Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/56c782-6e9e-4fc8-bb99-f640ad3b8cf4/1/1kAYGyGJlanfiWudyGlF73Xpc-k.roa
File: 1kAYGyGJlanfiWudyGlF73Xpc-k.roa (raw, json)
Hash identifier: leqxKY9LS9qiPxEq0txMS6gfjsYgdpEMmZwExa5M5T8=
Subject key identifier: D6:40:18:1B:21:89:95:A9:DF:89:6B:9D:C8:69:45:EF:75:E9:73:E9
Certificate issuer: /CN=163bcbd9bc93849a7ffdf7294c2de9dfb1eaf283
Certificate serial: 018953CCB9E2F5C279A4FBD0F0F0FA84D3D6
Authority key identifier: 16:3B:CB:D9:BC:93:84:9A:7F:FD:F7:29:4C:2D:E9:DF:B1:EA:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjvL2byThJp__fcpTC3p37Hq8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/56c782-6e9e-4fc8-bb99-f640ad3b8cf4/1/1kAYGyGJlanfiWudyGlF73Xpc-k.roa
Signing time: Fri 14 Jul 2023 09:47:53 +0000
ROA not before: Fri 14 Jul 2023 09:47:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21241
IP address blocks: 193.58.76.0/23 maxlen: 23
193.58.72.0/21 maxlen: 21
193.58.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:cc:b9:e2:f5:c2:79:a4:fb:d0:f0:f0:fa:84:d3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=163bcbd9bc93849a7ffdf7294c2de9dfb1eaf283
Validity
Not Before: Jul 14 09:47:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d640181b218995a9df896b9dc86945ef75e973e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:78:44:89:da:ad:0d:b6:a9:7b:72:ec:d8:
f0:f6:5e:2a:7e:c8:89:6e:35:6a:0f:76:7b:3d:f1:
d8:03:bd:22:95:ec:0a:0d:2c:95:43:ac:b1:1f:db:
46:83:1e:38:c9:67:a9:54:94:6d:f0:03:41:10:f8:
e9:56:f5:d2:78:37:10:5f:48:4a:1e:3e:30:94:19:
84:d2:11:53:e6:bf:d1:ab:81:d1:a8:1b:ef:91:09:
53:92:29:0d:c0:f8:28:b8:26:04:92:ca:0c:ae:15:
d4:45:fd:55:be:35:51:2a:bc:f5:6a:67:b3:a7:81:
de:c9:be:03:f5:a0:c7:2b:59:36:8d:33:36:30:86:
f3:b2:13:05:e6:e2:0f:5f:a1:56:cb:50:64:1a:69:
1e:a0:21:5b:c0:0d:21:b7:5f:ab:c8:1c:7e:1c:70:
bc:ca:b3:81:71:ee:b7:5f:8f:0c:de:68:f2:d0:5a:
b1:8f:fa:d1:57:b0:ac:5e:bf:9d:5b:c4:eb:12:ef:
f3:aa:9c:e3:fb:4d:b2:3b:3e:80:a2:29:83:2c:8e:
a9:dc:8d:29:1a:1a:89:4b:ff:fd:01:0b:ba:28:53:
67:cf:3e:98:8b:7b:f8:c9:ae:da:76:88:d7:cf:bf:
bd:f9:2c:ed:3b:d2:88:48:24:bc:1c:a3:13:ce:bb:
c9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:40:18:1B:21:89:95:A9:DF:89:6B:9D:C8:69:45:EF:75:E9:73:E9
X509v3 Authority Key Identifier:
keyid:16:3B:CB:D9:BC:93:84:9A:7F:FD:F7:29:4C:2D:E9:DF:B1:EA:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjvL2byThJp__fcpTC3p37Hq8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/56c782-6e9e-4fc8-bb99-f640ad3b8cf4/1/1kAYGyGJlanfiWudyGlF73Xpc-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/56c782-6e9e-4fc8-bb99-f640ad3b8cf4/1/FjvL2byThJp__fcpTC3p37Hq8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.72.0/21
Signature Algorithm: sha256WithRSAEncryption
05:fc:8a:35:01:69:e0:8b:3a:2a:dd:95:c8:09:c7:8c:c0:16:
cd:48:00:d3:f4:76:2c:b5:f6:4f:58:fc:fb:44:69:5d:9b:41:
2d:80:ea:ab:b0:6b:a0:fa:16:80:50:8d:6f:8b:8b:1f:7e:4b:
97:96:d0:66:20:5a:15:19:e2:18:35:d0:72:1a:27:b6:84:af:
dd:88:65:f2:85:f5:67:4f:8c:54:77:df:ee:d1:e0:4a:5e:99:
2d:8c:d9:d3:dc:f7:60:ff:51:35:85:a6:1b:1f:f3:b7:25:6b:
aa:78:2e:ba:ac:89:ed:db:ad:9a:7d:96:a8:71:4b:f4:bd:22:
67:76:80:bb:39:a4:0f:95:c3:5a:f8:83:94:3f:b8:ba:91:b8:
16:60:d3:55:67:86:31:5a:5b:0b:a7:53:2e:39:59:df:71:6c:
ae:f0:50:94:62:1a:b1:31:d5:3d:a5:3f:e0:ac:84:ad:08:83:
84:72:8e:78:06:50:a5:98:b8:af:c8:58:4b:5a:72:8f:ab:e7:
49:f4:96:68:a7:6d:c2:81:ef:b0:06:a8:7e:c6:9e:25:f8:16:
b8:09:a9:78:68:d7:19:7e:2a:66:20:9f:d8:48:13:a0:cd:45:
63:76:8c:38:98:26:95:a2:8f:2a:89:c4:ea:ab:3c:fd:6f:fb:
00:bd:70:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlTzLni9cJ5pPvQ8PD6hNPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2M2JjYmQ5YmM5Mzg0OWE3ZmZkZjcyOTRjMmRlOWRmYjFl
YWYyODMwHhcNMjMwNzE0MDk0NzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQwMTgxYjIxODk5NWE5ZGY4OTZiOWRjODY5NDVlZjc1ZTk3M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/Z4RInarQ22qXty7Njw9l4qfsiJ
bjVqD3Z7PfHYA70ilewKDSyVQ6yxH9tGgx44yWepVJRt8ANBEPjpVvXSeDcQX0hK
Hj4wlBmE0hFT5r/Rq4HRqBvvkQlTkikNwPgouCYEksoMrhXURf1VvjVRKrz1amez
p4Heyb4D9aDHK1k2jTM2MIbzshMF5uIPX6FWy1BkGmkeoCFbwA0ht1+ryBx+HHC8
yrOBce63X48M3mjy0Fqxj/rRV7CsXr+dW8TrEu/zqpzj+02yOz6AoimDLI6p3I0p
GhqJS//9AQu6KFNnzz6Yi3v4ya7adojXz7+9+SztO9KISCS8HKMTzrvJKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZAGBshiZWp34lrnchpRe916XPpMB8GA1UdIwQY
MBaAFBY7y9m8k4Saf/33KUwt6d+x6vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmp2TDJieVRoSnBfX2ZjcFRDM3AzN0hxOG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81NmM3ODItNmU5ZS00ZmM4LWJiOTkt
ZjY0MGFkM2I4Y2Y0LzEvMWtBWUd5R0psYW5maVd1ZHlHbEY3M1hwYy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81NmM3ODItNmU5ZS00ZmM4LWJiOTktZjY0MGFkM2I4Y2Y0
LzEvRmp2TDJieVRoSnBfX2ZjcFRDM3AzN0hxOG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwTpIMA0G
CSqGSIb3DQEBCwUAA4IBAQAF/Io1AWngizoq3ZXICceMwBbNSADT9HYstfZPWPz7
RGldm0EtgOqrsGug+haAUI1vi4sffkuXltBmIFoVGeIYNdByGie2hK/diGXyhfVn
T4xUd9/u0eBKXpktjNnT3Pdg/1E1haYbH/O3JWuqeC66rInt262afZaocUv0vSJn
doC7OaQPlcNa+IOUP7i6kbgWYNNVZ4YxWlsLp1MuOVnfcWyu8FCUYhqxMdU9pT/g
rIStCIOEco54BlClmLivyFhLWnKPq+dJ9JZop23Cge+wBqh+xp4l+Ba4Cal4aNcZ
fipmIJ/YSBOgzUVjdow4mCaVoo8qicTqqzz9b/sAvXDr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:01 2024 by rpki-client on console-ams.rpki-client.org