f:e2:49:
50:93:37:47:e7:d4:f6:c1:7d:4a:51:05:72:87:07:
2e:77:fe:7d:1c:7b:d4:7a:39:18:e5:55:c6:b6:24:
e5:09:b6:8a:a5:ed:a6:c0:80:53:44:bd:bd:f3:f3:
d0:a4:68:45:42:81:a3:93:04:21:1c:8c:e4:77:2a:
87:28:8c:89:f8:6a:e8:33:fa:07:79:72:0d:f1:df:
cd:38:f6:c7:59:96:ad:1a:46:b3:b6:65:cf:73:2c:
1a:06:43:50:1f:cd:dc:b8:b7:fd:7d:d7:6f:5b:fb:
a8:e2:8f:d4:f3:99:90:a0:1c:36:5c:89:12:e7:1b:
78:e4:23:44:1c:a3:3b:7b:07:0f:1d:49:ec:37:16:
76:35:99:a2:c0:bf:81:bf:b5:ff:ee:6f:0c:b1:af:
66:d3:35:6f:1d:7c:0a:f8:63:88:6b:d3:9e:4d:1c:
e0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E3:B8:28:47:70:21:4F:C8:9B:31:AD:02:84:1B:F5:A4:6A:E5:09
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/9OO4KEdwIU_ImzGtAoQb9aRq5Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.127.0/24
IPv6:
2a0e:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:93:7f:3b:44:ad:a4:b2:aa:f7:20:c1:0d:df:8b:42:4f:3e:
1c:c9:b0:be:cd:83:38:0e:d2:74:0c:88:ef:5e:14:e0:04:1d:
8c:5f:0a:3a:e8:1e:18:e7:40:1d:6c:36:42:2d:30:94:25:e3:
62:b8:6a:db:17:da:29:51:75:1c:e7:79:e6:c1:9f:8d:ad:8b:
c7:41:56:cc:22:ef:cc:0d:e2:85:79:c2:dd:16:68:7b:f1:fc:
23:b3:d6:6e:0e:7a:ed:d4:a4:3c:f6:f1:a3:ef:1b:3f:8b:63:
20:7f:0c:51:0e:a3:5c:c8:6b:01:02:de:4e:f7:5a:ba:98:68:
eb:ba:b6:0b:e8:31:26:0a:ea:5c:5e:3d:94:b6:a0:f4:88:b7:
c0:6a:d9:f8:a7:ec:a8:f2:75:74:5d:a4:2d:65:a2:92:8b:e0:
37:1d:ac:10:3f:9c:0e:eb:ad:b8:a3:b6:65:51:a0:cb:c9:65:
16:b2:48:d6:a7:e2:10:84:a9:b1:ed:5d:7e:d5:b0:e5:ea:83:
f3:5a:b6:56:ad:7b:27:ba:84:c4:e1:43:94:fe:d1:b2:3a:40:
af:50:49:75:67:25:e5:1a:35:b7:b3:fd:e2:2e:d8:d1:13:30:
d5:05:d8:f9:4f:f8:96:28:ad:33:ce:56:59:8b:7a:75:2f:7c:
90:02:e8:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYnlCUu+PXzjNbihD13YqyqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODExMTQzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGUzYjgyODQ3NzAyMTRmYzg5YjMxYWQwMjg0MWJmNWE0NmFlNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0+SWguHZLogA2BBYkr2J8CW6Vvu
17bepTfCFwnUJtOsmBFNrByR4zw9uSKKpuf0+ALyoU7NtWmYallMV+Puziknf6B5
TelWf6CKpJkQOwBb3iP58j4/4klQkzdH59T2wX1KUQVyhwcud/59HHvUejkY5VXG
tiTlCbaKpe2mwIBTRL298/PQpGhFQoGjkwQhHIzkdyqHKIyJ+GroM/oHeXIN8d/N
OPbHWZatGkaztmXPcywaBkNQH83cuLf9fddvW/uo4o/U85mQoBw2XIkS5xt45CNE
HKM7ewcPHUnsNxZ2NZmiwL+Bv7X/7m8Msa9m0zVvHXwK+GOIa9OeTRzgjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPTjuChHcCFPyJsxrQKEG/WkauUJMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvOU9PNEtFZHdJVV9JbXpHdEFvUWI5YVJxNVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwct/MA0E
AgACMAcDBQMqDvjAMA0GCSqGSIb3DQEBCwUAA4IBAQCck387RK2ksqr3IMEN34tC
Tz4cybC+zYM4DtJ0DIjvXhTgBB2MXwo66B4Y50AdbDZCLTCUJeNiuGrbF9opUXUc
53nmwZ+NrYvHQVbMIu/MDeKFecLdFmh78fwjs9ZuDnrt1KQ89vGj7xs/i2MgfwxR
DqNcyGsBAt5O91q6mGjrurYL6DEmCupcXj2UtqD0iLfAatn4p+yo8nV0XaQtZaKS
i+A3HawQP5wO6624o7ZlUaDLyWUWskjWp+IQhKmx7V1+1bDl6oPzWrZWrXsnuoTE
4UOU/tGyOkCvUEl1ZyXlGjW3s/3iLtjREzDVBdj5T/iWKK0zzlZZi3p1L3yQAujF
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:06 2024 by rpki-client on console-ams.rpki-client.org