Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/791fb5-a5eb-47f5-ad9a-997f47ab7df2/1/aM5P4COa8ARELnS-gR0hXA_lw-4.roa
File: aM5P4COa8ARELnS-gR0hXA_lw-4.roa (raw, json)
Hash identifier: 3z/J6m8VA8a7XxFwJw1lcjxQei7y/JCV/H2v1z1vEPo=
Subject key identifier: 68:CE:4F:E0:23:9A:F0:04:44:2E:74:BE:81:1D:21:5C:0F:E5:C3:EE
Certificate issuer: /CN=abd3e2b12f479198294faf60c6e36a0a1b7bfd54
Certificate serial: 01856F94AB256CF62300E84A9D851333B228
Authority key identifier: AB:D3:E2:B1:2F:47:91:98:29:4F:AF:60:C6:E3:6A:0A:1B:7B:FD:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9PisS9HkZgpT69gxuNqCht7_VQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/791fb5-a5eb-47f5-ad9a-997f47ab7df2/1/aM5P4COa8ARELnS-gR0hXA_lw-4.roa
Signing time: Sun 01 Jan 2023 23:04:52 +0000
ROA not before: Sun 01 Jan 2023 23:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56683
IP address blocks: 193.194.117.0/24 maxlen: 24
193.194.118.0/24 maxlen: 24
193.194.116.0/22 maxlen: 22
193.194.116.0/24 maxlen: 24
193.194.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:ab:25:6c:f6:23:00:e8:4a:9d:85:13:33:b2:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abd3e2b12f479198294faf60c6e36a0a1b7bfd54
Validity
Not Before: Jan 1 23:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68ce4fe0239af004442e74be811d215c0fe5c3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4e:ca:4b:55:ff:d2:3f:6e:57:06:a0:91:f6:
70:e1:32:0e:31:1a:23:3f:61:1a:ef:30:1f:37:9f:
e9:87:f5:ad:7d:50:1e:67:fe:cb:50:48:3a:64:78:
cd:89:a0:f6:46:3a:76:3f:28:98:1a:1d:62:5a:4f:
d3:43:f4:54:82:8c:af:40:6c:8d:f1:07:93:04:71:
d3:9b:dc:a4:31:d6:8f:80:2f:e7:d8:2d:6b:c8:e1:
dd:d3:01:c9:c9:f5:8a:a8:5c:9b:6f:8e:77:2a:84:
45:98:62:65:cb:da:a5:f3:7e:1f:07:5c:c2:6d:da:
36:f2:95:42:ad:3d:52:b0:d0:89:47:0e:e1:26:df:
53:e9:ef:aa:a7:28:4f:09:66:b4:bb:3b:6f:32:b0:
d0:56:e6:ef:f3:e3:ac:d8:2d:98:77:ce:1f:01:53:
59:fe:6b:de:c6:57:bd:c3:8a:3b:b8:4f:c0:85:aa:
6e:93:ba:b5:71:05:31:31:46:72:06:29:fe:e8:95:
b4:f6:65:35:27:02:58:d9:69:f9:7b:3b:2b:02:89:
95:31:7d:e0:38:73:3d:5f:bb:98:16:de:7a:42:0f:
86:bc:32:11:13:6b:8d:2c:3c:6e:fa:42:1b:ae:0d:
a0:5b:6f:8f:3c:3c:b1:e9:7a:c2:01:f2:30:c3:16:
b5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CE:4F:E0:23:9A:F0:04:44:2E:74:BE:81:1D:21:5C:0F:E5:C3:EE
X509v3 Authority Key Identifier:
keyid:AB:D3:E2:B1:2F:47:91:98:29:4F:AF:60:C6:E3:6A:0A:1B:7B:FD:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9PisS9HkZgpT69gxuNqCht7_VQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/791fb5-a5eb-47f5-ad9a-997f47ab7df2/1/aM5P4COa8ARELnS-gR0hXA_lw-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/791fb5-a5eb-47f5-ad9a-997f47ab7df2/1/q9PisS9HkZgpT69gxuNqCht7_VQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:81:9c:82:7e:74:d5:05:11:d6:ed:db:b8:86:7a:07:96:eb:
11:f9:98:a9:a0:35:31:4e:3b:f2:48:83:68:51:3d:e9:f2:d1:
47:3d:4e:81:b7:5d:2d:1d:df:a4:26:4d:00:c8:fa:8f:c0:c9:
b1:b3:1b:e2:fa:71:30:d2:08:70:3b:9b:97:75:e0:98:92:81:
94:3d:f0:c7:e5:88:8b:31:c1:13:4f:a9:ed:c4:db:12:9a:d1:
28:fd:da:46:b5:3a:68:ea:fb:bc:b5:75:8e:39:bc:7d:d6:1c:
8d:82:75:ef:25:62:9a:9b:13:52:41:61:05:a7:a0:ae:1a:d6:
ed:46:61:c0:fe:41:71:9b:7e:7d:0b:bb:da:75:d7:3b:54:3f:
65:ef:e5:e9:d1:4b:66:88:e6:86:5b:d3:9a:ad:49:b6:2a:65:
e6:ad:43:5c:de:05:db:aa:b7:fa:36:c8:a3:d3:82:8c:58:d7:
ab:66:7d:c6:3b:7b:e4:81:95:21:c9:05:2e:f0:7c:f8:0c:5e:
d2:fa:2a:8c:34:9b:fb:60:a3:a9:98:ed:21:77:72:34:fd:61:
67:a1:fc:6c:19:95:e6:11:0d:c4:52:5a:19:c0:b2:0d:7a:68:
81:0f:8c:5b:3d:f0:b2:00:6d:42:6e:6d:97:5d:c3:10:13:c7:
d1:6a:2f:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlKslbPYjAOhKnYUTM7IoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZDNlMmIxMmY0NzkxOTgyOTRmYWY2MGM2ZTM2YTBhMWI3
YmZkNTQwHhcNMjMwMTAxMjMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNlNGZlMDIzOWFmMDA0NDQyZTc0YmU4MTFkMjE1YzBmZTVjM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE7KS1X/0j9uVwagkfZw4TIOMRoj
P2Ea7zAfN5/ph/WtfVAeZ/7LUEg6ZHjNiaD2Rjp2PyiYGh1iWk/TQ/RUgoyvQGyN
8QeTBHHTm9ykMdaPgC/n2C1ryOHd0wHJyfWKqFybb453KoRFmGJly9ql834fB1zC
bdo28pVCrT1SsNCJRw7hJt9T6e+qpyhPCWa0uztvMrDQVubv8+Os2C2Yd84fAVNZ
/mvexle9w4o7uE/Ahapuk7q1cQUxMUZyBin+6JW09mU1JwJY2Wn5ezsrAomVMX3g
OHM9X7uYFt56Qg+GvDIRE2uNLDxu+kIbrg2gW2+PPDyx6XrCAfIwwxa1LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjOT+AjmvAERC50voEdIVwP5cPuMB8GA1UdIwQY
MBaAFKvT4rEvR5GYKU+vYMbjagobe/1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTlQaXNTOUhrWmdwVDY5Z3h1TnFDaHQ3X1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83OTFmYjUtYTVlYi00N2Y1LWFkOWEt
OTk3ZjQ3YWI3ZGYyLzEvYU01UDRDT2E4QVJFTG5TLWdSMGhYQV9sdy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83OTFmYjUtYTVlYi00N2Y1LWFkOWEtOTk3ZjQ3YWI3ZGYy
LzEvcTlQaXNTOUhrWmdwVDY5Z3h1TnFDaHQ3X1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwcJ0MA0G
CSqGSIb3DQEBCwUAA4IBAQCOgZyCfnTVBRHW7du4hnoHlusR+ZipoDUxTjvySINo
UT3p8tFHPU6Bt10tHd+kJk0AyPqPwMmxsxvi+nEw0ghwO5uXdeCYkoGUPfDH5YiL
McETT6ntxNsSmtEo/dpGtTpo6vu8tXWOObx91hyNgnXvJWKamxNSQWEFp6CuGtbt
RmHA/kFxm359C7vaddc7VD9l7+Xp0UtmiOaGW9OarUm2KmXmrUNc3gXbqrf6Nsij
04KMWNerZn3GO3vkgZUhyQUu8Hz4DF7S+iqMNJv7YKOpmO0hd3I0/WFnofxsGZXm
EQ3EUloZwLINemiBD4xbPfCyAG1Cbm2XXcMQE8fRai/H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:08 2024 by rpki-client on console-ams.rpki-client.org