Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/RP0gebLVRG2omORUJdBcDsuEcN0.roa
File: RP0gebLVRG2omORUJdBcDsuEcN0.roa (raw, json)
Hash identifier: l5xTPNZV1DfT+WqYvm72hqccbPSauqPLdMe6jisY1nY=
Subject key identifier: 44:FD:20:79:B2:D5:44:6D:A8:98:E4:54:25:D0:5C:0E:CB:84:70:DD
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 018CC49230CDCEE1CC4AB914CE8F2347496B
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/RP0gebLVRG2omORUJdBcDsuEcN0.roa
Signing time: Mon 01 Jan 2024 10:29:24 +0000
ROA not before: Mon 01 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15442
IP address blocks: 193.17.120.0/21 maxlen: 24
193.17.96.0/21 maxlen: 24
193.17.104.0/21 maxlen: 24
193.17.112.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 21:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:30:cd:ce:e1:cc:4a:b9:14:ce:8f:23:47:49:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jan 1 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44fd2079b2d5446da898e45425d05c0ecb8470dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:44:77:6a:8e:2b:cf:cf:bd:6d:d9:d7:ad:dc:
ef:83:1b:03:d3:5f:b4:23:a8:e9:9d:03:11:d4:5a:
64:a3:6c:e9:da:67:94:ca:d0:a4:10:ee:40:6a:ca:
76:3d:df:ac:dc:0c:8a:88:99:d6:e6:7c:51:b7:d0:
41:87:f3:bf:75:4b:d1:6a:bb:46:89:6c:26:6c:1f:
38:d2:a9:9c:f8:1c:e3:b8:36:80:b9:85:e3:b1:24:
18:dc:24:20:7d:27:f2:7d:b9:eb:ba:91:7c:09:58:
e4:71:b3:8b:9d:78:c2:45:06:22:e5:85:c5:37:1c:
dd:cb:5d:94:75:71:14:80:1f:d6:f6:4e:46:93:9e:
95:f9:ca:46:d0:9d:9f:f2:46:d9:b1:71:fa:19:b7:
9c:aa:58:09:46:d0:ed:60:98:6c:35:5f:10:45:f9:
ca:7e:db:2b:50:c3:8e:ba:33:ba:29:0f:1a:b3:13:
59:87:08:27:e2:bb:18:bd:6e:70:02:99:41:52:a9:
e4:ac:b9:91:59:be:04:8f:da:6b:c7:8d:df:e4:a1:
91:7e:f8:43:cb:f5:af:87:b9:43:e1:6b:de:5f:e6:
74:85:89:79:c1:c1:e0:a6:63:b1:a2:9d:3c:49:66:
2c:81:01:7f:46:48:d1:c8:25:7a:dd:c0:bb:ce:34:
58:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FD:20:79:B2:D5:44:6D:A8:98:E4:54:25:D0:5C:0E:CB:84:70:DD
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/RP0gebLVRG2omORUJdBcDsuEcN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0/19
Signature Algorithm: sha256WithRSAEncryption
84:19:ea:dc:9e:5b:00:54:36:99:83:4c:3a:18:ea:15:39:bb:
69:73:e4:dc:ac:57:2a:31:81:45:6f:64:5d:63:35:d3:d5:49:
a4:34:99:fb:bd:7e:a9:08:49:bc:c6:31:ba:61:eb:b3:77:4c:
c6:f1:af:4c:d0:bf:33:c3:7d:24:6a:35:6f:1e:ad:89:6c:3d:
14:2a:71:13:a3:d3:7a:dd:6e:2e:20:af:57:80:67:96:bb:72:
90:01:58:ff:84:b9:e0:b0:77:dd:75:50:8d:5c:0b:6e:54:14:
14:68:99:b7:be:08:4b:e1:dc:47:67:cf:a7:a9:f0:b2:e1:4b:
82:d9:3c:90:d7:f3:55:a0:09:97:04:cd:65:2c:0f:f2:06:08:
4a:b7:59:4c:32:2a:13:81:1d:97:bf:e9:82:90:da:b4:2b:15:
dd:08:a6:36:93:41:4a:5f:e3:34:f2:14:5c:c6:72:9f:ce:fc:
04:9f:1a:d5:76:cd:30:c8:3d:ca:9b:e8:c9:0a:c1:da:b4:00:
58:4a:85:57:21:aa:40:20:b8:10:e0:a1:b7:d7:23:90:d3:90:
7c:c7:3c:e6:54:5e:4e:4e:dd:7b:32:91:9e:9f:59:08:e8:73:
9d:ab:40:58:2d:4d:94:28:f6:ec:c3:82:4d:1f:6a:b4:f6:24:
2a:95:f5:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkjDNzuHMSrkUzo8jR0lrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjQwMTAxMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGZkMjA3OWIyZDU0NDZkYTg5OGU0NTQyNWQwNWMwZWNiODQ3MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkR3ao4rz8+9bdnXrdzvgxsD01+0
I6jpnQMR1Fpko2zp2meUytCkEO5Aasp2Pd+s3AyKiJnW5nxRt9BBh/O/dUvRartG
iWwmbB840qmc+BzjuDaAuYXjsSQY3CQgfSfyfbnrupF8CVjkcbOLnXjCRQYi5YXF
Nxzdy12UdXEUgB/W9k5Gk56V+cpG0J2f8kbZsXH6GbecqlgJRtDtYJhsNV8QRfnK
ftsrUMOOujO6KQ8asxNZhwgn4rsYvW5wAplBUqnkrLmRWb4Ej9prx43f5KGRfvhD
y/Wvh7lD4WveX+Z0hYl5wcHgpmOxop08SWYsgQF/RkjRyCV63cC7zjRYJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFET9IHmy1URtqJjkVCXQXA7LhHDdMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvUlAwZ2ViTFZSRzJvbU9SVUpkQmNEc3VFY04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwRFgMA0G
CSqGSIb3DQEBCwUAA4IBAQCEGercnlsAVDaZg0w6GOoVObtpc+TcrFcqMYFFb2Rd
YzXT1UmkNJn7vX6pCEm8xjG6Yeuzd0zG8a9M0L8zw30kajVvHq2JbD0UKnETo9N6
3W4uIK9XgGeWu3KQAVj/hLngsHfddVCNXAtuVBQUaJm3vghL4dxHZ8+nqfCy4UuC
2TyQ1/NVoAmXBM1lLA/yBghKt1lMMioTgR2Xv+mCkNq0KxXdCKY2k0FKX+M08hRc
xnKfzvwEnxrVds0wyD3Km+jJCsHatABYSoVXIapAILgQ4KG31yOQ05B8xzzmVF5O
Tt17MpGen1kI6HOdq0BYLU2UKPbsw4JNH2q09iQqlfV3
-----END CERTIFICATE-----
Generated at Mon Jul 29 22:50:40 2024 by rpki-client on console-fra.rpki-client.org