Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/42e24c-21f5-441f-b6bc-c23d7adbebdc/1/dlFEcHflqXjMgV1vwHuKQRkc1_4.roa
File: dlFEcHflqXjMgV1vwHuKQRkc1_4.roa (raw, json)
Hash identifier: 4sWoC1kkwGLiKxV3pfmObbdWD6KW71B5AAMAnQyJHPQ=
Subject key identifier: 76:51:44:70:77:E5:A9:78:CC:81:5D:6F:C0:7B:8A:41:19:1C:D7:FE
Certificate issuer: /CN=e74d3e5d994becd3f258c41df39f1f63ec563e1d
Certificate serial: 01856D385817A5B60ED3C3806CAA5BFC7C92
Authority key identifier: E7:4D:3E:5D:99:4B:EC:D3:F2:58:C4:1D:F3:9F:1F:63:EC:56:3E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/500-XZlL7NPyWMQd858fY-xWPh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/42e24c-21f5-441f-b6bc-c23d7adbebdc/1/dlFEcHflqXjMgV1vwHuKQRkc1_4.roa
Signing time: Sun 01 Jan 2023 12:04:47 +0000
ROA not before: Sun 01 Jan 2023 12:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49553
IP address blocks: 130.193.72.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:58:17:a5:b6:0e:d3:c3:80:6c:aa:5b:fc:7c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e74d3e5d994becd3f258c41df39f1f63ec563e1d
Validity
Not Before: Jan 1 12:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7651447077e5a978cc815d6fc07b8a41191cd7fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:26:a1:3b:99:36:eb:5e:24:e2:e2:ce:90:b0:
28:4a:2a:74:aa:3a:e3:93:96:1e:bb:28:1a:bf:5e:
49:87:b5:17:ba:b5:f8:c4:47:97:c7:73:c4:7b:28:
9b:80:37:0a:33:81:1f:0c:dc:f2:34:12:0e:ae:07:
ce:7d:ba:66:c7:03:88:80:ca:ef:81:30:6e:6a:a6:
a5:34:34:cc:5e:6a:67:66:87:52:24:4a:c4:98:e9:
14:f8:5a:5f:65:bc:6e:fc:f4:7b:bd:30:85:8c:8f:
9c:9e:8d:46:34:57:85:81:ad:a1:29:2b:ad:fe:70:
90:6a:67:bd:0b:01:81:bf:74:59:74:a9:32:1a:f5:
83:3c:1e:dd:5a:6e:c0:1f:70:7a:05:00:e9:b6:ab:
9a:6d:4d:2a:98:61:a7:12:e9:09:c0:11:cf:12:7e:
37:2f:49:17:8e:64:c5:88:65:79:b8:e7:e4:be:df:
87:25:ba:42:fe:99:56:1a:7c:3b:22:4d:47:b5:d6:
9b:10:8e:a9:a6:8a:f0:f8:fe:e7:23:69:1c:f0:0f:
06:d5:a5:60:91:a2:1b:de:68:f5:cc:11:1e:2c:8e:
a0:c7:e0:86:b0:51:cb:88:50:ea:ae:cb:5e:e7:8d:
d1:aa:93:42:5d:69:b9:70:2e:81:2d:10:6d:19:93:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:51:44:70:77:E5:A9:78:CC:81:5D:6F:C0:7B:8A:41:19:1C:D7:FE
X509v3 Authority Key Identifier:
keyid:E7:4D:3E:5D:99:4B:EC:D3:F2:58:C4:1D:F3:9F:1F:63:EC:56:3E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/500-XZlL7NPyWMQd858fY-xWPh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/42e24c-21f5-441f-b6bc-c23d7adbebdc/1/dlFEcHflqXjMgV1vwHuKQRkc1_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/42e24c-21f5-441f-b6bc-c23d7adbebdc/1/500-XZlL7NPyWMQd858fY-xWPh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.72.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:d4:7b:47:65:0f:c5:fe:bd:28:5c:0e:fb:98:36:86:93:5c:
02:7a:03:a2:24:9e:27:a1:f6:fd:b3:05:d8:e9:ac:a8:10:da:
24:ae:c8:ec:c2:b4:30:2e:9b:24:05:c9:96:b2:6f:14:05:7c:
36:33:f9:79:cd:b4:90:3f:29:b9:75:a5:4f:a0:01:06:0f:cc:
8d:eb:39:a1:2d:02:61:1f:d6:ba:ff:60:49:d7:b7:6f:44:bb:
6b:4c:63:f8:e0:14:a1:1a:63:b3:d7:3d:b0:3b:c6:85:30:3c:
9f:93:95:c4:ab:c8:6c:46:c7:59:ea:cb:b0:8b:b1:0a:d3:2d:
5d:fd:2b:7d:cd:20:84:72:86:b3:e9:cd:8e:0a:9f:cf:eb:53:
4a:19:1c:95:66:fe:23:ed:31:1a:ff:75:87:ff:d9:e0:de:59:
b6:28:46:af:30:62:bf:8c:2d:b4:71:34:61:24:0c:00:90:18:
9d:05:14:b3:83:9a:c0:56:50:d3:f7:8b:ce:a0:0f:83:cf:d7:
46:ce:1a:29:a2:5c:bc:5e:d7:1a:99:5f:93:41:1a:e2:ee:25:
d2:5c:b2:24:2d:e3:49:3a:12:0e:43:90:83:ca:f1:76:41:8a:
44:df:5b:1a:44:14:84:0e:b3:98:9a:a3:81:0d:20:42:4a:ef:
93:44:3d:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOFgXpbYO08OAbKpb/HySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NGQzZTVkOTk0YmVjZDNmMjU4YzQxZGYzOWYxZjYzZWM1
NjNlMWQwHhcNMjMwMTAxMTIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjUxNDQ3MDc3ZTVhOTc4Y2M4MTVkNmZjMDdiOGE0MTE5MWNkN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyahO5k2614k4uLOkLAoSip0qjrj
k5Yeuygav15Jh7UXurX4xEeXx3PEeyibgDcKM4EfDNzyNBIOrgfOfbpmxwOIgMrv
gTBuaqalNDTMXmpnZodSJErEmOkU+FpfZbxu/PR7vTCFjI+cno1GNFeFga2hKSut
/nCQame9CwGBv3RZdKkyGvWDPB7dWm7AH3B6BQDptquabU0qmGGnEukJwBHPEn43
L0kXjmTFiGV5uOfkvt+HJbpC/plWGnw7Ik1HtdabEI6pporw+P7nI2kc8A8G1aVg
kaIb3mj1zBEeLI6gx+CGsFHLiFDqrste543RqpNCXWm5cC6BLRBtGZNmuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZRRHB35al4zIFdb8B7ikEZHNf+MB8GA1UdIwQY
MBaAFOdNPl2ZS+zT8ljEHfOfH2PsVj4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTAwLVhabEw3TlB5V01RZDg1OGZZLXhXUGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80MmUyNGMtMjFmNS00NDFmLWI2YmMt
YzIzZDdhZGJlYmRjLzEvZGxGRWNIZmxxWGpNZ1YxdndIdUtRUmtjMV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80MmUyNGMtMjFmNS00NDFmLWI2YmMtYzIzZDdhZGJlYmRj
LzEvNTAwLVhabEw3TlB5V01RZDg1OGZZLXhXUGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsFIMA0G
CSqGSIb3DQEBCwUAA4IBAQC/1HtHZQ/F/r0oXA77mDaGk1wCegOiJJ4nofb9swXY
6ayoENokrsjswrQwLpskBcmWsm8UBXw2M/l5zbSQPym5daVPoAEGD8yN6zmhLQJh
H9a6/2BJ17dvRLtrTGP44BShGmOz1z2wO8aFMDyfk5XEq8hsRsdZ6suwi7EK0y1d
/St9zSCEcoaz6c2OCp/P61NKGRyVZv4j7TEa/3WH/9ng3lm2KEavMGK/jC20cTRh
JAwAkBidBRSzg5rAVlDT94vOoA+Dz9dGzhopoly8XtcamV+TQRri7iXSXLIkLeNJ
OhIOQ5CDyvF2QYpE31saRBSEDrOYmqOBDSBCSu+TRD1T
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:18 2024 by rpki-client on console-fra.rpki-client.org