Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1iDockTMzDEk8wKtBNm3jqpjbi4.roa
File: 1iDockTMzDEk8wKtBNm3jqpjbi4.roa (raw, json)
Hash identifier: 9N2crDf1zVRczevBt72U2kggt2ng51clelxKOc9RXZo=
Subject key identifier: D6:20:E8:72:44:CC:CC:31:24:F3:02:AD:04:D9:B7:8E:AA:63:6E:2E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188F71C25F405107E014ED6D1FEDA0B1D2C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1iDockTMzDEk8wKtBNm3jqpjbi4.roa
Signing time: Mon 26 Jun 2023 09:49:57 +0000
ROA not before: Mon 26 Jun 2023 09:49:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.163.85.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:1c:25:f4:05:10:7e:01:4e:d6:d1:fe:da:0b:1d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 26 09:49:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d620e87244cccc3124f302ad04d9b78eaa636e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:e8:30:5b:20:30:b5:a7:f4:5e:2f:f5:40:
e7:b9:79:3e:ec:25:c8:61:d9:fd:1f:3e:dd:0b:07:
b3:a3:59:9f:79:58:52:88:2c:57:f9:9c:20:f9:e9:
77:71:73:56:57:49:68:bc:d1:51:1b:b7:ac:01:c7:
df:29:43:f9:07:cb:e5:7f:56:8f:1f:ef:57:15:a3:
25:a2:e2:c7:71:90:bd:d5:16:d2:1d:dc:0b:18:99:
55:85:b8:0e:ca:8a:65:2a:74:8d:5c:50:37:d6:dd:
b3:5d:7a:90:4a:f5:b2:79:8c:74:e6:a9:cc:6c:b9:
0f:af:bb:ae:42:02:64:a9:3b:26:54:a9:08:fd:7e:
92:0b:bf:7a:75:ac:63:b7:7c:c9:4c:0f:02:60:92:
45:1b:7c:09:be:a6:fa:04:70:08:6a:8b:88:60:ac:
4a:b8:85:8f:de:26:cf:f3:f0:65:64:79:45:44:15:
33:8f:ae:6e:72:5f:b6:b8:b5:c0:2f:9f:7b:39:8b:
ae:6c:dc:08:ba:4f:85:20:e5:85:e6:f8:60:58:ad:
f2:e8:77:f0:03:6e:41:48:77:4f:bf:7e:df:6d:b4:
66:2c:fc:a9:02:86:75:76:b2:68:d1:f1:c1:d7:45:
18:ac:71:84:c4:d0:a0:6c:a0:d6:48:3f:65:b1:c5:
80:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:20:E8:72:44:CC:CC:31:24:F3:02:AD:04:D9:B7:8E:AA:63:6E:2E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1iDockTMzDEk8wKtBNm3jqpjbi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.85.0/24
Signature Algorithm: sha256WithRSAEncryption
03:0a:99:df:42:2c:7a:d1:41:80:61:16:54:9a:bd:dc:3f:c2:
4a:0b:c1:dd:8b:9c:4c:d6:9c:d3:c0:d5:5d:20:b7:e8:3f:a5:
50:61:48:bd:fe:49:8f:7d:c5:c9:f5:d0:35:44:1b:6b:ff:cf:
a9:f2:55:66:83:68:e2:81:7a:4d:db:97:b8:df:9f:5f:14:53:
5e:08:9b:7c:e3:e2:00:13:d3:e2:b8:7d:c9:58:f7:0a:e8:ac:
8b:39:06:ee:46:ae:00:9c:ed:39:bd:1a:82:c6:97:18:71:ea:
10:25:09:e9:a9:98:b9:a8:e0:8e:ff:f4:01:ed:ae:8f:bc:71:
d0:99:ae:ec:da:75:03:9b:2e:a0:cb:83:26:44:36:ad:19:96:
25:f0:c2:9a:cb:f7:fd:a9:2c:50:1d:45:00:90:e9:0d:1c:8c:
26:1e:1a:38:17:6e:04:a1:8e:38:9f:88:03:9a:51:ea:81:03:
48:23:49:39:0e:60:fb:7e:8e:41:ad:b7:3c:2a:8c:fb:d7:0c:
96:7a:ec:35:e7:da:d1:9f:c6:65:ad:24:de:33:05:8c:24:d4:
ec:c5:b7:8e:87:18:95:55:a5:be:cf:f1:b7:95:1a:43:48:8b:
dd:fe:b4:3e:36:40:a5:03:e0:48:f6:e8:bd:58:5b:6c:95:f7:
9b:93:26:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYj3HCX0BRB+AU7W0f7aCx0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjI2MDk0OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjIwZTg3MjQ0Y2NjYzMxMjRmMzAyYWQwNGQ5Yjc4ZWFhNjM2ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusroMFsgMLWn9F4v9UDnuXk+7CXI
Ydn9Hz7dCwezo1mfeVhSiCxX+Zwg+el3cXNWV0lovNFRG7esAcffKUP5B8vlf1aP
H+9XFaMlouLHcZC91RbSHdwLGJlVhbgOyoplKnSNXFA31t2zXXqQSvWyeYx05qnM
bLkPr7uuQgJkqTsmVKkI/X6SC796daxjt3zJTA8CYJJFG3wJvqb6BHAIaouIYKxK
uIWP3ibP8/BlZHlFRBUzj65ucl+2uLXAL597OYuubNwIuk+FIOWF5vhgWK3y6Hfw
A25BSHdPv37fbbRmLPypAoZ1drJo0fHB10UYrHGExNCgbKDWSD9lscWAiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYg6HJEzMwxJPMCrQTZt46qY24uMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMWlEb2NrVE16REVrOHdLdEJObTNqcXBqYmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaNVMA0G
CSqGSIb3DQEBCwUAA4IBAQADCpnfQix60UGAYRZUmr3cP8JKC8Hdi5xM1pzTwNVd
ILfoP6VQYUi9/kmPfcXJ9dA1RBtr/8+p8lVmg2jigXpN25e4359fFFNeCJt84+IA
E9PiuH3JWPcK6KyLOQbuRq4AnO05vRqCxpcYceoQJQnpqZi5qOCO//QB7a6PvHHQ
ma7s2nUDmy6gy4MmRDatGZYl8MKay/f9qSxQHUUAkOkNHIwmHho4F24EoY44n4gD
mlHqgQNII0k5DmD7fo5Brbc8Koz71wyWeuw159rRn8ZlrSTeMwWMJNTsxbeOhxiV
VaW+z/G3lRpDSIvd/rQ+NkClA+BI9ui9WFtslfebkyY6
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:48 2024 by rpki-client on console-ams.rpki-client.org