Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/x3dOLUU7Ri2tehkL_2gF1SDR8E0.roa
File: x3dOLUU7Ri2tehkL_2gF1SDR8E0.roa (raw, json)
Hash identifier: U8ikSkW3TgNlMu7BmEF4w5ihLggsAbgNbqqRYp9Z+0s=
Subject key identifier: C7:77:4E:2D:45:3B:46:2D:AD:7A:19:0B:FF:68:05:D5:20:D1:F0:4D
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0186DFAF853800DA09C76309BAE782C4AB39
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/x3dOLUU7Ri2tehkL_2gF1SDR8E0.roa
Signing time: Tue 14 Mar 2023 10:34:27 +0000
ROA not before: Tue 14 Mar 2023 10:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141420
IP address blocks: 193.118.169.0/24 maxlen: 24
193.118.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:af:85:38:00:da:09:c7:63:09:ba:e7:82:c4:ab:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Mar 14 10:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7774e2d453b462dad7a190bff6805d520d1f04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:47:c0:d1:fe:af:34:75:3c:8f:b0:b3:c2:5d:
30:ed:93:3a:2b:7f:67:83:f2:4c:ef:d7:16:f6:9e:
10:db:9f:2a:1f:a6:0f:d5:b0:9e:4a:69:a8:43:e1:
18:71:d8:ed:c6:93:70:0b:88:de:e9:26:be:af:96:
f5:da:f7:fe:c4:a4:cb:51:6e:75:6e:e9:46:e4:76:
a0:4c:65:67:ce:f1:3a:c2:96:9f:c4:3b:0d:9b:28:
2f:34:6c:d0:4c:10:1f:2c:7f:53:9a:88:ae:37:6b:
a8:97:2b:38:9c:06:14:93:68:cd:d2:19:96:38:a1:
95:12:da:10:cf:fd:6f:51:2f:56:c9:f3:3e:20:2b:
e2:5e:77:21:48:e1:11:58:98:6f:db:0c:15:e0:8b:
8a:00:01:39:72:7d:60:06:37:de:12:3d:96:6d:6a:
76:d7:ff:b1:80:65:38:c5:1d:54:d4:b4:f8:54:63:
de:13:54:fc:a6:7c:8d:25:a9:f8:12:b9:ff:7c:8c:
e2:a1:6a:51:d8:db:02:a1:84:ae:39:2b:cd:08:bd:
2b:6a:8e:b4:c2:e1:11:18:84:b2:00:a7:dd:5d:ee:
3e:cc:2e:bf:cd:c0:91:8c:bd:a2:0a:5d:68:77:35:
81:35:91:97:7f:51:34:4a:34:c2:f7:91:d3:2c:bb:
77:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:77:4E:2D:45:3B:46:2D:AD:7A:19:0B:FF:68:05:D5:20:D1:F0:4D
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/x3dOLUU7Ri2tehkL_2gF1SDR8E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.118.168.0/23
Signature Algorithm: sha256WithRSAEncryption
01:e1:81:94:ed:24:10:79:78:44:cb:e9:a2:f6:7c:6a:1d:96:
9b:67:87:f9:af:db:a0:ec:2f:2a:1e:0f:ca:fb:39:85:84:42:
86:73:c3:e4:61:9a:a6:fa:26:71:ab:6b:82:9f:d4:9c:bd:fa:
b1:54:9d:df:25:1a:6a:2f:52:c8:56:06:a3:5f:2c:9a:cc:6c:
2c:4a:6f:6d:8b:22:b2:58:d0:de:e3:3e:d8:8b:6a:4f:b9:26:
cb:36:e3:c9:76:dd:a9:aa:28:5a:d0:83:9d:5f:b0:65:51:bb:
94:d0:b2:2b:44:49:f1:8f:dc:7a:aa:14:ee:1e:f8:f8:39:96:
80:87:3a:0e:4d:34:f2:e7:02:84:53:83:fc:e5:1e:76:b1:44:
1b:f5:94:17:4f:76:ad:df:85:86:45:2f:ab:cb:41:10:d7:0f:
76:70:cb:ad:46:06:d5:25:c6:d9:cd:7b:b4:2b:56:fc:96:e4:
4e:70:a8:59:52:cb:f4:c7:e2:d3:b6:ee:7a:9e:f0:72:80:a8:
09:1d:f5:39:cc:46:57:dd:80:e0:db:57:13:d1:ba:9c:39:56:
84:8b:53:0d:8e:c8:c6:f8:2b:e8:18:eb:86:34:6b:23:19:d4:
dc:29:8a:ab:c8:af:13:f3:fd:bd:1f:59:84:cb:d0:07:4c:12:
9a:db:1f:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbfr4U4ANoJx2MJuueCxKs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMzE0MTAzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzc3NGUyZDQ1M2I0NjJkYWQ3YTE5MGJmZjY4MDVkNTIwZDFmMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10fA0f6vNHU8j7Czwl0w7ZM6K39n
g/JM79cW9p4Q258qH6YP1bCeSmmoQ+EYcdjtxpNwC4je6Sa+r5b12vf+xKTLUW51
bulG5HagTGVnzvE6wpafxDsNmygvNGzQTBAfLH9TmoiuN2uolys4nAYUk2jN0hmW
OKGVEtoQz/1vUS9WyfM+ICviXnchSOERWJhv2wwV4IuKAAE5cn1gBjfeEj2WbWp2
1/+xgGU4xR1U1LT4VGPeE1T8pnyNJan4Ern/fIzioWpR2NsCoYSuOSvNCL0rao60
wuERGISyAKfdXe4+zC6/zcCRjL2iCl1odzWBNZGXf1E0SjTC95HTLLt3YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMd3Ti1FO0YtrXoZC/9oBdUg0fBNMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEveDNkT0xVVTdSaTJ0ZWhrTF8yZ0YxU0RSOEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwXaoMA0G
CSqGSIb3DQEBCwUAA4IBAQAB4YGU7SQQeXhEy+mi9nxqHZabZ4f5r9ug7C8qHg/K
+zmFhEKGc8PkYZqm+iZxq2uCn9ScvfqxVJ3fJRpqL1LIVgajXyyazGwsSm9tiyKy
WNDe4z7Yi2pPuSbLNuPJdt2pqiha0IOdX7BlUbuU0LIrREnxj9x6qhTuHvj4OZaA
hzoOTTTy5wKEU4P85R52sUQb9ZQXT3at34WGRS+ry0EQ1w92cMutRgbVJcbZzXu0
K1b8luROcKhZUsv0x+LTtu56nvBygKgJHfU5zEZX3YDg21cT0bqcOVaEi1MNjsjG
+CvoGOuGNGsjGdTcKYqryK8T8/29H1mEy9AHTBKa2x8o
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org