Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/1-Ai257Xj13wQovqae7jGA5dflm8.roa
File: 1-Ai257Xj13wQovqae7jGA5dflm8.roa (raw, json)
Hash identifier: SFvtOWtpzIx3TwK4144IQtU0/NCUJytvMwR8l4uSNrM=
Subject key identifier: F8:08:B6:E7:B5:E3:D7:7C:10:A2:FA:9A:7B:B8:C6:03:97:5F:96:6F
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 01856ED4D3241B2ADBC6F85BEE0311752C5A
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/1-Ai257Xj13wQovqae7jGA5dflm8.roa
Signing time: Sun 01 Jan 2023 19:35:19 +0000
ROA not before: Sun 01 Jan 2023 19:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41233
IP address blocks: 193.16.186.0/23 maxlen: 24
193.16.188.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d3:24:1b:2a:db:c6:f8:5b:ee:03:11:75:2c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 19:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f808b6e7b5e3d77c10a2fa9a7bb8c603975f966f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:70:ac:ee:b8:04:b7:e9:2c:1c:2f:fe:0f:c3:
76:e3:ee:e7:bf:98:72:ee:73:a1:2f:7d:64:91:86:
1c:3b:b4:68:06:28:bb:9f:24:7d:ae:1c:74:54:22:
c1:f5:24:16:b5:4d:62:ca:a3:14:84:c1:e6:1e:81:
e8:80:d8:cd:a8:b4:a6:1a:d8:cf:55:35:35:0e:e4:
a1:9b:77:00:6e:46:09:61:7b:d1:77:0a:95:f9:5e:
a7:bc:d5:6b:ed:95:68:17:a0:36:25:22:76:df:61:
04:44:83:c9:fd:cc:dc:df:ab:36:fc:72:42:c6:cc:
5b:98:a4:f7:36:e7:c0:6b:55:d3:2e:7b:d3:06:39:
ee:16:41:f9:35:3b:df:6d:75:ce:2d:08:fd:a5:b4:
d1:23:c6:45:3a:83:09:0c:cd:09:27:02:77:6d:69:
9c:53:23:ea:8a:49:69:06:fa:8e:c6:27:2c:ec:1e:
41:cb:be:03:e2:6b:10:3f:a1:f4:47:71:02:83:36:
16:60:bb:6f:61:58:f0:68:6f:77:31:7e:ed:bf:b7:
7e:f0:18:35:15:bc:6c:c2:88:ad:53:fb:be:18:6f:
d3:7f:27:d4:9e:e4:ba:2b:36:42:26:d8:c5:bf:fa:
b5:6a:65:3e:54:af:4e:a8:83:a6:10:fd:bc:a2:af:
81:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:08:B6:E7:B5:E3:D7:7C:10:A2:FA:9A:7B:B8:C6:03:97:5F:96:6F
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/1-Ai257Xj13wQovqae7jGA5dflm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.186.0-193.16.191.255
Signature Algorithm: sha256WithRSAEncryption
69:40:bd:e4:a3:c7:12:8b:4f:8c:a5:5b:5a:8c:26:c4:bf:f7:
36:0a:34:13:a3:8a:b7:08:6e:dc:10:28:0b:38:4a:a9:86:ae:
82:e6:76:66:78:aa:10:9d:bd:20:7b:60:d1:dd:2c:4a:47:94:
80:3f:b6:bd:53:bf:9e:57:80:c6:be:a2:81:56:f6:a9:b6:9d:
09:40:89:bf:d8:78:60:66:d5:fc:48:26:88:3d:aa:4d:48:35:
7d:3f:18:15:e4:f6:d8:99:f4:b5:34:01:82:be:c5:d7:7f:9b:
ca:be:9b:39:80:6b:b2:26:7a:17:7c:33:ae:53:69:6a:e1:8c:
f5:62:ab:6c:8f:f0:8c:36:1d:91:4e:84:7b:cf:6a:37:cd:83:
96:62:88:5f:0a:51:75:31:58:6d:60:d4:ee:47:61:b7:1e:86:
81:f8:cc:c2:79:30:c2:e4:6d:32:aa:d4:c9:ff:ad:23:f8:d5:
63:43:5b:fa:76:c6:11:1a:45:2e:9c:6b:23:71:60:45:4b:cf:
dc:f8:33:01:41:b7:03:75:30:ed:4d:0c:23:d6:b6:d7:89:d2:
56:29:33:69:31:2c:2d:e8:89:40:e5:65:62:cf:fe:5e:d7:78:
ff:74:0a:de:bd:ba:96:24:7b:4e:c4:76:b8:04:90:a3:6f:6c:
28:38:22:4b
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYVu1NMkGyrbxvhb7gMRdSxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwN2U2YjVhYTQzN2QzNjkzMTUxNTAyYTIxMTQ5NmUzN2Q0
YWUyYzUwHhcNMjMwMTAxMTkzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODA4YjZlN2I1ZTNkNzdjMTBhMmZhOWE3YmI4YzYwMzk3NWY5NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3Cs7rgEt+ksHC/+D8N24+7nv5hy
7nOhL31kkYYcO7RoBii7nyR9rhx0VCLB9SQWtU1iyqMUhMHmHoHogNjNqLSmGtjP
VTU1DuShm3cAbkYJYXvRdwqV+V6nvNVr7ZVoF6A2JSJ232EERIPJ/czc36s2/HJC
xsxbmKT3NufAa1XTLnvTBjnuFkH5NTvfbXXOLQj9pbTRI8ZFOoMJDM0JJwJ3bWmc
UyPqiklpBvqOxics7B5By74D4msQP6H0R3ECgzYWYLtvYVjwaG93MX7tv7d+8Bg1
FbxswoitU/u+GG/TfyfUnuS6KzZCJtjFv/q1amU+VK9OqIOmEP28oq+B8wIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPgItue149d8EKL6mnu4xgOXX5ZvMB8GA1UdIwQY
MBaAFAB+a1qkN9NpMVFQKiEUluN9SuLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYt
NWE4YzY3ODQyMzg5LzEvMS1BaTI1N1hqMTN3UW92cWFlN2pHQTVkZmxtOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzMvNTE4ZmFiLTc2MDYtNDgzMi1hYTY2LTVhOGM2Nzg0MjM4
OS8xL0FINXJXcVEzMDJreFVWQXFJUlNXNDMxSzRzVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBwRC6
AwQGwRCAMA0GCSqGSIb3DQEBCwUAA4IBAQBpQL3ko8cSi0+MpVtajCbEv/c2CjQT
o4q3CG7cECgLOEqphq6C5nZmeKoQnb0ge2DR3SxKR5SAP7a9U7+eV4DGvqKBVvap
tp0JQIm/2HhgZtX8SCaIPapNSDV9PxgV5PbYmfS1NAGCvsXXf5vKvps5gGuyJnoX
fDOuU2lq4Yz1Yqtsj/CMNh2RToR7z2o3zYOWYohfClF1MVhtYNTuR2G3HoaB+MzC
eTDC5G0yqtTJ/60j+NVjQ1v6dsYRGkUunGsjcWBFS8/c+DMBQbcDdTDtTQwj1rbX
idJWKTNpMSwt6IlA5WViz/5e13j/dArevbqWJHtOxHa4BJCjb2woOCJL
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:58 2024 by rpki-client on console-ams.rpki-client.org