Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/pa1zPIcnK4PBBswlWCGGwJWdL_E.roa
File: pa1zPIcnK4PBBswlWCGGwJWdL_E.roa (raw, json)
Hash identifier: srwiQNQaIwQg+yTVE9RT/gvK6R5VeTt8M7XsQEJN8PQ=
Subject key identifier: A5:AD:73:3C:87:27:2B:83:C1:06:CC:25:58:21:86:C0:95:9D:2F:F1
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018572035CF32346A0CA4017FCBEB3E64CB4
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/pa1zPIcnK4PBBswlWCGGwJWdL_E.roa
Signing time: Mon 02 Jan 2023 10:25:01 +0000
ROA not before: Mon 02 Jan 2023 10:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4477
IP address blocks: 193.57.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:5c:f3:23:46:a0:ca:40:17:fc:be:b3:e6:4c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 2 10:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5ad733c87272b83c106cc25582186c0959d2ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:ca:29:e5:e5:49:45:f7:a4:7d:e2:69:64:
05:eb:98:cf:66:08:c6:58:1f:55:63:a4:54:5c:87:
95:bb:02:b9:4a:1a:62:e1:95:27:7a:32:af:f4:31:
1a:ac:63:80:3a:26:75:46:32:a4:3d:6c:b8:00:69:
7a:9e:5b:e9:d2:8f:6c:82:a9:36:51:0a:fe:b1:5a:
f2:01:44:7a:a5:44:f5:38:29:19:32:cf:81:c3:69:
18:37:85:82:af:6b:a3:44:7f:42:5c:96:8d:3f:4b:
70:7f:c8:fa:16:ff:ff:a2:8a:b0:b7:6d:c9:ec:23:
02:75:9d:ab:56:b5:b1:02:af:ab:6e:39:67:98:0e:
a6:7b:6e:12:07:d3:22:0e:8c:73:72:40:3d:02:a2:
f1:b1:51:07:3d:0f:2a:c1:6a:f3:a2:27:d9:b4:47:
5c:91:42:59:71:41:d6:ba:d8:16:78:67:e9:71:0b:
ef:d2:fe:1a:b2:69:60:d7:cd:21:03:52:64:b4:ca:
73:31:02:ea:0b:55:dc:5c:a1:90:7a:1f:d6:68:b8:
9d:b2:95:97:3e:42:a5:80:83:0c:ce:d4:06:34:ef:
92:37:75:ac:33:35:5e:08:a2:1e:a0:1e:aa:94:a5:
5e:e4:30:ee:36:8a:14:da:90:dc:cc:6f:e9:ec:c8:
d7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AD:73:3C:87:27:2B:83:C1:06:CC:25:58:21:86:C0:95:9D:2F:F1
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/pa1zPIcnK4PBBswlWCGGwJWdL_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.137.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:84:99:99:9d:9a:16:50:e6:fd:e8:40:f9:f9:b1:12:fb:66:
5b:37:f6:a5:c2:a7:a3:c6:bb:ec:f4:a6:b2:61:e2:a2:c4:60:
e3:a6:28:91:f6:c7:08:be:3a:06:19:55:e1:f7:99:97:2d:ca:
4b:65:7a:6e:f7:a9:42:28:e9:d3:db:98:dd:e0:7b:c3:55:75:
69:e3:06:8d:30:3f:38:62:a3:4e:50:b2:dd:73:50:06:a1:0b:
a6:56:e7:90:b7:a6:ec:cc:1e:7e:f9:6e:41:31:34:a8:cb:69:
d3:ba:c7:05:b9:0d:96:1f:e4:36:5b:7d:00:be:fe:15:e4:29:
59:11:d4:63:0f:ab:8f:89:9e:84:f8:7b:15:28:c0:64:db:33:
ce:26:e1:80:2b:a8:ad:d0:22:f0:ca:38:8f:6f:26:ea:59:a1:
ec:dd:61:e5:6e:db:44:f2:d7:6c:4c:2d:8b:5a:34:96:9a:15:
16:c3:ba:4e:ec:20:1d:9a:6c:93:94:fc:1d:a1:38:79:18:7d:
4e:40:76:8b:87:ae:3f:c4:12:c1:9e:e3:74:b9:53:40:86:72:
fa:55:a1:71:14:33:3e:d9:de:de:eb:3f:ef:71:33:1a:50:b7:
7f:b9:84:63:d2:2f:61:7f:88:f0:2c:15:db:36:75:36:90:89:
50:d4:7b:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA1zzI0agykAX/L6z5ky0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTAyMTAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWFkNzMzYzg3MjcyYjgzYzEwNmNjMjU1ODIxODZjMDk1OWQyZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupbKKeXlSUX3pH3iaWQF65jPZgjG
WB9VY6RUXIeVuwK5Shpi4ZUnejKv9DEarGOAOiZ1RjKkPWy4AGl6nlvp0o9sgqk2
UQr+sVryAUR6pUT1OCkZMs+Bw2kYN4WCr2ujRH9CXJaNP0twf8j6Fv//ooqwt23J
7CMCdZ2rVrWxAq+rbjlnmA6me24SB9MiDoxzckA9AqLxsVEHPQ8qwWrzoifZtEdc
kUJZcUHWutgWeGfpcQvv0v4asmlg180hA1JktMpzMQLqC1XcXKGQeh/WaLidspWX
PkKlgIMMztQGNO+SN3WsMzVeCKIeoB6qlKVe5DDuNooU2pDczG/p7MjXUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWtczyHJyuDwQbMJVghhsCVnS/xMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvcGExelBJY25LNFBCQnN3bFdDR0d3SldkTF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTmJMA0G
CSqGSIb3DQEBCwUAA4IBAQClhJmZnZoWUOb96ED5+bES+2ZbN/alwqejxrvs9Kay
YeKixGDjpiiR9scIvjoGGVXh95mXLcpLZXpu96lCKOnT25jd4HvDVXVp4waNMD84
YqNOULLdc1AGoQumVueQt6bszB5++W5BMTSoy2nTuscFuQ2WH+Q2W30Avv4V5ClZ
EdRjD6uPiZ6E+HsVKMBk2zPOJuGAK6it0CLwyjiPbybqWaHs3WHlbttE8tdsTC2L
WjSWmhUWw7pO7CAdmmyTlPwdoTh5GH1OQHaLh64/xBLBnuN0uVNAhnL6VaFxFDM+
2d7e6z/vcTMaULd/uYRj0i9hf4jwLBXbNnU2kIlQ1Hts
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org