Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/iI6LSiutUX40cDN88DUKpnXClpg.roa
File: iI6LSiutUX40cDN88DUKpnXClpg.roa (raw, json)
Hash identifier: oLVVAz/a+oaLLgrcaYyQVuxKHar1efE0ybmlgGhfOSE=
Subject key identifier: 88:8E:8B:4A:2B:AD:51:7E:34:70:33:7C:F0:35:0A:A6:75:C2:96:98
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 0185728C80ACC64F7CA98D4117924F56A2CE
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/iI6LSiutUX40cDN88DUKpnXClpg.roa
Signing time: Mon 02 Jan 2023 12:54:48 +0000
ROA not before: Mon 02 Jan 2023 12:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35616
IP address blocks: 193.23.29.0/24 maxlen: 24
2a04:9ac1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:80:ac:c6:4f:7c:a9:8d:41:17:92:4f:56:a2:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 12:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=888e8b4a2bad517e3470337cf0350aa675c29698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c8:d3:4f:9c:3e:ec:16:b0:e4:d3:89:85:36:
c2:43:30:ff:87:87:ba:fb:5c:ab:79:da:b2:7d:2e:
ed:41:72:d1:d8:33:ea:94:ee:88:e9:83:cd:1a:62:
fa:84:4e:4c:83:a2:df:4b:32:2c:5e:84:b3:d4:5a:
25:4f:4b:90:ba:3f:23:a1:d1:88:ff:17:fa:5d:ce:
4e:76:70:a2:10:45:3f:50:51:14:90:7a:41:90:06:
ba:a6:1e:74:7b:9e:45:76:11:fe:17:7c:93:63:46:
7d:c3:87:02:35:ab:a4:9f:68:14:a7:d4:8e:c9:4a:
a4:30:31:d7:b3:a0:5c:fa:b6:0a:d7:9d:39:92:3e:
b1:e3:6e:25:ba:b9:35:30:8d:73:47:1e:d2:cf:7e:
52:d4:37:71:df:cf:d1:5f:6a:f8:59:08:94:0b:58:
50:e9:eb:e6:90:a1:d6:77:70:84:95:02:f8:aa:65:
4e:0c:5e:b9:3b:f9:9d:1e:c8:f1:1d:05:7d:25:0e:
66:98:c6:7d:1c:25:52:a3:18:e9:60:c6:2b:41:2a:
4e:f9:87:69:3b:43:8f:72:5b:20:fd:7a:f8:a1:a1:
0c:ae:33:e3:f1:b0:4a:09:92:e5:5a:df:bd:6d:fb:
35:71:47:eb:68:65:06:7e:18:03:ff:11:04:46:f1:
ad:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8E:8B:4A:2B:AD:51:7E:34:70:33:7C:F0:35:0A:A6:75:C2:96:98
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/iI6LSiutUX40cDN88DUKpnXClpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.29.0/24
IPv6:
2a04:9ac1::/32
Signature Algorithm: sha256WithRSAEncryption
31:4b:ae:f9:c2:2f:bc:c0:24:68:01:01:80:95:0b:db:47:80:
d2:b7:c1:2b:9a:45:15:a2:e7:90:18:bb:7e:64:0e:81:95:94:
7b:ed:87:93:97:74:8d:18:ed:69:94:6f:d1:bb:69:2d:78:fe:
b3:ca:1a:f1:61:34:de:c2:1a:10:dd:d8:1a:1c:ad:bf:62:6f:
9d:6b:68:37:d5:05:3e:cb:4d:1d:15:15:e0:03:91:89:8a:9f:
bc:77:6b:53:69:6a:b7:58:ee:89:9e:7c:1f:28:4e:2b:3d:61:
17:e3:6b:1c:07:92:10:6e:92:7b:0b:5e:f2:ce:df:ff:50:1a:
6d:7e:67:af:a4:28:e1:c3:8d:e1:05:71:cb:65:35:e1:36:15:
b2:44:ef:78:04:7a:68:fc:1f:fc:72:71:41:30:a1:cb:c2:c0:
bf:36:db:bf:0e:37:5f:bb:bc:34:73:bc:6b:28:66:80:15:95:
85:e4:dd:b4:4a:d9:9e:79:43:55:bb:0c:5a:19:8f:6d:4c:3d:
a6:4e:4d:40:58:63:af:38:4a:d2:28:61:9e:11:22:0e:3d:fb:
0e:25:7f:7a:a2:2e:33:9e:44:b8:92:bf:d2:7c:18:18:8b:a4:
a1:7e:4e:c6:97:2c:d4:70:f7:c8:f7:b9:be:c0:29:b9:da:77:
c0:e4:b5:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyjICsxk98qY1BF5JPVqLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjMwMTAyMTI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhlOGI0YTJiYWQ1MTdlMzQ3MDMzN2NmMDM1MGFhNjc1YzI5Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8jTT5w+7Baw5NOJhTbCQzD/h4e6
+1yredqyfS7tQXLR2DPqlO6I6YPNGmL6hE5Mg6LfSzIsXoSz1FolT0uQuj8jodGI
/xf6Xc5OdnCiEEU/UFEUkHpBkAa6ph50e55FdhH+F3yTY0Z9w4cCNaukn2gUp9SO
yUqkMDHXs6Bc+rYK1505kj6x424lurk1MI1zRx7Sz35S1Ddx38/RX2r4WQiUC1hQ
6evmkKHWd3CElQL4qmVODF65O/mdHsjxHQV9JQ5mmMZ9HCVSoxjpYMYrQSpO+Ydp
O0OPclsg/Xr4oaEMrjPj8bBKCZLlWt+9bfs1cUfraGUGfhgD/xEERvGtbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIiOi0orrVF+NHAzfPA1CqZ1wpaYMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvaUk2TFNpdXRVWDQwY0ROODhEVUtwblhDbHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRcdMA0E
AgACMAcDBQAqBJrBMA0GCSqGSIb3DQEBCwUAA4IBAQAxS675wi+8wCRoAQGAlQvb
R4DSt8ErmkUVoueQGLt+ZA6BlZR77YeTl3SNGO1plG/Ru2kteP6zyhrxYTTewhoQ
3dgaHK2/Ym+da2g31QU+y00dFRXgA5GJip+8d2tTaWq3WO6JnnwfKE4rPWEX42sc
B5IQbpJ7C17yzt//UBptfmevpCjhw43hBXHLZTXhNhWyRO94BHpo/B/8cnFBMKHL
wsC/Ntu/Djdfu7w0c7xrKGaAFZWF5N20StmeeUNVuwxaGY9tTD2mTk1AWGOvOErS
KGGeESIOPfsOJX96oi4znkS4kr/SfBgYi6Shfk7GlyzUcPfI97m+wCm52nfA5LWr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:20 2024 by rpki-client on console-fra.rpki-client.org