Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/5ea425-af1a-4e30-8bb0-bfa636877e90/1/b2vTmOQpEB5oUqgvALnumWOSN9o.roa
File: b2vTmOQpEB5oUqgvALnumWOSN9o.roa (raw, json)
Hash identifier: ehysLmLwtUXg2djmgXafS7jdP2GnZaGsaeYTUY4ZwGA=
Subject key identifier: 6F:6B:D3:98:E4:29:10:1E:68:52:A8:2F:00:B9:EE:99:63:92:37:DA
Certificate issuer: /CN=964768a6d8708b363143aa8811e5d9768264ef5f
Certificate serial: 01856B256F8E436673FEBAF62B20503EB39E
Authority key identifier: 96:47:68:A6:D8:70:8B:36:31:43:AA:88:11:E5:D9:76:82:64:EF:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lkdopthwizYxQ6qIEeXZdoJk718.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/5ea425-af1a-4e30-8bb0-bfa636877e90/1/b2vTmOQpEB5oUqgvALnumWOSN9o.roa
Signing time: Sun 01 Jan 2023 02:24:53 +0000
ROA not before: Sun 01 Jan 2023 02:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15943
IP address blocks: 193.31.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:6f:8e:43:66:73:fe:ba:f6:2b:20:50:3e:b3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=964768a6d8708b363143aa8811e5d9768264ef5f
Validity
Not Before: Jan 1 02:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f6bd398e429101e6852a82f00b9ee99639237da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:aa:f3:a8:fa:bb:2f:02:f8:2e:16:de:01:4c:
4d:ab:37:53:28:c3:5c:17:03:fd:df:5e:09:b2:ce:
d0:68:b4:29:d5:ef:a3:da:c1:e2:56:68:49:86:57:
b9:b8:65:b0:bb:a0:93:1e:2b:66:cc:0c:85:96:79:
da:92:21:30:dc:2f:b3:ff:ce:b4:6d:ab:65:23:a7:
9d:30:40:7b:06:ea:25:5b:38:73:e2:c6:14:a9:da:
8c:ba:02:83:6a:63:28:2f:ba:f2:52:b9:05:0d:4d:
93:85:f6:ec:4a:e2:63:fe:c7:d5:84:ae:3a:15:1a:
03:06:49:12:35:41:b3:77:a1:ea:27:90:ce:2d:c1:
dd:f6:52:58:af:b7:79:e2:f8:b0:59:da:9b:07:93:
cd:e7:5d:b9:0b:22:e5:da:13:4d:63:d8:71:56:41:
f4:00:ff:64:c8:1e:cd:89:3a:2b:a8:dc:da:60:b4:
85:5a:38:16:01:b7:46:a4:54:74:60:e4:f9:63:ac:
d6:34:a7:40:31:fb:d3:e0:08:ab:94:9c:90:2f:1d:
bc:1f:1e:ff:07:b6:4a:03:96:3b:60:c6:ce:51:b2:
f3:1e:d8:1a:5f:20:b3:dd:0c:79:7e:fe:85:28:ec:
70:57:cc:7a:9d:ca:c6:03:e5:ff:27:f8:34:a3:c8:
37:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6B:D3:98:E4:29:10:1E:68:52:A8:2F:00:B9:EE:99:63:92:37:DA
X509v3 Authority Key Identifier:
keyid:96:47:68:A6:D8:70:8B:36:31:43:AA:88:11:E5:D9:76:82:64:EF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkdopthwizYxQ6qIEeXZdoJk718.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5ea425-af1a-4e30-8bb0-bfa636877e90/1/b2vTmOQpEB5oUqgvALnumWOSN9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5ea425-af1a-4e30-8bb0-bfa636877e90/1/lkdopthwizYxQ6qIEeXZdoJk718.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.3.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b2:48:3e:50:12:66:73:52:f8:c7:9b:0e:37:91:3c:ae:a4:
af:a8:c0:88:4b:4f:62:d3:73:be:8b:35:92:3a:e4:9c:e7:ef:
16:2d:e1:62:a2:32:f0:6a:df:ef:e2:11:6f:92:35:ac:bb:d2:
cd:28:19:91:e7:80:77:ca:04:b5:a4:39:3d:40:4e:88:47:77:
f9:35:bf:39:8e:a8:c4:3c:30:f7:bb:46:83:dd:9a:9d:6c:96:
59:54:07:33:e0:70:de:80:99:89:e5:1a:6e:33:df:d0:d3:01:
fc:1f:c1:5e:49:fb:5d:cf:a6:b5:30:ad:5b:00:b6:57:4c:1d:
e7:4e:96:c4:e1:41:e8:7d:7b:ca:a5:7e:fc:9b:9a:ad:dc:50:
98:df:c6:e8:76:73:9a:0f:53:7a:d2:6c:06:5f:26:1f:76:36:
8e:6c:f7:df:fc:a0:1d:9a:f7:f0:f4:0c:26:9b:04:e3:2b:48:
30:bb:97:07:db:7a:3c:78:a0:2f:6c:08:29:5e:f5:29:a6:fc:
ea:43:05:fe:f8:e0:88:f7:c1:cf:99:20:ee:24:c6:cc:de:22:
97:46:c0:be:9f:16:9a:6e:a4:4c:ee:f5:45:c5:1a:b3:9f:91:
1a:0c:10:85:a9:26:57:6a:17:16:13:f7:e7:b2:9e:fa:6d:97:
fd:6d:7a:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrJW+OQ2Zz/rr2KyBQPrOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NDc2OGE2ZDg3MDhiMzYzMTQzYWE4ODExZTVkOTc2ODI2
NGVmNWYwHhcNMjMwMTAxMDIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjZiZDM5OGU0MjkxMDFlNjg1MmE4MmYwMGI5ZWU5OTYzOTIzN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKrzqPq7LwL4LhbeAUxNqzdTKMNc
FwP9314Jss7QaLQp1e+j2sHiVmhJhle5uGWwu6CTHitmzAyFlnnakiEw3C+z/860
batlI6edMEB7BuolWzhz4sYUqdqMugKDamMoL7ryUrkFDU2ThfbsSuJj/sfVhK46
FRoDBkkSNUGzd6HqJ5DOLcHd9lJYr7d54viwWdqbB5PN5125CyLl2hNNY9hxVkH0
AP9kyB7NiTorqNzaYLSFWjgWAbdGpFR0YOT5Y6zWNKdAMfvT4AirlJyQLx28Hx7/
B7ZKA5Y7YMbOUbLzHtgaXyCz3Qx5fv6FKOxwV8x6ncrGA+X/J/g0o8g3FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG9r05jkKRAeaFKoLwC57pljkjfaMB8GA1UdIwQY
MBaAFJZHaKbYcIs2MUOqiBHl2XaCZO9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtkb3B0aHdpell4UTZxSUVlWFpkb0prNzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81ZWE0MjUtYWYxYS00ZTMwLThiYjAt
YmZhNjM2ODc3ZTkwLzEvYjJ2VG1PUXBFQjVvVXFndkFMbnVtV09TTjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC81ZWE0MjUtYWYxYS00ZTMwLThiYjAtYmZhNjM2ODc3ZTkw
LzEvbGtkb3B0aHdpell4UTZxSUVlWFpkb0prNzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR8DMA0G
CSqGSIb3DQEBCwUAA4IBAQA4skg+UBJmc1L4x5sON5E8rqSvqMCIS09i03O+izWS
OuSc5+8WLeFiojLwat/v4hFvkjWsu9LNKBmR54B3ygS1pDk9QE6IR3f5Nb85jqjE
PDD3u0aD3ZqdbJZZVAcz4HDegJmJ5RpuM9/Q0wH8H8FeSftdz6a1MK1bALZXTB3n
TpbE4UHofXvKpX78m5qt3FCY38bodnOaD1N60mwGXyYfdjaObPff/KAdmvfw9Awm
mwTjK0gwu5cH23o8eKAvbAgpXvUppvzqQwX++OCI98HPmSDuJMbM3iKXRsC+nxaa
bqRM7vVFxRqzn5EaDBCFqSZXahcWE/fnsp76bZf9bXp1
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:13 2024 by rpki-client on console-ams.rpki-client.org