Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/Iq1vmPw_RQIuMct4RHVUVWJjrZc.roa
File: Iq1vmPw_RQIuMct4RHVUVWJjrZc.roa (raw, json)
Hash identifier: dqe7k5cMON2v3NYoF+5tMym9VjMzBlTdWhGF5/B08cM=
Subject key identifier: 22:AD:6F:98:FC:3F:45:02:2E:31:CB:78:44:75:54:55:62:63:AD:97
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 018572557D599447FDD8EFBD6A4B0B29956F
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/Iq1vmPw_RQIuMct4RHVUVWJjrZc.roa
Signing time: Mon 02 Jan 2023 11:54:43 +0000
ROA not before: Mon 02 Jan 2023 11:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35163
IP address blocks: 193.17.124.0/22 maxlen: 22
193.17.120.0/21 maxlen: 22
193.17.96.0/21 maxlen: 24
193.17.104.0/21 maxlen: 24
193.17.112.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Aug 2023 18:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:7d:59:94:47:fd:d8:ef:bd:6a:4b:0b:29:95:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jan 2 11:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22ad6f98fc3f45022e31cb78447554556263ad97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fa:72:54:1e:02:70:5b:47:72:d9:e8:71:54:
2f:ac:3d:be:7d:2e:35:b8:4b:8c:86:f2:0a:bf:ab:
5d:1d:80:c2:6f:cd:a6:49:90:83:59:6b:46:9a:10:
ef:cc:77:69:da:e7:f0:c9:45:27:9c:05:45:08:0d:
85:e1:02:22:4b:bc:4c:03:3d:39:24:1b:b3:72:f2:
59:2f:75:20:a7:c4:2e:35:22:96:02:33:dc:de:2d:
b6:32:e5:4c:62:8d:9f:50:be:d1:38:51:3f:8f:82:
c3:d0:e3:fc:c3:b7:14:c1:23:47:e3:82:60:92:c8:
e7:ef:c9:47:43:18:0a:30:53:26:44:b5:f3:b9:7e:
3c:1c:ee:aa:da:ef:29:2f:b3:78:8b:37:5f:2e:da:
a7:cd:3b:9a:9a:f0:78:db:6b:b9:90:50:4b:15:f9:
c6:2b:40:21:b3:58:69:bf:44:51:35:fa:46:06:fc:
be:25:b9:e2:2b:ef:04:ff:5d:0b:0a:50:29:d0:23:
7f:70:a6:64:1f:f5:f8:56:cc:ed:a6:c9:98:32:48:
48:88:79:20:27:d5:a8:4d:12:6f:5d:b3:b9:94:47:
18:ee:bd:ec:ee:c4:b7:3b:1e:10:70:3c:28:5f:9c:
8e:bf:c0:bb:1e:de:97:98:f1:ac:79:46:36:da:a1:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AD:6F:98:FC:3F:45:02:2E:31:CB:78:44:75:54:55:62:63:AD:97
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/Iq1vmPw_RQIuMct4RHVUVWJjrZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:45:36:f3:c3:42:56:ec:dd:ca:dc:f7:55:43:1f:ed:a1:a2:
d4:e7:ab:cc:75:69:db:b1:dd:16:36:e1:1c:7c:9c:73:57:dc:
d6:92:b7:99:09:50:bc:4e:bd:37:d1:f4:74:39:46:fe:28:2f:
1c:12:8e:d0:cf:a8:9b:52:72:e8:29:c7:a2:19:b8:97:82:79:
74:80:21:e4:09:ca:b3:af:b2:35:c6:17:90:9c:d6:cf:7c:63:
58:13:4a:b6:c1:28:1c:33:e1:d1:5e:b9:33:94:bf:16:d7:59:
c4:3c:4b:d9:e1:68:13:e9:43:0a:0f:6a:e5:73:23:6e:c1:f6:
5f:34:30:81:d4:50:4d:8a:af:73:75:14:ae:db:13:5f:17:6a:
23:d9:ee:17:a9:f8:8d:79:bc:cb:17:3a:f7:c3:b6:e9:94:15:
6f:98:89:29:48:77:0b:eb:3c:ea:15:63:ed:fe:13:93:72:8b:
c0:20:3b:5b:d9:f1:b8:56:31:21:3d:2c:0e:4a:f0:bc:31:c2:
58:3e:d6:bf:19:5e:37:3a:66:8d:d2:31:db:38:ea:81:ff:fc:
57:ea:74:4c:47:61:ef:72:c6:b9:e9:a8:38:ae:6a:00:2e:3d:
22:08:a3:cb:21:ec:ef:66:67:c4:ec:00:e3:a6:21:14:1c:85:
6b:03:9b:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVX1ZlEf92O+9aksLKZVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjMwMTAyMTE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFkNmY5OGZjM2Y0NTAyMmUzMWNiNzg0NDc1NTQ1NTYyNjNhZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvpyVB4CcFtHctnocVQvrD2+fS41
uEuMhvIKv6tdHYDCb82mSZCDWWtGmhDvzHdp2ufwyUUnnAVFCA2F4QIiS7xMAz05
JBuzcvJZL3Ugp8QuNSKWAjPc3i22MuVMYo2fUL7ROFE/j4LD0OP8w7cUwSNH44Jg
ksjn78lHQxgKMFMmRLXzuX48HO6q2u8pL7N4izdfLtqnzTuamvB422u5kFBLFfnG
K0Ahs1hpv0RRNfpGBvy+JbniK+8E/10LClAp0CN/cKZkH/X4VsztpsmYMkhIiHkg
J9WoTRJvXbO5lEcY7r3s7sS3Ox4QcDwoX5yOv8C7Ht6XmPGseUY22qEMIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKtb5j8P0UCLjHLeER1VFViY62XMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvSXExdm1Qd19SUUl1TWN0NFJIVlVWV0pqclpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwRFgMA0G
CSqGSIb3DQEBCwUAA4IBAQBcRTbzw0JW7N3K3PdVQx/toaLU56vMdWnbsd0WNuEc
fJxzV9zWkreZCVC8Tr030fR0OUb+KC8cEo7Qz6ibUnLoKceiGbiXgnl0gCHkCcqz
r7I1xheQnNbPfGNYE0q2wSgcM+HRXrkzlL8W11nEPEvZ4WgT6UMKD2rlcyNuwfZf
NDCB1FBNiq9zdRSu2xNfF2oj2e4XqfiNebzLFzr3w7bplBVvmIkpSHcL6zzqFWPt
/hOTcovAIDtb2fG4VjEhPSwOSvC8McJYPta/GV43OmaN0jHbOOqB//xX6nRMR2Hv
csa56ag4rmoALj0iCKPLIezvZmfE7ADjpiEUHIVrA5uC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:16 2024 by rpki-client on console-fra.rpki-client.org