Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/evQBk7fOKT1dvRSQBmmxW9fU5dQ.roa
File: evQBk7fOKT1dvRSQBmmxW9fU5dQ.roa (raw, json)
Hash identifier: QFTEfjPTAXLtdGWsUvy/uuIvlkbBRWCf8LICMnipSwU=
Subject key identifier: 7A:F4:01:93:B7:CE:29:3D:5D:BD:14:90:06:69:B1:5B:D7:D4:E5:D4
Certificate issuer: /CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Certificate serial: 0185A15560CFE28C90C901961CE53981173E
Authority key identifier: 06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/evQBk7fOKT1dvRSQBmmxW9fU5dQ.roa
Signing time: Wed 11 Jan 2023 14:56:45 +0000
ROA not before: Wed 11 Jan 2023 14:56:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209830
IP address blocks: 193.135.120.0/22 maxlen: 22
193.141.24.0/24 maxlen: 24
193.141.23.0/24 maxlen: 24
2a09:fb00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:55:60:cf:e2:8c:90:c9:01:96:1c:e5:39:81:17:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Validity
Not Before: Jan 11 14:56:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7af40193b7ce293d5dbd14900669b15bd7d4e5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:49:af:12:08:2d:02:96:78:6f:b3:ab:04:e8:
12:18:de:20:d6:01:6b:ad:69:1c:ca:c3:2c:a9:ea:
51:ac:ae:9e:43:24:d9:30:fb:74:a0:34:f6:82:37:
2b:9a:15:33:85:19:d1:54:92:c9:6c:5a:d3:0e:1a:
63:56:22:84:be:e2:3c:f0:e2:10:f7:a8:0c:66:77:
ce:fc:60:76:6f:a9:e2:0f:39:1d:6d:fb:c9:a9:2c:
36:58:82:f2:76:d4:ac:16:fa:da:15:2c:9c:2e:fe:
e2:a9:49:de:91:1f:f3:a5:82:6e:c6:25:f9:73:74:
3e:e9:ca:fa:08:21:8b:1d:1f:12:5a:05:d2:2d:e0:
00:df:65:7e:be:53:91:ba:74:8a:d7:28:10:37:16:
f1:0c:07:19:b2:20:d3:81:d4:57:39:89:b7:40:89:
a6:8d:11:ee:79:5d:40:a7:2f:a1:c8:a3:b3:d2:62:
c0:49:7b:8b:98:2c:92:37:20:31:f8:99:24:96:b9:
01:e8:2f:54:1c:22:3d:7b:81:65:30:df:47:10:7e:
a0:77:80:59:8e:0b:e2:77:de:b4:fe:ce:b4:d5:93:
fd:42:98:04:d1:ae:08:8d:a2:d9:6e:f2:a5:20:9f:
3c:db:92:98:2f:e4:ee:01:61:36:cc:89:91:1b:b0:
b9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F4:01:93:B7:CE:29:3D:5D:BD:14:90:06:69:B1:5B:D7:D4:E5:D4
X509v3 Authority Key Identifier:
keyid:06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/evQBk7fOKT1dvRSQBmmxW9fU5dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.120.0/22
193.141.23.0-193.141.24.255
IPv6:
2a09:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
aa:ac:d3:0d:4c:1f:a3:ce:df:0a:cf:00:82:d6:41:d5:a5:cc:
05:f6:17:4d:66:13:f6:d4:a1:27:09:1a:d3:55:58:32:f1:ea:
02:6e:66:b1:c5:b9:be:18:70:65:cb:80:23:7c:81:92:07:98:
00:22:9c:35:3a:45:4d:77:b1:eb:06:2e:b4:88:54:02:0d:8e:
eb:f8:a5:eb:73:fc:92:f0:e8:7b:27:2f:42:e4:6e:26:28:00:
d7:57:c8:ed:83:61:41:88:7b:b4:e8:5a:06:42:5d:be:cf:7c:
03:82:24:13:f6:0b:e4:0e:ac:48:fa:3f:80:ea:79:2d:4a:4a:
9d:59:39:43:1b:80:24:7a:b3:a7:71:0f:30:ff:4a:f8:14:31:
55:00:7f:7e:3f:b8:0c:b5:96:cf:80:75:cb:6c:3b:a3:64:08:
24:38:8f:ca:ae:35:bc:0d:9e:44:1d:d3:35:68:73:86:c8:f3:
3b:89:23:4f:da:2f:88:4e:6e:50:07:fb:8d:3d:06:36:32:0d:
ad:ca:96:54:73:76:eb:bd:2b:66:21:d9:ca:c2:56:32:24:1e:
a0:c3:a2:c1:19:6f:a0:cc:7e:5f:25:8a:11:17:6e:39:fe:11:
67:92:f4:9a:a3:5a:69:40:3f:f9:bf:de:27:6c:ff:70:9d:10:
de:b2:f5:2b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYWhVWDP4oyQyQGWHOU5gRc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGRjZDBlZTcwMTRlZmIyZTNiNTU0ZmJiNzA2Mzg0ZWYx
MWQwNTEwHhcNMjMwMTExMTQ1NjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWY0MDE5M2I3Y2UyOTNkNWRiZDE0OTAwNjY5YjE1YmQ3ZDRlNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEmvEggtApZ4b7OrBOgSGN4g1gFr
rWkcysMsqepRrK6eQyTZMPt0oDT2gjcrmhUzhRnRVJLJbFrTDhpjViKEvuI88OIQ
96gMZnfO/GB2b6niDzkdbfvJqSw2WILydtSsFvraFSycLv7iqUnekR/zpYJuxiX5
c3Q+6cr6CCGLHR8SWgXSLeAA32V+vlORunSK1ygQNxbxDAcZsiDTgdRXOYm3QImm
jRHueV1Apy+hyKOz0mLASXuLmCySNyAx+JkklrkB6C9UHCI9e4FlMN9HEH6gd4BZ
jgvid960/s601ZP9QpgE0a4IjaLZbvKlIJ8825KYL+TuAWE2zImRG7C5hwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHr0AZO3zik9Xb0UkAZpsVvX1OXUMB8GA1UdIwQY
MBaAFAZNzQ7nAU77LjtVT7twY4TvEdBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTkt
ZmI0NzQwZmRhMjUwLzEvZXZRQms3Zk9LVDFkdlJTUUJtbXhXOWZVNWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTktZmI0NzQwZmRhMjUw
LzEvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCwYd4MAwD
BADBjRcDBADBjRgwDQQCAAIwBwMFAyoJ+wAwDQYJKoZIhvcNAQELBQADggEBAKqs
0w1MH6PO3wrPAILWQdWlzAX2F01mE/bUoScJGtNVWDLx6gJuZrHFub4YcGXLgCN8
gZIHmAAinDU6RU13sesGLrSIVAINjuv4petz/JLw6HsnL0LkbiYoANdXyO2DYUGI
e7ToWgZCXb7PfAOCJBP2C+QOrEj6P4DqeS1KSp1ZOUMbgCR6s6dxDzD/SvgUMVUA
f34/uAy1ls+AdctsO6NkCCQ4j8quNbwNnkQd0zVoc4bI8zuJI0/aL4hOblAH+409
BjYyDa3KllRzduu9K2Yh2crCVjIkHqDDosEZb6DMfl8lihEXbjn+EWeS9JqjWmlA
P/m/3ids/3CdEN6y9Ss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:26 2024 by rpki-client on console-ams.rpki-client.org