Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/u3zZGKDJmsl_nW5LHfIFPKdz7jQ.roa
File: u3zZGKDJmsl_nW5LHfIFPKdz7jQ.roa (raw, json)
Hash identifier: wsan4IivfdFUhJEYpspasMpL8rgwui3KLqdnS7L5lCI=
Subject key identifier: BB:7C:D9:18:A0:C9:9A:C9:7F:9D:6E:4B:1D:F2:05:3C:A7:73:EE:34
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 0185736849803714F97FA6CF862CE3E1CA68
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/u3zZGKDJmsl_nW5LHfIFPKdz7jQ.roa
Signing time: Mon 02 Jan 2023 16:54:52 +0000
ROA not before: Mon 02 Jan 2023 16:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6667
IP address blocks: 192.136.74.0/24 maxlen: 24
192.136.73.0/24 maxlen: 24
213.192.184.0/21 maxlen: 21
192.175.45.0/24 maxlen: 24
2001:670::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:49:80:37:14:f9:7f:a6:cf:86:2c:e3:e1:ca:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Jan 2 16:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb7cd918a0c99ac97f9d6e4b1df2053ca773ee34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4d:c8:34:f0:ba:7b:a7:8a:04:a7:1a:f5:5e:
12:6f:92:e7:60:62:7e:b7:b8:b6:20:0a:df:3a:e5:
74:0a:70:43:d4:c5:be:d9:5f:46:4e:84:fe:30:a7:
6f:92:25:d1:6f:9a:42:6a:f3:f0:bc:1b:0d:d0:d1:
02:18:02:30:45:a3:b3:43:1e:3c:d8:5e:99:41:88:
57:07:a8:8b:57:e4:c0:7f:b8:54:f2:2b:14:36:15:
9f:92:30:17:26:d7:98:db:39:36:df:c6:55:2d:28:
d4:3d:e6:5a:7e:1d:40:0f:f1:5b:0d:a8:6f:73:6f:
22:70:b1:e8:bc:89:1c:27:b0:c9:91:49:6a:95:06:
4a:20:a7:51:54:b9:2c:39:67:0a:ab:d8:1b:a2:50:
a0:ef:7f:e3:78:a7:53:11:12:cd:75:27:ae:93:9d:
52:e6:53:f1:a4:fd:73:06:98:8f:ff:a3:ea:5a:99:
57:2a:b8:5d:d3:9f:dd:d7:b9:36:99:bc:9b:e3:fa:
20:d0:ea:a7:8c:67:44:16:b1:2c:02:06:23:3f:85:
06:b6:0d:d1:3d:fc:90:83:93:f8:f6:47:10:14:22:
ab:3a:ed:7b:02:1c:c3:17:ed:b8:2d:48:dc:dd:e8:
e6:4f:63:e9:da:ba:eb:a0:7e:4f:c6:97:24:8a:54:
69:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7C:D9:18:A0:C9:9A:C9:7F:9D:6E:4B:1D:F2:05:3C:A7:73:EE:34
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/u3zZGKDJmsl_nW5LHfIFPKdz7jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.136.73.0-192.136.74.255
192.175.45.0/24
213.192.184.0/21
IPv6:
2001:670::/32
Signature Algorithm: sha256WithRSAEncryption
83:b2:2e:e1:98:cf:14:1a:35:8b:53:e5:8d:1b:1c:4d:1c:61:
4d:4b:ae:d6:3b:49:ab:81:49:f1:ab:e5:75:de:a0:d0:d1:51:
c2:57:5e:01:b1:3a:08:1f:90:76:2e:cc:65:fa:64:21:3a:fa:
c1:9b:4e:f6:e5:3e:6b:d5:a3:97:3b:db:f7:3c:87:3a:3d:fc:
02:98:8a:3c:e6:87:76:0b:32:20:58:12:e4:04:61:88:13:e6:
39:49:b6:49:36:1d:1b:11:f2:0f:9d:1b:94:b6:c3:9e:8a:a4:
a3:15:be:b4:60:3f:81:62:51:26:6d:4f:24:54:67:75:95:31:
e4:6f:c3:37:9d:a6:ab:bd:bf:82:23:22:91:9e:4b:75:5b:ac:
6a:de:74:dc:31:97:6f:1f:c5:d5:46:87:ca:75:d1:c2:c8:21:
e1:a1:c4:09:cc:9a:77:59:ca:9c:4c:16:70:1f:84:72:ad:50:
5c:69:2a:ed:dc:57:9d:50:57:6f:e8:22:6b:12:eb:14:fb:75:
e3:de:ab:05:c7:7b:68:2c:d6:79:a6:78:01:53:28:98:1b:67:
20:2a:84:f8:47:cd:93:15:97:8a:9e:a5:52:fa:72:37:8e:e2:
ce:76:52:b0:54:4c:4a:7d:cd:5c:d4:3e:4c:17:04:61:ad:f2:
f9:a7:90:7b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVzaEmANxT5f6bPhizj4cpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjMwMTAyMTY1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdjZDkxOGEwYzk5YWM5N2Y5ZDZlNGIxZGYyMDUzY2E3NzNlZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh03INPC6e6eKBKca9V4Sb5LnYGJ+
t7i2IArfOuV0CnBD1MW+2V9GToT+MKdvkiXRb5pCavPwvBsN0NECGAIwRaOzQx48
2F6ZQYhXB6iLV+TAf7hU8isUNhWfkjAXJteY2zk238ZVLSjUPeZafh1AD/FbDahv
c28icLHovIkcJ7DJkUlqlQZKIKdRVLksOWcKq9gbolCg73/jeKdTERLNdSeuk51S
5lPxpP1zBpiP/6PqWplXKrhd05/d17k2mbyb4/og0OqnjGdEFrEsAgYjP4UGtg3R
PfyQg5P49kcQFCKrOu17AhzDF+24LUjc3ejmT2Pp2rrroH5PxpckilRpUwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLt82RigyZrJf51uSx3yBTync+40MB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvdTN6WkdLREptc2xfblc1TEhmSUZQS2R6N2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBADAiEkD
BADAiEoDBADAry0DBAPVwLgwDQQCAAIwBwMFACABBnAwDQYJKoZIhvcNAQELBQAD
ggEBAIOyLuGYzxQaNYtT5Y0bHE0cYU1LrtY7SauBSfGr5XXeoNDRUcJXXgGxOggf
kHYuzGX6ZCE6+sGbTvblPmvVo5c72/c8hzo9/AKYijzmh3YLMiBYEuQEYYgT5jlJ
tkk2HRsR8g+dG5S2w56KpKMVvrRgP4FiUSZtTyRUZ3WVMeRvwzedpqu9v4IjIpGe
S3VbrGredNwxl28fxdVGh8p10cLIIeGhxAnMmndZypxMFnAfhHKtUFxpKu3cV51Q
V2/oImsS6xT7dePeqwXHe2gs1nmmeAFTKJgbZyAqhPhHzZMVl4qepVL6cjeO4s52
UrBUTEp9zVzUPkwXBGGt8vmnkHs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:39 2024 by rpki-client on console-ams.rpki-client.org