Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/IPxUhPyGhlp_JxjiMETiSxfNJRE.roa
File: IPxUhPyGhlp_JxjiMETiSxfNJRE.roa (raw, json)
Hash identifier: objooR6Er8D4pco/4Ht5JgZ/C0hyyt9NlDx3x5x9YMc=
Subject key identifier: 20:FC:54:84:FC:86:86:5A:7F:27:18:E2:30:44:E2:4B:17:CD:25:11
Certificate issuer: /CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Certificate serial: 01856F0B7E93B269068A8F0E685FC889415A
Authority key identifier: E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/IPxUhPyGhlp_JxjiMETiSxfNJRE.roa
Signing time: Sun 01 Jan 2023 20:35:02 +0000
ROA not before: Sun 01 Jan 2023 20:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5479
IP address blocks: 193.219.40.0/21 maxlen: 21
193.219.48.0/21 maxlen: 21
193.219.56.0/22 maxlen: 22
193.219.80.0/20 maxlen: 20
193.219.128.0/20 maxlen: 20
193.219.144.0/21 maxlen: 21
2001:77c::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:7e:93:b2:69:06:8a:8f:0e:68:5f:c8:89:41:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Validity
Not Before: Jan 1 20:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20fc5484fc86865a7f2718e23044e24b17cd2511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1d:ff:52:a6:c1:24:6a:a1:0d:80:fb:85:4e:
1f:b9:02:f3:32:5b:5d:59:49:58:2d:16:f7:fc:7e:
96:7d:62:a3:c2:1a:12:8f:5c:8f:95:fa:b7:ec:0a:
3e:ab:de:5f:e0:9e:c6:18:46:98:1d:bb:cd:45:d9:
cf:80:df:91:77:4a:14:d1:fe:9a:4b:8d:db:ce:b0:
17:4a:49:4a:ec:68:f6:b5:d1:b3:1f:e1:a2:ed:97:
5b:03:24:ef:0a:18:b0:06:7f:ab:a4:50:74:a6:7f:
95:51:b0:f3:26:6e:86:7f:1d:9a:fe:4b:40:46:b4:
ca:17:9e:cb:a7:35:17:e6:93:81:ce:ad:95:66:a8:
b2:47:67:19:f0:00:e2:af:6b:bc:4f:3a:cc:b0:f3:
25:f4:f9:49:81:af:af:0f:04:20:9e:24:b3:72:03:
a3:45:53:4c:f6:6e:c6:44:dd:9e:d0:d5:8d:45:f0:
ab:90:78:d9:9b:7f:e3:f8:bb:0c:9e:fe:33:17:3d:
3b:db:e4:eb:5c:2a:d0:6d:46:a0:2f:73:ad:58:ce:
62:92:ec:49:83:e3:c9:11:54:71:e6:d5:77:67:42:
5f:87:61:3e:2d:90:3c:28:26:b6:b7:98:54:cb:7b:
ea:ef:9f:29:d9:75:6b:13:a9:e9:39:1f:17:64:d5:
b2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FC:54:84:FC:86:86:5A:7F:27:18:E2:30:44:E2:4B:17:CD:25:11
X509v3 Authority Key Identifier:
keyid:E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/IPxUhPyGhlp_JxjiMETiSxfNJRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.40.0-193.219.59.255
193.219.80.0/20
193.219.128.0-193.219.151.255
IPv6:
2001:77c::/32
Signature Algorithm: sha256WithRSAEncryption
93:13:23:a5:84:c8:aa:97:15:49:11:a1:33:d4:69:c6:24:d3:
af:7c:88:39:30:73:57:2a:0c:6f:cf:db:4b:65:86:2b:50:07:
86:ea:5a:18:25:e7:cf:8e:8a:42:75:d8:8c:dd:2c:b6:56:3c:
96:5e:8c:76:38:da:d0:ee:0f:67:5c:77:b9:5d:14:0c:fe:33:
5c:f6:bd:6b:1b:fc:ee:b6:92:fc:fb:37:f0:ec:3c:4e:e2:98:
c5:80:77:62:0b:9e:8c:f5:1b:78:c5:b5:e8:ea:b4:55:2c:3e:
53:bc:2e:df:87:34:84:79:4a:38:34:9f:f6:ce:b3:57:5c:46:
54:78:42:bf:84:0a:11:1c:13:13:18:32:10:92:fb:7d:58:f5:
65:8e:07:63:a1:c3:42:e7:5a:66:7b:61:5e:fa:31:67:0e:53:
b7:89:41:d5:30:b0:55:98:30:16:4f:74:8c:8f:1b:16:0b:d9:
b8:1f:0c:cc:06:41:d9:7c:51:6f:bf:2d:81:92:87:8f:07:fb:
e1:2a:d4:12:fc:a8:cf:0a:f9:de:d2:98:8b:f9:af:c9:4f:e9:
c9:19:2e:bc:31:19:1c:fd:dd:8a:d1:14:ee:a9:50:25:3c:70:
9f:32:ee:d2:a8:da:b4:37:76:e8:a6:40:18:13:a7:c8:06:dc:
8b:53:4d:18
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVvC36TsmkGio8OaF/IiUFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2YyM2Q2ODkzNzQ5NDI4OGRmY2M3YTBlZmUxZmU3NGEy
MDM2ZTEwHhcNMjMwMTAxMjAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGZjNTQ4NGZjODY4NjVhN2YyNzE4ZTIzMDQ0ZTI0YjE3Y2QyNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh3/UqbBJGqhDYD7hU4fuQLzMltd
WUlYLRb3/H6WfWKjwhoSj1yPlfq37Ao+q95f4J7GGEaYHbvNRdnPgN+Rd0oU0f6a
S43bzrAXSklK7Gj2tdGzH+Gi7ZdbAyTvChiwBn+rpFB0pn+VUbDzJm6Gfx2a/ktA
RrTKF57LpzUX5pOBzq2VZqiyR2cZ8ADir2u8TzrMsPMl9PlJga+vDwQgniSzcgOj
RVNM9m7GRN2e0NWNRfCrkHjZm3/j+LsMnv4zFz072+TrXCrQbUagL3OtWM5ikuxJ
g+PJEVRx5tV3Z0Jfh2E+LZA8KCa2t5hUy3vq758p2XVrE6npOR8XZNWykQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFCD8VIT8hoZafycY4jBE4ksXzSURMB8GA1UdIwQY
MBaAFOQ/I9aJN0lCiN/Meg7+H+dKIDbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMt
OWQxODVmNzM4MjExLzEvSVB4VWhQeUdobHBfSnhqaU1FVGlTeGZOSlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMtOWQxODVmNzM4MjEx
LzEvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAPB2ygD
BALB2zgDBATB21AwDAMEB8HbgAMEA8HbkDANBAIAAjAHAwUAIAEHfDANBgkqhkiG
9w0BAQsFAAOCAQEAkxMjpYTIqpcVSRGhM9RpxiTTr3yIOTBzVyoMb8/bS2WGK1AH
hupaGCXnz46KQnXYjN0stlY8ll6Mdjja0O4PZ1x3uV0UDP4zXPa9axv87raS/Ps3
8Ow8TuKYxYB3YguejPUbeMW16Oq0VSw+U7wu34c0hHlKODSf9s6zV1xGVHhCv4QK
ERwTExgyEJL7fVj1ZY4HY6HDQudaZnthXvoxZw5Tt4lB1TCwVZgwFk90jI8bFgvZ
uB8MzAZB2XxRb78tgZKHjwf74SrUEvyozwr53tKYi/mvyU/pyRkuvDEZHP3ditEU
7qlQJTxwnzLu0qjatDd26KZAGBOnyAbci1NNGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:41 2024 by rpki-client on console-fra.rpki-client.org