Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/bkA711wXxCM4kOoGrTmGK9omKNA.roa
File: bkA711wXxCM4kOoGrTmGK9omKNA.roa (raw, json)
Hash identifier: F36rdyAUUNHR4fhzLCQA1z/NGh2vd7hXWHsoFcKgsSo=
Subject key identifier: 6E:40:3B:D7:5C:17:C4:23:38:90:EA:06:AD:39:86:2B:DA:26:28:D0
Certificate issuer: /CN=9c4d86afb59f1d9dd16c1125009b998382e36ed3
Certificate serial: 018570C2ACFE2DB23D639E5EFD4D9B0FEA3B
Authority key identifier: 9C:4D:86:AF:B5:9F:1D:9D:D1:6C:11:25:00:9B:99:83:82:E3:6E:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/bkA711wXxCM4kOoGrTmGK9omKNA.roa
Signing time: Mon 02 Jan 2023 04:34:44 +0000
ROA not before: Mon 02 Jan 2023 04:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34763
IP address blocks: 193.84.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:ac:fe:2d:b2:3d:63:9e:5e:fd:4d:9b:0f:ea:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c4d86afb59f1d9dd16c1125009b998382e36ed3
Validity
Not Before: Jan 2 04:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e403bd75c17c4233890ea06ad39862bda2628d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:74:36:c9:a0:93:aa:2b:ff:9e:07:48:36:f3:
4c:42:d0:bb:85:9e:0d:57:88:4a:f4:72:72:f1:fe:
f2:89:03:59:9f:16:94:3b:a8:f1:74:68:15:6a:35:
8b:92:8b:56:47:b2:a2:24:b1:9a:9f:27:13:61:e7:
c1:1b:5b:c3:95:3c:e4:b6:2c:10:06:10:d0:81:5e:
7a:db:c4:4e:9d:68:03:b3:81:8e:28:6d:76:8f:c7:
5b:40:16:84:71:b9:07:59:89:b1:d7:e4:85:81:eb:
1a:b6:3b:dd:2e:bb:88:6f:4c:ef:cd:34:cf:bb:80:
c3:b5:bf:2d:fe:b2:c1:7e:e2:78:bf:a1:ac:2b:ad:
21:bb:f6:20:00:62:3f:a1:0d:56:17:19:c6:13:e0:
bc:d5:4d:ff:d6:1e:6e:75:99:84:d6:59:4b:b4:89:
40:fb:bb:8f:1b:4e:88:18:3e:00:e1:5e:99:b5:33:
ad:e5:03:c8:7f:62:e7:4b:ea:8a:f9:ef:04:61:64:
27:6d:50:82:e4:c8:4d:b1:37:cf:49:ef:5d:62:17:
bf:1e:de:91:70:be:b1:63:df:0f:56:95:b8:fc:e2:
dc:e5:62:c0:fc:66:61:b1:b1:fa:4c:c4:62:14:56:
b8:5c:17:56:27:f5:1e:c7:64:64:12:ed:fa:85:54:
a8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:40:3B:D7:5C:17:C4:23:38:90:EA:06:AD:39:86:2B:DA:26:28:D0
X509v3 Authority Key Identifier:
keyid:9C:4D:86:AF:B5:9F:1D:9D:D1:6C:11:25:00:9B:99:83:82:E3:6E:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/bkA711wXxCM4kOoGrTmGK9omKNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/76dc25-b389-4024-bf28-f4f0561b7a57/1/nE2Gr7WfHZ3RbBElAJuZg4LjbtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.119.0/24
Signature Algorithm: sha256WithRSAEncryption
74:e3:aa:f8:ad:6d:c4:0f:2d:ec:14:ab:71:91:dd:b5:04:ea:
80:71:ce:8a:81:cf:02:9f:60:6d:b7:ac:6e:94:a3:45:39:23:
2b:c4:c7:b7:75:c5:f8:39:74:90:35:74:da:6f:19:92:01:cf:
c8:3d:a7:3b:ff:70:f6:b1:45:d6:a4:4c:d8:91:8f:35:cf:90:
19:01:68:8e:6f:18:ba:15:35:52:74:cb:02:1b:13:cd:ec:57:
96:06:64:12:34:b6:8e:28:ad:7c:9b:5e:53:0f:7b:eb:67:10:
92:30:c4:fa:88:4b:60:5a:ae:4e:50:79:a5:bf:c7:f0:42:53:
df:70:88:a4:60:18:bb:97:3a:29:c7:3b:aa:f1:d7:b2:4c:5e:
95:04:ab:dd:5b:c0:99:ad:0b:a3:d5:f3:91:e5:4d:a6:eb:79:
9c:c4:cc:0c:8e:57:ba:f5:55:49:c3:d7:c3:6b:84:21:d9:f9:
35:e0:97:bb:ba:a5:a5:f6:f1:21:6e:12:f6:f7:53:7f:70:9b:
03:0c:30:4b:13:ac:7a:ce:33:2c:66:67:1a:31:52:d2:b3:d6:
68:ba:8b:60:24:9c:06:5b:a4:28:c6:56:82:8a:32:9c:38:02:
0e:cb:f9:8a:42:c0:ce:7b:c5:ba:0f:3e:e9:bc:6b:cf:15:60:
93:3b:50:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwqz+LbI9Y55e/U2bD+o7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNGQ4NmFmYjU5ZjFkOWRkMTZjMTEyNTAwOWI5OTgzODJl
MzZlZDMwHhcNMjMwMTAyMDQzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQwM2JkNzVjMTdjNDIzMzg5MGVhMDZhZDM5ODYyYmRhMjYyOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHQ2yaCTqiv/ngdINvNMQtC7hZ4N
V4hK9HJy8f7yiQNZnxaUO6jxdGgVajWLkotWR7KiJLGanycTYefBG1vDlTzktiwQ
BhDQgV5628ROnWgDs4GOKG12j8dbQBaEcbkHWYmx1+SFgesatjvdLruIb0zvzTTP
u4DDtb8t/rLBfuJ4v6GsK60hu/YgAGI/oQ1WFxnGE+C81U3/1h5udZmE1llLtIlA
+7uPG06IGD4A4V6ZtTOt5QPIf2LnS+qK+e8EYWQnbVCC5MhNsTfPSe9dYhe/Ht6R
cL6xY98PVpW4/OLc5WLA/GZhsbH6TMRiFFa4XBdWJ/Uex2RkEu36hVSouwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5AO9dcF8QjOJDqBq05hivaJijQMB8GA1UdIwQY
MBaAFJxNhq+1nx2d0WwRJQCbmYOC427TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkUyR3I3V2ZIWjNSYkJFbEFKdVpnNExqYnRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83NmRjMjUtYjM4OS00MDI0LWJmMjgt
ZjRmMDU2MWI3YTU3LzEvYmtBNzExd1h4Q000a09vR3JUbUdLOW9tS05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83NmRjMjUtYjM4OS00MDI0LWJmMjgtZjRmMDU2MWI3YTU3
LzEvbkUyR3I3V2ZIWjNSYkJFbEFKdVpnNExqYnRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwVR3MA0G
CSqGSIb3DQEBCwUAA4IBAQB046r4rW3EDy3sFKtxkd21BOqAcc6Kgc8Cn2Btt6xu
lKNFOSMrxMe3dcX4OXSQNXTabxmSAc/IPac7/3D2sUXWpEzYkY81z5AZAWiObxi6
FTVSdMsCGxPN7FeWBmQSNLaOKK18m15TD3vrZxCSMMT6iEtgWq5OUHmlv8fwQlPf
cIikYBi7lzopxzuq8deyTF6VBKvdW8CZrQuj1fOR5U2m63mcxMwMjle69VVJw9fD
a4Qh2fk14Je7uqWl9vEhbhL291N/cJsDDDBLE6x6zjMsZmcaMVLSs9ZouotgJJwG
W6QoxlaCijKcOAIOy/mKQsDOe8W6Dz7pvGvPFWCTO1Bg
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:39 2024 by rpki-client on console-fra.rpki-client.org