Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/0H201JqUxly6HncXbtV08n7msfg.roa
File: 0H201JqUxly6HncXbtV08n7msfg.roa (raw, json)
Hash identifier: +90HevJeUAjAHn34jsVjJ/Gusc7TyV1chOwoh1UuKy4=
Subject key identifier: D0:7D:B4:D4:9A:94:C6:5C:BA:1E:77:17:6E:D5:74:F2:7E:E6:B1:F8
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018AB3D0C1B23F41E87DB78718FB82E86836
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/0H201JqUxly6HncXbtV08n7msfg.roa
Signing time: Wed 20 Sep 2023 18:18:37 +0000
ROA not before: Wed 20 Sep 2023 18:18:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 193.108.56.0/24 maxlen: 24
193.108.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:d0:c1:b2:3f:41:e8:7d:b7:87:18:fb:82:e8:68:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Sep 20 18:18:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d07db4d49a94c65cba1e77176ed574f27ee6b1f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:76:7e:c6:f0:b2:41:59:0a:6b:6b:f8:43:05:
3f:07:7f:b7:b8:32:7d:4a:54:e1:ea:c8:3c:54:ec:
a8:2d:66:aa:46:32:c1:c2:2c:15:6c:dd:f4:51:21:
b7:88:31:80:51:c7:30:4d:63:b8:13:06:fe:11:2a:
f9:cd:77:82:60:11:ba:72:2b:0d:be:0c:e5:11:39:
64:b3:ac:df:c2:09:f8:df:43:4b:e4:e2:ba:bb:d2:
90:0d:e7:b4:b5:a1:fa:e6:b2:58:23:24:6f:48:94:
93:0a:68:b6:3b:5d:c4:b7:d5:6a:c8:3d:bb:1a:48:
ce:ca:b7:5b:59:86:4e:13:ee:d4:2e:6f:62:68:54:
04:71:6d:b8:9a:7c:cb:6e:1a:3d:af:2e:ed:8d:40:
ec:5a:56:b6:71:bd:09:67:f3:00:42:19:48:66:11:
e8:d1:fa:42:e8:bf:67:e8:b0:cc:98:07:7f:eb:e8:
60:d0:a6:a3:90:c3:44:98:7e:a8:8f:22:be:84:43:
35:8e:5b:50:62:8f:eb:2d:b8:70:e9:fa:48:04:75:
6b:13:14:63:e2:ba:31:08:f3:41:36:b0:fa:d6:97:
4a:59:c9:fa:ce:4b:92:17:59:45:77:20:3c:43:dd:
6e:fb:4c:74:95:48:bd:0d:8b:73:a6:03:9c:09:03:
d9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7D:B4:D4:9A:94:C6:5C:BA:1E:77:17:6E:D5:74:F2:7E:E6:B1:F8
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/0H201JqUxly6HncXbtV08n7msfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.56.0/24
193.108.104.0/24
Signature Algorithm: sha256WithRSAEncryption
63:eb:a3:85:7a:9d:eb:29:76:7a:75:89:7b:6c:0d:98:87:2f:
c8:75:fa:24:07:29:13:d0:29:70:7a:3c:fc:11:07:49:32:cd:
76:c0:87:69:a6:d9:55:18:8a:84:31:af:be:a6:ba:bc:5c:30:
00:ce:e1:62:5a:c8:52:fa:94:46:b7:2c:28:8f:b6:d7:93:03:
0a:5e:a5:7c:34:17:04:94:cc:32:09:4f:a3:6c:b8:e5:a4:ec:
b5:12:b7:08:71:53:c5:b9:90:3f:e5:64:72:77:30:a4:03:68:
2c:4f:98:c5:79:a4:e2:9c:b9:fd:55:ed:e6:39:76:35:9d:6b:
af:98:e3:83:3c:3d:82:2f:e8:1a:da:fc:ba:56:a8:9e:ab:0e:
56:97:c4:6c:f7:67:5f:be:81:60:98:8e:b1:ad:e9:c4:2a:dd:
36:a7:06:8c:17:f5:e1:e6:a4:ce:ef:0e:33:28:12:5a:76:73:
59:34:24:34:1f:9e:88:2f:81:b1:00:8e:ab:62:ca:8c:74:39:
3f:1c:7a:71:c5:e5:bd:4a:8d:37:56:90:33:d5:7f:4f:9b:e4:
6b:61:ea:7d:50:77:68:8d:16:31:31:81:c8:20:c6:51:68:10:
6d:28:c5:a3:32:04:7f:01:92:ef:f8:44:eb:51:1b:87:08:76:
42:35:30:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqz0MGyP0HofbeHGPuC6Gg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMwOTIwMTgxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdkYjRkNDlhOTRjNjVjYmExZTc3MTc2ZWQ1NzRmMjdlZTZiMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXZ+xvCyQVkKa2v4QwU/B3+3uDJ9
SlTh6sg8VOyoLWaqRjLBwiwVbN30USG3iDGAUccwTWO4Ewb+ESr5zXeCYBG6cisN
vgzlETlks6zfwgn430NL5OK6u9KQDee0taH65rJYIyRvSJSTCmi2O13Et9VqyD27
GkjOyrdbWYZOE+7ULm9iaFQEcW24mnzLbho9ry7tjUDsWla2cb0JZ/MAQhlIZhHo
0fpC6L9n6LDMmAd/6+hg0KajkMNEmH6ojyK+hEM1jltQYo/rLbhw6fpIBHVrExRj
4roxCPNBNrD61pdKWcn6zkuSF1lFdyA8Q91u+0x0lUi9DYtzpgOcCQPZvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNB9tNSalMZcuh53F27VdPJ+5rH4MB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvMEgyMDFKcVV4bHk2SG5jWGJ0VjA4bjdtc2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWw4AwQA
wWxoMA0GCSqGSIb3DQEBCwUAA4IBAQBj66OFep3rKXZ6dYl7bA2Yhy/IdfokBykT
0Clwejz8EQdJMs12wIdpptlVGIqEMa++prq8XDAAzuFiWshS+pRGtywoj7bXkwMK
XqV8NBcElMwyCU+jbLjlpOy1ErcIcVPFuZA/5WRydzCkA2gsT5jFeaTinLn9Ve3m
OXY1nWuvmOODPD2CL+ga2vy6Vqieqw5Wl8Rs92dfvoFgmI6xrenEKt02pwaMF/Xh
5qTO7w4zKBJadnNZNCQ0H56IL4GxAI6rYsqMdDk/HHpxxeW9So03VpAz1X9Pm+Rr
Yep9UHdojRYxMYHIIMZRaBBtKMWjMgR/AZLv+ETrURuHCHZCNTB9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org