Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/72de35-338d-4a43-b719-8b4d08d37c5f/1/tpKcnY_wnPAlPAOc38rQASA7ISk.roa
File: tpKcnY_wnPAlPAOc38rQASA7ISk.roa (raw, json)
Hash identifier: KouD9cLAh39NamHQvUnNwjAaYk7RmR3JEwJ6ZVCpCTQ=
Subject key identifier: B6:92:9C:9D:8F:F0:9C:F0:25:3C:03:9C:DF:CA:D0:01:20:3B:21:29
Certificate issuer: /CN=a679160a0449e8b50fc01c85dcfce54b2c629b51
Certificate serial: 0189A0CF4D796195245C2FD1CBBC603B4761
Authority key identifier: A6:79:16:0A:04:49:E8:B5:0F:C0:1C:85:DC:FC:E5:4B:2C:62:9B:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnkWCgRJ6LUPwByF3PzlSyxim1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/72de35-338d-4a43-b719-8b4d08d37c5f/1/tpKcnY_wnPAlPAOc38rQASA7ISk.roa
Signing time: Sat 29 Jul 2023 08:41:27 +0000
ROA not before: Sat 29 Jul 2023 08:41:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210649
IP address blocks: 193.38.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a0:cf:4d:79:61:95:24:5c:2f:d1:cb:bc:60:3b:47:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a679160a0449e8b50fc01c85dcfce54b2c629b51
Validity
Not Before: Jul 29 08:41:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6929c9d8ff09cf0253c039cdfcad001203b2129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cd:3e:fc:53:03:45:5e:83:1b:ae:36:ad:31:
88:b6:36:6b:f1:c5:df:78:31:37:ce:20:25:1a:6a:
a1:c6:14:6b:de:e7:8d:72:db:d3:17:ef:7d:f5:a4:
fa:75:59:09:54:af:ff:7a:96:9b:50:42:a3:96:2c:
f1:af:85:8a:04:ec:bf:c6:e5:26:75:67:c3:7e:ee:
24:b7:b1:87:6d:e9:52:60:a3:92:1a:52:46:f3:93:
be:ae:7a:52:8a:c9:b3:ce:54:e6:a1:c0:a2:50:7b:
b5:60:a9:8e:49:1c:d5:7c:07:c2:37:ce:2b:74:db:
96:ea:1e:ea:fc:d9:b4:91:b8:65:fd:34:08:12:81:
02:d7:ce:07:fd:77:01:8a:8f:65:d5:ce:c8:cc:09:
ef:cc:08:e9:92:c0:2f:28:48:2e:38:2e:94:ad:d9:
c0:77:47:f9:1b:72:72:a9:9a:5c:b8:03:fb:5d:50:
10:01:77:b5:42:bc:e4:a6:72:58:65:60:42:a4:6e:
c4:67:74:71:6c:f7:c1:bf:3a:17:c5:9d:d6:71:26:
11:a2:41:1d:50:b1:ac:1e:17:1b:60:78:16:2e:ec:
bf:f7:c6:0e:71:50:20:f3:2b:4c:83:84:a5:b1:31:
91:9e:15:96:58:d4:ca:c2:e4:39:a7:09:e5:c2:40:
ca:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:92:9C:9D:8F:F0:9C:F0:25:3C:03:9C:DF:CA:D0:01:20:3B:21:29
X509v3 Authority Key Identifier:
keyid:A6:79:16:0A:04:49:E8:B5:0F:C0:1C:85:DC:FC:E5:4B:2C:62:9B:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnkWCgRJ6LUPwByF3PzlSyxim1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/72de35-338d-4a43-b719-8b4d08d37c5f/1/tpKcnY_wnPAlPAOc38rQASA7ISk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/72de35-338d-4a43-b719-8b4d08d37c5f/1/pnkWCgRJ6LUPwByF3PzlSyxim1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.153.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:37:8d:a8:c0:57:b9:8d:80:a9:28:43:8b:09:6c:6f:2e:07:
e4:29:e0:d5:f1:b3:cb:ef:d3:ab:4d:e6:d1:1b:47:d8:94:17:
88:ad:80:11:8b:4c:41:14:5c:4d:44:bb:0e:7e:75:2a:9f:4a:
d9:f2:85:bf:12:c1:b9:98:de:a0:9c:83:d1:aa:71:40:73:5a:
6e:7f:98:27:3c:0b:ff:0c:a9:e8:0f:71:68:a5:fd:7b:cb:b5:
51:cd:35:55:fb:dd:05:6c:a8:10:94:01:c6:ec:2a:07:25:d0:
8b:ba:16:55:cc:d2:ac:21:d7:7b:01:fd:0f:e1:9e:59:27:c8:
cb:34:86:f8:e2:a6:2e:26:46:38:1c:5c:09:59:64:8d:63:f0:
b1:65:b4:db:91:37:f5:a2:e9:75:f8:a3:71:79:a2:cd:a2:be:
a3:51:ab:0c:26:d0:07:d6:0a:c5:81:5d:c7:17:78:a6:e6:54:
fa:77:3b:08:9d:70:b7:b9:a1:57:34:0a:36:f3:05:d0:92:3f:
14:13:77:ae:8b:a1:4d:b9:98:09:bb:b7:17:f5:7c:15:ae:8a:
43:ef:dd:b6:42:29:1a:1e:11:5e:07:aa:da:df:3d:c7:a8:40:
01:64:c6:f3:2e:38:6e:d5:b6:03:5b:2e:a1:a0:c5:0c:3d:1c:
dd:8d:bf:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmgz015YZUkXC/Ry7xgO0dhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzkxNjBhMDQ0OWU4YjUwZmMwMWM4NWRjZmNlNTRiMmM2
MjliNTEwHhcNMjMwNzI5MDg0MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjkyOWM5ZDhmZjA5Y2YwMjUzYzAzOWNkZmNhZDAwMTIwM2IyMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo80+/FMDRV6DG642rTGItjZr8cXf
eDE3ziAlGmqhxhRr3ueNctvTF+999aT6dVkJVK//epabUEKjlizxr4WKBOy/xuUm
dWfDfu4kt7GHbelSYKOSGlJG85O+rnpSismzzlTmocCiUHu1YKmOSRzVfAfCN84r
dNuW6h7q/Nm0kbhl/TQIEoEC184H/XcBio9l1c7IzAnvzAjpksAvKEguOC6UrdnA
d0f5G3JyqZpcuAP7XVAQAXe1QrzkpnJYZWBCpG7EZ3RxbPfBvzoXxZ3WcSYRokEd
ULGsHhcbYHgWLuy/98YOcVAg8ytMg4SlsTGRnhWWWNTKwuQ5pwnlwkDKEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLaSnJ2P8JzwJTwDnN/K0AEgOyEpMB8GA1UdIwQY
MBaAFKZ5FgoESei1D8Achdz85UssYptRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5rV0NnUko2TFVQd0J5RjNQemxTeXhpbTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83MmRlMzUtMzM4ZC00YTQzLWI3MTkt
OGI0ZDA4ZDM3YzVmLzEvdHBLY25ZX3duUEFsUEFPYzM4clFBU0E3SVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83MmRlMzUtMzM4ZC00YTQzLWI3MTktOGI0ZDA4ZDM3YzVm
LzEvcG5rV0NnUko2TFVQd0J5RjNQemxTeXhpbTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSaZMA0G
CSqGSIb3DQEBCwUAA4IBAQBtN42owFe5jYCpKEOLCWxvLgfkKeDV8bPL79OrTebR
G0fYlBeIrYARi0xBFFxNRLsOfnUqn0rZ8oW/EsG5mN6gnIPRqnFAc1puf5gnPAv/
DKnoD3Fopf17y7VRzTVV+90FbKgQlAHG7CoHJdCLuhZVzNKsIdd7Af0P4Z5ZJ8jL
NIb44qYuJkY4HFwJWWSNY/CxZbTbkTf1oul1+KNxeaLNor6jUasMJtAH1grFgV3H
F3im5lT6dzsInXC3uaFXNAo28wXQkj8UE3eui6FNuZgJu7cX9XwVropD7922Qika
HhFeB6ra3z3HqEABZMbzLjhu1bYDWy6hoMUMPRzdjb/P
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:54 2024 by rpki-client on console-fra.rpki-client.org