Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/0QBviaQS9FxnMS5iwDMFIm52z1k.roa
File: 0QBviaQS9FxnMS5iwDMFIm52z1k.roa (raw, json)
Hash identifier: xuTTMG3eW1elE7a5znqBmaUA6c+li6OCrZagBK8//Tk=
Subject key identifier: D1:00:6F:89:A4:12:F4:5C:67:31:2E:62:C0:33:05:22:6E:76:CF:59
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 018CC492312C2A26FB720C1D8060FE099506
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/0QBviaQS9FxnMS5iwDMFIm52z1k.roa
Signing time: Mon 01 Jan 2024 10:29:24 +0000
ROA not before: Mon 01 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35163
IP address blocks: 193.17.124.0/22 maxlen: 22
193.17.123.0/24 maxlen: 24
193.17.120.0/21 maxlen: 22
193.17.96.0/21 maxlen: 24
193.17.104.0/21 maxlen: 24
193.17.112.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 21:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:31:2c:2a:26:fb:72:0c:1d:80:60:fe:09:95:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jan 1 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1006f89a412f45c67312e62c03305226e76cf59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:38:30:70:36:fc:44:18:cd:a9:72:05:82:2f:
60:ff:41:14:fe:02:22:65:28:8a:de:43:6b:00:4b:
9f:85:5a:0c:39:67:b9:a2:e7:20:3c:f7:73:6c:b2:
25:6d:86:e3:75:38:7b:7a:2d:72:ec:2f:43:5a:e9:
b9:db:5d:f9:ab:a8:de:c4:e5:e0:f4:34:c2:e6:b0:
06:bc:dd:7d:fc:0c:b8:6a:aa:96:b3:bd:96:04:88:
12:e1:22:a5:41:de:79:18:16:ac:54:0c:ef:29:cd:
e5:37:63:95:82:3a:66:28:56:8f:df:2a:aa:ff:1d:
48:68:ab:1a:d5:b8:c0:db:b3:2e:3a:c5:5d:47:2b:
78:72:3a:75:97:14:c4:eb:76:f3:b4:9c:a9:1d:3b:
ac:e6:71:ab:a0:53:dd:62:08:fd:6c:73:55:c6:65:
05:18:4b:3b:f0:ae:d8:cf:ca:71:e8:70:e7:54:68:
93:ad:2b:1f:88:63:82:7f:8b:ac:e7:b5:3c:43:47:
a4:ca:42:8f:d3:a4:3a:fd:44:5d:05:2e:01:59:e9:
71:5d:a8:db:10:79:c5:dc:ef:81:a9:84:ed:f7:d7:
2b:ae:18:42:a0:62:70:de:b5:1a:eb:46:1b:40:0a:
2b:37:01:5b:9e:a7:c4:72:59:3c:41:e0:93:d9:ea:
7e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:00:6F:89:A4:12:F4:5C:67:31:2E:62:C0:33:05:22:6E:76:CF:59
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/0QBviaQS9FxnMS5iwDMFIm52z1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0/19
Signature Algorithm: sha256WithRSAEncryption
11:f6:ff:bf:af:75:b3:7a:a5:7a:d2:4b:03:84:f6:a0:a3:96:
29:10:40:ac:71:c4:5a:08:60:cf:d9:45:7c:ce:2b:97:6e:31:
61:53:6c:9a:1e:9e:63:ec:a6:e5:9d:c5:ce:33:c4:fd:48:8e:
50:e1:26:ec:90:0a:70:35:74:35:16:f7:f0:0d:b3:25:9e:4c:
c6:3e:7a:3e:50:99:10:2f:4b:88:dc:54:5d:58:48:e8:6e:f2:
fc:38:1e:20:e6:9d:b0:31:22:5e:80:91:4c:25:b5:4f:ae:35:
7b:92:f3:de:7b:f7:35:10:c3:dd:00:a0:31:45:c9:93:fa:13:
07:cb:64:7a:c6:f4:99:d9:99:3d:72:0b:77:0c:9a:64:7b:a6:
4f:aa:79:fa:ce:ad:16:5e:89:93:1a:e0:9d:9a:72:9c:92:91:
02:8e:c0:d5:06:0f:ce:f4:bf:f9:72:94:71:0d:9f:82:1c:9c:
10:66:4d:ea:63:69:1a:8a:cf:5a:10:16:8e:59:d5:11:fa:f0:
bc:89:46:de:00:df:e9:29:6e:0c:72:ef:fd:70:b7:6a:92:4f:
d4:13:52:b1:bd:3b:03:22:e1:91:25:5a:9b:d7:c7:b8:4c:56:
98:67:6b:ce:1f:f2:f6:78:c2:11:06:67:29:21:6c:43:44:39:
dd:d3:fa:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkjEsKib7cgwdgGD+CZUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjQwMTAxMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTAwNmY4OWE0MTJmNDVjNjczMTJlNjJjMDMzMDUyMjZlNzZjZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTgwcDb8RBjNqXIFgi9g/0EU/gIi
ZSiK3kNrAEufhVoMOWe5oucgPPdzbLIlbYbjdTh7ei1y7C9DWum52135q6jexOXg
9DTC5rAGvN19/Ay4aqqWs72WBIgS4SKlQd55GBasVAzvKc3lN2OVgjpmKFaP3yqq
/x1IaKsa1bjA27MuOsVdRyt4cjp1lxTE63bztJypHTus5nGroFPdYgj9bHNVxmUF
GEs78K7Yz8px6HDnVGiTrSsfiGOCf4us57U8Q0ekykKP06Q6/URdBS4BWelxXajb
EHnF3O+BqYTt99crrhhCoGJw3rUa60YbQAorNwFbnqfEclk8QeCT2ep++QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEAb4mkEvRcZzEuYsAzBSJuds9ZMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvMFFCdmlhUVM5RnhuTVM1aXdETUZJbTUyejFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwRFgMA0G
CSqGSIb3DQEBCwUAA4IBAQAR9v+/r3WzeqV60ksDhPago5YpEECsccRaCGDP2UV8
ziuXbjFhU2yaHp5j7KblncXOM8T9SI5Q4SbskApwNXQ1FvfwDbMlnkzGPno+UJkQ
L0uI3FRdWEjobvL8OB4g5p2wMSJegJFMJbVPrjV7kvPee/c1EMPdAKAxRcmT+hMH
y2R6xvSZ2Zk9cgt3DJpke6ZPqnn6zq0WXomTGuCdmnKckpECjsDVBg/O9L/5cpRx
DZ+CHJwQZk3qY2kais9aEBaOWdUR+vC8iUbeAN/pKW4Mcu/9cLdqkk/UE1KxvTsD
IuGRJVqb18e4TFaYZ2vOH/L2eMIRBmcpIWxDRDnd0/pk
-----END CERTIFICATE-----
Generated at Mon Jul 29 22:50:40 2024 by rpki-client on console-fra.rpki-client.org