Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/299fe7-9ab7-473a-b62a-ab063938f1ce/1/ON5sgIpMAF0vxcQl7HAI7aB9bko.roa
File: ON5sgIpMAF0vxcQl7HAI7aB9bko.roa (raw, json)
Hash identifier: LCjodCrqk/5RB5E6U++rANwoS0NkWhIeQ4mkNu5/6rI=
Subject key identifier: 38:DE:6C:80:8A:4C:00:5D:2F:C5:C4:25:EC:70:08:ED:A0:7D:6E:4A
Certificate issuer: /CN=cd0cc7fd8898b0f7df4b9df0b99319bcb29ec243
Certificate serial: 018D54DE200A01C07A59343E4AC8E6E942B4
Authority key identifier: CD:0C:C7:FD:88:98:B0:F7:DF:4B:9D:F0:B9:93:19:BC:B2:9E:C2:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQzH_YiYsPffS53wuZMZvLKewkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/299fe7-9ab7-473a-b62a-ab063938f1ce/1/ON5sgIpMAF0vxcQl7HAI7aB9bko.roa
Signing time: Mon 29 Jan 2024 10:57:39 +0000
ROA not before: Mon 29 Jan 2024 10:57:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 193.93.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 29 Jan 2024 16:59:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:de:20:0a:01:c0:7a:59:34:3e:4a:c8:e6:e9:42:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd0cc7fd8898b0f7df4b9df0b99319bcb29ec243
Validity
Not Before: Jan 29 10:57:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38de6c808a4c005d2fc5c425ec7008eda07d6e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d5:77:70:b6:57:f9:b4:e9:2e:81:b7:de:7f:
d8:51:5e:45:80:c5:ee:f7:df:bc:c1:1b:7a:2d:d4:
07:f5:51:1e:c1:b4:4e:ba:1a:0a:f2:9c:d1:67:e6:
10:27:6d:f0:f3:a8:85:8f:f0:b8:7b:49:a9:1a:bf:
e9:6f:9a:7d:d6:41:91:12:cb:fc:96:5c:19:a5:67:
1b:02:ca:a4:b9:80:29:4d:9f:b1:8a:3e:90:26:b8:
65:0f:91:69:1f:1c:17:21:19:cd:26:f4:aa:e0:de:
26:0b:14:ad:55:b3:c3:9c:43:99:51:da:ff:fa:aa:
e0:12:7e:71:59:e5:2d:58:31:a3:cb:80:d1:dc:14:
4c:df:32:3a:9e:79:58:02:0a:5e:9b:cc:fe:fc:49:
8f:f9:70:74:ce:14:e5:85:4b:41:29:e9:e8:b8:0f:
ef:18:ec:59:ed:78:6a:00:5f:36:b0:2a:bd:01:f3:
88:65:b0:8b:53:29:26:d0:a1:66:72:61:a4:28:3e:
43:b4:a3:de:4e:44:26:c7:af:ea:81:f1:48:7e:5c:
0c:cc:9f:f4:b2:1c:ba:fe:3d:ba:3a:aa:de:79:7d:
b5:53:37:aa:e7:a0:af:b1:50:b0:db:08:f7:da:02:
51:f5:d9:24:57:b2:c9:4a:f1:b5:68:6e:b0:04:1c:
07:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DE:6C:80:8A:4C:00:5D:2F:C5:C4:25:EC:70:08:ED:A0:7D:6E:4A
X509v3 Authority Key Identifier:
keyid:CD:0C:C7:FD:88:98:B0:F7:DF:4B:9D:F0:B9:93:19:BC:B2:9E:C2:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQzH_YiYsPffS53wuZMZvLKewkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/299fe7-9ab7-473a-b62a-ab063938f1ce/1/ON5sgIpMAF0vxcQl7HAI7aB9bko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/299fe7-9ab7-473a-b62a-ab063938f1ce/1/zQzH_YiYsPffS53wuZMZvLKewkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.188.0/22
Signature Algorithm: sha256WithRSAEncryption
63:80:57:de:4a:fd:c9:55:5b:35:d5:50:10:41:38:c0:ce:1d:
7d:34:c7:8d:de:5a:88:6f:8e:31:d9:1f:3d:cd:67:7d:f4:2d:
d9:04:60:bb:22:a6:60:04:af:54:e6:66:2e:93:29:85:03:af:
b6:87:9e:72:85:ae:09:52:92:96:40:22:d7:7d:52:36:87:39:
24:1e:c5:a0:5e:7b:d5:bc:03:d0:81:27:b2:d5:7a:cb:d4:2c:
f1:16:05:58:da:45:57:f1:30:fa:67:ff:a5:3d:d6:ae:5e:02:
18:18:52:6d:c6:66:26:f5:a7:e4:07:fe:11:2c:45:f9:27:9f:
2d:40:36:16:f1:0a:31:95:1f:f3:81:b4:ea:b6:e3:3f:5f:2c:
8c:a3:26:e9:fa:16:ed:69:8d:23:d6:68:36:ed:75:13:3a:db:
1c:72:fc:c4:2e:76:ee:4e:af:be:a4:84:b0:0d:ec:7f:df:82:
5f:26:28:50:83:b5:82:ba:91:2f:ba:d2:f6:1c:e8:8c:df:84:
a7:d8:c0:a7:73:6c:a2:16:b2:23:0c:43:a2:46:03:a0:4a:38:
97:62:f9:bd:88:6f:25:f5:b0:f8:39:7a:94:a1:36:ee:3e:c7:
7c:03:00:04:00:c2:99:9b:46:af:44:bd:6c:c5:f9:06:d5:af:
62:fa:17:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1U3iAKAcB6WTQ+Ssjm6UK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMGNjN2ZkODg5OGIwZjdkZjRiOWRmMGI5OTMxOWJjYjI5
ZWMyNDMwHhcNMjQwMTI5MTA1NzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGRlNmM4MDhhNGMwMDVkMmZjNWM0MjVlYzcwMDhlZGEwN2Q2ZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9V3cLZX+bTpLoG33n/YUV5FgMXu
99+8wRt6LdQH9VEewbROuhoK8pzRZ+YQJ23w86iFj/C4e0mpGr/pb5p91kGREsv8
llwZpWcbAsqkuYApTZ+xij6QJrhlD5FpHxwXIRnNJvSq4N4mCxStVbPDnEOZUdr/
+qrgEn5xWeUtWDGjy4DR3BRM3zI6nnlYAgpem8z+/EmP+XB0zhTlhUtBKenouA/v
GOxZ7XhqAF82sCq9AfOIZbCLUykm0KFmcmGkKD5DtKPeTkQmx6/qgfFIflwMzJ/0
shy6/j26OqreeX21Uzeq56CvsVCw2wj32gJR9dkkV7LJSvG1aG6wBBwHxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjebICKTABdL8XEJexwCO2gfW5KMB8GA1UdIwQY
MBaAFM0Mx/2ImLD330ud8LmTGbyynsJDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelF6SF9ZaVlzUGZmUzUzd3VaTVp2TEtld2tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yOTlmZTctOWFiNy00NzNhLWI2MmEt
YWIwNjM5MzhmMWNlLzEvT041c2dJcE1BRjB2eGNRbDdIQUk3YUI5YmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yOTlmZTctOWFiNy00NzNhLWI2MmEtYWIwNjM5MzhmMWNl
LzEvelF6SF9ZaVlzUGZmUzUzd3VaTVp2TEtld2tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwV28MA0G
CSqGSIb3DQEBCwUAA4IBAQBjgFfeSv3JVVs11VAQQTjAzh19NMeN3lqIb44x2R89
zWd99C3ZBGC7IqZgBK9U5mYukymFA6+2h55yha4JUpKWQCLXfVI2hzkkHsWgXnvV
vAPQgSey1XrL1CzxFgVY2kVX8TD6Z/+lPdauXgIYGFJtxmYm9afkB/4RLEX5J58t
QDYW8QoxlR/zgbTqtuM/XyyMoybp+hbtaY0j1mg27XUTOtsccvzELnbuTq++pISw
Dex/34JfJihQg7WCupEvutL2HOiM34Sn2MCnc2yiFrIjDEOiRgOgSjiXYvm9iG8l
9bD4OXqUoTbuPsd8AwAEAMKZm0avRL1sxfkG1a9i+hf0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:21 2024 by rpki-client on console-ams.rpki-client.org