Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/oH8Xu9H3w7BWXlTBfsgtLKibU7I.roa
File: oH8Xu9H3w7BWXlTBfsgtLKibU7I.roa (raw, json)
Hash identifier: T96DCKuMuYr5l1/AqaDY1eJMqqeVXVVcaGQO2Bv/0Xg=
Subject key identifier: A0:7F:17:BB:D1:F7:C3:B0:56:5E:54:C1:7E:C8:2D:2C:A8:9B:53:B2
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 018572557CD079E1C1FAC63404A1FAC43E8A
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/oH8Xu9H3w7BWXlTBfsgtLKibU7I.roa
Signing time: Mon 02 Jan 2023 11:54:43 +0000
ROA not before: Mon 02 Jan 2023 11:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15442
IP address blocks: 193.17.120.0/21 maxlen: 24
193.17.96.0/21 maxlen: 24
193.17.104.0/21 maxlen: 24
193.17.112.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:7c:d0:79:e1:c1:fa:c6:34:04:a1:fa:c4:3e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jan 2 11:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a07f17bbd1f7c3b0565e54c17ec82d2ca89b53b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:49:00:0f:5d:d1:7b:f9:cf:0b:28:4e:35:a2:
35:83:83:97:65:6a:98:7e:1f:43:55:42:eb:31:52:
64:39:de:f6:04:2d:7b:32:26:8b:5e:1a:2c:53:5e:
c0:ae:e6:f4:64:31:f5:18:10:0a:49:3f:05:22:1e:
f5:ce:5c:44:d3:3f:af:8d:c1:03:95:59:62:d6:34:
63:54:0e:5b:95:29:a1:06:2e:80:ea:2b:67:6d:d1:
a8:3b:d2:89:2a:26:69:70:f3:19:be:f1:52:00:6b:
cc:fd:22:f0:f8:72:db:8b:44:62:50:d4:36:1f:8e:
b8:8b:6b:8a:0f:9e:eb:35:72:29:6d:8c:ca:01:4c:
ca:e0:02:48:11:c4:f6:63:ec:cd:67:e7:c1:62:5d:
34:5f:59:f1:d5:e7:0b:ab:e8:69:b3:2d:f7:cd:5e:
cd:d0:84:7c:a8:f3:94:15:1f:8d:bc:b5:47:d9:fe:
5b:06:1e:d6:e2:6f:e9:88:bc:3f:f3:7f:68:56:da:
9e:bd:bf:0b:ac:75:96:19:e5:05:92:cc:3d:93:9e:
8e:13:2b:87:f3:9b:d1:a6:45:7e:43:e7:3e:2a:38:
e8:b9:b3:c4:1d:e0:00:28:ad:db:5c:fc:82:e3:6c:
56:1b:8d:49:ca:1e:36:15:6a:ef:c0:b5:af:f5:50:
fa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:7F:17:BB:D1:F7:C3:B0:56:5E:54:C1:7E:C8:2D:2C:A8:9B:53:B2
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/oH8Xu9H3w7BWXlTBfsgtLKibU7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0/19
Signature Algorithm: sha256WithRSAEncryption
45:25:d3:03:a2:64:d5:51:bf:47:ef:aa:8d:13:17:1c:e8:4b:
9b:02:cc:1a:33:b1:5f:ec:67:f6:c6:dc:e0:1f:b6:c0:5d:0e:
dd:cf:93:25:c9:a5:b4:99:25:64:05:d1:8a:b5:2f:e6:b3:11:
20:fd:f8:c9:6d:02:c6:e3:66:74:84:b6:4c:b4:aa:01:57:7a:
ca:11:77:d9:12:2a:68:8d:e3:45:70:51:07:c3:97:df:63:84:
7b:aa:2e:c9:cd:82:76:97:2c:3a:db:74:ec:d1:08:68:90:11:
52:4d:b7:ea:b9:66:b0:65:5a:bc:6f:84:09:74:2b:91:0a:60:
f5:34:77:83:26:90:48:bc:77:86:08:3f:87:67:12:8f:7f:d3:
7c:5a:ce:36:2b:db:1f:3f:0c:28:99:16:ae:31:f7:8d:a7:cf:
34:4f:58:34:16:f0:c3:15:0c:84:a7:83:32:42:d2:c2:41:b5:
59:24:a7:78:2b:0c:9a:5a:c8:1b:a7:ae:25:66:f0:b8:60:61:
31:34:00:e4:72:e7:27:1d:81:a0:e3:d4:c4:dc:3f:8d:ac:fe:
a6:75:69:eb:7b:19:f3:4a:be:61:da:ef:fb:c1:3c:ab:c8:f7:
dc:1c:b1:cd:27:47:cd:37:60:b2:86:33:9c:bc:9d:ba:dc:c1:
8e:41:ca:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVXzQeeHB+sY0BKH6xD6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjMwMTAyMTE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDdmMTdiYmQxZjdjM2IwNTY1ZTU0YzE3ZWM4MmQyY2E4OWI1M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0kAD13Re/nPCyhONaI1g4OXZWqY
fh9DVULrMVJkOd72BC17MiaLXhosU17Arub0ZDH1GBAKST8FIh71zlxE0z+vjcED
lVli1jRjVA5blSmhBi6A6itnbdGoO9KJKiZpcPMZvvFSAGvM/SLw+HLbi0RiUNQ2
H464i2uKD57rNXIpbYzKAUzK4AJIEcT2Y+zNZ+fBYl00X1nx1ecLq+hpsy33zV7N
0IR8qPOUFR+NvLVH2f5bBh7W4m/piLw/839oVtqevb8LrHWWGeUFksw9k56OEyuH
85vRpkV+Q+c+KjjoubPEHeAAKK3bXPyC42xWG41Jyh42FWrvwLWv9VD6PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKB/F7vR98OwVl5UwX7ILSyom1OyMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvb0g4WHU5SDN3N0JXWGxUQmZzZ3RMS2liVTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwRFgMA0G
CSqGSIb3DQEBCwUAA4IBAQBFJdMDomTVUb9H76qNExcc6EubAswaM7Ff7Gf2xtzg
H7bAXQ7dz5MlyaW0mSVkBdGKtS/msxEg/fjJbQLG42Z0hLZMtKoBV3rKEXfZEipo
jeNFcFEHw5ffY4R7qi7JzYJ2lyw623Ts0QhokBFSTbfquWawZVq8b4QJdCuRCmD1
NHeDJpBIvHeGCD+HZxKPf9N8Ws42K9sfPwwomRauMfeNp880T1g0FvDDFQyEp4My
QtLCQbVZJKd4KwyaWsgbp64lZvC4YGExNADkcucnHYGg49TE3D+NrP6mdWnrexnz
Sr5h2u/7wTyryPfcHLHNJ0fNN2CyhjOcvJ263MGOQcre
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:10 2024 by rpki-client on console-fra.rpki-client.org