Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/aKGwlbVCxcPCeA-eZYRo25Q0dSw.roa
File: aKGwlbVCxcPCeA-eZYRo25Q0dSw.roa (raw, json)
Hash identifier: ISljxaaj0oKMh8Og0z4w98qMnGRhJ1RbargKlxtCctU=
Subject key identifier: 68:A1:B0:95:B5:42:C5:C3:C2:78:0F:9E:65:84:68:DB:94:34:75:2C
Certificate issuer: /CN=1a4d0923ec10667760ad882e6af9a15699c05ef8
Certificate serial: 01856F66CA83EE609D6C8ECF2E2596DD5B14
Authority key identifier: 1A:4D:09:23:EC:10:66:77:60:AD:88:2E:6A:F9:A1:56:99:C0:5E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/aKGwlbVCxcPCeA-eZYRo25Q0dSw.roa
Signing time: Sun 01 Jan 2023 22:14:45 +0000
ROA not before: Sun 01 Jan 2023 22:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41737
IP address blocks: 193.110.144.0/24 maxlen: 24
193.110.168.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:ca:83:ee:60:9d:6c:8e:cf:2e:25:96:dd:5b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4d0923ec10667760ad882e6af9a15699c05ef8
Validity
Not Before: Jan 1 22:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68a1b095b542c5c3c2780f9e658468db9434752c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d4:dc:ea:02:f0:28:42:c5:53:17:69:39:22:
c1:26:44:6d:9c:e7:65:73:db:31:b1:2c:c9:28:12:
7c:44:c7:c3:d3:47:53:39:cc:d1:81:35:58:9b:85:
20:d9:44:71:6e:94:ae:63:d2:cb:b5:ad:d2:41:5d:
a2:05:32:98:cd:48:b2:49:89:32:9c:43:5e:1a:e6:
18:9e:b0:1f:8c:b9:03:9a:0e:4c:ce:e0:b5:c7:50:
b9:bf:98:af:f2:a8:e2:22:6f:8a:f9:da:9b:61:2c:
b7:27:d1:25:b9:e7:10:75:e9:21:b0:a0:23:bb:32:
59:d4:f4:a3:68:b1:ae:e8:86:b7:20:73:fd:25:31:
c3:f0:82:5d:72:48:55:2f:b2:c0:f5:ea:92:d4:1e:
bf:c1:0d:cd:94:0e:44:b7:f6:a1:79:9c:07:b4:8f:
c8:a5:d3:41:ee:51:87:aa:8a:60:24:7a:ff:76:09:
8c:20:a8:4f:2e:1f:5c:cf:71:ab:fc:5e:7e:c1:7a:
e7:11:ec:96:c1:99:2d:df:5f:11:3c:57:92:e3:f0:
61:52:2a:da:d9:2c:75:52:39:42:ca:f9:74:68:b1:
c7:0d:28:6d:ac:bd:eb:ae:45:38:f2:e3:ae:77:4f:
7d:b8:ba:61:6c:8a:bc:9b:7b:71:0b:ee:92:d8:b5:
48:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A1:B0:95:B5:42:C5:C3:C2:78:0F:9E:65:84:68:DB:94:34:75:2C
X509v3 Authority Key Identifier:
keyid:1A:4D:09:23:EC:10:66:77:60:AD:88:2E:6A:F9:A1:56:99:C0:5E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/aKGwlbVCxcPCeA-eZYRo25Q0dSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.144.0/24
193.110.168.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:1d:d5:12:24:39:a9:e4:15:32:a5:15:07:e3:3d:88:ea:d5:
c7:5b:25:14:ca:7e:55:1e:7b:3a:f1:2d:f8:16:83:54:5a:93:
75:8a:c0:24:ad:f8:00:b4:b0:c4:27:b5:c5:b7:d0:db:7d:1c:
f2:74:ed:de:3b:d5:f6:0c:e7:8d:ae:8a:b9:5b:62:7c:19:ec:
17:93:2a:41:73:a7:73:1a:60:dd:f9:f6:8e:e0:90:8c:bd:55:
eb:63:f4:40:e2:8e:24:44:50:e7:30:be:e5:d7:2b:4a:16:08:
fc:b1:e9:46:2d:2e:08:12:e6:4a:0a:2d:ad:fb:66:0c:70:c6:
af:17:f8:66:ee:4d:1a:65:22:b0:4d:eb:6d:b0:08:a9:d6:1e:
c9:e6:d3:11:c8:af:20:79:d7:35:98:8c:c7:07:9b:5c:b8:ab:
ac:0e:91:b0:51:a0:b4:17:5d:01:31:4f:ab:76:9a:b5:91:62:
4b:cc:24:c6:4c:87:75:37:f2:bb:57:52:92:f4:2a:b4:81:44:
94:e9:df:6f:e5:39:a0:b6:3f:2e:f5:08:a0:20:24:a7:6c:d7:
da:e1:f0:57:f7:33:ca:15:6d:81:a7:21:ae:51:68:02:34:6e:
4f:5c:63:0b:00:bb:01:74:96:f2:a0:8c:76:93:71:d7:ea:23:
91:f0:53:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZsqD7mCdbI7PLiWW3VsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGQwOTIzZWMxMDY2Nzc2MGFkODgyZTZhZjlhMTU2OTlj
MDVlZjgwHhcNMjMwMTAxMjIxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGExYjA5NWI1NDJjNWMzYzI3ODBmOWU2NTg0NjhkYjk0MzQ3NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdTc6gLwKELFUxdpOSLBJkRtnOdl
c9sxsSzJKBJ8RMfD00dTOczRgTVYm4Ug2URxbpSuY9LLta3SQV2iBTKYzUiySYky
nENeGuYYnrAfjLkDmg5MzuC1x1C5v5iv8qjiIm+K+dqbYSy3J9EluecQdekhsKAj
uzJZ1PSjaLGu6Ia3IHP9JTHD8IJdckhVL7LA9eqS1B6/wQ3NlA5Et/aheZwHtI/I
pdNB7lGHqopgJHr/dgmMIKhPLh9cz3Gr/F5+wXrnEeyWwZkt318RPFeS4/BhUira
2Sx1UjlCyvl0aLHHDShtrL3rrkU48uOud099uLphbIq8m3txC+6S2LVIaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGihsJW1QsXDwngPnmWEaNuUNHUsMB8GA1UdIwQY
MBaAFBpNCSPsEGZ3YK2ILmr5oVaZwF74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2swSkktd1FabmRncllndWF2bWhWcG5BWHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8zNTY0ZTctMTFkNC00ZDdhLThiY2Mt
YTk1Mzc2OGZkZTJmLzEvYUtHd2xiVkN4Y1BDZUEtZVpZUm8yNVEwZFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8zNTY0ZTctMTFkNC00ZDdhLThiY2MtYTk1Mzc2OGZkZTJm
LzEvR2swSkktd1FabmRncllndWF2bWhWcG5BWHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW6QAwQB
wW6oMA0GCSqGSIb3DQEBCwUAA4IBAQCnHdUSJDmp5BUypRUH4z2I6tXHWyUUyn5V
Hns68S34FoNUWpN1isAkrfgAtLDEJ7XFt9DbfRzydO3eO9X2DOeNroq5W2J8GewX
kypBc6dzGmDd+faO4JCMvVXrY/RA4o4kRFDnML7l1ytKFgj8selGLS4IEuZKCi2t
+2YMcMavF/hm7k0aZSKwTettsAip1h7J5tMRyK8gedc1mIzHB5tcuKusDpGwUaC0
F10BMU+rdpq1kWJLzCTGTId1N/K7V1KS9Cq0gUSU6d9v5Tmgtj8u9QigICSnbNfa
4fBX9zPKFW2BpyGuUWgCNG5PXGMLALsBdJbyoIx2k3HX6iOR8FN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:29 2024 by rpki-client on console-fra.rpki-client.org